Shulou(Shulou.com)06/02 Report--

All relevant materials in this article https://tungstenfabric.org.cn/assets/uploads/files/open-source-sdn-kk.pdf

On January 7, 2020, the first Meetup of the TF Chinese Community arrived as promised, and many guests concerned about the multi-cloud interconnection came to "go to the appointment", and the event became a gathering of open source SDN enthusiasts. From Tungsten Fabric technology research and development and front-line users, I shared with you the current situation of deployment in multi-cloud environment, SDN open source technology and application cases. The atmosphere at the scene was warm and the discussion was extended for nearly two hours. There was not only interaction between experts and participants, but also discussions and suggestions among participants. The wide application of Tungsten Fabric in China is becoming more and more real.

We will release the wonderful content of this event one after another. first of all, we will bring a speech by Zhang Jianxun, technical representative of TF Chinese community and partner technical manager of Juniper Network in China, to share the plight and way out of the multi-cloud reality.

Zhang Jianxun, Technical Representative of TF Chinese Community and Technical Manager of Juniper Network China partner

Hello everyone! Apart from the identity of the manufacturer, I have always taken a very "playful" attitude towards SDN,SDN whose English name is software defined network. I prefer to translate it into "do everything", as if everything related to the Internet is on the SDN. Of course, in practical application scenarios, customers are more and more concerned about cloudy, open source, and SDN landing in their IT construction journey.

In the process of communicating with a large number of customers, we find that when customers'IT infrastructure is built to a certain scale, they will encounter a variety of problems at the network level. These problems have not been encountered before, in the cloudy scenario, SDN encountered challenges, so that its business is not really implemented, or the business is not really implemented through SDN.

Next, the content of my speech is based on technical details on the one hand, and sharing on the other hand on the basis of development trends and customer feedback.

We are talking about cloudy every day. Why are there cloudy? Why would the customer choose such an architecture? I think there are many reasons for innovation and dazzling, but in reality, cloudy is a necessary stage for many customers'IT infrastructure development.

From the perspective of technological evolution, the earliest time customers started to do IT was to buy servers, install operating systems, install databases, and do all kinds of applications, right? At that time, there was no virtualization, and in this case, there was no cloud, that is, the so-called chimney architecture. A business is a system, a system of data-storage-network.

Later, there was the concept of virtualization, which is a consensus as we all know. Virtualization is the foundation of the cloud, introducing some commercial virtualization software, and then there is a third-party open source virtualization choreography system. OpenStack was particularly popular a few years ago. I believe that many of the practitioners here must have evolved step by step from OpenStack. After the architectural change, coupled with this open source virtualization, everyone's understanding of the cloud has gradually matured.

Three or five years ago, we talked to our customers and talked to them about the benefits of cloud, but now we seldom talk about it. What customers want more is how I can actually be a cloud. The technology of IT, especially the network part, is more and more closely integrated with business applications.

However, in the process of opening and migration, and in the process of realizing the so-called flexibility, all businesses have their own flexible design from the point of view of business system, computing and storage, but the network is not necessarily there, which will bring great problems. When customers accepted deeper cloud technology, in the past two years, we suddenly found that the form of virtualization has changed from the original form of VM to a flexible form. K8s is becoming more and more popular, which really liberates a lot of productivity, but it also brings a lot of problems.

Cloud platforms and technologies have changed throughout the industry, but it is not the kind of subversive revolutionary change, but a phased situation in which different platforms and technologies co-exist to support the customer's IT architecture.

In addition, the customer's IT application actually has its own technical characteristics, and the dependence and use of high availability technology means that the business may be placed on different platforms.

Furthermore, in the process of continuous technological upgrading, customers also have a demand for technology control, such as finance, Internet enterprises, and large enterprise customers, who will consider their own technological innovation. I want to use new technology to achieve our own independent innovation.

In the process of moving towards cloudy, we can learn various technologies, but the most difficult part of the overall enterprise IT architecture is actually management, which is how to unify these cloudy environments for our use, which is the most difficult and complex. This kind of management includes resource deployment, including network communication, including whether the business can be truly mapped to the following infrastructure, in addition to the management of the technology, but also involves the management of the whole system.

When choosing to use cloud services, customers and even the whole industry can reach a consensus that the cloud can change the IT architecture, centralize resources, and make our business more economical and flexible. However, based on the current reality of multi-cloud deployment, the network environment and infrastructure adopt multi-cloud environment, which makes the resources become a collection of clouds from the original extreme dispersion.

For a customer, he may have both public cloud platform and private cloud platform. In private cloud platforms, there may also be mixed deployment environments, including a variety of network infrastructures such as VMware, OpenStack, K8s, OpenShift, and so on.

In essence, we have computing resources, storage resources, network resources, and corresponding coordination and orchestration, but as a result of choosing a cloudy environment, one result is that every cloud is isolated. Every cloud is like an island of information. This is why we say that the Internet has become more important in the past two years.

In the process of the industry embracing the cloud, it wants to solve it in a management way, but what do you want to see more for an enterprise? No matter what the cloud is, what structure, what content, can have a unified interface, the following management is no longer bare metal servers, no longer the original switches, but the cloud.

Resources are like tap water, they can get what they want, and they don't need to care what the lower layers are like. So more enterprises begin to consider placing a CMP cloud management platform on the technology platform to do the unified management of multi-cloud in a cloudy environment.

But this process is not so easy, no general manufacturer's products can do it, you can't do permutation and combination, it must be very customized, because the cloud platform used by each customer may be different, the demand for technology is different, the process of using cloud resources is different, and the feedback on cloud investment and protection is not the same.

In fact, this is a common vision in the industry, through resource management, to achieve creatable automation, transferable automation, choreographable automation. To really realize this vision, we need to sink to different technical requirements from the perspective of the network.

SDN is accompanied by the development of the cloud, where we can disassemble the function in SDN, which is included in different parts of the data center. Within the data center, we only have a very simple, simple, and very important function, which is to achieve a unified network connection within the data center under the multi-cloud platform environment, further to the management of underlay hardware equipment; while between data centers, we want to achieve the dual work of business between multiple data centers, including traffic management and operation transfer. As hybrid clouds come into people's view, we will pay more attention to whether we can achieve unified network access and unified SDN deployment and management for different public cloud platforms.

At the same time, the unified security policy of the service is further increased in the network environment, so as to realize the basic functions of connection, intelligence, exhibition and security.

Therefore, for the whole network, the most basic demand is that I can get through your business in an automated way at any location. In the reality of a cloudy environment, SDN actually encounters a variety of problems in the process of real use.

The main problem is that the technology used in the environment we deploy is not open technology, but overly dependent on the platform of network switching equipment. Because we have separated the cloud platform from different environments, there is no unified provisioning on the network.

For example, if we are going to build a small data center today, then such a data center will use a certain platform or architecture, and you may have to provide all business connections by the manufacturer of the equipment, or there will be an exchange of this part of the hardware.

This is fine in a small data center environment, but this will happen if we extend the data center, or if we want to expand one data center, and we have to purchase another set of hardware equipment.

So we are thinking that in the process of customers' multi-cloud development, what we should provide is a unified network, which is not limited by any hardware equipment or affected by any software platform.

In fact, this kind of thinking and thinking is also a consensus in the industry. For example, when we go to see foreign public clouds such as Amazon and Google, when they deploy SDN and cloud, they will not be subject to any hardware switch manufacturer. The same is true in China. We go to see Tencent, Ali and Baidu. There are also many hardware suppliers involved in the deployment of their entire cloud data center, but these manufacturers will not join any privatized data center technology.

Computing resources can be uniformly dispatched and managed, and stored resources can also be uniformly dispatched and managed. only the network, when the network is torn apart, our entire data center will be torn apart, so it is difficult to construct it uniformly. What we hope to achieve is that in the process of deployment, all the network requirements and instructions issued by the upper cloud platform are completed by a unified SDN controller.

This unified SDN controller will send the required services and policies directly to the underlying software level, while we are in charge of forwarding the actual data in the middle of the hardware switch, only as the simplest data transmission service.

That means that in the process, the middle-tier hardware switch can be replaced, and even its functions can be further reduced. This scheme not only reduces the functional dependence of customers on hardware equipment, but also allows us to make further expansion according to the requirements of the software when we choose a scheme. As an open source SDN solution, Tungsten Fabric is committed to solving such a problem.

Tungsten Fabric, formerly known as OpenContrail, was officially open source in 2013, joined Linux Foundation in 2017 and changed its name to Tungsten Fabric in 2018. This is a very popular controller that can bring real SDN help to customers in terms of both functionality and performance in today's clouded environment, and it is an open source platform, which is very important.

In recent years, we have seen that many domestic enterprises and industries will have more speed, demand and diversity of cloud application than foreign countries. Open source brings more innovation in the process of finding suitable cloud resource management and scheduling for them.

In the process of deployment, the way we use is very simple, is to add a vRouter in the server layer, this virtual router will act as a platform for network control management, policy enforcement, and forwarding on each server node. It contains two aspects: in the control plane, it will uniformly accept the scheduling of the SDN controller to create the network, connect the network, and execute the corresponding policies. In the forwarding layer, it is based on LinuxKernel to forward, and different encapsulation methods can be used in the forwarding process.

In fact, what you can see is that our current network architecture, especially when I just mentioned that customers are gradually walking in a cloudy environment, the urgent demand they face is how to adopt a unified network solution in different environments, and this solution must not be provided by an independent manufacturer, or by an independent product platform.

In terms of current technological development, Tungsten Fabric has now begun to use docker, containerization will become a technical direction in the future, and its own SDN platform also needs to be further planned. Our product has grown from 3.0 in the early stage to 5.0 now, and it has become a completely containerized product. In terms of overall deployment, we also support platform support for containers.

In fact, in the course of visiting our customers in the past six months, we found that they are facing great problems, not the problem of K8s itself, but the problem of K8s network. He has his own unique thinking in network design, so that in the process of migration, it will bring a lot of tangled parts, how to access internal IP, what is the relationship between ingress and service, and so on. In this part, the open source Tungsten Fabric K8s platform can solve the problem of network communication for customers in actual deployment scenarios.

Further, customers are in the process of network and business migration, such as migrating from traditional OpenStack to K8s, or from bare metal to K8s. In this process, we go to get through the network.

Let's take a look at security. Customers often face such problems. For example, there are three scenarios. The first scenario is the testing environment. We have three businesses from A to B to C. if these three businesses are going to make a strategy, in the first scenario, we need to have a strategy, and it is a management-level distribution. If there is a second data center, maybe I will have a second strategy. To the third data center, there will be a third strategy.

What we want to achieve at Tungsten Fabric is to use only one policy across multiple cloud and multiple environments, which means that all security policies will not be based on location and platform, but entirely based on the customer's business capabilities. Let's make sure that ABC, no matter which platform the three businesses belong to, uses only one strategy for me and can be explicitly implemented in the open source version.

Further, we hope to deploy the strategy not only in the private cloud environment, but also in different public cloud environments and different platforms, which we hope to see. In the future SDN scenario, we will be able to provide customers with a unified network connection, as well as a unified security policy, which is a very important responsibility of SDN.

To sum up, the problem of multi-cloud interconnection is actually a big pain point and bottleneck in the process of customer development, because in the process of continuous migration, there are bound to be many different platforms, not only in public platforms, but also in commercial platforms. even open source platforms. In this process, it is very important to have a unified SDN control scheme for management, which can help customers to achieve business connectivity and unified deployment of security policies.

Further, customers want to control the technology in their own hands, when we carry out scientific research and innovation, open source technology can give us a lot of nourishment, it is an open source platform with open architecture.

I believe that in the process of the continuous development of the entire industry in the future, the technical architecture must be open and decoupled, and the interface will be unified, which can provide unified cloud management for the industries it serves, and at the same time further realize the independence, controllability and innovation of domestic cloud-related technologies.

What does Tungsten Fabric bring to people in all our industries? We see an autonomous solution that helps customers interconnect with multiple clouds, is easy to manage, and is not limited by any hardware devices.

Thank you very much for coming to this meeting today, everyone is so concerned about open source SDN, we also need to further think about what kind of SDN is helpful to the industry. We hope that technical practitioners in related industries can pay attention to the development of Tungsten Fabric. We are also committed to working with customers to achieve independent innovation in the cloud and promote the development of the industry in the future.

Thank you!

About Tungsten Fabric:

The Tungsten Fabric project is an open source project protocol that is developed based on standard protocols and provides all the components necessary for network virtualization and network security. The components of the project include: SDN controller, virtual router, analysis engine, northbound API release, hardware integration functions, cloud orchestration software and extensive REST API.

About the TF Chinese Community:

TF Chinese Community is initiated spontaneously by a group of Chinese volunteers who follow and love SDN, including technology veterans, market veterans, industry experts and experienced users. It will serve as a bridge between the community and China, disseminate information, submit questions, organize activities, and unite all forces interested in the multi-cloud Internet to effectively solve the problems encountered in the process of cloud network construction.

Follow Wechat: TF Chinese Community

Welcome to subscribe "Shulou Technology Information " to get latest news, interesting things and hot topics in the IT industry, and controls the hottest and latest Internet news, technology news and IT industry trends.