×
Copy
Open
Link
Embed
Share
Beginning
This slide
Copy link URL
Copy link URL
Copy iframe embed code
Copy iframe embed code
Copy javascript embed code
Copy javascript embed code
Share
Tweet
Share
Tweet
Slide 1
Slide 1 text
Automating Access Control Lists with OpenDaylight and OpenVSwitch Gustavo Pantuza, Leopoldo Mauricio
Slide 2
Slide 2 text
Agenda Context Problem Solution
Slide 3
Slide 3 text
No content
Slide 4
Slide 4 text
Largest media group in Latin America 17 years
Slide 5
Slide 5 text
No content
Slide 6
Slide 6 text
No content
Slide 7
Slide 7 text
No content
Slide 8
Slide 8 text
No content
Slide 9
Slide 9 text
No content
Slide 10
Slide 10 text
Datacenter 5000 s e r v e r s B a n d w i d t h 2.4 Tb/s
Slide 11
Slide 11 text
Fabric PoDs ToR VMs Containers Bare metal
Slide 12
Slide 12 text
Cloud
Slide 13
Slide 13 text
Cloud
Slide 14
Slide 14 text
Xen Clusters Host Hypervisor OvS VMs
Slide 15
Slide 15 text
Xen Clusters
Slide 16
Slide 16 text
Environments Backend - BE Frontend - FE
Slide 17
Slide 17 text
Datacenter Spine Leaf Core ECMP BGP
Slide 18
Slide 18 text
Access Control Lists
Slide 19
Slide 19 text
50000+ A C L s ACL API
Slide 20
Slide 20 text
Environment segmentation BE FE BE VRF FE VRF BE FE BE VRF FE VRF
Slide 21
Slide 21 text
TCAM Expensive Upgrade Small
Slide 22
Slide 22 text
No content
Slide 23
Slide 23 text
No policies on networks
Slide 24
Slide 24 text
Moving forward SDN
Slide 25
Slide 25 text
Network API 8000+ Networks 500+ Equipments 6300+ Vlans 1700+ Environments
Slide 26
Slide 26 text
Xen Clusters Host Hypervisor OvS VMs
Slide 27
Slide 27 text
Network API
Slide 28
Slide 28 text
Controller
Slide 29
Slide 29 text
Virtual switch
Slide 30
Slide 30 text
No content
Slide 31
Slide 31 text
Network API
Slide 32
Slide 32 text
{ "kind": "backend#acl", "rules": [{ "action": "permit", "description": "Access from application A on port 80", "destination": "10.0.42.0/24", "id": "222222", "owner": "user", "protocol": "ip", "source": "10.5.190.0/24" }] }
Slide 33
Slide 33 text
{ ... }
Slide 34
Slide 34 text
Workers 16 w o r k e r s
Slide 35
Slide 35 text
SDN control 56 s e r v e r s 6 c l u s t e r s
Slide 36
Slide 36 text
Controller requests per second 62.5 r e q s / s e c
Slide 37
Slide 37 text
No content
Slide 38
Slide 38 text
No first packet delay
Slide 39
Slide 39 text
Network API Resilience
Slide 40
Slide 40 text
Transparent for users
Slide 41
Slide 41 text
Integration of all our cloud services Tsuru https://tsuru.io DBaas https://github.com/globocom/database-as-a-service NetowrkAPI https://github.com/globocom/GloboNetworkAPI ACL API FSaas DNSaaS
Slide 42
Slide 42 text
https://opensource.globo.com/
Slide 43
Slide 43 text
No content
Slide 44
Slide 44 text
No content
Slide 45
Slide 45 text
[email protected]
[email protected]
https://github.com/pantuza Linkedin