Overviews of Cloud Computing and SDN activities in WIDE Project

(1)

Overviews of Cloud Computing and

SDN activities in WIDE Project

Yuji Sekiya

The Univ. of Tokyo / WIDE Project

(2)

WIDE Project

 Research Consortium

• http://www.wide.ad.jp/

• Commercial companies, research institutions, and universities • over 50 organizations and over 1,000 people are joined

• Founder : Prof. Jun Murai • Director : Prof. Hiroshi Esaki

 Researches

• Activities are in working groups.

• WIDE workshop is held two times a year (May, December) • WIDE camp is held two times a year (March, September)

(3)

Cloud Computing Activities in WIDE Project

 Cloud WG in WIDE Project

• Started on 2010

 Targeted to evaluate and develop Fundamental

Technologies for Cloud Computing.

• Distributed Storage

• Load Balancing of Resources • Load Balancing of Applications

• Distributed Processing for Big Data

 Actual TestBed

• The first target is IaaS (Infrastructure as a Service) • WIDE Cloud (Inter-University IaaS Cloud)

(4)

WIDE Cloud

(5)

WIDE Cloud Architecture

 OpenSource Based

kvm RESTful API VM Image map646 iSCSI NFS NEMO VLAN libvirt Facility Layer Control Layer Middleware Layer Application Layer

Virtual Resource Layer

Network Server Storage _Application

F e d e ra te d C lo u d C o n tr o lle r Sheepdog SQL NoSQL VXLAN _LISP glusterFS

(6)

Challenges in WIDE Cloud

 Full IPv6 cloud

• Use map646 for IPv4 translation  Distributed Filesystem

• GlusterFS • ukai

 VM Mobility

• NEMO (Network Mobility) • VXLAN + LISP

 Resource Management • Auto VM migration

• Cloud Controller (WCC)  Not only IaaS

• Hadoop / Presto clusters are working for NECOMA Project

Distributed Storage

Location-Level Redundancy Network Mobility

Site A SiteB Migratable Network Site A SiteB Migratable Network Site A Site B Site C VM Replication

IPv6 Internet IPv4 Internet

Datacenter1 Datacenter 3 Datacenter 2 Datacenter 4 Hypervisors Hypervisors Hypervisors Hypervisors VMs NAT64 Boxes 10

(7)

It’s working over four years !!

 WCC : http://wcc.wide.ad.jp/  Over 400 VMs are working !

(8)

SDN Activities in WIDE Project

 GINEW Project

• Joint Research with NICT

• Provide virtual “SLICE” to users on JGN-X testbed

(9)

Basic Idea of User Defined and Organized Network

A B C Virtual Link Underlay Network Link Virtual Node Underlay Network Node

Then, Change the route of Virtual Link from A to B

Abstracted Layer of UDON

Corresponding Configura ons

Genera ng UDON API

(10)

Network Virtualization on JGN-X

Fukuoka HiroshimaOkayama Sendai

NICT Koganei VN OF OF OF OF DCN DCN OF Kanazawa Kagawa Okinawa OF VN VN VN NagoyaVN OF Kochi Osaka Iwate VN OF Tokyo DCN OF Sapporo 仮想資源グループ A JGN-X 利用者A JGN-X 利用者B 仮想資源グループ C 仮想化リソースプールレイヤー物理リソースプールレイヤー

Network Slice A _{Network Slice B}

仮想資源グループ B Network for User A

Zone A-1 Zone A-2

Network Slice B Zone B-1 Zone B-2 仮想化スライス提供レイヤーユーザ提供レイヤー東京大学担当ミドルウェア

(11)

Demonstration on SC13

TH _SG

• Adaptive Bandwidth Control • Application of GINEW API • Collaboration w/ PerfSONAR • User’s Program manage shared

bandwidth,

• Measuring by PerfSONAR • Controlling by GINEW

• Already prepared, Will be applied soon. => DONE Bandwidth Bandwidth Control User’s Program Sharing Bandwidth

(12)

SDN-IX

 Developing and Deploying SDN-IX (PIX-IE) • PIX-IE : Programmable Internet eXchange in EDO • Technology is developed in NECOMA Project  Current roles of Internet Exchanges

• Layer-3 IX / Layer-2 IX

• Exchanging “Internet Traffic” following BGP information

 Need more ?

• The granularity of TE (Traffic Engineering) is BGP prefix.

• BGP granularity is /24 (IPv4) and /48 (IPv6) prefixes

 Need more ?

• DDoS is one of the most serious problem in the Internet

• An ISP wants to prevent or mitigate the traffic at the edges of ingress

 Need more ?

• Path exchanges between Ases

• The index is not only VLAN.

(13)

NSPIXP Project

 Operated by WIDE Project

• Research IX

 2 IXs in Tokyo and Osaka

• DIX-IE (Tokyo) : 53 ASes • NSPIXP3 (Osaka) : 13 Ases

 Activities

• IPv4/IPv6 native dual stack • Connected between

Tokyo = OSAKA (NSPIXP23)

 More Research =>

• SDN-IX (Programmable IX)

NF Park ComSpace-1 NTT Otemachi @Tokyo GbE x 2 10G 20G(10G x 2) _{KDDI Otemachi} BI15K -1 BI15K -2 MLX-1 MLX-1 MLX-1 BI151 BI81 MLX-3 MG8-1 MG8-2 MLX-1 MLX-2

(14)

1) DDoS Prevention and Mitigation on IX

Programmable IX

(PIX-IE)

ISP ISP ISP ISP ISP ISP Victim

ISP _{Victim Service}

Spoofed SRC UDP Link

(15)

Current Solution

Programmable IX

(PIX-IE)

Spoofed SRC UDP Link

Saturation

The operator has to contact to each ISP, and ask to filter the DDoS packets …

Human Interaction

(16)

Solution by SDN

Programmable IX

(PIX-IE)

Mitigation

(17)

2) Flexible Path Exchanges

 The demand for extend own local network into other

Autonomous Systems

• Event : Temporally use (e.g. experiments at SC) • Connect to colocation hosts at Data Centers • IaaS Cloud

• Equinix serves their customers with private wires that are connected to Amazon EC2

 Existing way to extend

• VPN (including Overlay Networks): They have encapsulation and encryption overhead...

(18)

Programmable IX (PIX-IE) VLAN # migration

2) Flexible Path Exchanges

 Interconnection of VLAN, VXLAN, MPLS, Application…

VLAN : 30 VLAN : 100 VLAN : 2000 VLAN : 1000 VLAN : 500 VLAN : 50 Datacenter A Datacenter B Datacenter C Datacenter D

(19)

Current Implementation

Controller AS X Network AS Y Network Context + ASnum + VLANnum ①

Check Context and Authentication ② Context + ASnum + VLANnum ①’ JSON Format { context : “String”, AS : AS Number, VLAN : VLAN ID } OpenFlow based IX Create L2 circuit ③

(20)

Demonstration in Interop Tokyo 2014

 Interop Tokyo 2014

• The largest ITC events in Japan • Over 130,000 people are visited

(21)

Screenshots

(22)