UKNOF is being closed down during 2024, and this site is now only active as an archive of previous events and presentations.

19 January 2016
etc Venues Bishopsgate
Europe/London timezone

Simple, Secure, Scalable virtual networking for the virtualised data centre

19 Jan 2016, 17:15
30m
etc Venues Bishopsgate

etc Venues Bishopsgate

155 Bishopsgate Liverpool Street London EC2M 3YD
Main Session

Speaker

Mr Edward Harrison (Metaswitch Networks / Project Calico)

Description

The modern data centre is now awash with virtualised and containerised workloads serving largely IP based applications. A typical data centre might have 1000s of hosts, running 10s of thousands of VMs, 100s of thousands containers or much more. Networking between these workloads is critical, yet many existing virtual networking technologies aren't built with this level of scale in mind. This presentation introduces Project Calico, an Open Source networking project which is built using the same technologies as the Internet in order to provide the scale, security and simplicity required in the modern data centre.

Summary

The rise of virtualisation and, particularly in the last year or two, containerisation has had a dramatic effect on the way data centres are used. With the increasing requirements on rapid application development and deployment, and moves toward microservices and autoscaling, the requirements for simple, scalable, networking between virtualised workloads is becoming ever more important.

However, most virtualised networking technologies do not provide the simplicity and scalability we would like. In the OpenStack world, for example, Neutron provides many options, but these come with more complexity than many deployments need, meaning they can be challenging to understand and troubleshoot.

On the other hand, in container land, whilst the past year has seen some steps forward in this area, with Docker's "libnetwork" architecture, for example, appearing toward the end of 2015, facilities for secure networking between containers on different hosts are still in their infancy.

Here we present Project Calico, which aims to provide simple, secure and scalable network connectivity for both these scenarios.  An Open Source project, Calico assumes that the vast majority of data centre traffic is unicast IP-based, and caters to that using standard Linux routing and iptables. However, it also allows for other traffic such as multicast IP, and can support data centre requirements such as overlapping IPv4 addresses if required.  We will describe the basic ideas behind Project Calico and explain how it can provide scalable networking for containers and VMs, while still providing the security required by modern virtualised workloads.

Primary author

Mr Edward Harrison (Metaswitch Networks / Project Calico)

Presentation materials