power up networking for containers
play

Power-up Networking for Containers Jason Messer, Microsoft Focus - PowerPoint PPT Presentation

Sep 05, 2023 •265 likes •710 views

Power-up Networking for Containers Jason Messer, Microsoft Focus and Key Takeaways Microsoft is active in and engaged with the FOSS community Microsoft understands DevOps and Microservice architectures Developers and IT Pros have a

  1. Power-up Networking for Containers Jason Messer, Microsoft

  2. Focus and Key Takeaways • Microsoft is active in and engaged with the FOSS community • Microsoft understands DevOps and Microservice architectures • Developers and IT Pros have a different set of concerns • Developers want to be agile in development and innovation • IT Pros want to provide security and flexibility in deployments • With Windows Server 2016 and Microsoft Azure Stack (MAS), Software- Defined Networking stacks are improving these experiences and addressing concerns to create synergies between Developers and IT Pros • Containers and Microsoft Software Defined Networking (SDN) enable “Write once, run anywhere”

  3. Microsoft FOSS Investments • Engaged in over a dozen open source projects and standards groups • Employees are in leadership roles in the Open Source community • President of the Apache Software Foundation • Co-Chair of the W3C HTML5 Working Group • Released key projects as open source (e.g. .NET, VS code, etc.) • Employees are among top contributors to open source (Docker) • Co-Founder with Docker for Open Container Initiative (OCI) • AllJoy / AllSeen Alliance (IoT home networking)

  4. Microservices • “Born -in-the- Cloud” applications • Highly Scalable • Highly Available • Modular • Example • Receive request, process request, generate response

  5. Balancer Load Three-tier applications vs Micro-services DB Tier Web Tier App Tier Web Tier App Tier DB Tier Three-Tier App Microservices

  6. Static Analytics User DB Website DB The New Challenge of Distributed Apps Web Front End Background API Queue Endpoint Workers Development Test & QA Production Scale Out Disaster Recovery Virtual machines Server Cluster Developer Laptop Server Data Center Public Cloud

  7. Container Technology • Virtual Machines : Hardware Virtualization • Containers : OS Virtualization • Isolation • Namespaces • Resource Control (CGroups) • Layering • Union filesystems (UnionFS) • Containers • Package layers into an image

  8. Container A Container B Container C Windows Server Containers Web tier App tier DB tier Anatomy and key capabilities

  9. Hyper-V Containers Anatomy and key capabilities

  10. Container Deployment Operating System Deployment Modes Server Core Nano Server Container Host Deployment Windows Server Containers (TP4) Hyper-V Container Server with UI Hyper-V Containers Not Supported In TP4 Windows Server Containers Not Supported In TP4 Windows Server Containers Hyper-V Container Server Core Hyper-V Containers Not Supported In TP4 Windows Server Containers Not Supported In TP4 Windows Server Containers Nano Server Hyper-V Containers Not Supported In TP4 or Hyper-V Container Virtual Machine Virtual Machine Host

  11. Docker integration Customer Datacenter Dockerized app Docker: Run anywhere Windows Server Linux Container Container Partnership: Microsoft Service Azure Provider Docker

  12. Docker integration

  13. Sample Pull Requests • Windows CI Tests • Network bandwidth • Go / Git updates • Docker engine updates

  14. Quick Windows Container Demo • Create Windows Container using Docker • Create Windows Container using PowerShell C:\> docker run --it --name=Container1 windowsservercore cmd.exe PS > $container1 = New-Container -Name Container 2 windowsservercore PS > Start-Container $container1 PS > Enter-PSSession -ContainerId $container1.Id -RunAsAdministrator

  15. Brief Intro to Windows Container Networking • Windows Container Networking Modes • NAT – analogous to Docker “bridge” driver on Linux • Transparent – similar to Docker “host” driver on Linux • L2 Bridge – used in Microsoft private cloud to bridge network traffic and re-write container MAC addresses on the uplink port to the fabric (physical) host – enables overlay networks • L2 Tunnel – used in Azure public cloud to forward all traffic to the fabric (physical) host – enables overlay networks • Docker libnetwork plug-in for Windows new in Technical Preview 5 • Supports docker network commands for Cloud Network Model (CNM) • Creates IP endpoints with static and dynamic (ephemeral) port forwarding rules • Pull Requests: • https://github.com/docker/docker/pull/20478 • https://github.com/docker/libnetwork/pull/973

  16. Windows Windows Windows Network Stack Server Server Server Container Container Container Compartment Compartment Compartment Synthetic VM Host vNIC Host vNIC • Containers connect to a Hyper-V Virtual NIC Switch over a Host vNIC (Windows Server Container) or Synthetic VM NIC (Hyper-V Containers) • The Host vNIC / Synthetic VM NIC sits vSwitch Host vNIC within its own Network Compartment to VFP WinNAT provide isolation TCPIP • Network connectivity to Hyper-V Container Host Containers through synthetic VM NIC is NIC transparent to the Utility VM Physical Network • (Optional) Host vNIC assigned default gateway IP from WinNAT which binds to TCPIP

  17. Traffic Flow and L2- L3-Header Visibility Windows Windows Windows Server Server Server Networking Layer-2 Visibility in Layer-3 Visibility in Container Container Container Mode Physical Host Physical Host Compartment Compartment Compartment Synthetic VM Host vNIC Host vNIC NIC NAT 1 MAC 1 IP (Container Host) Transparent N MACs N IPs vSwitch Host vNIC VFP WinNAT L2 Bridge 1 MAC N IPs TCPIP Container Host VM L2 “Tunnel” 1 MAC N IPs (VM) NIC vSwitch VFP Physical Host NIC Physical Network

  18. Management PowerShell Docker Container Compute Architecture Client Module Module Runtime WMI REST REST Operations And Docker Network Engine VMMS Operations OS Drivers Service Layer Host Compute Service Host Network Service (HCS) (HNS) Windows OS w/Container Functionality (Job Objects/Network Compartments etc…)

  19. http://aka.ms/WindowsContainers Learn & Contribute! https://github.com/Microsoft/Virtualization-Documentation/ Documentation Quick Start Guides Setup Scripts Samples • Dockerfiles

  20. Container Lifecycle Physical/Virtual Servers

  21. Developer Concerns • “It works on my machine…” • How do I iteratively build my application? • How do I package my application? • How do I test my application? • How do I provide networking?

  22. Developer Demo • Web Server Containers on Linux and Windows DOCKERFILE FROM windowsservercore RUN … MKDIR … EXPOSE X C:\> Docker push C:\> Docker pull … Create Network C:\> docker network create -d NAT – subnet= 172.18.0.0/24 MyNatNetwork C:\> docker run – itd --name=Container1 --net=MyNatNetwork MyWebImage

  23. IT Pro Perspective QoS Security Virtual Network Scale

  24. IT Pro Concerns and Challenges • How do I quickly deploy new microservices? • How can I guarantee continuous availability? • How can I be flexible with placement? • How do I secure the microservices? • What if I want to scale-up? • Does the dev have any requirements or intent I need to meet?

  25. Developer + IT Pro • We need to merge the Dev with the Ops to satisfy concerns of both • Maintain developer intent with “Write once, run anywhere…” • Help IT become the hero

  26. How can we solve these challenges?

  27. Software-Defined Networking (SDN) • What is SDN? • Separate the control-planes from the data-planes • Based on Layers and Abstractions • Overlay Virtual Networks • Layer-2 Encapsulation (e.g. VxLAN or NVGRE) • Network policy for virtual networks and endpoints • Access Control Lists • Quality of Service queues • IP Address assignment • Goal: Treat Infrastructure as Code

  28. Co Corr rrect ect Layering yering Management. Fabric Administration Tenant Administration • Self-service tenant portal • Deployment of Windows Server 2016 Networking Stack Plane • Web based UI, REST APIs, PS Cmdlets for tenant workflows • Deployment of Network Controller, Software Load Balancer • Azure Resource Manager (ARM) Multiplexer & Unified Edge GW VMs Network Controller Control • Programmatic interface (NorthBound API invoked through PowerShell and REST Wrappers) • Logically centralized control plane for: • Comprehensive monitoring of network health Hyper-V vSwitch/SDN Extension Inbox Virtualized Network Functions Physical Network Gear • Multi-tenant gateways: S2S IPSec • Network Policy Enforcement Data • OMI/DSC based configuration of • Encapsulation (e.g. VXLAN) (VPN) and GRE, L3 Forwarding switches (NetConf coming soon) • QoS max egress caps • Route Reflector (BGP) • 3 rd -party Hardware VXLAN Gateway • Software Load Balancer (SLB) • ACLs

  29. Overlay Virtual Networks • Encapsulation • Layer-2 Frame encapsulated with header (e.g. VxLAN) and wrapped in outer IP header • Network Policy pushed down from the Network Controller • Network Policy enforced at the vSwitch (Host networking)

Download Presentation
Download Policy: The content available on the website is offered to you 'AS IS' for your personal information and use only. It cannot be commercialized, licensed, or distributed on other websites without prior consent from the author. To download a presentation, simply click this link. If you encounter any difficulties during the download process, it's possible that the publisher has removed the file from their server.

Recommend

Brings OpenStack networking and storage to containers Kubernetes Neutron Networking

Brings OpenStack networking and storage to containers Kubernetes Neutron Networking

Brings OpenStack networking and storage to containers Kubernetes Neutron Networking Native OpenStack infrastructure for mixed workloads spec: podSelector: matchLabels: role: db policyTypes: -

773 views • 8 slides
Networking on the ground, in the cloud, and in containers What is in the box? Router A computer

Networking on the ground, in the cloud, and in containers What is in the box? Router A computer

Networking on the ground, in the cloud, and in containers What is in the box? Router A computer optimized for routing and forwarding Operating system to manage resources Routing protocol implementations (e.g., BGP, OSPF) Lots of

200 views • 18 slides
One Network To Rule Them All: Open, Scalable & Integrated Networking for Containers and VMs

One Network To Rule Them All: Open, Scalable & Integrated Networking for Containers and VMs

One Network To Rule Them All: Open, Scalable & Integrated Networking for Containers and VMs Phil Estes <estesp@us.ibm.com> @estesp Kyle Mestery <mestery@us.ibm.com> @mestery Container Introduction Containers are a lie we

323 views • 18 slides
Project Kuryr Here comes advanced services for containers networking Mohammad Banikazemi

Project Kuryr Here comes advanced services for containers networking Mohammad Banikazemi

Project Kuryr Here comes advanced services for containers networking Mohammad Banikazemi @MBanikazemi Gal Sagie @GalSagie Antoni Segura Puimedon @celebdor Outline Motivation and Introduction Current state Kubernetes

582 views • 34 slides
POWER NETWORKING By Donna M Gray, CRM Are you sitting next to someone you came with?????

POWER NETWORKING By Donna M Gray, CRM Are you sitting next to someone you came with?????

POWER NETWORKING By Donna M Gray, CRM Are you sitting next to someone you came with????? Power Networking Begins right now Build Relationships Exchange Ideas and Information Find and Engage New Supporters Make many contacts

1.58k views • 114 slides
Networking (Containers) in Ultra- Low-Latency Environments Avi Deitcher avi@atomicinc.com

Networking (Containers) in Ultra- Low-Latency Environments Avi Deitcher avi@atomicinc.com

Networking (Containers) in Ultra- Low-Latency Environments Avi Deitcher avi@atomicinc.com Avi Deitcher avi@atomicinc.com Akh-san-ya \?aksnaja?\ n. (ancient Aramaic, from Ancient Greek xnos ) 1: Hospitality,

773 views • 38 slides
Unprivileged Containers Jess Frazelle, @jessfraz How do containers help security? Containers are

Unprivileged Containers Jess Frazelle, @jessfraz How do containers help security? Containers are

Unprivileged Containers Jess Frazelle, @jessfraz How do containers help security? Containers are not going to be the answer to preventing your application from being compromised, but they can limit the damage from a compromise. How do

823 views • 25 slides
Dataplane Networking journey in Containers Gary Loughnane gary.loughnane@intel.com

Dataplane Networking journey in Containers Gary Loughnane gary.loughnane@intel.com

Dataplane Networking journey in Containers Gary Loughnane gary.loughnane@intel.com Kuralamudhan Ramakrishnan kuralamudhan.ramakrishnan@intel.com DPDK Summit Userspace - Dublin- 2017 Discussion topics Container Deployment Models

539 views • 16 slides
Power to the People How using containers can make your life easier B DrupalCon Vienna! B

Power to the People How using containers can make your life easier B DrupalCon Vienna! B

Power to the People How using containers can make your life easier B DrupalCon Vienna! B $> whoami bastian System Engineer at amazee.io @dasrecht Too many sideprojects! TEDxBern DevOpsDays Zurich Openair

468 views • 30 slides
Improving Trust in Containers Matthew Garrett @mjg59 | mjg59@coreos.com | coreos.com

Improving Trust in Containers Matthew Garrett @mjg59 | mjg59@coreos.com | coreos.com

Improving Trust in Containers Matthew Garrett @mjg59 | mjg59@coreos.com | coreos.com Containers are great Containers are resource efficient Containers make deployment easy Containers can be monitored easily Containers are secure But are

508 views • 38 slides
Everything you need to know about Containers Security Track Containers Jos Manuel Ortega

Everything you need to know about Containers Security Track Containers Jos Manuel Ortega

Everything you need to know about Containers Security Track Containers Jos Manuel Ortega @jmortegac Agenda Introduction to containers security Linux Containers(LXC) Docker Security Security pipeline && Container

807 views • 57 slides
2008 NAEO Annual Conference Matthew S. Crocker Computing power Networking power Prediction:

2008 NAEO Annual Conference Matthew S. Crocker Computing power Networking power Prediction:

2008 NAEO Annual Conference Matthew S. Crocker Computing power Networking power Prediction: Computers will get faster! Moores law Computing power will double every 2 years Virtualization CPU power is wasted, sitting idle,

454 views • 8 slides
Scaling NFV - Are containers the answer? Azhar Sayeed - asayeed@redhat.com Doug Smith -

Scaling NFV - Are containers the answer? Azhar Sayeed - asayeed@redhat.com Doug Smith -

Scaling NFV - Are containers the answer? Azhar Sayeed - asayeed@redhat.com Doug Smith - dosmith@redhat.com Acknowledgements This is a result of mul7ple efforts in Red Hat on Containers and Container Networking. We would like thank everyone who

389 views • 35 slides
SUSE Containers as a Service Platform 53 53 Why Do You Want to Invest in Containers? 54 54

SUSE Containers as a Service Platform 53 53 Why Do You Want to Invest in Containers? 54 54

SUSE Containers as a Service Platform 53 53 Why Do You Want to Invest in Containers? 54 54 What are Containers? A package/image that can be deployed anywhere (thats running a Linux Kernel) Developers create a layered image of their

996 views • 53 slides
Herd of Containers Sad DIF Database Engineer Herd of Containers: PostgreSQL in containers at

Herd of Containers Sad DIF Database Engineer Herd of Containers: PostgreSQL in containers at

Herd of Containers Sad DIF Database Engineer Herd of Containers: PostgreSQL in containers at BlaBlaCar pgDay Paris, Mar 15, 2018 BlaBlaCar Overview Todays agenda PostgreSQL usage at BlaBlaCar Switching to a new implementation

844 views • 40 slides
Persistent storage for Containers Anil Degwekar What are we talking about? Containers have

Persistent storage for Containers Anil Degwekar What are we talking about? Containers have

Persistent storage for Containers Anil Degwekar What are we talking about? Containers have become popular replacing many Physical / Virtual Machine use cases But: The persistent storage problem for containers is still not fully solved

1.01k views • 17 slides
6. Graphics MULTIMEDIA & GRAPHICS Graphics covers wide range of pictorial representations.

6. Graphics MULTIMEDIA & GRAPHICS Graphics covers wide range of pictorial representations.

10/12/2016 CHAPTER 6. Graphics MULTIMEDIA & GRAPHICS Graphics covers wide range of pictorial representations. Uses for computer graphics include: U f t hi i l d Buttons Charts Diagrams Animated images g 2 1

470 views • 20 slides
Algebraic Effects on the JVM Jonathan Immanuel Brachthuser Dagstuhl Seminar 18172 University

Algebraic Effects on the JVM Jonathan Immanuel Brachthuser Dagstuhl Seminar 18172 University

Effekt Algebraic Effects on the JVM Jonathan Immanuel Brachthuser Dagstuhl Seminar 18172 University of Tbingen, Germany Algebraic Effect Handlers go Mainstream github.com/b-studios/scala-effekt Effekt We developed algebraic

1.36k views • 120 slides
Initializing Vectors colon operator x = 1:2:10 Vectors and Plotting x = 1 3 5

Initializing Vectors colon operator x = 1:2:10 Vectors and Plotting x = 1 3 5

Initializing Vectors colon operator x = 1:2:10 Vectors and Plotting x = 1 3 5 7 9 y = 0:0.1:0.5 Selim Aksoy y = Bilkent University 0 0.1 0.2 0.3 0.4 0.5 Department of Computer Engineering

185 views • 5 slides
CS 126 Lecture A5: Computer Architecture Outline Introduction Some basics

CS 126 Lecture A5: Computer Architecture Outline Introduction Some basics

CS 126 Lecture A5: Computer Architecture Outline Introduction Some basics Single-cycle TOY design Multicycle TOY design Conclusions CS126 13-1 Randy Wang What We Have CS126 13-2 Randy Wang What We Want to Do repeat

700 views • 36 slides
Latency Insensitiveness in Adaptive Communication Channels: A Physical Design Perspective

Latency Insensitiveness in Adaptive Communication Channels: A Physical Design Perspective

Latency Insensitiveness in Adaptive Communication Channels: A Physical Design Perspective FMGALS07 Mario R. Casu www.vlsilab.polito.it www.polito.it Before to start Thanks to the FMGALS organizers! The research whose results are

1.31k views • 112 slides
A Fast and Accurate One-Stage Approach to Visual Grounding Zhengyuan Yang Boqing Gong Liwei

A Fast and Accurate One-Stage Approach to Visual Grounding Zhengyuan Yang Boqing Gong Liwei

A Fast and Accurate One-Stage Approach to Visual Grounding Zhengyuan Yang Boqing Gong Liwei Wang Wenbing Huang Dong Yu Jiebo Luo Presenter: Tianlang Chen Visual grounding Grounding a language query onto a region of the image

341 views • 14 slides
Unsuperv rvised Learning Niloy Mit Ni Mitra Ias asonas Kok okkin inos os Pau aul l Gu

Unsuperv rvised Learning Niloy Mit Ni Mitra Ias asonas Kok okkin inos os Pau aul l Gu

Deep Learning for Graphics Unsuperv rvised Learning Niloy Mit Ni Mitra Ias asonas Kok okkin inos os Pau aul l Gu Guer errero Vl Vladim imir ir Ki Kim Kos ostas Rematas Tobi obias s Ritsc schel UCL UCL/Facebook UCL Adobe

1.11k views • 56 slides
Chapter 4: Decoders & Encoders Computer Structure & Intro. to Digital Computers Dr. Guy

Chapter 4: Decoders & Encoders Computer Structure & Intro. to Digital Computers Dr. Guy

Chapter 4: Decoders & Encoders Computer Structure & Intro. to Digital Computers Dr. Guy Even Tel-Aviv Univ. p.1 Goals vector notation: buses, indexed signals, multiple copies of gates representation: binary representation

447 views • 24 slides

More recommend