rds tcp more than just cluster ipc
play

RDS/TCP: More than just Cluster/IPC. Sowmini - PowerPoint PPT Presentation

Jan 05, 2023 •128 likes •408 views

RDS/TCP: More than just Cluster/IPC. Sowmini Varadhan(sowmini.varadhan@oracle.com) Cloudopen North America, Seattle 2015 Agenda What is RDS? Motivation for RDS-over-TCP Architectural overview of Linux RDS-TCP implementation

  1. RDS/TCP: More than just Cluster/IPC. Sowmini Varadhan(sowmini.varadhan@oracle.com) Cloudopen North America, Seattle 2015

  2. Agenda • What is RDS? • Motivation for RDS-over-TCP • Architectural overview of Linux RDS-TCP implementation • RDS-over-TCP usage in the Cloud – RDS/TCP comparisons with other L3 encaps technologies in the Cloud, common challenges, differences • New features/solutions in the pipeline for RDS: – Infrastructural changes in kernel, e.g., Network Namespace support, handling encryption, QoS – Protocol changes for addressing security concerns, – Deployment issues e.g, Security key distribution Cloudopen North America, Seattle 2015

  3. What is RDS? • “Reliable Datagram Socket”, protocol family PF_RDS: http://linux.die.net/man/7/rds • Datagram socket that guarantees reliable, ordered, datagram delivery. • Application sees sendmsg()/recvmsg() datagram semantics. Underlying transport (IB, TCP etc.) takes care of the reliable, ordered delivery. • Historically, RDS was motivated by the IB use case: in addition to the high bandwidth supported by IB, the native IB queue-pair semantics, QoS, congestion control, RDMA are valuable to RDS applications Cloudopen North America, Seattle 2015

  4. Motivation for RDS over TCP • Initial RDS implementation allowed RDS to use TCP/IP (RDS-TCP) instead of IB to allow functional test verification without requiring IB hardware for test-suite execution. • As commodity Ethernet chips achieve 40 Gbps (and soon, 100 Gbps), enhancing RDS-TCP to provide relevant QoS etc features over ethernet is extremely attractive for a diverse Distributed Computing Cluster environment • Cloud and DbaaS offers new potential use-cases for DB apps. Ethernet is the prevalent transport, and RDS-TCP can exploit this potential efficiently Cloudopen North America, Seattle 2015

  5. RDS/TCP usage in the Cloud RDS/TCP usage in the Cloud • Cluster applications running in the Cloud need to leverage from the high-speed ethernet-based CLOS networks commonly encountered in Datacenters – RDS-TCP can let these RDS apps to run with minimal changes. – Feature requirements that arise from this model have some overlap with related L3 encapsulation technologies • To understand this relationship, the next few slides will give an overview of the RDS architecture . Cloudopen North America, Seattle 2015

  6. What is RDS-TCP? • RDS datagram is sent over a TCP/IP connection that is managed by the kernel and is transparent to application. • Application sees sendmsg()/recvmsg() datagram semantics – no need to connect()/listen()/accept() – Single PF_RDS socket to communicate with multiple peers – “Avoids N*N connections by using a single queue-pair or TCP connection for transport” – Shared congestion control state for the TCP/IP pipe. Cloudopen North America, Seattle 2015

  7. RDS-TCP Architectural Overview RDS app RDS app RDS app App data user kernel rds_tcp RDS App data Kernel TCP socket TCP TCP RDS App data IP IP TCP RDS App data driver L2 IP TCP RDS App data

  8. RDS-TCP Linux Implementation Overview of client side: socket(PF_RDS, SOCK_SEQPACKET, 0); bind(...); /* IP address of outgoing interface */ sendmsg(...); user kernel rds_sendmsg conn_create_outgoing: If necessary, create kernel socket and initialize 3WH to TCP port for RDGS (16385) Attach RDS header, enqueue the packet for transmission via tcp_sendmsg() after connection handshake is complete

  9. RDS-TCP Linux Implementation Overview of server side: • 'modprobe rds_tcp' sets up a kernel TCP socket that listens at INADDR_ANY.16385 (RDGS port registered with IANA) /* some changes in the pipeline for handling network namespaces */ • user-space server application invokes bind() on the PF_RDS socket for the IP address and port at which the service is to be advertised, and can then invoke recvmsg() • Kernel rds_tcp_data_ready() is invoked as the →sk_data_ready() callback from TCP, and stitches relevant incoming TCP segments together in rds_tcp_data_recv(). Complete datagram (based on RDS header length) is delivered to application to meet SEQPACKET semantics.

  10. RDS-TCP as an encapsulating method • Application payload gets encapsulated in an RDS header and tunneled over TCP/IP. – Some analogies to VXLAN/GUE etc. • First a quick tour of the Datacenter problem space, and how VXLAN-like encapsulation techologies are currently being used in this space...

  11. Classic CLOS topology used in datacenters Cloudopen North America, Seattle 2015

  12. VXLAN Problem Statement • Extend VLAN over an IP network • In a multi-tenant environment, allow each tenant to have the max of 4096 VLANS (vlan field is 12 bits) • Encapsulate tenant's L2 frame in UDP packet: the UDP source port provides a level of entropy for ECMP/load-balancing in the internal switches • Other benefits and protocol overview in https://datatracker.ietf.org/doc/rfc7348/ Cloudopen North America, Seattle 2015

  13. VXLAN Frame format • Tenant payload is a full L2 frame, with tenant's VLAN • VXLAN header has a 24 bit VNI (segment identifier) – 24 bit VNI X 12 bit tenant VLAN ID • UDP source port is a hash of “tenant payload” fields L2 IP UDP VXLAN Tenant payload Cloudopen North America, Seattle 2015

  14. Variants on VXLAN • STT “Stateless Transport Tunneling Protocol for Network Virtualization” – Tenant payload encapsulated in TCP – http://tools.ietf.org/id/draft-davie-stt-06.txt – Main motivator: leverage from TSO support on NICs – Avoids TCP 3WH to be “stateless” • VXLAN-GPE “VXLAN Generic Protocol Encapsulation” – Inner most packet can be an IPv4 or IPv6 frame (not necessarily an L2 frame) • Others: Geneve (for OVS), GUE (Generic UDP encapsulation) • Common theme: encapsulation in TCP/UDP Cloudopen North America, Seattle 2015

  15. How does this relate to RDS • Encapsulation at different layers in the stack (RDS encapsulates at the socket layer), protocol specific meta-data header. E.g., RDS vs VXLAN: L2 L2 ip udp vxlan Tenant L2 payload L2 ip tcp RDS PF_RDS app data • TCP encapsulation, as with STT. – the TCP encaps for RDS gives us TSO and even TCP congestion management for free. – Individual segments from a datagram do not have the RDS header (impacts entropy for ECMP) – so interior switches are limited on DPI (Deep Packet Inspection) • Common lessons to be learned, similar challenges to overcome. Cloudopen North America, Seattle 2015

  16. Features/challenges for RDS-TCP in the Cloud • We'll now go over some of the new features we are working on for RDS-TCP deployment in the cloud – Privacy and Security Concerns – Virtualization – QoS • Each feature has to provide RDS-IB parity where possible, while also addressing the different networking environment of the Cloud. Cloudopen North America, Seattle 2015

  17. Privacy and Security Concerns • Cloud Environment presents a new set of security challenges. • Attack vectors that need to be considered: – Protecting Tenant payload (intra-tenant protection) – Inter-tenant protection – Protecting the control plane (TCP/IP, for RDS-TCP) Cloudopen North America, Seattle 2015

  18. Intra-tenant security • Minimally, RDS payload must be encrypted • Options to achieve this: – Transport level IPsec to the kernel TCP socket. Easy to implement, but, • need to orchestrate key distribution • Encrypts RDS header as well – VPN tunneling: adds extra encapsulation overhead – DTLS at the RDS layer • Under evaluation. Cloudopen North America, Seattle 2015

  19. Inter-tenant traffic separation • Typical way to achieve this is to use VLANs and VXLANs to separate tenant traffic on ethernet. • Pepsi traffic on vlan1 cannot be intercepted by any application in the “Coke” Virtual Machine any Compute-node1 Compute-node2 Pepsi Pepsi Coke RDS2 RDS1 vlan2 vlan1 vlan1 eth0 eth0 Cloudopen North America, Seattle 2015

  20. Infrastructural changes: RDS-TCP and Containers • Recent commit queued for 4.3: supporting multiple RDS-TCP instances on the same physical machine in separate network name-spaces. – rds_tcp registers as a pernet subsys that sets up and tears down kernel sockets on netns creation/deletion • Will make it possible to run Pepsi and Coke RDS applications in Containers on a single compute- node Cloudopen North America, Seattle 2015

  21. Protecting the control plane • Install ACLs and filters to restrict TCP/IP peering within the cloud. • Use some form of Authentication to protect the TCP/IP header (TCP-AO, MD5, IPsec Auth?) – Key distribution, rollover has to be addressed • RDS protocol changes: – Do not send out RDS connect retries at an aggressive rate! Current specifications (one retry per second, with no backoff!) are based on InfiniBand, but scenario is different for traffic that can traverse a shared ethernet pipe. – Protection against spoofing or MitM attacks of RDS port congestion messages Cloudopen North America, Seattle 2015

  22. Privacy and Security: features common to all L3 encaps solutions: • Infrastructure that provides CA and identity verification services for tenants • Key management services: establishment, management, and secure distribution of cryptographic keys to be used by the control plane • Securing the Controller itself: ongoing discussions at sdnrg in IETF. Cloudopen North America, Seattle 2015

Download Presentation
Download Policy: The content available on the website is offered to you 'AS IS' for your personal information and use only. It cannot be commercialized, licensed, or distributed on other websites without prior consent from the author. To download a presentation, simply click this link. If you encounter any difficulties during the download process, it's possible that the publisher has removed the file from their server.

Recommend

RECURRENCE WHAT CAUSES CLUSTER HEADACHES? Occasionally referred to as alarm headaches

RECURRENCE WHAT CAUSES CLUSTER HEADACHES? Occasionally referred to as alarm headaches

10/4/18 QUESTIONS : CLUSTER HEADACHES: 1. Have any of you heard of cluster THE WORST PAIN POSSIBLE? headaches? 2. Do you know someone who suffers from cluster headaches? WHAT ARE CLUSTER HEADACHES? TRIGEMINAL NERVE A neurological

514 views • 3 slides
Cluster Presentation Cluster Presentation EU-EECA ICT Cluster is the joint effort of three

Cluster Presentation Cluster Presentation EU-EECA ICT Cluster is the joint effort of three

Cluster Presentation Cluster Presentation EU-EECA ICT Cluster is the joint effort of three FP7-ICT support actions (ISTOK-SOYUZ, SCUBE-ICT, EXTEND) to strengthen the collaboration in ICT research between European Union and Eastern Europe and

3.41k views • 11 slides
Getting started on the cluster Learning Objectives Describe the structure of a compute cluster

Getting started on the cluster Learning Objectives Describe the structure of a compute cluster

Getting started on the cluster Learning Objectives Describe the structure of a compute cluster Log in to the cluster Demonstrate how to start an interactive session with the SLURM job scheduler 2 Cluster Architecture 3 Cluster Terminology

616 views • 14 slides
history and drivers The Aerospace Cluster The Cluster-Association The Aerospace Cluster The

history and drivers The Aerospace Cluster The Cluster-Association The Aerospace Cluster The

history and drivers The Aerospace Cluster The Cluster-Association The Aerospace Cluster The Cluster-Association The Aerospace Value Chain made up by 64 Members who directly generated Having doubled Turnover and Employment in

584 views • 25 slides
W g v W g W g g v g W g W g W g (4) j M g u g

W g v W g W g g v g W g W g W g (4) j M g u g

A Course in Applied Econometrics 1 . The Linear Model with Cluster Effects . Lecture 7 : Cluster Sampling For each group or cluster g , let y gm , x g , z gm : m 1,..., M g be the observable data, where M g is the number of

403 views • 7 slides
1 CPU-Intensive Jobs Taskfarming Parallelisable, for example Taskfarming Sentence by sentence

1 CPU-Intensive Jobs Taskfarming Parallelisable, for example Taskfarming Sentence by sentence

Outline Why do we need a cluster? Architecture: Machines and Properties Taskfarming Estimating Walltime Limits Common Pitfalls of Using the Cluster Joachim Wagner 2009-07-01 Why do we need a cluster? Cluster Architecture More efficient and

249 views • 4 slides
MS Cluster on KVM Vadim Rozenfeld vrozenfe@redhat.com 25 Aug, 2016 Cluster: Servers Combined to

MS Cluster on KVM Vadim Rozenfeld vrozenfe@redhat.com 25 Aug, 2016 Cluster: Servers Combined to

MS Cluster on KVM Vadim Rozenfeld vrozenfe@redhat.com 25 Aug, 2016 Cluster: Servers Combined to Improve Availability and Scalability. - Cluster: A group of independent systems working together as a single system. Clients see scalable and

903 views • 28 slides
Cebu - Shelter Cluster Meeting 14:00, Dec 13, 2013 Shelter Cluster Philippines

Cebu - Shelter Cluster Meeting 14:00, Dec 13, 2013 Shelter Cluster Philippines

Cebu - Shelter Cluster Meeting 14:00, Dec 13, 2013 Shelter Cluster Philippines ShelterCluster.org Coordinating Humanitarian Shelter Agenda 1. Introductions - Last meeting's minutes review 2. Shelter Cluster update - Strategic Response Plan

375 views • 21 slides
Computing Cluster Usage Visualization Tool Compu&ng Cluster Usage Visualiza&on

Computing Cluster Usage Visualization Tool Compu&ng Cluster Usage Visualiza&on

Computing Cluster Usage Visualization Tool Compu&ng Cluster Usage Visualiza&on Tool Sinisa Jovanovic Prometheus - Cluster Computer Cluster utilization December 2012 01.12. 31.12. Compu&ng

265 views • 12 slides
Computing Cluster Usage Visualization Tool Compu&ng Cluster Usage Visualiza&on

Computing Cluster Usage Visualization Tool Compu&ng Cluster Usage Visualiza&on

Computing Cluster Usage Visualization Tool Compu&ng Cluster Usage Visualiza&on Tool Sinisa Jovanovic Prometheus - Cluster Computer Cluster utilization November 2012 01.11. 30.11. Compu&ng

319 views • 11 slides
Photo(C)John Rodsted www.stopclustermunitions.org Cluster bombs The cluster bomb problem A

Photo(C)John Rodsted www.stopclustermunitions.org Cluster bombs The cluster bomb problem A

Photo(C)John Rodsted www.stopclustermunitions.org Cluster bombs The cluster bomb problem A cluster bomb releases dozens to hundreds of submunitions shattering over vast amounts of land It is an indiscriminate weapon; it cant

393 views • 13 slides
Mechatronics MECHATREC 1 MECHATREC STRATEGIC INNOVATIVE CLUSTER : as founded as an

Mechatronics MECHATREC 1 MECHATREC STRATEGIC INNOVATIVE CLUSTER : as founded as an

STRATEGIC INNOVATIVE CLUSTER for the Smart Specialized Field of Mechatronics MECHATREC 1 MECHATREC STRATEGIC INNOVATIVE CLUSTER : as founded as an associative entity - cluster - in 2010 (based on the National Scientific Cluster

378 views • 15 slides
Introduction to Cluster Computing Brian Vinter vinter@diku.dk Overview Cluster Computing

Introduction to Cluster Computing Brian Vinter vinter@diku.dk Overview Cluster Computing

Cluster Computing Introduction to Cluster Computing Brian Vinter vinter@diku.dk Overview Cluster Computing Introduction Goal/Idea Phases Assignments Tools Timeline/Exam General info Introduction Cluster Computing

832 views • 37 slides
Performance Monitoring What is the CCPM? A self-assessment of cluster performance against the 6

Performance Monitoring What is the CCPM? A self-assessment of cluster performance against the 6

Cluster Coordination Performance Monitoring What is the CCPM? A self-assessment of cluster performance against the 6 core cluster functions and Accountability to Affected populations: support service delivery 1. inform the HC/HCT's

720 views • 16 slides
Kmean Cluster Analysis 1 Learning Objectives Understanding the kmean cluster analysis

Kmean Cluster Analysis 1 Learning Objectives Understanding the kmean cluster analysis

Kmean Cluster Analysis 1 Learning Objectives Understanding the kmean cluster analysis procedure. Understanding the methods used to determine the optimal number of clusters. Managing data for the sake of conducting cluster analysis.

1.1k views • 80 slides
Introduction to Graph Cluster Analysis Outline Introduction to Cluster Analysis Types of

Introduction to Graph Cluster Analysis Outline Introduction to Cluster Analysis Types of

Introduction to Graph Cluster Analysis Outline Introduction to Cluster Analysis Types of Graph Cluster Analysis Algorithms for Graph Clustering k-Spanning Tree Shared Nearest Neighbor Betweenness Centrality Based Highly

836 views • 48 slides
Practical Approach to Papillary Breast Lesions Overview of papillary lesions Benign

Practical Approach to Papillary Breast Lesions Overview of papillary lesions Benign

Outline of Talk Practical Approach to Papillary Breast Lesions Overview of papillary lesions Benign intraductal papilloma vs papillary carcinoma Yunn-Yi Chen, MD, PhD Intraductal papilloma with atypia (ADH vs DCIS) Professor

396 views • 26 slides
Distributed Systems Virtual Private Networks Paul Krzyzanowski pxk@cs.rutgers.edu Except as

Distributed Systems Virtual Private Networks Paul Krzyzanowski pxk@cs.rutgers.edu Except as

Distributed Systems Virtual Private Networks Paul Krzyzanowski pxk@cs.rutgers.edu Except as otherwise noted, the content of this presentation is licensed under the Creative Commons Attribution 2.5 License. Private networks Problem You

386 views • 14 slides
Policy-Encapsulated Objects Arcot (Raja) Rajasekar rajasekar@unc.edu The University of North

Policy-Encapsulated Objects Arcot (Raja) Rajasekar rajasekar@unc.edu The University of North

Policy-Encapsulated Objects Arcot (Raja) Rajasekar rajasekar@unc.edu The University of North Carolina at Chapel Hil l Outline Motivations Anatomy of PEOs Architectural Issues Q&A Acknowledgement: Prof. Reagan Moore

312 views • 12 slides
CSSE 220 Software Engineering Techniques Encapsulation Coupling and Cohesion Scoping Please

CSSE 220 Software Engineering Techniques Encapsulation Coupling and Cohesion Scoping Please

CSSE 220 Software Engineering Techniques Encapsulation Coupling and Cohesion Scoping Please check out EncapsulationExamples from your SVN The plan Software Engineering Techniques: Pair programming Version Control Learn 3

322 views • 28 slides
HPGe detector fabrication at CANBERRA V. Marian, M.O. Lampert, B. Pirard, P. Quirin, J. Flamanc

HPGe detector fabrication at CANBERRA V. Marian, M.O. Lampert, B. Pirard, P. Quirin, J. Flamanc

HPGe detector fabrication at CANBERRA V. Marian, M.O. Lampert, B. Pirard, P. Quirin, J. Flamanc CANBERRA Specialty Detectors (Lingolsheim) Ringberg Castle, October 2015 Outline CANBERRA Lingolsheim overview at a glance HPGe detectors for dark

357 views • 18 slides
CHALLENGES FOR FRONT END DEVELOPERS OF LARGE WEB APPLICATIONS Graham Hinchly FT Labs Me

CHALLENGES FOR FRONT END DEVELOPERS OF LARGE WEB APPLICATIONS Graham Hinchly FT Labs Me

CHALLENGES FOR FRONT END DEVELOPERS OF LARGE WEB APPLICATIONS Graham Hinchly FT Labs Me app.ft.com Some things on the web are hard When you have a large amount of code they get really hard But why is it harder on the web than

867 views • 59 slides
Some Technical/Architectural Issues Overview Update and discussion of some ongoing work

Some Technical/Architectural Issues Overview Update and discussion of some ongoing work

Some Technical/Architectural Issues Overview Update and discussion of some ongoing work Packet format, system design, tech memos. LINK, ENCAP, NACK Routing scalability Name discovery, selectors. Variable-length header

278 views • 23 slides
ACCELERATION VIA EXPLICIT DECOUPLED DATA ORCHESTRATION Michael Pellauer* 1/26/2019 [Extended

ACCELERATION VIA EXPLICIT DECOUPLED DATA ORCHESTRATION Michael Pellauer* 1/26/2019 [Extended

ACCELERATION VIA EXPLICIT DECOUPLED DATA ORCHESTRATION Michael Pellauer* 1/26/2019 [Extended version to appear in: ASPLOS 2019] In collaboration with: Yakun Sophia Shao*, Jason Clemons*, Neal Crago*, Kartik Hegde**, Rangharajan Venkatesan*,

152 views • 13 slides

More recommend