DOCSLIB.ORG

Network Service Mesh Solving Cloud Native IMS Networking Needs

Total Page:16

File Type:pdf, Size:1020Kb

Download full-text PDF Read full-text

Load more

IT 20 044 Examensarbete 30 hp July 2020 Network Service Mesh Solving Cloud Native IMS Networking Needs Lionel Jouin Institutionen för informationsteknologi Department of Information Technology Abstract Network Service Mesh Solving Cloud Native IMS Networking Needs Lionel Jouin Teknisk- naturvetenskaplig fakultet UTH-enheten With the growing demand for mobile networks and specially IP Multimedia subsystem (IMS), new cloud native orchestration tools Besöksadress: providing more flexibility and efficiency start to be used within Ångströmlaboratoriet Lägerhyddsvägen 1 telecommunication companies in order to improve the robustness and Hus 4, Plan 0 the reliability of these systems. However, Kubernetes, the most used among cloud native orchestration tools does not fulfill completely Postadress: all the needs and use cases in terms of networking the Box 536 751 21 Uppsala telecommunication industry meets. Network Service Mesh (NSM), a new Cloud Native Computing Foundation (CNCF) project, aiming to address Telefon: complex networking use cases in Kubernetes might solve the different 018 – 471 30 03 issues IP multimedia subsystem face. Detailed designs and Telefax: implementations using Network Service Mesh coupled with diverse 018 – 471 30 00 networking technologies are shown in this thesis with the objective of solving the networking IP multimedia subsystem requirements (e.g. Hemsida: the NAT issue and the secondary network). In addition, an analysis http://www.teknat.uu.se/student and an evaluation of Network Service Mesh is given together with a presentation of the ability of this new project to bring solutions to IP Multimedia subsystem based on a cloud native technology. Handledare: Saminathan Vijayabaskar Ämnesgranskare: Thiemo Voigt Examinator: Mats Daniels IT 20 044 Tryckt av: Reprocentralen ITC Acknowledgements This work has been conducted in collaboration with Ericsson. I want to thank the company for having provided all the information and resources I required to complete this project. Special thanks to Jerker Zetterlund for his constant support and for giving me this wonderful opportunity to work at Ericsson. To my supervisor, Saminathan Vijayabaskar, I would like to express my gratitude for his very helpful experience and kindness. I would also like to thank those who, in any way, have been involved in my thesis work. Further, I would like to thank my reviewer Thiemo Voigt at Uppsala University for his precious advices and comments for structuring and writing this document. July 3rd, 2020 Lionel Jouin Contents 1 Introduction1 1.1 Motivation and Objectives.......................2 1.2 Delimitations..............................2 1.3 Structure of the Report.........................3 2 Background4 2.1 IP Multimedia subsystem........................4 2.1.1 Network address translation issues...............5 2.1.2 Traffic separation / Secondary network............6 2.1.3 Environment..........................6 2.2 Linux..................................6 2.2.1 Namespaces...........................7 2.2.2 Container............................7 2.3 Kubernetes...............................7 2.3.1 Service.............................7 2.3.2 Container Network Interface..................8 2.4 Network Function............................8 2.4.1 Load Balancing.........................9 2.4.2 Firewall............................. 10 2.4.3 BGP / ECMP.......................... 10 2.5 Service Mesh.............................. 10 2.6 Network Service Mesh......................... 11 2.6.1 Control plane.......................... 13 2.6.2 Data plane........................... 14 2.6.3 Service Function Chaining................... 15 2.6.4 Community and future development.............. 16 2.7 Related work.............................. 17 2.7.1 NAT............................... 17 2.7.2 Alternatives........................... 17 2.7.3 Performance.......................... 18 i 3 Design 19 3.1 Ingress traffic alternatives........................ 19 3.1.1 Host shared........................... 19 3.1.2 VPN.............................. 21 3.1.3 MACVLAN / IPVLAN..................... 23 3.1.4 Overlay Network / VxLAN.................. 25 3.1.5 Load Balancing and VIP advertisement............ 27 3.2 Egress traffic alternatives........................ 28 3.2.1 Tunneling............................ 29 3.2.2 NSE delegation......................... 29 3.2.3 Connection Tracker / Port Allocation............. 30 3.2.4 Multiple NSEs......................... 32 3.2.5 Dynamic allocation by the application............. 32 3.3 Data plane / Control plane separation.................. 32 4 Implementation 36 4.1 Environment............................... 36 4.1.1 OpenStack........................... 36 4.1.2 Kubernetes........................... 37 4.1.3 Development.......................... 37 4.2 Network Service Endpoint....................... 37 4.2.1 Interface............................ 37 4.2.2 VPN.............................. 38 4.2.3 Load Balancing......................... 39 4.2.4 BGP............................... 40 4.2.5 Port allocation......................... 40 4.3 Network Function Chaining...................... 42 4.4 Network Service Client......................... 44 5 Evaluation 46 5.1 Benchmarking methodology...................... 46 5.2 Data plane performance......................... 47 5.2.1 External Connectivity..................... 47 5.2.2 Network Service Mesh Connectivity.............. 49 5.3 Security................................. 50 5.4 Scalability................................ 50 6 Conclusions and Future work 52 ii List of Figures 2.1 Reference Architecture of the IP Multimedia Core Network Subsystem5 2.2 Overview of networking in Kubernetes with NSM........... 12 2.3 Network Service Chaining example.................. 16 3.1 NSM - Ingress - Host Shared...................... 20 3.2 NSM - Ingress - VPN.......................... 22 3.3 NSM - Ingress - IPVLAN/MACVLAN................. 24 3.4 NSM - Ingress - VxLan......................... 26 3.5 NSM - Ingress - BGP and IPVS.................... 28 3.6 NSM - Egress - NAT.......................... 30 3.7 NSM - Egress - No NAT........................ 31 3.8 NSM - Data plane / Control plane separation using namespaces.... 34 4.1 LVS - Packet Flow........................... 41 5.1 External Connectivity performances.................. 48 5.2 Network Service Mesh Connectivity performances.......... 49 iii Listings 4.1 IPVS command to create a service................... 39 4.2 IPVS command to add a real server to a service............ 39 4.3 IPVS command to remove a real server from a service......... 40 4.4 IPTables command to mark TCP packets according to a destination port range................................ 42 4.5 Specification of an NSM Network service............... 42 4.6 Specification of a Network Service Endpoint deployment....... 43 4.7 Specification of a Network Service Client deployment......... 44 4.8 IPTables to source NAT outgoing traffic................ 45 iv List of symbols and abbreviations 3GPP 3rd Generation Partnership Project AS Autonomous System ASIC Application-specific integrated circuit BGP Border Gateway Protocol CIDR Classless Inter-Domain Routing CNCF Cloud Native Computing Foundation CNF Cloud Network Function CNI Container Network Interface DC Data Center DHCP Dynamic Host Configuration Protocol DNS Domain Name System DPDK Data Plane Development Kit ECMP Equal-Cost Multi-path Routing EVPN Ethernet VPN fps Frames per Second FQDN Fully Qualified Domain Name FTP File Transfer Protocol fwmark Firewall Mark GRE Generic Routing Encapsulation gRPC gRPC Remote Procedure Calls HTTP Hypertext Transfer Protocol IANA Internet Assigned Numbers Authority IETF Internet Engineering Task Force IMS IP Multimedia Subsystem IoT Internet of Things IP Internet Protocol IPAM IP Address Management IPsec Internet Protocol Security IPVS IP Virtual Server ipvsadm IPVS Administration ISP Internet Service Provider LAN Local Area Network v LB Load Balancer LVS Linux Virtual Server MAC Media Access Control memif Shared Memory Packet Interface MP-BGP Multiprotocol BGP MTAS Multimedia Telephony Application Server MTU Maximum Transmission Unit NAPT Network Address Port Translation NAT Network Address Translation NFV Network function virtualization NSE Network Service Endpoint NSM Network Service Mesh OCI Open Containers Initiative OS Operating System OSI Open Systems Interconnection OVS Open vSwitch PCIe Peripheral Component Interconnect Express pps Packets per Second QoS Quality of service RDMA Remote Direct Memory Access RFC Request for Comments SCTP Stream Control Transmission Protocol SDK Software Development Kit SDN Software-Defined Networking SDP Session Description Protocol SFC Service Function Chaining SIP Session Initiation Protocol SR-IOV Single-root input/output virtualization srv6 Segment Routing over IPv6 TCP Transmission Control Protocol Telco Telephone Company TOE TCP Offload Engine UDP User Datagram Protocol URLLC Ultra-Reliable and Low Latency Communications us Microsecond veth Virtual Ethernet Device VIP Virtual IP VLAN Virtual Local Area Network VM Virtual Machine VNF Virtual Network Function VNI VLAN/VxLAN Network Identifier VPN Virtual Private Network VPP Vector Packet Processing VxLAN Virtual eXtensible Local Area Network YAML YAML Ain’t Markup Language vi Chapter 1 Introduction In recent years, the growth of data production and consumption has never stopped increasing. One of the main motivations for the development of 5G is to manage this amount of data caused by existing technologies
Recommended publications
  • Migration Toward Safer, Secure Data Management

    Migration Toward Safer, Secure Data Management

    Cloud Database Trend Report Migration toward safer, secure data management BROUGHT TO YOU IN PARTNERSHIP WITH Table of Contents Highlights and Introduction 3 BY MELISSA HABIT Key Research Findings 4 BY MATT LEGER Leaders in Cloud Database 11 BY LINDSAY SMITH Ensuring SQL Server High Availability in the Cloud 16 BY DAVE BERMINGHAM Data Safety in Cloud-Based Databases 21 BY GRANT FRITCHEY 28 Diving Deeper Into Cloud Databases To sponsor a Trend Report: Call: (919) 678-0300 Email: [email protected] DZONE TREND REPORT: CLOUD DATABASES PAGE 2 Highlights and Introduction By Melissa Habit, Publications Manager at DZone Trends in cloud data storage continue to accelerate at a rapid pace. Now more than ever, organizations must evaluate their current and future data storage needs to find solutions that align with business goals. While cloud databases are relatively new to the scene, they show tremendous prospect in securing and managing data. In selecting our topic for this Trend Report, we found the amount of promise and advancement in the space to be unparalleled. This report highlights DZone’s original research on cloud databases and contributions from the community, as well as introduces new offerings within DZone Trend Reports. While you may know her as your friendly Java Zone copy editor, Lindsay Smith has stepped into the role of DZone’s Publications Content Manager. Among many new endeavors, she’s spearheading our new strategy for Executive Insights — a series we’ve titled, “Leaders in Tech,” which serves to complement our original research. The series focuses on the viewpoints of industry frontrunners, tech evangelists, and DZone members who share their insights into research findings and outlooks for the future.
  • Administration Guide Administration Guide SUSE Linux Enterprise High Availability Extension 15 SP1 by Tanja Roth and Thomas Schraitle

    Administration Guide Administration Guide SUSE Linux Enterprise High Availability Extension 15 SP1 by Tanja Roth and Thomas Schraitle

    SUSE Linux Enterprise High Availability Extension 15 SP1 Administration Guide Administration Guide SUSE Linux Enterprise High Availability Extension 15 SP1 by Tanja Roth and Thomas Schraitle This guide is intended for administrators who need to set up, congure, and maintain clusters with SUSE® Linux Enterprise High Availability Extension. For quick and ecient conguration and administration, the product includes both a graphical user interface and a command line interface (CLI). For performing key tasks, both approaches are covered in this guide. Thus, you can choose the appropriate tool that matches your needs. Publication Date: September 24, 2021 SUSE LLC 1800 South Novell Place Provo, UT 84606 USA https://documentation.suse.com Copyright © 2006–2021 SUSE LLC and contributors. All rights reserved. Permission is granted to copy, distribute and/or modify this document under the terms of the GNU Free Documentation License, Version 1.2 or (at your option) version 1.3; with the Invariant Section being this copyright notice and license. A copy of the license version 1.2 is included in the section entitled “GNU Free Documentation License”. For SUSE trademarks, see http://www.suse.com/company/legal/ . All other third-party trademarks are the property of their respective owners. Trademark symbols (®, ™ etc.) denote trademarks of SUSE and its aliates. Asterisks (*) denote third-party trademarks. All information found in this book has been compiled with utmost attention to detail. However, this does not guarantee complete accuracy. Neither SUSE
  • Department of Defense Enterprise Devsecops Initiative

    Department of Defense Enterprise Devsecops Initiative

    Headquarters U.S. Air Force I n t e g r i t y - S e r v i c e - E x c e l l e n c e How did the Department of Defense move to Kubernetes and Istio? Mr. Nicolas Chaillan Chief Software Officer, U.S. Air Force Co-Lead, DoD Enterprise DevSecOps Initiative V2.5 – UNCLASSFIED Must Adapt to Challenges Must Rapidly Adapt To Challenges I n t e g r i t y - S e r v i c e - E x c e l l e n c e 2 Must Adapt to Challenges Work as a Team! Must Adapt To Challenges I n t e g r i t y - S e r v i c e - E x c e l l e n c e 3 Must Adapt to Challenges Work as a Team! A Large Team! Must Adapt To Challenges I n t e g r i t y - S e r v i c e - E x c e l l e n c e 4 Must Adapt to Challenges With Various TechnologiesWork as a Team! A Large Team! Must Adapt To Challenges I n t e g r i t y - S e r v i c e - E x c e l l e n c e 5 Must Adapt to Challenges With Various Technologies Work as a Team! A Large Team! Must AdaptBring To Challenges It With Us! I n t e g r i t y - S e r v i c e - E x c e l l e n c e 6 Must Adapt to Challenges With Various Technologies Work as a Team! Even To Space! A Large Team! Must AdaptBring To Challenges It With Us! I n t e g r i t y - S e r v i c e - E x c e l l e n c e 7 Must Adapt to Challenges With Various Technologies Work as a Team! To Space! A Large Team! MustWith Adapt a FewBring To Sensors! Challenges It With Us! I n t e g r i t y - S e r v i c e - E x c e l l e n c e 8 With Their Help! Must Adapt to Challenges With Various Technologies Work as a Team! To Space! A Large Team! MustWith Adapt a FewBring To Sensors! Challenges It With Us! I n t e g r i t y - S e r v i c e - E x c e l l e n c e 9 What is the DoD Enterprise DevSecOps Initiative? Joint Program with OUSD(A&S), DoD CIO, U.S.
  • Scibian 9 HPC Installation Guide

    Scibian 9 HPC Installation Guide

    Scibian 9 HPC Installation guide CCN-HPC Version 1.9, 2018-08-20 Table of Contents About this document . 1 Purpose . 2 Structure . 3 Typographic conventions . 4 Build dependencies . 5 License . 6 Authors . 7 Reference architecture. 8 1. Hardware architecture . 9 1.1. Networks . 9 1.2. Infrastructure cluster. 10 1.3. User-space cluster . 12 1.4. Storage system . 12 2. External services . 13 2.1. Base services. 13 2.2. Optional services . 14 3. Software architecture . 15 3.1. Overview . 15 3.2. Base Services . 16 3.3. Additional Services. 19 3.4. High-Availability . 20 4. Conventions . 23 5. Advanced Topics . 24 5.1. Boot sequence . 24 5.2. iPXE Bootmenu Generator. 28 5.3. Debian Installer Preseed Generator. 30 5.4. Frontend nodes: SSH load-balancing and high-availability . 31 5.5. Service nodes: DNS load-balancing and high-availability . 34 5.6. Consul and DNS integration. 35 5.7. Scibian diskless initrd . 37 Installation procedure. 39 6. Overview. 40 7. Requirements . 41 8. Temporary installation node . 44 8.1. Base installation . 44 8.2. Administration environment . 44 9. Internal configuration repository . 46 9.1. Base directories . 46 9.2. Organization settings . 46 9.3. Cluster directories . 48 9.4. Puppet configuration . 48 9.5. Cluster definition. 49 9.6. Service role . 55 9.7. Authentication and encryption keys . 56 10. Generic service nodes . 62 10.1. Temporary installation services . 62 10.2. First Run. 62 10.3. Second Run . 64 10.4. Base system installation. 64 10.5. Ceph deployment . 66 10.6. Consul deployment.
  • Separating Protection and Management in Cloud Infrastructures

    Separating Protection and Management in Cloud Infrastructures

    SEPARATING PROTECTION AND MANAGEMENT IN CLOUD INFRASTRUCTURES A Dissertation Presented to the Faculty of the Graduate School of Cornell University in Partial Fulfillment of the Requirements for the Degree of Doctor of Philosophy by Zhiming Shen December 2017 c 2017 Zhiming Shen ALL RIGHTS RESERVED SEPARATING PROTECTION AND MANAGEMENT IN CLOUD INFRASTRUCTURES Zhiming Shen, Ph.D. Cornell University 2017 Cloud computing infrastructures serving mutually untrusted users provide se- curity isolation to protect user computation and resources. Additionally, clouds should also support flexibility and efficiency, so that users can customize re- source management policies and optimize performance and resource utiliza- tion. However, flexibility and efficiency are typically limited due to security requirements. This dissertation investigates the question of how to offer flexi- bility and efficiency as well as strong security in cloud infrastructures. Specifically, this dissertation addresses two important platforms in cloud in- frastructures: the containers and the Infrastructure as a Service (IaaS) platforms. The containers platform supports efficient container provisioning and execut- ing, but does not provide sufficient security and flexibility. Different containers share an operating system kernel which has a large attack surface, and kernel customization is generally not allowed. The IaaS platform supports secure shar- ing of cloud resources among mutually untrusted users, but does not provide sufficient flexibility and efficiency. Many powerful management primitives en- abled by the underlying virtualization platform are hidden from users, such as live virtual machine migration and consolidation. The main contribution of this dissertation is the proposal of an approach in- spired by the exokernel architecture that can be generalized to any multi-tenant system to improve security, flexibility, and efficiency.
  • F5 BIG-IP 12.1.3.4 for LTM+APM Security Target

    F5 BIG-IP 12.1.3.4 for LTM+APM Security Target

    F5 BIG-IP 12.1.3.4 for LTM+APM Security Target Release Date: January 15, 2019 Version: 1.3 Prepared By: Saffire Systems PO Box 40295 Indianapolis, IN 46240 Prepared For: F5 Networks, Inc. 401 Elliott Avenue West Seattle, WA 98119 ã 2018 F5 Networks. All Rights Reserved. F5 BIG-IP APM 12.1.3.4 APM ST January 15, 2019 Table of Contents 1 INTRODUCTION ...............................................................................................................................................1 1.1 SECURITY TARGET IDENTIFICATION .................................................................................................................1 1.2 TOE IDENTIFICATION ........................................................................................................................................1 1.3 DOCUMENT TERMINOLOGY ...............................................................................................................................3 1.3.1 ST Specific Terminology .........................................................................................................................3 1.3.2 Acronyms .................................................................................................................................................4 1.4 TOE TYPE .........................................................................................................................................................5 1.5 TOE OVERVIEW ................................................................................................................................................5
  • Virtually Linux Virtualization Techniques in Linux

    Virtually Linux Virtualization Techniques in Linux

    Virtually Linux Virtualization Techniques in Linux Chris Wright OSDL [email protected] Abstract ware1 or software [16, 21, 19], may include any subset of a machine’s resources, and has Virtualization provides an abstraction layer a wide variety of applications. Such usages mapping a virtual resource to a real resource. include machine emulation, hardware consol- Such an abstraction allows one machine to be idation, resource isolation, quality of service carved into many virtual machines as well as resource allocation, and transparent resource allowing a cluster of machines to be viewed redirection. Applications of these usage mod- as one. Linux provides a wealth of virtual- els include virtual hosting, security, high avail- ization offerings. The technologies range in ability, high throughput, testing, and ease of the problems they solve, the models they are administration. useful in, and their respective maturity. This It is interesting to note that differing virtual- paper surveys some of the current virtualiza- ization models may have inversely correlated tion techniques available to Linux users, and proportions of virtual to physical resources. it reviews ways to leverage these technologies. For example, the method of carving up a sin- Virtualization can be used to provide things gle machine into multiple machines—useful such as quality of service resource allocation, in hardware consolidation or virtual hosting— resource isolation for security or sandboxing, looks quite different from a single system im- transparent resource redirection for availability age (SSI) [15]—useful in clustering. This pa- and throughput, and simulation environments per primarily focuses on providing multiple for testing and debugging. virtual instances of a single physical resource, however, it does cover some examples of a sin- 1 Introduction gle virtual resource mapping to multiple phys- ical resources.
  • The Evolution to Cloud-Native Nfv: Early Adoption Brings Benefits with a Flexible Approach

    The Evolution to Cloud-Native Nfv: Early Adoption Brings Benefits with a Flexible Approach

    THE EVOLUTION TO CLOUD-NATIVE NFV: EARLY ADOPTION BRINGS BENEFITS WITH A FLEXIBLE APPROACH NOVEMBER 2017 Caroline Chappell Ref: 2011421-463 analysysmason.com The evolution to cloud-native NFV: Early adoption brings benefits with a flexible approach | i Contents 1. Executive summary 1 2. What is cloud-native network virtualisation? 2 Drivers for the cloud-native network 2 The IT cloud community has pioneered cloud-native computing 3 Telco industry progress towards cloud-native NFV 4 Cloud native is an urgent goal, but most vendors are moving slowly towards it 5 3. Key principles of cloud-native computing in a telco context 6 CSPs should evaluate VNFs from three perspectives to ensure they are future-proofed for cloud-native computing 6 Designing VNFs for the cloud 7 Cloud-native deployment of VNFs 8 Cloud-native automation and management of VNFs 9 4. Cloud-native network use cases and migration strategy 11 When should cloud-native computing be applied? 11 Applying cloud-native computing: mitigating organisational and operational impacts 11 5. Huawei’s cloud-native core network solutions 12 6. Conclusion 13 About the author 15 About Analysys Mason 16 Research from Analysys Mason 17 Consulting from Analysys Mason 18 List of figures Figure 2.1: Drivers for applying cloud-native computing to the network ........................................................ 2 Figure 2.2: The evolution of cloud-native computing in the IT industry .......................................................... 3 Figure 2.3: How containers differ from virtual machines ................................................................................. 4 Figure 2.4: Progress towards cloud-native VNFs ............................................................................................. 6 Figure 3.1: Vertical and horizontal decomposition of VNFs ............................................................................ 8 Figure 3.2: Deployment options in different NFV data centres .......................................................................
  • State of Cloud Native Development Q4-2019

    State of Cloud Native Development Q4-2019

    THE LATEST TRENDS FROM OUR Q4 2019 SURVEY OF 17,000+ DEVELOPERS Supported by TO BE PUBLISHED AUGUST 2020 We help the world understand developers We survey 40,000+ developers annually – across web, mobile, IoT, cloud, Machine Learning, AR/VR, games and desktop – to help companies understand who developers are, what they buy and where they are going next. WHO DEVELOPERS ARE WHAT THEY BUY WHERE THEY ARE GOING Developer population sizing Why developers are adopting Emerging platforms – augmented & Developer segmentation competitor products – and how you virtual reality, machine learning can fix that Trusted by the leading tech brands and media TABLE OF CONTENTS Key findings 1. Introduction A. Defining cloud native computing B. Market size C. Usage of cloud native technologies across regions 2. Where are cloud native developers running their code? A. Infrastructure usage by cloud native developers and non-cloud native developers B. Cloud native developers and their infrastructure usage by verticals 3. Usage of cloud service vendors A. Usage of cloud service vendors by cloud native, non-cloud native, and other developers B. Private cloud usage by cloud native and non-cloud native developers 4. Awareness and use of Kubernetes A. Kubernetes and containers: usage and awareness among backend developers B. Overlap of Kubernetes and CaaS users C. Solutions used by developers not indicating they use Kubernetes 5. Serverless usage and awareness A. Usage and awareness of serverless solutions B. Usage of serverless solutions by role Methodology License terms KEY INSIGHTS FOR THE CLOUD NATIVE COMPUTING FOUNDATION THE STATE OF CLOUD NATIVE DEVELOPMENT Q4 2019 4 KEY FINDINGS • 6.5 million cloud native developers exist around the globe, 1.8 million more than in Q2 2019.
  • (PDF) What Can Cloud Native Do for Csps?

    (PDF) What Can Cloud Native Do for Csps?

    What Can Cloud Native Do for CSPs? Cloud Native Can Improve…. Development Cloud native is a way of approaching the development and deployment of applications in such a way that takes account of the characteristics and nature of the cloud—resulting in processes and workflows that fully take advantage of the platform. Operations Cloud native is an approach to building and running software applications that exploits the advantages of the cloud computing delivery model. Cloud-native is about how applications are created and deployed, not where. Infrastructure Cloud native platforms available “as a service” in the cloud can accommodate hybrid and multi-cloud environments. What are Cloud Native Core Concepts? Continuous Integration DevSecOps Microservices Containers and Deployment Not My Problem Release Once Every Tightly Coupled Directly Ported to a VM Separate tools, varied 6 Months Components Monolithic application incentives, opaque process More bugs in production Slow deployment cycles unable to leverage modern waiting on integrated tests cloud tools teams Shared Responsibility Release Early Loosely Coupled Packaged for Containers Common incentives, tools, and Often Components Focus on business process and culture Higher quality of code Automated deploy without software by leveraging waiting on individual the platform ecosystem components What are the Benefits of Cloud Native? Business Optimization Microservices architecture enables flexibility, agility, and reuse across various platforms. CAPEX and OPEX Reduction Service-based architecture allows integration with the public Cloud to handle overload capacity, offer new services with less development, and take advantage of other 3rd party services such as analytics, machine learning, and artificial intelligence. Service Agility Common services can be shared by all network functions deployed on the Cloud-Native Environment (CNE).
  • Why to Cloud Native Karthik Gaekwad @Iteration1 Principal Engineer, Oracle Cloud Innotech OKC Hello

    Why to Cloud Native Karthik Gaekwad @Iteration1 Principal Engineer, Oracle Cloud Innotech OKC Hello

    Why to Cloud Native Karthik Gaekwad @iteration1 Principal Engineer, Oracle Cloud Innotech OKC Hello • I’m Karthik Gaekwad • NOT a DBA • https://cloudnative.oracle.com/ • Cloud Native evangelist at Oracle Cloud • Previous: developer on the Oracle Managed @iteration1 Kubernetes Team. Hello • Been in Industry 15 years. • In general, I like building stuff with friends. • A maintainer for Gauntlt- Open source security scanner. • Love Teaching and building community. • Run Devopsdays Austin, Container Days, Cloud Austin. • Chair All Day Devops Cloud Native track. • LinkedIn Learning Author for Learning Kubernetes (and more). Need an OCI Trial Account? http://bitly.com/ocicloud My questions for you.. Agenda • What is cloud native? • Where are we today in the cloud native world? • The Cloud Native ecosystem. • Cloud Native adoption. • Challenges. What is Cloud Native? What is Cloud Native? “A new computing paradigm that is optimized for modern distributed systems environments capable of scaling to tens of thousands of self healing multi-tenant nodes” -Cloud Native Computing Foundation Pillars of Cloud Native Continuous Containers Delivery Devops Microservices Pillars of Cloud Native: Devops “DevOps is the practice of operations and development engineers participating together in the entire service lifecycle, from design through the development process to production support.” -The Agile Admin blog https://theagileadmin.com/what-is-devops/ Pillars of Cloud Native: Devops • Generally based on principles of CALMS • Based on the ideas of Automation,
  • Improving Resource Efficiency in Virtualized Datacenters by Marcelo Amaral

    Improving Resource Efficiency in Virtualized Datacenters by Marcelo Amaral

    “Virtualization is a mechanism to abstract the operating system, hard are and system resources, hiding from the application the complexity of the underlying resources"“ Improving Resource Efficiency in Virtualized Datacenters By Marcelo Amaral Advisors: David Carrera Jordà Polo Le fils de l'homme (The Son of Man) René Magritte (1898-1967) 1964. Oil on canvas. 116 cm x 89 cm “We desire to see what#s hi en be"ind the visi$le.% A dissertation submitted in partial fulfilment of the requirements for the degree of: Doctor of Philosophy at Universitat Politècnica de Catalunya Barcelona (Spain) 2019 Technical University of Catalunya – BarcelonaTech (UPC) "Everything we see hides another thing, we always want to see what is hidden by what we see. There is an interest in that which is hidden and which the visible does not show us. This interest can take the form of a quite intense feeling, a sort of conflict, one might say, between the visible that is hidden and the visible that is present." — Rene Magritte, 1965 Marcelo Carneiro do Amaral: Improving Resource Efficiency in Virtualized Datacenters, Topology- Aware Resource Provision Techniques, © January 2019 Dedicated to my loving wife. Dedicated also in memory of my mother. 1948 – 2010 ABSTRACT Modern applications demand resources at an unprecedented level and, therefore, dat- acenters are required to scale efficiently when more resources are added to the infras- tructure, increasing their efficiency and flexibility to manage workloads. A technology that confers advantages towards resource-efficiency is virtualization. A virtualized data center offers higher management flexibility and at the same time increases resource uti- lization by allowing workload collocation and isolation.