scaling nfv are containers the answer
play

Scaling NFV - Are containers the answer? Azhar Sayeed - - PowerPoint PPT Presentation

Jan 20, 2023 •39 likes •389 views

Scaling NFV - Are containers the answer? Azhar Sayeed - asayeed@redhat.com Doug Smith - dosmith@redhat.com Acknowledgements This is a result of mul7ple efforts in Red Hat on Containers and Container Networking. We would like thank everyone who

  1. Scaling NFV - Are containers the answer? Azhar Sayeed - asayeed@redhat.com Doug Smith - dosmith@redhat.com

  2. Acknowledgements This is a result of mul7ple efforts in Red Hat on Containers and Container Networking. We would like thank everyone who helped us put this POC, demo and presenta7on together. A big thank you to Dan Williams (dcbw@redhat.com) and Rashid Khan (rkhan@redhat.com) for listening, • being pa7ent with us and for building a prototype that is really powerful Dan for whipping up slides and code in a maKer of 8 weeks. • Ajay Simha (asmiha@redhat.com) for his review and contribu7ons to the presenta7on • and the work he was doing with Doug Smith to build a POC Tomofumi Hayashi for his work on koko (Container Connector) basis for the demo • 2

  3. Agenda Introduc7on • Telco Requirements for NFV scale • Containers - how can they help ? • Scale ques7ons • Do they solve the problem ? • Issues and Challenges • Demo • Summary • 3

  4. Virtualiza7on Progression Applica7ons and Network Func7ons Virtualized Apps in - VMs Bare metal Virtualized Apps in Containers Containers in VMs and VMs in Containers?

  5. NFV - Use cases and scale vCPE - vCPE/SDWAN Residen7al Wireline Mobile vEPC/vIMS/ vGiLAN VoLTE Business Consumer 5

  6. NFV Use case - vCPE CPE virtualiza-on is not just about cost reduc-on but providing new services to customers at the pace of innova-on and Scale Virtualized Central Office OR Data Center Security & Firewall Enterprise vCPE Parental Control Residen7al vCPE Quota Management Home Automa7on Internet Residen7al NID NFVO SDN Controller VNFM(s) VIM Enterprise vCPE Security & Firewall Quality of Service (QoS) Traffic Shaping Device Management 6

  7. NFV requirements Generic NFV Workload Requirements ● Flexibility of IP address assignment - Public IP, Private IP, IPv4 and IPv6 etc - many VNFs require no NAT ○ DHCP based address assignment ● Mul7ple Interface assignment - Rou7ng, Metering etc ● Mul7-Tenancy and Management of overlays ● Packet Forwarding Performance requirements - All workloads are not equal ○ NIC bonding ○ NUMA affinity - container scheduling ○ Huge Page Support ○ CPU pinning or par77oning ○ Jumbo frames support ● Hybrid VNFs (container and VMs) ● Mixed topologies containers and VMs ● Load sharing ● Elas7city - Orchestra7on

  8. Scale metrics and factors A Mul7-dimensional problem for Telcos Total number of Sessions, subscribers scale • Service Density - VMs, Apps • Throughput scale • Orchestra7on scale • Number of comple7ons (Adds moves and deletes) • Management and troubleshoo7ng scale • Visibility and Traceability at scale • Audit Trail of Transac7ons • Development environments CI/CD • Introduc7on of new func7onality • It is not just about scale but also the speed of scale 8

  9. Scale metrics and factors Example: vCPE For Residen7al Services Footprint - Subscriber density • Typical BNG Router serves 300K IP Sessions - Half rack dedicated hardware • Adding QoS and other bells and whistles => 150-200K IP Sessions • Throughput per subscriber • 10Gbps connec7ons common - but simultaneous users and subscribers average to • <0.5Gbps per subscriber 50K ac7ve subscribers => 25 x 100Gbps sustained throughput • Number of VMs per server - VNF Requirements on CPU, Memory and IO • Number of Subs per VMs • Number of Servers • Number of cores needed to serve that throughput using OVS+Accelera7on or VPP • etc HOW CAN WE SCALE THIS TO EVEN HIGHER DESNITIES 9

  10. Why Containers? Containers: Sonware packaging concept that include an applica7on and all its run7me dependencies ● Low virtualiza7on overhead per VNF (applica7on) ● Low memory footprint ● Instant restart 7me ● Low Latency - due to a shared memory model ● Higher density per server/socket than VMs ● Encapsula7on of microservices ● Portability ● Determinis7c packaging ● Reasonable Isola7on can be accomplished easily

  11. Comparing VMs and Containers Virtual Machine VMs Guest OS is needed per VM ● App1 App2 Each Virtual Machine is isolated by the hypervisor ● App1 App2 Interface and hardware emulated by the Hypervisor ● OS OS Distribu7on of app 7ed to OS ● Libs Libs OS commonly tuned to deliver app performance ● Hypervisor Docker Engine Containers There is no hypervisor in the container stack ● Host OS Host OS Docker Engine acts as the “hypervisor” ● Each applica7on runs as a process in user space ● Isola7on through cnames ● Hardware Hardware Considered “lightweight” compared to VMs ● Packet forwarding performance dependent on ● kernel stack Orchestra7on via Kubernetes ● Container Stack VM Stack Scale - >10x ●

  12. VMs and Containers – Telco Evolu7on viewpoint VMs App App App App App App Libs & Run7me Libs & Run7me Guest OS Guest OS Libs & Run7me Libs & Run7me Guest OS Guest OS HYPERVISOR App App HYPERVISOR HOST OS HOST OS HW Libs & Run7me App App HW Containers in VM Guest OS (Tenant Isola7on) Libs & Run7me Hypervisor VM HOST OS HW App App Containers & VMs Libs & Run7me HOST OS HW Containers 12

  13. Containers & NFV 13

  14. Containers & NFV Applicability ● Use containers ala “VM” ● Leverage dockeriza7on of some func7ons - such as DHCP, IPAM, NAT, FW etc ● Not really separa7ng components within Network Func7ons (ala Microservices) as the network func7ons themselves are virtualized ● Intui7ve to apply and hence assumed easy to make it happen

  15. Revisi7ng the NFV requirements With Containers - How do they fare? ● Flexibility of IP address assignment to containers - Public IP, Private IP, IPv4 and IPv6 etc - many VNFs require no NAT ● Mul7ple Interface assignment to a container ● Mul7-Tenancy and Management of overlays ● Performance requirements - All workloads are not equal ○ NIC bonding ? ○ NUMA affinity - scheduling ? ○ Huge Page Support ? ○ CPU pinning or par77oning ● Hybrid VNFs (container and VMs) ● Mixed topologies containers and VMs ? ● Load sharing and scale

  16. Containers and NFV Telco provided defini7on ● Control plane heavy VNFs ○ High session count or control traffic Candidates for ○ Low data forwarding Containeriza7on ○ Latency and availability sensi7ve for network convergence ○ Examples - signaling, subscriber policy, control protocols ● Data plane heavy VNFs ○ Require large memory alloca7on ○ Large footprint applica7ons (CPU, memory, I/O) ○ High forwarding rate requirements ○ High volume of traffic ○ Examples - PGW, ePDG, DPI etc

  17. Sizing NFV Example ● Simple VNF - vRouter with 2 interfaces ○ Simple IGP and BGP Configura7on ○ Stock images - Vyos distribu7on ○ Memory needed to run the VM with basic alloca7ons - 387MB ● Containers 6-10X density ○ Same configura7on ○ Stock Container image ○ Run using Docker ○ Per container - 34MB ● vCPU alloca7ons per VM ○ Core processing for DPDK ○ 6-12 cores for VNFs like vEPC, BNG ○ 16-32GB of memory Notes: Smaller configs result in smaller containers - Only 1 BGP session and an IGP results in 28MB per container

  18. Forwarding performance with containers NFV = Line Rate Performance Requirement ● Use namespaces to isolate network func7ons ● Network namespaces for containers to see their resources ● Kernel performance becomes important ● Sonware switch - like macvlan ● Assign SR-IOV to network namespace ● Using DPDK accelera7on?

  19. Container Orchestra7on Scale of Orchestra7on ● Kubernetes - Scale is Proven - Openshin ○ Today operates largest of DCs with millions of containers ○ Enterprise IT and OTT ● Scaling number of pods and nodes ○ Common to find 100 Nodes and 3000 Pods for VNF deployments ● Kolla - Ansible playbooks with Docker Containers to provide produc7on ready containers for openstack clouds ● NFV special requirements ○ Constraints on Kubernetes/Openshin ○ What about OAM management, Traceability, Performance, conformance, audit trail

  20. OPENSHIFT – PLATFORM FOR CONTAINERS Atomic Host Networking Telemetry Security Storage Automa7on Clustering Kubernetes based OrchestraDon Docker Container Format

  21. Openstack and Containers Managing containers in Openstack Environments ● Run Openshin/Kubernetes on Openstack Kuryr ● Magnum ● ● Run Openstack services in containers ○ Kolla

  22. Subscriber Service Chaining – with Containers How does SFC work with containers? AAA Configura7on Policy Service Func7on Chain Parental Control VxLAN L2 NID HFC/GPON CPE vOLT VxLAN or IPSec Quota Firewall & NATing Management ⲙ VNF Applica7on or Content Cache Demarca7on point Cloud Boundary Central Office or DC • Containers at the remote site or central data center • S7tched together for service chaining – • same host –IPC • different hosts -VLAN/VXLAN • Port mapping architecture can be made to work here • Will this impact NSH or dynamic SFC? 22

  23. Proof of Concept 23

Recommend

Unprivileged Containers Jess Frazelle, @jessfraz How do containers help security? Containers are

Unprivileged Containers Jess Frazelle, @jessfraz How do containers help security? Containers are

Unprivileged Containers Jess Frazelle, @jessfraz How do containers help security? Containers are not going to be the answer to preventing your application from being compromised, but they can limit the damage from a compromise. How do

823 views • 25 slides
Auto-scaling deadline- constrained workloads in containers in the cloud Jay Jay DesLauriers

Auto-scaling deadline- constrained workloads in containers in the cloud Jay Jay DesLauriers

Auto-scaling deadline- constrained workloads in containers in the cloud Jay Jay DesLauriers DesLauriers Research Associate, University of Westminster Project COLA Horizon 2020 33 months Completion September 2019 14

309 views • 17 slides
Improving Trust in Containers Matthew Garrett @mjg59 | mjg59@coreos.com | coreos.com

Improving Trust in Containers Matthew Garrett @mjg59 | mjg59@coreos.com | coreos.com

Improving Trust in Containers Matthew Garrett @mjg59 | mjg59@coreos.com | coreos.com Containers are great Containers are resource efficient Containers make deployment easy Containers can be monitored easily Containers are secure But are

508 views • 38 slides
Everything you need to know about Containers Security Track Containers Jos Manuel Ortega

Everything you need to know about Containers Security Track Containers Jos Manuel Ortega

Everything you need to know about Containers Security Track Containers Jos Manuel Ortega @jmortegac Agenda Introduction to containers security Linux Containers(LXC) Docker Security Security pipeline &amp;&amp; Container

807 views • 57 slides
SUSE Containers as a Service Platform 53 53 Why Do You Want to Invest in Containers? 54 54

SUSE Containers as a Service Platform 53 53 Why Do You Want to Invest in Containers? 54 54

SUSE Containers as a Service Platform 53 53 Why Do You Want to Invest in Containers? 54 54 What are Containers? A package/image that can be deployed anywhere (thats running a Linux Kernel) Developers create a layered image of their

996 views • 53 slides
Herd of Containers Sad DIF Database Engineer Herd of Containers: PostgreSQL in containers at

Herd of Containers Sad DIF Database Engineer Herd of Containers: PostgreSQL in containers at

Herd of Containers Sad DIF Database Engineer Herd of Containers: PostgreSQL in containers at BlaBlaCar pgDay Paris, Mar 15, 2018 BlaBlaCar Overview Todays agenda PostgreSQL usage at BlaBlaCar Switching to a new implementation

844 views • 40 slides
Persistent storage for Containers Anil Degwekar What are we talking about? Containers have

Persistent storage for Containers Anil Degwekar What are we talking about? Containers have

Persistent storage for Containers Anil Degwekar What are we talking about? Containers have become popular replacing many Physical / Virtual Machine use cases But: The persistent storage problem for containers is still not fully solved

1.01k views • 17 slides
Containers in the Enterprise Avoiding the Kobayashi Maru Agenda Containers Bring Change

Containers in the Enterprise Avoiding the Kobayashi Maru Agenda Containers Bring Change

Containers in the Enterprise Avoiding the Kobayashi Maru Agenda Containers Bring Change An Approach Required Software Processes Cultural Changes Additional Concerns Lessons Learned Why This Talk? Containers are

678 views • 49 slides
Exploding the Linux Container Host Presenter: Ben Corrie (@bensdoings) Containers vs VMs

Exploding the Linux Container Host Presenter: Ben Corrie (@bensdoings) Containers vs VMs

Exploding the Linux Container Host Presenter: Ben Corrie (@bensdoings) Containers vs VMs Google Wisdom: VMs and Containers are similar but different Try running containers in VMs for security Containers are best for scale-out

314 views • 17 slides
Analysis of Scaling Algorithms for Matrix &amp; Operator Scaling Contents Scaling Algorithms

Analysis of Scaling Algorithms for Matrix &amp; Operator Scaling Contents Scaling Algorithms

Rafael Oliveira University of Toronto Analysis of Scaling Algorithms for Matrix &amp; Operator Scaling Contents Scaling Algorithms Three Step Analysis Generalization One More Application of Scaling Non-Negative Matrices &amp;

604 views • 15 slides
our container journey @beshippable shippable.com our container journey containers can

our container journey @beshippable shippable.com our container journey containers can

our container journey @beshippable shippable.com our container journey containers can make us way more efficient containers can save us money on hosting containers sound interesting company founded in 2013

848 views • 30 slides
Scaling From simple models to rich strategies PPPLab Day, November 30th Scaling: recent

Scaling From simple models to rich strategies PPPLab Day, November 30th Scaling: recent

Scaling From simple models to rich strategies PPPLab Day, November 30th Scaling: recent publications Insight Series Tool Animation The rationale for scaling As the SDGs require transformational change, scaling can provide: Reaching more

609 views • 37 slides
ETI se Scaling for many organizations Hierarchy Recursive vs T.to eRaokon traverses the

ETI se Scaling for many organizations Hierarchy Recursive vs T.to eRaokon traverses the

Discovery Naming or IN 5 Why name 172.217 11.14 or google.com Indirection Security Isafety concerns How name iEE f google.com Et Challenge Scaling Scaling for many clients Caching D y D ETI se Scaling for many organizations Hierarchy

215 views • 4 slides
The proposed containers are &quot;Flat-pack&quot; type. Disassembled and reduced as

The proposed containers are &quot;Flat-pack&quot; type. Disassembled and reduced as

CON-IMEX CONTAINERS 2009 AKAR Logistics 70 Beecham Court Owings Mills, MD 21117 USA Sophia Akar Tel: + 410-961-7232 / + 410-961-0327 Fax: + 410-356-8267 sophia@akarlogistics.com 1 / 20 GENERAL The proposed containers are

313 views • 20 slides
Fairport Containers Supporting the Charity Retail Sector www.fairportcontainers.co.uk

Fairport Containers Supporting the Charity Retail Sector www.fairportcontainers.co.uk

Fairport Containers Supporting the Charity Retail Sector www.fairportcontainers.co.uk Introductions David Porter Fairport Containers Director Steve Collinson Managing Director Fairport Containers Ltd Tam Unsworth Recycling Banks

552 views • 28 slides
Outline Scaling Scalinga Plenitude of Power Laws Scaling-at-large Scaling-at-large

Outline Scaling Scalinga Plenitude of Power Laws Scaling-at-large Scaling-at-large

Scaling Outline Scaling Scalinga Plenitude of Power Laws Scaling-at-large Scaling-at-large Scaling-at-large Principles of Complex Systems Allometry Allometry Definitions Definitions Course 300, Fall, 2008 Examples Examples

568 views • 27 slides
Singularity - Containers for Scientific Computing ZID Workshop Michael Fink Universitt

Singularity - Containers for Scientific Computing ZID Workshop Michael Fink Universitt

Singularity - Containers for Scientific Computing ZID Workshop Michael Fink Universitt Innsbruck Innsbruck Nov 2018 Overview Preliminaries Why containers Understanding Containers vs. Virtual Machines Comparison of

482 views • 37 slides
Alm dos Containers na Nuvem QConSP - Containers &amp; Devops 26 April 2017 Guilherme Rezende

Alm dos Containers na Nuvem QConSP - Containers &amp; Devops 26 April 2017 Guilherme Rezende

Alm dos Containers na Nuvem QConSP - Containers &amp; Devops 26 April 2017 Guilherme Rezende Globo.com About me Software Engineer at Globo.com/Tsuru @guilhermebr (GitHub) in/guilhermebr (LinkedIn) @gbrezende (Twitter) Agenda Cloud Native

636 views • 45 slides
So#ware Scaling Mo/va/on &amp; Goals HW Configura/on &amp; Scale Out So#ware Scaling

So#ware Scaling Mo/va/on &amp; Goals HW Configura/on &amp; Scale Out So#ware Scaling

So#ware Scaling Mo/va/on &amp; Goals HW Configura/on &amp; Scale Out So#ware Scaling Efforts System management Opera/ng system Programming environment PreAcceptance Work HW stabiliza/on &amp; early scaling

390 views • 19 slides
UMBC A B M A L T F O U M B C I M Y O R T 1 (10/18/04) I E S R C E O V

UMBC A B M A L T F O U M B C I M Y O R T 1 (10/18/04) I E S R C E O V

Advanced VLSI Design Scaling CMPE 640 Scaling Technology scaling rate is approximately 13%/year, halving every 5 years. 100 10 m 1 0.1 1960 1970 1980 1990 2000 The size of the circuits also continues to increase. Besides increasing

362 views • 7 slides
100% Containers Powered Carpooling Maxime Fouilleul Database Reliability Engineer BlaBlaCar -

100% Containers Powered Carpooling Maxime Fouilleul Database Reliability Engineer BlaBlaCar -

100% Containers Powered Carpooling Maxime Fouilleul Database Reliability Engineer BlaBlaCar - Facts &amp; Figures Infrastructure Ecosystem - 100% containers powered carpooling Todays agenda Stateful Services into containers - MariaDB as

463 views • 45 slides
Containers, VMs, and Clouds: Containers &amp; Clouds &amp; VMs: OH My Oh My! Mike Coleman,

Containers, VMs, and Clouds: Containers &amp; Clouds &amp; VMs: OH My Oh My! Mike Coleman,

Containers, VMs, and Clouds: Containers &amp; Clouds &amp; VMs: OH My Oh My! Mike Coleman, Technology Evangelist Docker @mikegcoleman Who Am I? Technology evangelist at Docker Former: Puppet, VMware, MSFT, Intel, and HP First

390 views • 25 slides
Unprivileged GPU containers on a LXD cluster GPU-enabled system containers at scale Stphane

Unprivileged GPU containers on a LXD cluster GPU-enabled system containers at scale Stphane

Unprivileged GPU containers on a LXD cluster GPU-enabled system containers at scale Stphane Graber Christian Brauner LXD project leader LXD maintainer @stgraber @brau_ner https://stgraber.org https://brauner.io

394 views • 12 slides
Cloud Native and Container Technology Landscape Chris Aniszczyk (@cra) Rise of Containers and

Cloud Native and Container Technology Landscape Chris Aniszczyk (@cra) Rise of Containers and

Cloud Native and Container Technology Landscape Chris Aniszczyk (@cra) Rise of Containers and Cloud Native Computing! Google running 2B+ containers per week! Internet scale companies are running containers too: Facebook, Twitter,

1.8k views • 49 slides

More recommend