Automating the DATACENTER

Slides:



Advertisements
Similar presentations
Virtual Links: VLANs and Tunneling
Advertisements

Copyright © 2004 Juniper Networks, Inc. Proprietary and Confidentialwww.juniper.net 1 E-VPN and Data Center R. Aggarwal
L3 + VXLAN Made Practical
Connect communicate collaborate GN3plus What the network should do for clouds? Christos Argyropoulos National Technical University of Athens (NTUA) Institute.
Ethernet VPN (EVPN) - Casos de Uso e Aplicação
Copyright © 2014, Oracle and/or its affiliates. All rights reserved. | Oracle’s Next-Generation SDN Platform Andrew Thomas Architect Corporate Architecture.
Introduction into VXLAN Russian IPv6 day June 6 th, 2012 Frank Laforsch Systems Engineer, EMEA
© 2008 Cisco Systems, Inc. All rights reserved.Cisco ConfidentialPresentation_ID 1 Chapter 5: Inter-VLAN Routing Routing & Switching.
L3vpn end-system draft Pedro Marques. Overview Defines a mechanism to associate an end- system virtual interface to an L3VPN. – Co-located forwarder:
Network Overlay Framework Draft-lasserre-nvo3-framework-01.
MPLS L3 and L2 VPNs Virtual Private Network –Connect sites of a customer over a public infrastructure Requires: –Isolation of traffic Terminology –PE,
A Scalable, Commodity Data Center Network Architecture.
Jennifer Rexford Princeton University MW 11:00am-12:20pm SDN Software Stack COS 597E: Software Defined Networking.
MPLS And The Data Center Adrian Farrel Old Dog Consulting / Juniper Networks
1 Computer Networks LAN Bridges and Switches. 2 Where are we?
Data Center Network Redesign using SDN
Networking in the cloud: An SDN primer Ben Cherian Chief Strategy Midokura.
Draft-bitar-nvo3-vpn-applicability-00.txt Page - 1 Cloud Networking: Framework and VPN Applicability draft-bitar-nvo3-vpn-applicability-00.txt Nabil Bitar.
© 2002, Cisco Systems, Inc. All rights reserved..
VXLAN Nexus 9000 Module 6 – MP-BGP EVPN - Design
VXLAN – Deepdive Module 5
© 2008 Cisco Systems, Inc. All rights reserved.Cisco ConfidentialPresentation_ID 1 Chapter 1: Introduction to Scaling Networks Scaling Networks.
1 © OneCloud and/or its affiliates. All rights reserved. VXLAN Overview Module 4.
1 © 2003, Cisco Systems, Inc. All rights reserved. CCNA 3 v3.0 Module 9 Virtual Trunking Protocol.
Cisco S3C3 Virtual LANS. Why VLANs? You can define groupings of workstations even if separated by switches and on different LAN segments –They are one.
Chapter 3 - VLANs. VLANs Logical grouping of devices or users Configuration done at switch via software Not standardized – proprietary software from vendor.
E-VPN on UW System Network Michael Hare. Purpose of presentation A high level introduction to E-VPN A simple lab demonstration For our documentation,
1 Copyright © 2009 Juniper Networks, Inc. E-VPN for NVO Use of Ethernet Virtual Private Network (E-VPN) as the carrier-grade control plane.
VS (Virtual Subnet) draft-xu-virtual-subnet-03 Xiaohu Xu IETF 79, Beijing.
EVPN: Or how I learned to stop worrying and love the BGP
VXLAN DCI Using EVPN draft-boutros-l2vpn-vxlan-evpn-01.txt Sami Boutros Ali Sajassi Samer Salam Dennis Cai IETF 86, March 2013 Orlando, Florida.
Atrium Router Project Proposal Subhas Mondal, Manoj Nair, Subhash Singh.
Cisco Study Guide
Global Table Multicast with BGP-MVPN Protocol
EVPN: Or how I learned to stop worrying and love the BGP Tom Dwyer, JNCIE-ENT #424 Clay Haynes, JNCIE-SEC # 69 JNCIE-ENT # 492.
MPLS Virtual Private Networks (VPNs)
EVPN Unifying control plane
InterVLAN Routing 1. InterVLAN Routing 2. Multilayer Switching.
TRILL DataCenter/Campus/PBB Inter-connect over IP core with BGP
Determining Topology from a Capture File
Virtual Hub & Spoke with BGP EVPNs
MPLS VPN Implementation
© 2002, Cisco Systems, Inc. All rights reserved.
Scaling the Network: The Internet Protocol
Virtual Subnet : A L3VPN-based Subnet Extension Solution
Revisiting Ethernet: Plug-and-play made scalable and efficient
Hierarchical Fabric Designs
Operating Wide-Area Ethernet Networks
Chapter 4 Data Link Layer Switching
Chapter 5: Inter-VLAN Routing
DCI using TRILL Kingston Smiler, Mohammed Umair, Shaji Ravindranathan,
TRILL MPLS-Based Ethernet VPN
Get Valid Juniper JN0-680 Exam Question Answers - JN0-680 Dumps Realexamdumps.com
Marrying OpenStack and Bare-Metal Cloud
MPLS - How does it work ?.
Extending MPLS/BGP VPNs to End-Systems
NTHU CS5421 Cloud Computing
Kireeti Kompella Juniper Networks
EVPN a very short introduction
Attilla de Groot | Sr. Systems Engineer, HCIE #3494 | Cumulus Networks
Top #1 in China Top #3 in the world
Label Switched VPNs – Scalability and Performance Analysis
BGP-Based SPF IETF 98, Chicago
IS-IS VPLS for Data Center Network draft-xu-l2vpn-vpls-isis-02
EVPN multi-homing port-active load-balancing IETF-101 [London]
EVPN multi-homing port-active load-balancing IETF-103 [Bangkok]
Applicability of EVPN to NVO3 Networks
BGP VPN service for SRv6 Plus IETF 105, Montreal
Tim Strakh CEO, IEOFIT CCIE RS, CCIE Sec CCIE Voice, CCIE DC
Presentation transcript:

Automating the DATACENTER Christos Argyropoulos cargious@noc.grnet.gr GRNET June 13, 2018, TNC18: Trondheim

The problem Expanding from To three new datacenters 2 Expanding from Two small DCs One larger one: 22 racks To three new datacenters Athens: 36 racks (with the expansion) Knossos: 26 racks Louros: 14 racks Network architecture? Address existing problems Balance between already tested and more innovative solutions Satisfy new requirement: VLAN stretch between datacenters IP Fabric solution for GRNET Datacenters 13 Jun 2018, TNC18, Trondheim

Typical GRNET DC Rack Storage Lane Also: Traditional SAN/NAS 3 Storage Lane Distributed Object Storage: Debian, Ceph/RADOS Also: Traditional SAN/NAS Baremetal servers or Colocated third party servers Monitoring stations, PDUs, TS, … Networking Lane Virtual Machines Lane Debian, KVM, Ganeti, okeanos/vima No routing protocols between hosts & network. Simple linux bridging or ARP proxying IP Fabric solution for GRNET Datacenters 13 Jun 2018, TNC18, Trondheim

GRNET DC Network Single switching fabric across the entire datacenter 4 GRNET Core Single switching fabric across the entire datacenter VLANs stretching DC router(s) Intervlan routing Routing with GRNET IP core Firewalling Server Connectivity Active/Active (LACP) Active/Backup Single homed DC Network IP Fabric solution for GRNET Datacenters 13 Jun 2018, TNC18, Trondheim

Previous Architectures: Ethernet + IP 5 Legacy Ethernet + IP HW redundancy: two of everything First Hop Redundancy: VRRP Redundant connections to the IP Network No Spanning Tree Limitations Servers are multihomed  no LACP Poor link utilization (no active/active scenario) BUM & Mac learning problems due to the topology InterDC VLAN stretch without redundancy (L2 VPNs) Mixed mode stacking not so problem free Core Router A Core Router B DC Router A DC Router B Stacked Switch Stacked Switch IP Fabric solution for GRNET Datacenters 13 Jun 2018, TNC18, Trondheim

Previous Architectures: (closed) Fabric architectures 6 Limitations: Complex implementations often problematic in large scale Difficulty in debugging due to ‘closed’ proprietary solutions Often platforms are immature which results to bugs Eventually too many hours wasted in troubleshooting and bringing the solution to ‘production ready’ state. All tested solutions already outdated Looking for something new to avoid vendor ‘black box’ solutions Core Router A Core Router B Linecard switch Aggregation Switch LACP LACP Link for multi-chassis synchronization IP Fabric solution for GRNET Datacenters 13 Jun 2018, TNC18, Trondheim

IP Fabric (aka IP Clos): the recipe 7 Topology: Build a decades old topology  IP Clos Make use of existing hardware  Juniper QFX5K as ToR switches Add two new powerhouse Devices for the spine layer  Juniper QFX10K Overlay Networking with EVPN as control plane In theory decouple the network from the physical hardware  programmatically provisioned in a much larger scale All_active physical topologies Anycast layer 3 gateways All traffic is L3 with: VXLAN Dataplane encapsulation for Overlay Tunnels Limitations: network overhead since all VM traffic is now encapsulated with VXLAN header (+64 bits) No STP / no MC-LAG IP Fabric solution for GRNET Datacenters 13 Jun 2018, TNC18, Trondheim 7

VXLAN: Brief introduction 8 Overview RFC 7348 Tunneling (overlay) protocol that encapsulates all traffic in IP/UDP Can be described as MAC-over-UDP with a globally unique identifier VLAN-like separation, according to VXLAN ID Tunnels are build between VXLAN Tunnel Endpoints (VTEPs) Need of a control plane to minimize flooding and better facilitate learning All traffic is L3 no need for STP Forward traffic between IP Fabric nodes referred to as the underlay Outer IP VXLAN VNID Payload Service Separation IP Fabric solution for GRNET Datacenters 13 Jun 2018, TNC18, Trondheim

EVPN: Brief introduction 9 Overview Key Concepts RFC 7432: BGP MPLS-Based Ethernet VPN Co-authored by Cisco,Juniper, Alcatel-Lucent, Verizon, AT&T Stated as evolution over existing L2VPN and VPLS solutions Can use both MPLS and VXLAN as transport Solves flood and learn problem mentioned in VXLAN Provides redundant (anycast) gateways Active / Active server multihoming Implemented as another BGP address family (NLRI) Introduces Route Types for Ethernet Segment (ES) Auto discovery MAC/IP advertisement MAC addresses are treated as routable addresses and advertised via BGP BUM traffic and loop avoidance PE devices in same ES auto discovery (allows for active/active) Traffic is sent to the appropriate VTEP (no flooding) Route filtering & route distribution IP Fabric solution for GRNET Datacenters 13 Jun 2018, TNC18, Trondheim

GRNET IP Fabric topology 10 Spine & Leaf topology SPINE: Juniper QFX1002 nx10G uplink to GRNET core LEAF: Juniper QFX5100 2x40G uplink Server: 2x1/10G UTP Multihoming: In pairs of racks LACP or Active-Backup Core Router A Core Router B Juniper QFX10K Juniper QFX 10K Juniper QFX5K Juniper QFX5K Juniper QFX5K Juniper QFX5K IP Fabric solution for GRNET Datacenters 13 Jun 2018, TNC18, Trondheim

The Underlay Network Each IP Fabric device acts as L3 11 Each IP Fabric device acts as L3 eBGP between the devices: Route distribution of Loopbacks Multipath load balancing between available paths Loopbacks & Backbone links from 10.0.0.0/8 One Private AS per device Unique assignments within GRNET (for future inter-DC connectivity) Loopback IPs & ASN helps to identify rack number Loopbacks are used as VXLAN VTEPs (Tunneling Endpoints) 65491 65492 65401 65402 65403 65404 IP Fabric solution for GRNET Datacenters 13 Jun 2018, TNC18, Trondheim

The Overlay Network iBGP mesh among all devices 12 iBGP mesh among all devices Additional AS# for iBGP Spines: route reflectors EVPN address family (nlri) EVPN: Advertise MACs (…) Each PE advertises its local MACs (per VXLAN) L3 devices advertise MAC-IP bindings (per VXLAN) L3 (gateways)@Spines Mostly because of limitations of the leaves (QFX5100). Distributed Gateway for redundancy and performance Server ports Trunk or access VLAN <-> VXLAN LACP with two PE devices + loop avoidance 65499 65499 65499 65499 65499 65499 IP Fabric solution for GRNET Datacenters 13 Jun 2018, TNC18, Trondheim

L2 stretch between Datacenters 13 Customer data routing is done at the Spines Data Center interconnect using ‘Asymmetric routing’  Egress PE does only L2 lookup to the local ethernet switching table that is populated from the EVPN control-plane Spines are connected over eBGP underlay to announce the VXLAN termination points (IPs used for the overlay network) Spines are connected over iBGP overlay to announce the MAC+IP NLRIs (EVPN) Ingress MAC-VRF IP-VRF Egress IP-VRF MAC-VRF 1 2 3 4 5 MAC REWRITE IP Fabric solution for GRNET Datacenters 13 Jun 2018, TNC18, Trondheim

Automation 14 Describe the topology with the addressing scheme in one YAML file IP Fabric solution for GRNET Datacenters 13 Jun 2018, TNC18, Trondheim

Ansible and IP Fabric 15 Allow new tasks to be executed and build underlay/overlay topologies New roles (templates + tasks) to our Ansible playbooks dcf-topology dcf-service IP Fabric solution for GRNET Datacenters 13 Jun 2018, TNC18, Trondheim

Introduce a new service 16 Build server interfaces, VLANs and Layer 3 redundant gateways via Ansible IP Fabric solution for GRNET Datacenters 13 Jun 2018, TNC18, Trondheim

Compete playbook run 17 Build one complete IP Fabric DC configuration and deploy L2 and L3 services in under 3 minutes! In this example Ansible has produced configuration for 36 Leaves and 2 Spine switches with 597 interfaces and 377 VLANs (!!!) IP Fabric solution for GRNET Datacenters 13 Jun 2018, TNC18, Trondheim

Reality: An adventure Addressing scheme for 18 Addressing scheme for VTEP IPs IN-band management -> loopbacks Eventually a new carrier VRF to completely separate the management traffic Underlay ASNs Multiply by number of DCs Many limitations on the Broadcom chipset on QFX5100 Early adoption of EVPN implementation on QFX platforms Bugs… Easier troubleshooting due to openness of the solution Lot of support/attention from Juniper (win-win case) Netconf support from the beginning: ease of service deployment and configuration changes with Ansible IP Fabric solution for GRNET Datacenters 13 Jun 2018, TNC18, Trondheim

Thank you! 19 IP Fabric solution for GRNET Datacenters 13 Jun 2018, TNC18, Trondheim

Feedback: Privacy Policy Feedback
Do Not Sell My Personal Information
About project: SlidePlayer Terms of Service

© 2024 SlidePlayer.com. Inc. All rights reserved.