20190817 Container Bare Metal for Networking

Transcript

1. 裸機容器網路
   Container Bare Metal for Networking
   Phil Huang 黃秉鈞
   COSCUP 2019, Taiwan, Aug. 17, 2019
   

   View Slide

2. # whois Phil Huang 黃秉鈞
   ● 社群斜槓 青年 青壯年 單身
   ○ SDNDS-TW
   ○ Cloud Native Taiwan User Group (CNTUG)
   ● 任職於 Red Hat 擔任 Solution Architect
   ○ Ansible IT Automation
   ○ OpenShift Container Platform
   ○ Software-Defined Networking (SDN)
   ○ Network Function Virtualization (NFV)
   ● Blog
   ○ https://blog.pichuang.com.tw
   Ref: https://www.linkedin.com/in/phil-huang-09b09895/
   

   View Slide

3. 感謝 COSCUP 2019 支持
   Ref: https://coscup.org/2019/
   

   View Slide

4. Kubernetes Networking
   

   View Slide

5. 這是...一個基本的 Kubernetes 架構
   Ref: https://kubernetes.io/docs/concepts/architecture/cloud-controller/
   Master
   Nodes
   

   View Slide

6. 1~n Containers per Pod
   Ref: https://blog.pichuang.com.tw/20190715-troubleshooting-from-container-to-any/
   

   View Slide

7. 1 Unique IP per Pod
   Ref: https://blog.pichuang.com.tw/20190715-troubleshooting-from-container-to-any/
   

   View Slide

8. 跨 Nodes 溝通
   Ref: https://blog.pichuang.com.tw/20190715-troubleshooting-from-container-to-any/
   

   View Slide

9. Ref: https://blog.pichuang.com.tw/20190404-openshift-network-traffic-overview/
   東西南北網路流
   CNI Plugin
   

   View Slide

10. 什麼是 CNI (Container Network Interface)?
    ● 設定 Container 的網路介面的標準和函式庫
    ● 僅關懷 Container 網路資源分配和釋放方法，具體實踐方式靠別人
    Ref:
    https://www.hwchiu.com/cni-questions.html CNI 常見問題整理 (簡單版)
    https://www.hwchiu.com/introduce-cni-ii.html [Container Network Interface] CNI Introduction (英文版) <-hwchiu 跑去美國爽
    https://github.com/containernetworking/cni/blob/master/libcni/api.go#L72-L87 GitHub - cni/libcni/api.go L72-L87
    

    View Slide

11. 什麼是 CNI Plugin?
    ● 基於 CNI 標準及函式庫之具體實踐方式
    Ref:
    https://github.com/containernetworking/cni#3rd-party-plugins GitHub - CNI 3rd party plugins
    https://github.com/containernetworking/plugins#plugins-supplied GitHub - CNI Plugins
    https://blog.pichuang.com.tw/20190723-container-and-container-platform-hardening
    

    View Slide

12. CNI Plugin 5大分類: 基於個人經驗
    Ref: https://blog.pichuang.com.tw/20190723-container-and-container-platform-hardening
    

    View Slide

13. 那在 NFV (Network Function
    Virtualization) 情境夠用嗎?
    

    View Slide

14. MEC in NFV Reference Architecture
    GR MEC 017 - ETSI
    ME: Mobile Edge
    Mm: Management
    Mp: ME platform functionality
    Mx: Connections to external entities
    ● NFV 需求
    ○ 單一業務多網路
    ○ Resource Management
    ○ QoS / Latency
    ○ Throughput
    

    View Slide

15. © 2019 Cloud Native Computing Foundation
    17
    Evolving from VNFs to CNFs
    VNFs ONAP Orchestrator
    OpenStack or VMware
    Bare Metal
    Azure or
    Rackspace
    Past
    VNFs
    OpenStack
    Bare Metal
    Kubernetes
    Present
    CNFs
    ONAP
    Orchestrator
    Any Cloud Bare Metal Any Cloud
    Future
    VNFs
    CNFs
    ONAP
    Orche-
    strator
    Kubernetes
    KubeVirt/Virtlet
    OSS/
    BSS
    Ref: CNF Testbed
    Reality in Taiwan
    

    View Slide

16. © 2019 Cloud Native Computing Foundation
    18
    Multiple Service Function Chains: Test Cases
    OpenStack Node - Snake
    Userspace-to-Kernel Dataplane (vSwitch)
    VNF VNF VNF VNF VNF VNF
    vhost-user connections vhost-user connections vhost-user connections
    Kubernetes Node - Pipeline
    Userspace-to-Userspace Dataplane (vSwitch)
    CNF CNF CNF CNF CNF CNF
    memif connections memif connections memif connections
    Kubernetes Node - Snake
    Userspace-to-Userspace Dataplane (vSwitch)
    CNF CNF CNF CNF CNF CNF
    memif connections memif connections memif connections
    Ref: CNF Testbed
    

    View Slide

17. Ref: https://www.slideshare.net/jeremyeder/nvidia-gtc-2019-red-hat-and-the-nvidia-dgx-tried-tested-trusted/25
    

    View Slide

18. How Kubernetes involve NFV infrastructure?
    Enable attaching multiple
    network interfaces to pods in
    Kubernetes.
    Ref: https://builders.intel.com/docs/networkbuilders/enabling_new_features_in_kubernetes_for_NFV.pdf
    

    View Slide

19. Ref: https://www.slideshare.net/jeremyeder/nvidia-gtc-2019-red-hat-and-the-nvidia-dgx-tried-tested-trusted/25
    

    View Slide

20. Ref: https://www.slideshare.net/jeremyeder/nvidia-gtc-2019-red-hat-and-the-nvidia-dgx-tried-tested-trusted/25
    

    View Slide

21. 具體是怎麼使用的?
    

    View Slide

22. Target of Container Networking
    Ref: https://www.hwchiu.com/cni-compare.html
    

    View Slide

23. SR-IOV 架構
    Ref: https://bestsamina.github.io/posts/2018-08-20-dpdk-sriov-learn/
    VF
    ● SR-IOV 是一個標準規範，不限定於僅於
    網卡實作
    ● 兩個功能
    1. Physical Function, PF
    2. Virtual Function, VF
    ● 比例
    ○ PF : VF = 1 : n (依型號數量不定)
    

    View Slide

24. Ref: https://builders.intel.com/docs/networkbuilders/container-bare-metal-for-2nd-generation-intel-xeon-scalable-processor.pdf
    Container Bare Metal Networking!!
    

    View Slide

25. Ref: https://builders.intel.com/docs/networkbuilders/container-bare-metal-for-2nd-generation-intel-xeon-scalable-processor.pdf
    Pod using SR-IOV CNI Plugin
    

    View Slide

26. Ref: https://builders.intel.com/docs/networkbuilders/container-bare-metal-for-2nd-generation-intel-xeon-scalable-processor.pdf
    Pod using OVS-DPDK CNI Plugin
    

    View Slide

27. Ref: https://zhuanlan.zhihu.com/p/24423694
    Service Function Chain (SFC)
    

    View Slide

28. Ref:
    Service Chain Common Use Cases
    

    View Slide

29. Ref: https://events.linuxfoundation.org/wp-content/uploads/2018/07/OSS2019-HS-k8sNativeInfra-OperatorFor5GedgeJuly15.pdf
    

    View Slide

30. Ref: https://www.facebook.com/groups/sdnds.tw/ +355 from 2017
    

    View Slide

31. Q&A
    台上一小時，台下三日夜
    社群正向回饋，需要一起參與
    

    View Slide