Policy-based Orchestration of NFV Services in Software- Defined Networks Kostas Giotis, Yiannos...
-
Upload
kathryn-parker -
Category
Documents
-
view
213 -
download
1
Transcript of Policy-based Orchestration of NFV Services in Software- Defined Networks Kostas Giotis, Yiannos...
Policy-based Orchestration of NFV Services in Software-Defined Networks
Kostas Giotis, Yiannos Kryftis, Vasilis Maglaris
Network Management & Optimal Design Laboratory (NETMODE)School of Electrical & Computer Engineering
National Technical University of Athens
1st IEEE Conference on Network Softwarization (NetSoft 2015) April 15th, 2015
London, UK
Trends in Telcos Industry
Telco networks demonstrate: Significant growth of traffic volumes Increased data rates Plethora of diverse network services
SDN and NFV architectures promise: Increased business agility (speed up services
deployment) Decreased operational costs Decoupling of services from the physical substrate
SDN and NFV overlook
SDN Protocols Multiple SDN protocols (OF,
ForCES, Cisco OpFlex) OF is still dominant
Delivers: Network programmability Decouple Data & Control
Plane Listen & Handle Network
Events
NFV Architectures No standardized protocols
All approaches are based on the ETSI specification
Delivers: Agile placement of
networking services Service-driven virtual
Networks Optimized usage of COTS
Hardware devices
Motivation Formulate a baseline
architecture to facilitate policy-driven dynamic methods for:
management of SDN resources lifecycle management of VNFs
and the associated data orchestration of multiple diverse
VNFs to deliver Business Applications as NFV Services (i.e. Service Chains)
Design Principles Modular design that
decouples: Hardware elements VNFs Business (NFV) Services Orchestration
Information Model to uniformly describe network resources and functions
Instantiate and Manage NFV Services, governed by policies
Delivery of agile services through SDN and NFV synergies
This schema permits:• Selection of VNFs from a VNF Pool• Use Policy-Engines to manipulate VNFs• Combine Diverse VNFs to deliver NFV
Services
Physical Infrastructure
Nodes Controllers
VNF Pool Diverse VNFs “Templates”
NFV Services Business Applications Service Chains
NFV Orchestrator Mgmt Functions Information Model
Architectural Components
Physical Infrastructure
Nodes Controllers
VNF Pool Diverse VNFs “Templates”
NFV Services Business Applications Service Chains
NFV Orchestrator Mgmt Functions Information Model
Architectural Components
Uniquely-identified substrate objects:• Managed in an abstracted manner• Agnostic to the actual substrate
Use abstracted physical resources for:• Programmable Network Functions templates• Isolated instances
NFV Services consist of one or more VNFs, and:• Deliver tailor-made Business Applications• Interact with Diverse VNFs• Implement Forwarding Graphs (VNF-FGs)
Policy Engine:• Policy-based management of substrate
resources• VNF Lifecycle Management• Orchestration of NFV Services
Policy-based NFV Orchestrator
The management environment is divided in three layers The lower layer concerns policy based management for OF substrate
resources, providing management enforcement methods on MOs representing them
The middle layer deals with VNF lifecycle management. All VNF components are represented as MOs and their methods may include policy-based management actions to be executed on lower layer MOs
The higher layer provides policy-based Orchestration of NFV Services. Each NFV Service extends the Managed Object Class and it includes the methods for capturing and creating events, and performing management actions on VNF components in the pool, based on high-level policies
Types of Policies
Event-Condition-Action(ECA) Policies: They enforce control and management actions upon certain events within the managed environment, possibly causing reconfiguration of the system
Authorization Policies: They define what actions Users with specific Roles can perform on Target MOs
Role Assignment Policies: They are used to define different classes of Users, receiving different access privileges and usage priority on specific services provided by VNFs
Graphical overview of the classes in the Ontology
The Policy Engine residing in the NFV Orchestrator stands for the management environment that encompasses a collection of Managed Objects (MOs) in hierarchical order, representing:
Policies (i.e. Event-Condition-Action (ECA), authorization, role assignment)
OF resources (i.e. Controller, Switch, Link, Port) VNF components and NFV services
Ponder2 Policy Framework
For the development of VNF Orchestrator’s policy engine, the Ponder2 policy framework was selected:
It supports all aforementioned policy types and it uses user-extensible management objects
It was extended to represent the substrate resources, and the NFV Services as Managed Objects able to be managed by the policies
Conflict Resolution
Prototype VNFs
Monitoring VNF Instruct for the acquisition of
flow statistics Statistics are initially collected
at the Controller Flow-stats request/reply event
Capable to interface with different types of monitoring data managers
E.g. sFlow Collector
Network Embedder VNF Map virtual paths to the
physical substrate Upon User request Create e2e virtual links
Clients are considered to be large scale customers
e.g. content or alternate providers
Do not require significant number of identifiers (we user VLANs)
Monitoring and N.E. VNFs are chained to create RbTE instances as a Business Application
Client receives different type and quality of services
2 client tiers in prototype, regarding traffic routing:
Tier 1: path with least utilized links (best effort)
Tier 2: Shortest path – high priority
NFV Service: Role-based Traffic Engineering
CDN Providers deploy Caching Nodes inside the premises of other operators
CDN Providers are treated as clients
An Operator might host multiple Caching Nodes of different CDN providers
Case Study
WAN
CDNCache
Node B
Home User A
Switch 1
Switch 2
Switch 3
Switch 4
CDN Cache
Node A
Virtual Link 1Virtual Link 2Virtual Link 3
Telecom Operator
EP-1
EP-2
EP-3
Traffic Engineering for CDN Caching Nodes
Experimental Results
Proof-of-concept demonstration
Indicative Role-based services functionality
Future Work: Avoid path switching for
Tier 1 clients when the link is not saturated
Integrate a virtualization layer through a network hypervisor (e.g. OpenVirtex) for isolated, Policy-based Control Plane management.
THANK YOU!
Kostas [email protected]