Automação de Access Control Lists através de Redes Definidas por Software

Transcript

1. View Slide

2. View Slide

3. Network as a service
   (NaaS), NFV e SDN
   Desenvolvedor de Software
   https://talentos.globo.com/#/oportunidades/network-as-a-service-naa-s-nfv-e-sdn-desenvolvedor-de-software/mp01cew
   

   View Slide

4. Contexto Problema Solução
   

   View Slide

5. View Slide

6. View Slide

7. View Slide

8. View Slide

9. View Slide

10. 5000 2.9
    

    View Slide

11. Spine
    Leaf
    Core
    ECMP BGP
    

    View Slide

12. ToR
    VMs
    Containers
    Bare metal
    

    View Slide

13. View Slide

14. View Slide

15. Host
    Hypervisor
    OvS
    VMs
    

    View Slide

16. View Slide

17. Backend -
    Frontend -
    

    View Slide

18. Access Control Lists
    

    View Slide

19. 50000+
    ACL API
    

    View Slide

20. View Slide

21. TCAM
    Custo alto
    Substituição
    Capacidade
    

    View Slide

22. View Slide

23. Evoluindo para
    SDN
    

    View Slide

24. Network API
    8000+ Redes
    500+ Equipamentos
    6300+ Vlans
    1700+ Ambientes
    

    View Slide

25. Host
    Hypervisor
    OvS
    VMs
    

    View Slide

26. Network API
    

    View Slide

27. View Slide

28. View Slide

29. View Slide

30. Network API
    

    View Slide

31. {
    "kind": "backend#acl",
    "rules": [{
    "action": "permit",
    "description": "Access from application A on port 80",
    "destination": "10.0.42.0/24",
    "id": "222222",
    "owner": "user",
    "protocol": "ip",
    "source": "10.5.190.0/24"
    }]
    }
    

    View Slide

32. {
    ...
    }
    

    View Slide

33. 16
    

    View Slide

34. 72 9
    

    View Slide

35. 62.5
    

    View Slide

36. View Slide

37. 8 9
    

    View Slide

38. 62 Req/s
    222 ms
    300K Flows
    

    View Slide

39. View Slide

40. Sem atraso no
    primeiro pacote
    

    View Slide

41. Network API
    

    View Slide

42. Transparente para
    os usuários
    

    View Slide

43. View Slide

44. View Slide

45. Network as a service
    (NaaS), NFV e SDN
    Desenvolvedor de Software
    https://talentos.globo.com/#/oportunidades/network-as-a-service-naa-s-nfv-e-sdn-desenvolvedor-de-software/mp01cew
    

    View Slide

46. View Slide

47. View Slide

48. [email protected]
    https://github.com/pantuza
    https://blog.pantuza.com
    https://twitter.com/gpantuza
    

    View Slide