OpenStack Liberty Design Summit has ended

Create Your Own Event

OpenStack Liberty Design Summit

11:15am PDT

Virtual Networking in OpenStack: Neutron 101

Neutron provides a rich set of logical constructs to develop a full featured virtual network deployment. In this talk, we will tour a basic Neutron setup and examine the IPv6, distributed routing and load balancing components. We will close with look back on the new features in Kilo and look ahead to the planned work in the upcoming release.

Speakers

Mark McClain

CTO at Akanda

Mark McClain is the Chief Technical Officer of Akanda Inc, a member of the OpenStack Technical Committee and a core reviewer for several OpenStack teams. Mark was the Program Technical Lead for the OpenStack Networking during the Havana and Icehouse cycles. In addition to his... Read More →

Kyle Mestery

Senior Principal Engineer, Intel

I am a technology executive and distinguished engineer with experience building teams to deliver cloud security solutions using a combination of open source and custom software. I write code, architecture documents, and help mentor members of the team to perform their best. In Open... Read More →

Monday May 18, 2015 11:15am - 11:55am PDT
Room 118/119/120

Conference, Networking

12:05pm PDT

Neutron L2 and L3 agents: How They Work and How Kilo Improves Them

In this session we will illustrate the work done during Kilo to improve the Neutron L2 and the L3 agents. We will start with a deep dive into both agents, explaining how they work. We will then give an overview of their deficiencies before Kilo and we will show how we tackled and solved them. We will describe future enhancements and performance gains that will be possible in future releases because of this debt repayment. We will also provide benchmark data to measure the improvement in terms of performance and scalability where applicable.

Speakers

Carl Baldwin

Senior Engineer II, DigitalOcean

Carl started his career developing electronic design automation software with HP’s microprocessor design projects: PA-RISC and Itanium. Years later, he spent a short time on a few of HP's network attached storage products. The whole time, he felt drawn to computer networking. He... Read More →

Rossella Sblendido

Software Engineer, SUSE

Rossella is a Software Engineer at SUSE. She's a core reviewer for Neutron and has been involved in SDN since 2010 . She's also a mentor for the OpenStack Outreach Program for Women.

Monday May 18, 2015 12:05pm - 12:45pm PDT
Room 118/119/120

Conference, Networking

2:00pm PDT

Intent and SDN Driven Service Chain: What, Why, and How

Service Chaining refers to an ordered sequence of service functions that a specific flow must go through. In current Data Center, the deployment of service chain for a tenant's flow is through static, complex, and rigid configurations since they are tightly coupled with network topology and physical resources. The introduction of new services into a network usually requires the reconfiguration of most (if not all) network elements.

The reconfiguration is complex, time-consuming, and error-prone, requiring careful planning of topology changes and network outages, and incurring high OPEX on the user side.

Things become unmanageble when services are deployed in the cloud:

• Diferent tenants' flows may require different chains of services. Even within one tenant network, different application flows may require different chains of services. This leads to explosion of the number of chains that need to be manually managed

• The administrator may need to change the chain of services in real time based on service treatment result or network status feedback. It is impossible to meet th real-time requirement through manual configurations on all the devices

A simple intent based user interface and a SDN based service chaining framework is needed to solve these challenges for operators and service providers.

In this presentation, we will show how the intent driven and SDN based service chaining framework can greatly simplfies the user's life and reduces the OPEX as well as how it enables agile deployment of services.

We will also show how this service chaining framework can interoperate with both legacy and new service appliances, which allows for the building of a large ecosystem aross different domains of the network.

Our solution framework represents an evolution from the static setup of a service path through manual configurations on physical devices to dynamic setup of service paths through simple user intent specification and SDN auto-programming on both physical and virtual nodes.

Speakers

David Lenrow

Distinguished Architect, HP

David Lenrow was trained as a computer scientist and has spent more than 20 years driving innovation in digital technology with an emphasis on networks, storage and media. His career spans multiple roles from individual contributor to executive across all major functional areas... Read More →

Kyle Mestery

Senior Principal Engineer, Intel

I am a technology executive and distinguished engineer with experience building teams to deliver cloud security solutions using a combination of open source and custom software. I write code, architecture documents, and help mentor members of the team to perform their best. In Open... Read More →

Cathy Zhang

Monday May 18, 2015 2:00pm - 2:40pm PDT
Room 118/119/120

Conference, Networking

2:50pm PDT

The Distributed Virtual Router in Neutron: From Juno to Kilo

Distributed Virtual Router (DVR) base functionality was added to Neutron in Juno to provide an efficient and fault tolerant routing solution. This talk describes the features that the community has been building on the base technology and provides a glimpse into the work being done to make DVR robust and production ready. To get everyone on the same page the talk will also include a brief introduction to DVR and the underlying technology.

Speakers

Adolfo Duarte

Test Engineer

Adolfo has been a test engineer for the past 15 years, focusing on networking software and hardware. Currently working at HP in the area of DVR, OpenStack, Controllers and other SDN technologies.

Vivekanadan Narashimhan

Swaminathan Vasudevan

Monday May 18, 2015 2:50pm - 3:30pm PDT
Room 118/119/120

Conference, Networking

3:40pm PDT

Load Balancing as a Service, Kilo and Beyond

Load balancing as a service has been one of the critical features asked for by cloud tenant.

For the Kilo release cloud providers such as Rackspace, HP, etc. have partnered with the community and load balancer vendors such as Radware and A10 to redefine the load balancing as a service APIs to address the accomulated experience and tenant needs.

In this session we will discuss the new API and features, with demos of the new lbaas v2 and the upcoming new service vm based reference driver, project Octavia.

Speakers

Samuel Bercovici

Director, Radware

Samuel Bercovici is director at Radware in charge of integration Radwares load balancer and security services with cloud systems. He was involved at the specification and design of Load Balancing as a Service for Folsom and Grizzly as well as the new API for Juno. During the different... Read More →

Michael Johnson

Software Design Engineer, Hewlett-Packard

Brandon Logan

Software Developer, Rackspace

Core reviewer for neutron-lbaas and octavia projects.

Doug Wiegley

Monday May 18, 2015 3:40pm - 4:20pm PDT
Room 118/119/120

Conference, Networking

4:40pm PDT

Panel: The Future of Neutron Plugin and Driver Innovation

During the Kilo development cycle, the Neutron team made it a priority to focus on how the project itself could continue at a high velocity and continue to enable innovation and that same velocity for plugin and driver owners. The end result of this was the concept of "Plugin Decomposition." This process entails the migration of plugin and driver backend logic out of the Neutron tree and into separate repositories owned entirally by the plugin and driver owners. This is a multi-release effort, with the kickoff happening during Kilo development.

This panel will take an in depth look at the recent changes to OpenStack Neutron around plugin decomposition. We'll have experts on hand from the Neutron side who designed this and have been helping to shepard people through the process. And we'll have plugin and driver maintainers who have gone through the process and will share their experiences.

The goal of plugin decomposition is to enable faster velocity for plugin and driver owners, and to increase that same velocity in the Neutron project itself. We'll cover these aspects of plugin decomposition. We'll also discuss the aspects of how this has affected the plugin and driver community.

Join us as we discuss this and come with questions you may have about the process itself, the future of plugins and drivers in Neutron, and innovation in the plugin and driver community.

Speakers

Sukhdev Kapur

SDN Engineering, Arista Networks

Sukhdev Kapur is part of SDN Engineering team at Arista Networks - pioneer of software driven cloud networking. He has been actively contributing to the development of Neutron. Sukhdev is a networking veteran with over 20 years experience in highly available distributed systems, cloud... Read More →

Gary Kotton

Staff Engineer at VMware, VMware

Gary is a core Neutron developer working at VMware who also spends a lot of his time these days writing + reviewing code for Nova. Prior to working at VMware Gary worked at Red Hat, Radware and at Algorithmic Research. Gary holds a Bs.C in Mathematics and Computer Science from the... Read More →

Kyle Mestery

Senior Principal Engineer, Intel

I am a technology executive and distinguished engineer with experience building teams to deliver cloud security solutions using a combination of open source and custom software. I write code, architecture documents, and help mentor members of the team to perform their best. In Open... Read More →

Armando Migliaccio

Distinguished Engineer, SUSE

Armando Migliaccio is the PTL for the Mitaka, Newton and Ocata releases of the OpenStack Neutron Project. He has been involved in the OpenStack community since its early days, and has dealt with a number of OpenStack projects, and solutions in various capacities. Most recently he... Read More →

Maru Newby

Software Engineer, Red Hat

Maru has been an OpenStack contributor since Essex (2012) and a core reviewer in Neutron for most of that time. When he's not playing with yarn or lapping milk out of a saucer, he is working hard to improve the Neutron community and the software it delivers.

Monday May 18, 2015 4:40pm - 5:20pm PDT
Room 118/119/120

Conference, Networking

5:30pm PDT

OpenStack Networking of the Future: a Look with Industry Startup Founders and 451 Chief Analyst Eric Hanselman

Title: OpenStack Networking of the Future: a Look with Industry Startup Founders and 451 Chief Analyst Eric Hanselman

OpenStack Neutron has its known weaknesses. Neutron's problems are both endemic to its own design, and the software-defined networking systems that it plugs into it.

We’re proposing a Startup Founders’ panel from the most prominent networking startups to talk about the innovations in networking today. Panelists will give their individual viewpoints on how startup technologies are disrupting proprietary networking standards set forth decades ago. The founders will also offer a perspective as to why the venture community is so bullish about making million-dollar investments in this layer of the infrastructure.

Startup Companies/Executives

Big Switch (Rob Sherwood)

Midokura (Dan Dumitriu)

Plumgrid (Pere Monclus)

Nuage Networks (Scott Sneddon)

Other participants to be added

Moderator

Eric Hanselman, Chief Analyst, 451 Research

Speakers

Dan Mihai Dumitriu

CTO and Co-Founder, Midokura

Dan leads the product and technology strategy at Midokura. Dan has extensive experience building fault tolerant distributed systems in a variety of industries, including e-commerce, financial services, and enterprise infrastructure. He is a co-author of multiple research papers, holds... Read More →

Eric Hanselman

Chief Analyst, 451 Research

Eric is the Chief Analyst at 451 Research and coordinates industry analysis across the broad portfolio of 451 research disciplines, with an extensive, hands-on understanding of a range of subject areas, including networks, virtualization, security and semiconductors and their intersection... Read More →

Pere Monclus

CTO and Co-Founder of PLUMgrid, PLUMgrid

Before co-founding PLUMgrid, Pere was a Distinguished Engineer at Cisco Systems in the Research and Advanced Development team, where he led innovation in the areas of cloud, security and converged infrastructure. Prior to that, he was responsible for the architecture and technology... Read More →

Rob Sherwood

CTO at Big Switch Networks, Big Switch Networks

Rob serves as the CTO for Big Switch Networks, where he spends his time internally leading software architecture and externally evangelizing SDN to customers and partners. Rob is an active contributor to open source projects such as Switch Light and Floodlight as well as the Open... Read More →

Scott Sneddon

Monday May 18, 2015 5:30pm - 6:10pm PDT
Room 118/119/120

Conference, Networking

11:15am PDT

Neutron Hierarchical Port Binding: What is it? And why you should deploy it.

The Neutron team was busy during the Kilo cycle adding many enhancements to the the latest release. In this session, we’ll dive into the new Hierarchical Port Binding feature and why deployers will want to enable it. The session will start with a look at traditional pre-Kilo architectures using VLAN, GRE and VXLAN and cover the inefficiencies present in the deployments. We’ll then walk through the basics of hierarchical port binding and how current architectures will benefit. This session will include a demonstration of hierarchical port binding that combines open components of Linux, Neutron and switches supporting ONIE from the Open Compute Project. We’ll close with a survey how this architecture compares with other open source deployment options for Neutron.

Speakers

Nolan Leake

Co-Founder and CTO at Cumulus Networks, Nuviso

Nolan is the co-founder and CTO of Cumulus Networks. Prior to Cumulus, he founded a distributed storage start-up called Tile Networks. His work there led him to realize how unsuitable existing networking equipment is for the data-center of the future (which Cumulus Networks aims to... Read More →

Mark McClain

CTO at Akanda

Mark McClain is the Chief Technical Officer of Akanda Inc, a member of the OpenStack Technical Committee and a core reviewer for several OpenStack teams. Mark was the Program Technical Lead for the OpenStack Networking during the Havana and Icehouse cycles. In addition to his... Read More →

Tuesday May 19, 2015 11:15am - 11:55am PDT
Room 118/119/120

Conference, Networking

12:05pm PDT

Challenges, Architecture and Solutions for massive scale LBaaS deployment at eBay/Payal

Summary:

eBay Inc. has one of the largest deployments of Openstack clouds and has been at the forefront of deploying

Openstack in several environments that include eBay MarketPlaces and PayPal production, development and

QA environments.

In this talk we present the challenges faced in scaling LBaaS to serve our massive muti-tenant cloud needs

and our architecture and solutions to address them. We will go through our topology, deployment patterns,

migration, feature implementations and enhancements to Openstack LBaaS.

Some of the areas we will discuss are listed below:

Multi-Region, Muti-VPC Deployment Architecture

Migration Challenges (from legacy to LBaaS). Filling gaps. Challenges for hitless migration

IP reusability and Floating IPs for VIPs

SSL Cert Handling (API/CLI/UI)

Shared SSL profiles

Shared Network for Members

DNS/Designate integration

Advanced health monitoring

New Horizon LBaaS UI (demo)

North-South and East-West Load Balancing

Hardware LB device integration with LBaaS in overlay network (Also, deployment in SDN environment)

LBaaS agent HA and Automation

LBaaS Scheduler

We will conclude with our observations and best practices recommendations.

Speakers

Venkata Siva Vijayendra Bhamidipati

MTS, eBay

Vijayendra Bhamidipati is MTS at eBay Inc, San Jose, US. His current projects are in Blockchain technologies, containers, security and ML. He has previously worked in various areas including databases and HA clusters, FCoE and Cloud orchestration (Openstack and Cloudstack) and SDN-cloud... Read More →

Kunal Gandhi

Senior Cloud Software Engineer, eBay, Inc

Kunal Gandhi is a part of the eBay and PayPal Cloud Team. He has over 10 years experience working with large scale web application. Kunal joined the eBay's Cloud Team in 2011 and has worked on various IaaS components including DNSaaS, Ceilometer, Horizon and LBaaS Neutron. Before... Read More →

Vivek Jain

Engineering Manager, LB & DNS solutions at eBay Inc, eBay Inc

Managing and Leading Load Balancer/ DNS Solutions at eBay Inc.

Tuesday May 19, 2015 12:05pm - 12:45pm PDT
Room 118/119/120

Conference, Networking

2:00pm PDT

OVN: Native Virtual Networking for Open vSwitch

OVN is a new network virtualization project that brings virtual networking to the Open vSwitch user community. It is being developed by the core OVS team. OVN will support the same container and virtual machine environments as OVS, including KVM, Xen, and Hyper-V. OVN will include logical switches and routers, security groups, and L2/L3/L4 ACLs, implemented on top of a tunnel-based overlay network. For physical-logical network integration, OVN will implement software gateways, as well as support hardware gateways from a variety of vendors.

The OVN architecture simplifies the current OVS integration within Neutron by providing a virtual networking abstraction. OVN provides Neutron with improved dataplane performance through shortcut, distributed logical L3 processing and in-kernel based security groups, without running special OpenStack agents on hypervisors.

In this presentation, we will discuss the architecture of OVN, detail our development plans, and provide a demo. The demo will show an OpenStack-driven OVN deployment connecting containers and Linux and Hyper-V based hypervisors. We will also discuss how OVN leverages some of the newest features in OVS, which may be of interest to those writing their own OVS control planes.

Speakers

Russell Bryant

Distinguished Engineer, Red Hat

Russell is a Distinguished Engineer in Service Delivery, leading SD's adoption of OVN across our managed services. Russell also has a long history with OVN, having helped create the project back in 2015 and leading the planning for product teams to take over ownership of OVN by 2... Read More →

Kyle Mestery

Senior Principal Engineer, Intel

I am a technology executive and distinguished engineer with experience building teams to deliver cloud security solutions using a combination of open source and custom software. I write code, architecture documents, and help mentor members of the team to perform their best. In Open... Read More →

Justin Pettit

OVS/OVN Core Developer

Justin Pettit is a lead developer on the Open vSwitch project. He was a founding employee at Nicira and is currently working at VMware. He was a co-creator of OpenFlow, working on both the specification and reference implementation. In addition to working on Open vSwitch, he is involved... Read More →

Tuesday May 19, 2015 2:00pm - 2:40pm PDT
Room 118/119/120

Conference, Networking

2:50pm PDT

What's Coming for IPv6 and L3 in Neutron

IPv6 in OpenStack Neutron has made progress enough that the addressing and L2 issues have been resolved. Neutron still faces a number of issues when it comes to IPv6 and L3. This talk will discuss these issues and how the Neutron team is addressing them in Kilo and future releases.

Routing IPv6 to and from the cloud requires out-of-band steps including the delegation of real routable IP addresses and completing the route to the Nuetron IPv6 subnet. We will discuss improvements in Kilo to IP address management that will accomodate IPv6 delegation. To complete the routing circuit post-Kilo, Neutron will integrate externally using protocols like BGP or IPv6 prefix delegation.

The reference L3 implementation in Kilo makes assumptions that restrict full IPv6 operation such as multiple IP addresses on a port and dual-stack routing. Enhancements are planned for post-Kilo to address the L3 agent's short-comings.

Finally, we will discuss the inclusion of distributed routing for IPv6 after Kilo

Speakers

Carl Baldwin

Senior Engineer II, DigitalOcean

Carl started his career developing electronic design automation software with HP’s microprocessor design projects: PA-RISC and Itanium. Years later, he spent a short time on a few of HP's network attached storage products. The whole time, he felt drawn to computer networking. He... Read More →

Sean Collins

Senior Software Engineer

Sean Collins is a contributor to OpenStack Neutron, previously led the Neutron IPv6 working group, and also co-organizes the OpenStack Philadelphia user group. Sean began using cloud technologies in order design scientific computation clusters, and later began developing new OpenStack... Read More →

Tuesday May 19, 2015 2:50pm - 3:30pm PDT
Room 118/119/120

Conference, Networking

3:40pm PDT

Service Chaining using Neutron Networks Implemented as Standard Compliant Layer 3 VPNs

A “Service Chain” is a deployment where a sequence of appliances intermediate traffic between networks. The service chain should be configured and managed in software that adds and removes services from the chain in an automated way.

We will discuss how service chaining can be supported on devices using MPLS/BGP VPN technology implementing Neutron virtual networks.

Connecting appliances in a sequence has been done for many years using VLANs. However, "service-chaining" cannot be implemented without solving the problem of how to bring in traffic from a routed network into the set of appliances. The issue is always how to attract the traffic in and forward it out of the service-chain, i.e., how to integrate the service-chain with routing. By using the same mechanism to route traffic in and out of a service chain as well as through its intermediate hops, the implementation of service chains can be significantly simplified.

Besides the integration with routing, which is necessary, the main aspect of service-chaining is not the number of services or hops in a chain but rather how to implement a service that is conceptually one hop away but scales horizontally to tens or hundreds of virtual appliances. By using a virtual routing instance (VRF) construct (i.e., a distributed router) to implement service chaining, the load balancing is built-in.

We will also discuss the need to integrate Openstack allowed-address-pair extension with dynamic route updates in order to support high-availability services in service chains.

We will show how service chaining is applicable to 3GPP networks where IP services offered to wireless subscribers are inherently service chains of appliances. So called Gi or SGi network interfaces in 3GPP provide IP services and connects wireless subscribers to external public or private packet networks (Internet, intranet, private and public cloud, IMS, etc). Examples of SGi services are: Web proxies, TCP optimization, video optimization, Intrusion Detection/Preventions Systems (IDS/IPS), Deep Packet Inspection (DPI), CGNAT, firewall, etc.

Speakers

Maria Napierala

Lead Member of Technical Staff at AT&T

Maria Napierala is a technology and services architect in Mobile Packet Core organization at AT&T Laboratories. She is currently working on Mobility Data Center architecture based on network function virtualization and SDN. Previously, Maria worked on WAN architecture and service... Read More →

Tuesday May 19, 2015 3:40pm - 4:20pm PDT
Room 118/119/120

Conference, Networking

4:40pm PDT

Cloud VPNs in OpenStack

Cisco Principal Engineer Ian Wells talks about an innovative use of Network Function Virtualization on OpenStack in order to provide VPNs connecting multiple office sites and remote workers, along with higher layer network services.

He'll discuss how and why we used Openstack, how best to make use of OpenStack for network services, and the advantages of using compute cloud infrastructure for NFV applications.

Speakers

Ian Wells

Tuesday May 19, 2015 4:40pm - 5:20pm PDT
Room 118/119/120

Conference, Networking

5:30pm PDT

Supporting Network Bandwidth Guarantees with OpenStack: an Implementation Perspective

In multi-tenant clouds, network bandwidth guarantees can greatly improve predictability of application performance, cost and service uptime. OpenStack deployments are starting to gain such capabilities, for example using the vendor specific VMware NSX QoS extension for the NSX Neutron plugin, in addition to other recent proposals in the OpenStack community and in the academic research community.

In this talk, we will present our implementation experiences in developing a PoC for bandwidth guarantee and work conservation in OpenStack based on our published research papers: Gatekeeper and ElasticSwitch. We will describe requirements for a general bandwidth guarantee framework, including alternative models for specifying guarantees, and admission control and guarantee enforcement. We will highlight open issues with OpenStack and cross-project dependencies (e.g., between Neutron, Nova, and eventually Gantt) that pose key challenges for integrating bandwidth guarantees into OpenStack. Finally, we will show a system demonstration and share our proposal for upstream contribution.

Attendees will gain insight into the benefits of using bandwidth guarantees in conjunction with conventional rate limiting and pure best effort networking. Attendees will also learn about our experiences and challenges in adding guarantee enforcement to OpenStack, and see how this capability is used to support applications deployed on OpenStack.

Speakers

Sujata Banerjee

Director and Distinguished Technologist, HP Labs

Joon-Myung Kang

Research Engineer, HP

Joon-Myung Kang is a Research Engineer at HP Labs. His research interests include cloud computing and software-defined networking. He has been working on OpenStack networking, computing, identity & access and monitoring since 2011. Before joining in HP Labs, he was a core architect... Read More →

Armando Migliaccio

Distinguished Engineer, SUSE

Armando Migliaccio is the PTL for the Mitaka, Newton and Ocata releases of the OpenStack Neutron Project. He has been involved in the OpenStack community since its early days, and has dealt with a number of OpenStack projects, and solutions in various capacities. Most recently he... Read More →

Mario Sanchez

Research Scientist

Mario A. Sanchez received his M.S. and Ph.D. degrees in computer science from Northwestern University in 2014 and 2011, respectively. He holds a Master of Science degree in Telecommunications from the University of Maryland at College Park and a B.E. in Telecommunications from... Read More →

Yoshio Turner

Tuesday May 19, 2015 5:30pm - 6:10pm PDT
Room 118/119/120

Conference, Networking

9:00am PDT

How Neutron builds network topology for your multi-tier application?

In this session, I will correlate an example multi-tier application network architecture with Neutron and demonstrate how beautifully Neutron builds the topology, combining multiple open source components. From a high level, you’ll learn about the process in a network deployment of an example multi-tier application—composed of a web server cluster, application server cluster, and database server cluster—including:

Creating networks.

Deploying instances to networks.

Connecting networks together using virtual routers.

Deploying firewalls between networks.

Placing a load balancer in front of each application and configuring it to load balance traffic to each application.

Creating site-to-site connection using VPNaaS and understanding its use case for a production deployment.

Then, from a low level, you’ll learn how this is achieved by Neutron. This involves a detailed explanation of what happens within Neutron api, dhcp, l3-routing, namespace, l2 agent, firewall, load balancer, VPN and other layers when each action above is performed, what open source components are used in each layer and how those different components work together to create the network topology for the multi-tier application.

Speakers

Sadique Puthen

Principal Cloud Success Architect, Red Hat

I am passionate about building, designing and supporting Infrastructure for workloads, especially Cloud IaaS, using open source technologies, primarily concentrating on Openstack and Virtualization with good knowledge of core Red Hat Enterprise Linux, clustering, storage and netw... Read More →

Wednesday May 20, 2015 9:00am - 9:40am PDT
Room 118/119/120

Conference, Networking

9:50am PDT

OpenStack in an Ever Expanding World of Possibilities

Over the past several years we have seen the continued adoption of OpenStack and it’s expansion into new areas: from cloud service providers, enterprise private clouds to large media companies, and big science.

In the developer world, open source projects, including as Docker, Mesos, Kubernetes, and Spark are gaining a lot of attention and moving onto both private and public clouds. Kolla and Magnum work at the intersection of these projects and OpenStack. Meanwhile new standards and open source based platforms for network functions virtualization (NFV) are fueling a need for OpenStack reference architectures such as OPNFV, and carrier-grade capabilities.

This all adds up to an abundance of options from which application developers may choose, and choices for us to make as we integrate new capabilities into the OpenStack platform and align with other developer communities.

This session will cover how these projects and activities relate to each other and can further expand the utility and adoption OpenStack across a broad range of use cases.

Speakers

Lew Tucker

Wednesday May 20, 2015 9:50am - 10:30am PDT
Room 118/119/120

Conference, Networking

11:00am PDT

Subnet Pools and Pluggable External IP Management in OpenStack Kilo

In Juno and before, the End User needed to know the specific subnet CIDR at the time of allocation. This made it difficult to automate the allocation of subnets - especially for external or other routable subnets. In OpenStack's Kilo, Neutron adds Subnet Pools, allowing the Operator to define a network space from which tenants can automatically allocate smaller subnets, for both internal and external networks.

In addition, the Operator can now plug-in an external IPAM system to provide subnet and IP address allocation, enabling integration with existing provisioning systems and centralized control of addressing throughout the organization.

In this session, you will:

Learn the Kilo IPAM abstraction data model: IPAM drivers, subnet pools, subnet and address requests

Discovery how to create and manage subnet pools, and their uses cases for subnet allocation

Compare and contrast Neutron's built-in IPAM driver with those integrating with 3rd party IPAM systems

Speakers

Carl Baldwin

Senior Engineer II, DigitalOcean

Carl started his career developing electronic design automation software with HP’s microprocessor design projects: PA-RISC and Itanium. Years later, he spent a short time on a few of HP's network attached storage products. The whole time, he felt drawn to computer networking. He... Read More →

John Belamaric

Senior Staff Software Engineer, Google

John Belamaric is a Senior Staff Software Engineer at Google with over 25 years of software design and development experience. As a co-chair of Kubernetes SIG Architecture, he provides leadership on production readiness, conformance, and overall software architecture for the Kubernetes... Read More →

John Voss

Wednesday May 20, 2015 11:00am - 11:40am PDT
Room 118/119/120

Conference, Networking

11:50am PDT

DNS For Your Cloud - OpenStack Designate

If you are an operator or user of DNS come learn about Designate, the DNSaaS provider for OpenStack. We will cover:

Designate Architecture Overview

Designate Use Cases

Exciting features that landed in the Kilo release: Server Pools, MiniDNS, Secondary Zones, and the Agent

Integration with Nova and Neutron

How Designate works with your chosen DNS server

Customization points - API Extensions, Storage Plugins, Backend Plugins

Speakers

Kiall Mac Innes

Senior Software Engineer, HP

Tim Simmons

Software Developer, Rackspace

Tim is a Software Developer at Rackspace on the Cloud DNS team, and a member of Designate core. He has been working on Designate for over two years, and is working on operating Designate at scale for Rackspace.

Bharath Venkatakrishnan

Wednesday May 20, 2015 11:50am - 12:30pm PDT
Room 118/119/120

Conference, Networking

1:50pm PDT

Tap-as-a-Service (TaaS): Port Monitoring for Neutron Networks

Tap-as-a-Service (TaaS) is a project developed to introduce the functionality of port mirroring in OpenStack Neutron provisioned networks. This feature allows tenants and administrators to mirror network traffic (ingress/egress) from neutron ports they have VM’s connected on to a another port. This feature will greatly benefit tenants who want to debug their virtual networks and gain visibility into their VMs by monitoring and analyzing the network traffic associated with them (e.g. IDS). This feature gains importance as virtual network topologies become more widely used and more complex. The TaaS provides tenants with a powerful tool in datacenters analogous to mirroring traffic on physical networks by enabling port mirroring function on physical Top of Rack Switches, in order to analyze and debug their networks.

In this talk we present and demonstrate a reference implementation of TaaS for Juno release of OpenStack Neutron.

The Presentation will cover the following topics:

• What is Tap-as-a-service

• Why do we need TaaS in OpenStack neutron - Use Cases.

• API design - Data Model and workflow

• Reference implementation walk through

• Demo of TaaS - A live demo of the service

• Next steps and future enhancements

• Q&A- and discussion.

Speakers

Alan Kavanagh

Expert Cloud System Architect, Ericsson, Ericsson AB

Alan possesses over 15 years R&D experience in the Telecom Networks, Mobile networking and Fixed Broadband network technologies. Alan graduated from Trinity College Dublin in 1998 with a double Degree BA, BAI Hons in Computer Engineering and Mathematics and immediately started working... Read More →

Anil Rao

Sr. Principal Engineer, Gigamon

Anil Rao is a Sr. Principal Engineer at Gigamon, leading research and development activities related to virtual machine traffic monitoring. Previously, he worked at Hewlett Packard, VMware and Ericsson. Some of his past accomplishments include implementing Memory Resource Groups in... Read More →

Vinay Yadhav

Wednesday May 20, 2015 1:50pm - 2:30pm PDT
Room 118/119/120

Conference, Networking

2:40pm PDT

Highly Available, Performant, VXLAN Service Node

VXLAN is a point to point, UDP-based "tunneling" protocol, that enables L2 encapsulation over an L3 "undernet", while also allowing up to 16 million Virtual Networks. One challenge with deploying VXLAN is that by default VXLAN requires multicast support for Broadcast, Unknown and Multi-cast packets. Often this is not possible in customer networks. An alternative approach is to use the Service Node concept where dedicated node(s)/process(es) are responsible for flooding Broadcast, Unknown, and Multicast packets throughout a network.

This removes the need for multi-cast, and greatly simplifies network configuration. However, it does require a scalable, and highly available implementation.

In this presentation, join David Lapsley, Engineering Manager, Cisco Metacloud, as he:

Briefly reviews the VXLAN protocol and architecture

Describes the (short) journey from a software-based proof-of-concept to HA and performant implementation utilizing open source technologies that implement VXLAN processing, and highly available replicated distributed caching

Offers a cool demo

Speakers

David Lapsley

Engineering Manager

David Lapsley leads the Metacloud Engineering team within Cisco Advanced Services. David’s background is in networking, cloud computing, data visualization, software as a service, and user experience. David has been using Python for over 10 years and Django for 5 years. His first... Read More →

Wednesday May 20, 2015 2:40pm - 3:20pm PDT
Room 118/119/120

Conference, Networking

3:30pm PDT

Neutron extension framework overview and use cases

Neutron provides an extension framework for plugin(s) and ML2 mechanism drivers to extend/enhance the capabilities of the Neutron. This can be used to support advanced functionality provided by a plugin. Also extensions are recommended way to expose experimental version of a feature before it is incorporated in the standard Neutron framework.

In this session we will provide overview of Neutron extension framework and how plugins can utilize these extensions to address the SDN and NFV specific requirements. Also we will go over some of the use cases for Neutron extensions and design alternatives for achieving the same.

Speakers

Dileep Devireddy

Principal Engineer, Cisco Systems

With around 20 years of experience in the networking industry including physical,virtual, cloud networking and security, hybrid-cloud, routing, switching, operating systems, Dileep is architect of multiple products & services for Cisco in the past, and is currently responsible... Read More →

Abhishek Raut

Software Engineer, Cisco Systems

With over 3 years of experience in networking and open source technologies, Abhishek Raut implemented Neutron plugin for Nexus 1000V and is a active contributor to Neutron since Havana Release. Abhishek has a bachelors and masters degree in Computer Science.

Wednesday May 20, 2015 3:30pm - 4:10pm PDT
Room 118/119/120

Conference, Networking

4:30pm PDT

Bringing provider networks into OpenStack using L2 gateway

Cloud computing technologies like Neutron have made overlay networking a solution for multi-tenant environments: workloads, themselves virtualized, are interconnected through isolated logical networks that are layered on top of the physical networking. However, in typical data centers, not every machine is virtualized: "bare metal" servers are still common, as they run software that is not easily virtualized, or because of performance concerns.

A solution to this problem is to develop gateway capabilities that allow physical devices to be connected to virtual networks, for instance, gateways that bridge between the virtual overlay networks like VXLAN, and physical networks like VLAN, to make them look like a single L2 broadcast domain. These gateways can be software appliances that run on standard x86 hardware and contain an instance of Open vSwitch, or a class of emerging hardware switches that have the ability to terminate VXLAN tunnels, by leveraging OVSDB hardware VTEP schema.

In this talk, we are going present an API proposal describing how the afore-mentioned use case is being tackled. We will describe the requirements that lead to this API definition and how extensibility has been factored in the design, to allow for change; we will highlight the issues faced in bringing this feature to the OpenStack community and how we addressed cross-project dependencies. Finally, we will show a PoC in action, and glimpse in to the roadmap of this effort.

Speakers

Maruti Kamat

Technology Expert, HP

Maruti has been with Hewlett-Packard Development Company for last 12 years, primarily in networking for last 6 years, and working in OpenStack Neutron and network virtualization for last 2 years. In the past, Maruti has also worked in RDBMS database engine development, disaster recovery... Read More →

Sukhdev Kapur

SDN Engineering, Arista Networks

Sukhdev Kapur is part of SDN Engineering team at Arista Networks - pioneer of software driven cloud networking. He has been actively contributing to the development of Neutron. Sukhdev is a networking veteran with over 20 years experience in highly available distributed systems, cloud... Read More →

Armando Migliaccio

Distinguished Engineer, SUSE

Armando Migliaccio is the PTL for the Mitaka, Newton and Ocata releases of the OpenStack Neutron Project. He has been involved in the OpenStack community since its early days, and has dealt with a number of OpenStack projects, and solutions in various capacities. Most recently he... Read More →

Selvakumar S

Software Engineer Specialist

I have a total experience of 9 years in the software industry. I have been with Hewlett-Packard Development Company for last 2 years, primarily in networking, and in OpenStack Neutron for last 2 years.

Isaku Yamahata

Wednesday May 20, 2015 4:30pm - 5:10pm PDT
Room 118/119/120

Conference, Networking

5:20pm PDT

Docker Networking in OpenStack: What you need to know now.

Docker had a breakout year in 2014 with more than 100M downloads and its momentum continues into this year. While virtualization technology abstracts away the hardware, Docker instead abstracts away the OS. While this seems like an incremental improvement, this design paradigm of bringing virtualization one layer closer has potentially tremendous ramifications. But what new demands do Docker containers put on your virtual network infrastructure?

Learn how you bring secure, scalable, available and open software defined networking to Docker containers managed by OpenStack. This session will cover how Docker virtual networks function, how to plumb them into the virtual network fabric and reliably assign information such as IP addresses, virtual interfaces and more. In addition, this session will also cover how to securely wrap Docker containers using security policies and encryption.

Speakers

Fawad Khaliq

Sr. Software Engineer, PLUMgrid Inc

Fawad Khaliq is a Sr. Software Engineer at PLUMgrid where he works on OpenStack, APIs, Container Networking and NFV. He is also a developer in Neutron community. His interest lies in Cloud Computing, Virtualization and SDN.

Wednesday May 20, 2015 5:20pm - 6:00pm PDT
Room 118/119/120

Conference, Networking

9:00am PDT

OpenDaylight and OpenStack

Providing network virtualization for OpenStack is a key use-case of the OpenDaylight project. OpenDaylight is an SDN controller which can manage both physical and virtual infrastructure, and provides advanced networking related features to network administrators.

With OpenDaylight Helium, released in October 2014, and Lithium, due for release in June 2015, OpenDaylight is now ready for use with OpenStack to provide a scalable, complete open source infrastructure as a service.

This presentation will guide attendees through Neutron's architecture, the process for deploying OpenDaylight and using Neutron's Modular Layer 2 to delegate network management to OpenDaylight, and finally to configure OpenDaylight to manage the Open vSwitch virtual switches on the physical hosts in your infrastructure.

This presentation is appropriate for people with a cursory knowledge of OpenStack Networking, who would like to scale their OpenStack deployment beyond that which is possible by managing Open vSwitch directly.

Speakers

Dave Neary

Thursday May 21, 2015 9:00am - 9:40am PDT
Room 118/119/120

Conference, Networking

9:50am PDT

Taking Security Groups To Ludicrous Speed with Open vSwitch

Open vSwitch (OVS) has long been a critical component of the Neutron's reference implementation, offering reliable and flexible virtual switching for cloud environments.

Being an early adopter of the OVS technology, Neutron's reference implementation made some compromises to stay within the early, stable featureset OVS exposed. In particular, Security Groups (SG) have been so far implemented by leveraging hybrid Linux Bridging and IPTables, which come at a significant performance overhead. However, thanks to recent developments and ongoing improvements within the OVS community, we are now able to implement feature-complete security groups directly within OVS.

In this talk we will summarize the existing Security Groups implementation in Neutron and compare its performance with the Open vSwitch-only approach. We hope this analysis will form the foundation of future improvements to the Neutron Open vSwitch reference design.

Speakers

Miguel Angel Ajo

Thomas Graf

Kernel and OVS Developer, Noiro Networks (Cisco)

Thomas Graf has been a Linux kernel developer for 10 years, working on a variety of networking subsystems. His current focus is on network virtualization and SDN. He contributes to various open source projects, such as the Linux kernel and Open vSwitch. Thomas is currently at Noiro... Read More →

Ivar Lazzaro

Software Engineer

I am a software engineer driven by genuine passion and curiosity for computer science. I have mostly been focusing on building fast and scalable distributed systems, in particular for network centric environments. Dived into Openstack as part of my Master thesis, my interest in it... Read More →

Justin Pettit

OVS/OVN Core Developer

Justin Pettit is a lead developer on the Open vSwitch project. He was a founding employee at Nicira and is currently working at VMware. He was a co-creator of OpenFlow, working on both the specification and reference implementation. In addition to working on Open vSwitch, he is involved... Read More →

Thursday May 21, 2015 9:50am - 10:30am PDT
Room 118/119/120

Conference, Networking

11:50am PDT

DON: Diagnosing OVS in Neutron

Neutron provides Networking-as-a-service in the OpenStack ecosystem. Networking functionalities are provided by plugins that implement well-defined Neutron APIs. Among many, the Open vSwitch plugin (OVS) is possibly the most widely used. Any practical OpenStack installation has complicated networking configuration and verifying it manually is time consuming and error prone. We demonstrate a completely automated service for verifying and diagnosing the networking functionality provided by OVS. This service verifies (or points out deviations) that the user configuration is indeed reflected in the underlying infrastructure and presents the results in an intuitive graphical display.

Speakers

Pritesh Kothari

Software Engineer

Amit Saha

Senior Technical Leader

Amit is a Senior Technical Leader in the office of the cloud CTO at Cisco Systems. He has had extensive experience in the field of computer networking, both wired and wireless. He focuses on automatic, system-wide verification and visualization of large scale distributed systems... Read More →

Thursday May 21, 2015 11:50am - 12:30pm PDT
Room 118/119/120

Conference, Networking

11:50am PDT

OpenStack Network Protocol Technical Contrast

OpenStack Network Protocols Technical Contrast

The session will provide a comprehensive understanding of the various types of networking protocols available in OpenStack today. Each protocol will be discussed in detail related to its technical composition, use, potential impact to performance and scale as well as other benefits and limitations inherent within the protocol. There will be detailed performance TEST results and REAL-WORLD use cases that compare the various features and characteristics of each protocol.

•        Detailed breakdown of each protocol:

•        Flat Network

•        Detailed Specifications.

•        Performance characteristics

•        Performance Test results

•        Benefits

•        Limitations

•        VLAN (Virtual Local Area Network)

•        Detailed Specifications

•        Performance characteristics

•        Performance Test results

•        Benefits

•        Limitations

•        GRE (Generic Routing Encapsulation)

•        Detailed Specifications

•        Performance characteristics

•        Performance Test results

•        Benefits

•        Limitations

•        VXLAN (Virtual Extended Local Area Network)

•        Detailed Specifications

•        Performance characteristics

•        Performance Test results

•        Benefits

•        Limitations

•        Comparisons of the protocols: Side-by-side comparison of the protocols.

•        Performance evaluations @1G, 10G & 40G

•        Security considerations

•        Scale implications

•        Features of each

•        Use Cases: Compare each protocol across these common OpenStack use cases.

•        Test Lab

•        Small / Medium Environments

•        Scaled out Web Farm

Speakers

Joe Stevens

Thursday May 21, 2015 11:50am - 12:30pm PDT
Room 109

Conference, Networking

1:30pm PDT

OpenStack Networking: It's time to talk Performance

Now that Neutron has been established as the OpenStack Networking component and with the ongoing efforts in the Neutron community to make it a more stable, more efficient, and more scalable component, it is time to provide a broad analysis of the performance and scalability of Neutron. In this talk we discuss a methodology for benchmarking the network performance with Neutron. To this end, we consider both the control plane and the data plane network performance. We utilize a large scale setup and investigate the scalability boundaries of Neutron while comparing the results obtained from the Neutron reference implementations and open source controllers. We furthermore, focus of packet level performance of these implementations and identify the bottlenecks.

We aim to establish an easy to use and reproducible methodology for reporting networking performance in OpenStack cloud environments with Neutron.

Speakers

George Almasi

Research Staff Member

Mohammad Banikazemi

Research Staff Member, IBM Research

Mohammad is a research staff member at the IBM T.J. Watson Research Center. His research interests include cloud computing and software-defined networking. He is a senior member of the ACM and the IEEE and an active contributior to Neutron. Mohammad lives with his family in NYC.

Bengi Karacali

Research Staff Member

Bengi Karacali is a Research Staff Member at the IBM T. J. Watson Research Center in New York. She received her Ph.D. in Computer Science from North Carolina State University. Her research interests include software-defined networking and cloud computing. She is a member of the I... Read More →

Marcio Silva

John Tracey

Thursday May 21, 2015 1:30pm - 2:10pm PDT
Room 118/119/120

Conference, Networking

2:20pm PDT

SDN networks at web scale

In this talk, we will present the experiences, lessons learnt and challenges of running one of the largest SDN networks using OpenStack and Neutron. eBay Inc has been running Openstack with SDN networks both for internal and production networks. The operational experiences of running production quality workloads will discussed.

Description of the Presentation
eBay Inc. runs multiple OpenStack deployments in its various data centers. The OpenStack clusters run as availability zones (AZ) and the PaaS layer deploys applications for production facing workloads in these AZs. Some of the key tenets of the OpenStack cloud at eBay has been to provide agility, resiliency and multi-tenancy for the various properties under eBay Inc., leverage uniform IaaS layer for production, QA and development workloads. The size of the eBay cloud is several thousands of hypervisors in vairous AZ's.

The OpenStack deployment at eBay uses Neutron for the networking componets with commercial SDN solutions. In this presentation, we present our deployment models, challenges and lessons learnt. The talk will be organized as follows:

Overview of the cloud architecture

Data center deployment models

Use of overlays

Monitoring

Auto remediation of network issues and alerts

Challenges
- Network scale
- Availability
- Issues due to security groups
- Load Balancer challenges
- IP address management
- Lessons learnt

Future deployment models
- Scaling overlays using MP-BGP and E-VPN
- Federation of AZ's

As a result of running, several valuable lessons were learnt which would be beneficial to the larger audience considering deploying OpenStack for their production environment.

About eBay Inc.:
eBay Inc. enables commerce by delivering flexible and scalable solutions that foster merchant growth. eBay Inc. properties include eBay Market Places, PayPal, eBay Enterprise and StubHub.

eBay market places delivers one of the world's largest online marketplaces to customers. With more than 149 million active users globally, eBay is one of the world's largest online marketplaces with more than 700 million items listed on its site.

PayPal is one of the largest online payment sytesm and has over 152 million active registered accounts and helping people and businesses receive and make payments in more than 100 currencies in 203 markets.

Speakers

Dr. Sudheendra Murthy

Anand Palanisamy

Architect, PayPal

Leading PayPal's Cloud Engineering team.PayPal is running one of the largest private Cloud in the world. Also, we run SDN (with overlay) in prodcution along with OpenStack LBaaS. Our team provides the standardized scalable Cloud Compute, Storage, Network and Identitu APIs for... Read More →

Thursday May 21, 2015 2:20pm - 3:00pm PDT
Room 118/119/120

Conference, Networking

3:10pm PDT

IPv6 impact on Neutron L3 High Availability

In OpenStack Juno release, L3 high availability in Neutron is implemented using Keepalived, which internally uses the VRRP protocol. It is an active/passive solution where a Keepalived instance is spawned in every router namespace and the instances communicate via a dedicated high-availability network, creating one per tenant.

The IP addresses that are used in the setup (e.g., qg, qr, floating IPs) would all be virtual IP addresses and would be assigned by the Keepalived daemon to the appropriate interfaces on the master high-availability router. In an IPv4 network, after a failover, the standby router sends a gratuitous ARP to have the switches update the port info. While this is required in an IPv4 network, the same is not necessary in an IPv6 network, thanks to IPv6 router advertisements.

In this presentation, we will share our observations on how to make L3 high availability (with Keepalived) work with IPv6 networks. The talk will include:

A brief introduction to Keepalived.

Why and what changes are required for IPv6.

Current status in Neutron.

Pending/open issues like TCP conntrack, monitoring the external link, etc.

Speakers

Sridhar Gaddam

Senior Principal Software Engineer, Red Hat

Sridhar Gaddam works for Red Hat as a Principal Software Engineer and has more than 16 years of experience. Sridhar has been working on OpenStack, OpenDaylight (core member) and OPNFV projects for the last couple of years and is primarily focused in the areas of Networking.

Numan Siddique

Openstack Developer, eNovance, From Red Hat

Numan Siddique is a developer at eNovance, from Redhat. He has 10 years of software development experience. He has been involved with OpenStack for a year now and works mainly on Neutron and OpenContrail SDN controller.

Thursday May 21, 2015 3:10pm - 3:50pm PDT
Room 118/119/120

Conference, Networking