Overview
• SDN Overview
• Lessons Learned
• SDN and Devops


How many ppl know what SDN is?
Ok how many wouldn’t freak out if I was to ask you to stand up and explain what SDN is?
Ok.. good we will do a quick walk through of SDN and all the hype and buz and confusion...
We are already in the troff and most ppl don’t even know what it is yet...
Then we will talk a little history lesson... if you read the abstract you know what this about. It
about tying what we did in devops for systems operations and seeing if the same rules
apply ... is this a redo?
Lastly, we will look at what an SDN and Devops world could look like... All the network guys
are begging for this... Almost every presentation I have seen over the past 3 months from the
network dudes is “we need Devops”
Let’s help them..we have seen this movie before...

Elephant in the Room


six blind men were asked to determine what an elephant looked like by feeling different parts
...man who feels a leg is a pillar;
..tail says is like a rope
..feels the trunk says a tree branch; the ear is like a hand fan;
SDN, NFV, OVS, Network overlays like VXLAN, GRE ...

Network as Code
(NaC)
• Software Deﬁned Networking
• Openﬂow
• Openvswitch (OVS)
• Network Overlays
• Linux Based Network OS

Network as code in some presentations.. not sure if need another abstract def to add to the
primordial soup... but his point is resident...
Over the next few minutes we can look at some of the enabled or forcing functions for why
we might need new type of management abstractions for this mess.

SDN is the Decoupling of Control
From the Data Plan

http://networkstatic.net

SDN is the decoupling of the control plane from the data plane... physically removing...
Simple brilliant idea (os shit why didn’t think of that)...
Network gear has traditionally been a black box w/coupled arch D,C,M plane (explain)
... data plan is the forwarding plane
Data plan has had an abstraction ... OSI Model of layering
.. DP has enabled independent innovation at each level...
However, the control plane has had no abstraction .. not modular not reusable
... from scratch every time...
Around 2008ish Martin Casado as his PHD deﬁned openﬂow and this SDN
...started Nicira... in summer 2012 1.2B from vmware
Look at the right hand side... clean abstraction .. a centralized control plane decoupled from
the device
... allows a clean L4-L7 abstraction.
Nicira Notes:
Nicira Networks was acquired by VMware for $1.26B. (7/23/12)
Posted 7/23/12 at 6:14pm via techcrunch.com
Nicira Networks added Alan Cohen as VP, Marketing. (10/1/11)
Posted 10/21/11 at 4:42am
Nicira Networks received $26M in Series C funding. (2/3/11)
Posted 2/4/11 at 6:31pm via sec.gov
Nicira Networks added John Vrionis as Investor. (2/1/11)
Posted 9/4/12 at 9:08am

Openflow



Rob Sherwood CTO at Bigswitch .. SDN is to Openflow as Web is to HTTP ... in other-words
Openflow is not the only protocol but it is the most talked about...
OpenFlow is not magic, just a low level primitive with momentum for FIB programming.
Explain the flow table...
Interesting thing this can be a device as ( a router, switch, firewall, Nat and even a Load
Balancer).
... now it starts getting very interesting...
The OpenFlow Switch and Controller can communicate via the OpenFlow protocol,

Openvswitch

http://openvswitch.org/support/conﬁg-cookbooks/vlan-conﬁguration-cookbook/


primarily designed for more advanced isolation on hypervisors... mostly in cloud like
infrastructures...
Look at Cloud networking history... Cloud stack you had basic and OS (IPtables/Brtables)
... nova netwk you had bridge’s ..
With OVS it acts like a switch on each hypervisor .. and all the ovs’ hook up to a an OVSDB
management plan..
The ovs plugin is the default for Openstack and Cloudstack now..
... also OVS allows you to create network overlays (GRE, VXLAN)

Network Overlays

• GRE
• VXLAN
• STT

http://networkstatic.net/eliminating-vlans-and-fragility-in-the-underlay-with-network-virtualization/


VLAN only support 4096 ... can run out quickly... especially in cloud architectures
VXLAN support 16 million .. uses multicast and unicast...
VXLAN Tunnel End Point (VTEP) . creates point to point connections... it’s a higher order
abstraction.
Notes:
Nicira developed the Stateless Transport Tunneling (STT) protocol for tunneling between
open source software switches in the Openvswitch project.

Linux Based Network OS
• Juniper (JunOS)
• Arista (EOS)
• Cumulus
• Bare Metal Switches (Big Switch & Pica8)

JuniperOS built XM abstractions to interface w/hidden processes - Chef/Puppet have to be
compiled
...Jeremy Schulman later wrote a ruby gem called Netdev that Puppet and Chef are using...
Arisata EOS - Python sysdb abstraction .. pretty much closed... . Chef/Puppet have to be
compiled
Cumulus - basically the ﬁrst pure Network OS. No hardware... Debian ..
... install chef/puppet, apt-get install collectd.. run graphite...
Google, Amazon, and Microsoft are not buying Cisco, HP hardware anymore... they are buying
Asian manufacturers Quanta
... Cumulus wants to be the redhat of networking ..
BMS are really disruptive in that that allow basically are wide open.. different chips different os
different virtulzation...
http://perspectives.mvdirona.com/2013/06/18/
CumulusNetworksASneakPreviewOfOneOfMyFavoriteStartups.aspx


This is what disruption looks like - this is in Kennesaw 5 miles from my house... much better
prices if I wanted to buy in bulk ...
You can create an openﬂow switch on your own ...

Late Breaking - Game Changer


Brent Salisbury quote...alternatives to Broadcom will be healthy :)

SDN Summary
• A lot “software” based opportunity
• Network’s are becoming more “open”
• Network Virtualization is a disrupter
• Openstack/Cloudstack are driving a lot of
new opportunities


Lessons Learned
10 Year Cycles

• Software 1990‘s - OOP & Agile
• Compute 2000‘s - Virt & IAC & Cloud
• Network 2010‘s - SDN


Software revolution really happened in the 1990 decade.. OOP object oriented, java & C++
exploded in 90’s,
... agile XP and SCRUM ... 2001 Agile Manifesto..
Compute in 2000’s
.. virtulization on ﬁre, cloud ..
...open sources drove then hell out of compute.. starting w/linux, then middleware, then
systems tools
.. infrastructure as code (what I like to call Scnd Gen CFGM (cfengine was around for a while
universities and web scale .. and used at amazon, facebook ..
...but Luke put a face to IAC w/puppet 2006/7ish ..the IAC revolution....
... now with Chef..
Network... 2010 & 2011 Nicira gets things cranking... 2012 Vmware buys Nicira. SDN,
Network virtualization... (as we already discussed)...

We


Obviously.. “we” won the war... Devops ... Devopsdays...
... I was a late arrival to the war; however, I got in when it really started to get interesting...
... I met Luke in 2007 at a OSCON..... tell the groundworks story and Luke’s session.
... The next month I got to hang out with luke at a barcamp nashville and I wrote tis blog
article called Infr 2.0
.... about this consulting company in Seattle using puppet that took ilike from 400k to 6
million users in one week (all bare metal)... anyone know who that consulting comp was? ( I
wrote a blog article) ..
... Then Adam wrote a blog post about me...
... I became a proﬁt for IAC... mostly puppet until 2009 (Chef announced)
... early 2000 sysadmin to server ratios were 1 to 100 for most companies (enterprises no IAC
based)
... 80 percent in the muck 20 bus value
Notes:
When iLike created one of the ﬁrst Facebook applications, it grew from about Â½ million
users to over 6 million in a week. Luke, being the entrepreneur that he is, asked how iLike
planned to manage that growth. He discovered that a services company in Seattle was
managing iLike.com’s infrastructure build out using Puppet. In fact, one of the owners of that
company told Luke that he makes a healthy living installing Puppet. Luke admitted that he
felt feel pretty good to know that other people can make a living from his product.
http://www.johnmwillis.com/opensource/infrastructure-20/

What Were the
Objections
• Bob’s scripts
• Doit 5 ... ssh’ing things
• I don’t trust this thing
• You don’t understand my application
• You can never “ever ever ever” break my
application

• I am afraid I will lose my job

What if it does something really bad. My application will lose millions...
We all know that’s bullshit...
.. you don’t understand my application. if it goes down the world will end...
.. we learned that accepting things breaking was a paradigm shift .. antifragile

What Changed
• Cloud Infrastructure
• Elastic - (East - West Trafﬁc)
• Fast Provisioning
• Ephemeral

What did all of us early evangelize do...
.. We told ops they needed to be more like Dev
.. They needed to use abstractions for infrastructure.. CFE, Puppet, Chef
.. They needed to store it in src control svn & git
.. We suggested that they create unit and integration tests for this new abstraction..
.. We suggested that we should delivery continuously...
.... However, most (not all) ppl looked at us like we were crazy... until...
Applications started going east and west
Tell the playing golf story...
Even if you weren’t buying the rest of the stories... ephemeral was the kicker..

SDN and Devops


Enter the Network.. redo...
... early 2013 sysadmin to switch ratios are 1 to 120 for most companies
... 80 percent in the muck 20 bus value

What are the New
Objections
• Bill’s scripts
• Expect scripts/ TCL
• I don’t trust this thing
• You don’t understand the network
• Never “ever ever ever” break my network
• I am afraid I will lose my job

Expect scripts, TCL and spreadsheets... really? You are so 1990...
It’s a redo... push rewind and hit play...


I’ll talk more about Brent later.. but he is the prototype for what net ops needs to look like
moving forward...

Some Faces of
SDN & Devops

Brent Salisbury
@networkstatic

Jerry Schulman
@nwkautomaniac

Rob Sherwood
@capveg


Brent (UK) is a commiter on ODL, is a polyglot (java, python and C), Building TDD w/mininet
Jerry (Juniper) wrote netdev rubygem and wrote the Puppet module for Junos integration
Rob (CTO Big Switch) Was one of Openﬂow boys at Stanford ... smart mofo...

Devops Fundamentals

dev2ops.org


First and foremost.. don’t forget the devops fundamentals
Culture ... ﬁrst we need to be cultural anthropologist & Physiologist .. why are they different ..
tribes.
..understand the tribal semantics. Deming Theory of Phycology (SoPK)
Gene Kim... The Three ways of Devops...
L2R - Understand ﬂow, muda, value stream mapping, TOC -bottlenecks, global optima over
local optima
R2L - Adonn cord, move the pain forward
Control Loop - Kiazen, Kata

What are the
Opportunities
• Abstraction (Network as Code)
• Source Control
• Polyglotism
• Unit Testing
• Integration Testing
• Behavior Testing

Polyglot - roll up our selves .. ODL, a lot of open source projects... be a user and commiter..
Lint, vlans names, port standards... reject non local changes...
... cucumber for network as code?
Mininet (containers) can we stub out network requests like we did with java modules
Network emulation might be necessary to go deeper with testing
The big switch guys are doing some cool stuff here.
Could networking someday do dark releases, feature ﬂags, canary releases (see Frenetic)

Abstraction:
Low Hanging Fruit
• Interface Conﬁguration
• VLAN Creation
• VLAN to Port Mapping
• Link Aggregation Groups

Really low hanging fruit....

Puppet Netdev Module


Chef Netdev LWRP


Abstraction:
A Little Higher
• GRE
• OSPF
• BGP


Puppet Quagga Routing
Module


Chef Quagga Cookbook


What’s Next
( more abstractions )
• OVS/OVSDB NaC Abstractions
• VXLAN NaC Abstractions
• Openﬂow NaC Abstractions
• OpenDaylight NaC
• More Tooling

How far can we go? I don’t know
Has anyone looked at Openstack network even with the simple ovs plugin? There’s a lot of
crap there to me managed.... surley we can chef it up a bit...

Very Interesting


Networking invariants..
.. Forwarding loops
... packet blackholes
Frenetic project.. a low level abstraction for openﬂow...

Presentation Summary
• Please call bullshit
• CAMS not AMS
• Always the Flow - (Aim, Goal, Why)
• Devops can help
We’ve seen this movie before


Aim=Deming, Goal=Goldratt, Sinek=Why

John Willis

Director, Multi Cloud Management
Dell (Enstratius)
@botchagalupe

Some Images licensed under Bigstock.com

The Network The Next Frontier for Devops ?

More Related Content

Viewers also liked (20)

Similar to The Network The Next Frontier for Devops ? (20)

More from John Willis (20)

Recently uploaded (20)

The Network The Next Frontier for Devops ?