20190817 Container Bare Metal for Networking

Transcript

1. 裸機容器網路 Container Bare Metal for Networking Phil Huang 黃秉鈞 <[email protected]>

   COSCUP 2019, Taiwan, Aug. 17, 2019

2. # whois Phil Huang 黃秉鈞 • 社群斜槓 青年 青壯年 單身

   ◦ SDNDS-TW ◦ Cloud Native Taiwan User Group (CNTUG) • 任職於 Red Hat 擔任 Solution Architect ◦ Ansible IT Automation ◦ OpenShift Container Platform ◦ Software-Defined Networking (SDN) ◦ Network Function Virtualization (NFV) • Blog ◦ https://blog.pichuang.com.tw Ref: https://www.linkedin.com/in/phil-huang-09b09895/

3. 感謝 COSCUP 2019 支持 Ref: https://coscup.org/2019/

4. Kubernetes Networking

5. 這是...一個基本的 Kubernetes 架構 Ref: https://kubernetes.io/docs/concepts/architecture/cloud-controller/ Master Nodes

6. 1~n Containers per Pod Ref: https://blog.pichuang.com.tw/20190715-troubleshooting-from-container-to-any/

7. 1 Unique IP per Pod Ref: https://blog.pichuang.com.tw/20190715-troubleshooting-from-container-to-any/

8. 跨 Nodes 溝通 Ref: https://blog.pichuang.com.tw/20190715-troubleshooting-from-container-to-any/

9. Ref: https://blog.pichuang.com.tw/20190404-openshift-network-traffic-overview/ 東西南北網路流 CNI Plugin

10. 什麼是 CNI (Container Network Interface)? • 設定 Container 的網路介面的標準和函式庫 •

    僅關懷 Container 網路資源分配和釋放方法，具體實踐方式靠別人 Ref: https://www.hwchiu.com/cni-questions.html CNI 常見問題整理 (簡單版) https://www.hwchiu.com/introduce-cni-ii.html [Container Network Interface] CNI Introduction (英文版) <-hwchiu 跑去美國爽 https://github.com/containernetworking/cni/blob/master/libcni/api.go#L72-L87 GitHub - cni/libcni/api.go L72-L87

11. 什麼是 CNI Plugin? • 基於 CNI 標準及函式庫之具體實踐方式 Ref: https://github.com/containernetworking/cni#3rd-party-plugins GitHub

    - CNI 3rd party plugins https://github.com/containernetworking/plugins#plugins-supplied GitHub - CNI Plugins https://blog.pichuang.com.tw/20190723-container-and-container-platform-hardening

12. CNI Plugin 5大分類: 基於個人經驗 Ref: https://blog.pichuang.com.tw/20190723-container-and-container-platform-hardening

13. 那在 NFV (Network Function Virtualization) 情境夠用嗎?

14. MEC in NFV Reference Architecture GR MEC 017 - ETSI

    ME: Mobile Edge Mm: Management Mp: ME platform functionality Mx: Connections to external entities • NFV 需求 ◦ 單一業務多網路 ◦ Resource Management ◦ QoS / Latency ◦ Throughput

15. © 2019 Cloud Native Computing Foundation 17 Evolving from VNFs

    to CNFs VNFs ONAP Orchestrator OpenStack or VMware Bare Metal Azure or Rackspace Past VNFs OpenStack Bare Metal Kubernetes Present CNFs ONAP Orchestrator Any Cloud Bare Metal Any Cloud Future VNFs CNFs ONAP Orche- strator Kubernetes KubeVirt/Virtlet OSS/ BSS Ref: CNF Testbed Reality in Taiwan

16. © 2019 Cloud Native Computing Foundation 18 Multiple Service Function

    Chains: Test Cases OpenStack Node - Snake Userspace-to-Kernel Dataplane (vSwitch) VNF VNF VNF VNF VNF VNF vhost-user connections vhost-user connections vhost-user connections Kubernetes Node - Pipeline Userspace-to-Userspace Dataplane (vSwitch) CNF CNF CNF CNF CNF CNF memif connections memif connections memif connections Kubernetes Node - Snake Userspace-to-Userspace Dataplane (vSwitch) CNF CNF CNF CNF CNF CNF memif connections memif connections memif connections Ref: CNF Testbed

17. Ref: https://www.slideshare.net/jeremyeder/nvidia-gtc-2019-red-hat-and-the-nvidia-dgx-tried-tested-trusted/25

18. How Kubernetes involve NFV infrastructure? Enable attaching multiple network interfaces

    to pods in Kubernetes. Ref: https://builders.intel.com/docs/networkbuilders/enabling_new_features_in_kubernetes_for_NFV.pdf

19. Ref: https://www.slideshare.net/jeremyeder/nvidia-gtc-2019-red-hat-and-the-nvidia-dgx-tried-tested-trusted/25

20. Ref: https://www.slideshare.net/jeremyeder/nvidia-gtc-2019-red-hat-and-the-nvidia-dgx-tried-tested-trusted/25

21. 具體是怎麼使用的?

22. Target of Container Networking Ref: https://www.hwchiu.com/cni-compare.html

23. SR-IOV 架構 Ref: https://bestsamina.github.io/posts/2018-08-20-dpdk-sriov-learn/ VF • SR-IOV 是一個標準規範，不限定於僅於 網卡實作 •

    兩個功能 1. Physical Function, PF 2. Virtual Function, VF • 比例 ◦ PF : VF = 1 : n (依型號數量不定)

24. Ref: https://builders.intel.com/docs/networkbuilders/container-bare-metal-for-2nd-generation-intel-xeon-scalable-processor.pdf Container Bare Metal Networking!!

25. Ref: https://builders.intel.com/docs/networkbuilders/container-bare-metal-for-2nd-generation-intel-xeon-scalable-processor.pdf Pod using SR-IOV CNI Plugin

26. Ref: https://builders.intel.com/docs/networkbuilders/container-bare-metal-for-2nd-generation-intel-xeon-scalable-processor.pdf Pod using OVS-DPDK CNI Plugin

27. Ref: https://zhuanlan.zhihu.com/p/24423694 Service Function Chain (SFC)

28. Ref: Service Chain Common Use Cases

29. Ref: https://events.linuxfoundation.org/wp-content/uploads/2018/07/OSS2019-HS-k8sNativeInfra-OperatorFor5GedgeJuly15.pdf

30. Ref: https://www.facebook.com/groups/sdnds.tw/ +355 from 2017

31. Q&A 台上一小時，台下三日夜 社群正向回饋，需要一起參與