OPNFV Colorado Release

October 27, 2016

By: Aarti, Intern (Software & Network Specialist),CENGN

CENGN team on OPNFV-Projects

CENGN @ OPNFV Summit 2016

CENGN and OPNFV have a powerful partnership, as shown through its

collaboration on projects like JOID and StorPerf, and most recently with

the launch of Canada’s first ever Pharos community lab.

CENGN took part in the 2016 OPNFV Summit in Berlin. CENGN’s president and CEO Ritch

Dusome, presented on CENGN’s experience in OPNFV projects.

Project/

Team NameTeam Member Name Contact Details

Pharos• Daniel Tudares

• Dave Urschatz

• danieltudares@cengn.ca

• dave.urschatz@cengn.ca

JOID • Dave Urschatz • dave.urschatz@cengn.ca

FDS • Raymond Maika• raymond.maika@cengn.ca

Marketing

Team

• Rick Penwarden

• Richard Waterhouse

• rick.penwarden@cengn.ca

• richard.waterhouse@cengn.ca

Infrastructure/

Test Team

• Bhavani Krishnan • bhavani.krishnan@cengn.ca

• The list of OPNFV Projects @ CENGN and Contact

details of the persons involved in as:

CENGN’s Pharos Community Lab Webinar:

https://www.cengn.ca/pharos-lab-webinar/

OPNFV Internship Showcase

Daniel Tudares

Masters in Engineering

Carleton University, Ottawa

Mentors: Trevor Cooper, Dave

Urschatz, Daniel Smith

Zahra Jahedi

PhD Student – Systems and Computer

Engineering Carleton University,

Ottawa

Mentors: Arthur Tyloch, Narinder

Gupta

Tim Rault

Masters – Computer Science Ecole

Nationale Supérieure des Mines de

Nantes, France

Mentors: Mark Beierl

JOID Charm Bundles

• Deploy and test VNF

Charms

• Creating JOID Charm

Bundles

• Deploy advanced VNF

services

• Document on OPNFV wiki

StorPerf

• Measure latency of Cinder

Volumes

• Develop test harness

• Integrating of algorithms in

StorPerf

• Graphing Statistics

Pharos Lab

• Deployment of Kontron

Symkloud server

• IPMI tests

• Network configurations

• High level Pharos specifications

• Low level Design in CENGN

environment

Speakers

Rick PenwardenMarketing Specialist, CENGN

rick.penwarden@cengn.ca

Presenter : AartiIntern

Computer & Network Specialist, CENGN

aarti@cengn.ca

Masters of Engineering

Carleton University, Ottawa

OPNFV

• OPNFV is a carrier-grade, integrated open-source platform for Network

Function Virtualization.

• The main goal behind the formation of such an platform is develop an

integrated and tested open source platform that can be used to build NFV

functionality, accelerating the introduction of new services and products using

Network Functions Virtualization (NFV).

OPNFV : Assembling a Platform for NFVOPNFV Continuous Process

Colorado: 3rd release of OPNFV

• It builds on the foundation laid by the Arno and Brahmaputra releases to

improve the underlying platform support for NFV applications as well as to set

the stage for improved application on-boarding and management.

• It focuses on adoption and integration of fd.io forwarding in the OPNFV

platform.

• The release consists of set of scenarios which may be extended by features

and development projects.

Release Schedule

Apr 2016

OPNFV: Basic Platform structure OPNFV: Arno (Arno river in Italy) Release

Overview

OPNFV: Brahmaputra (after a river with headwaters in

China) Release Overview DiagramOPNFV: The latest Release Colorado (principal river of the

Southwestern United States and northern Mexico) Overview Diagram

Difference between Release Architecture

OPNFV: Colorado Diagram

Advancements & Improvements

1. Core Features Enhancements

2. Testing Enhancement

3. Infrastructure and Testing Environment Advancements

4. Community Process Enhancements

5. Efficient Network Forwarding

1. Core Features Enhancements

2. Testing Enhancement

3. Infrastructure and Testing Environment Advancements

4. Community Process Enhancements

5. Efficient Network Forwarding

Colorado Release : Advancements & Improvements

1. Core Features Enhancements

• The core feature upgrades closely map to user interests starting with security.

• The Colorado release also includes critical core features as IPv6, SFC, VPN

capabilities and support for multiple hardware architectures.

• These improvements come via focused collaboration with upstream

communities and are centered on improving foundational support for NFV

applications and services.

• All feature enhancements are integrated into the automated install/deploy/testing

framework.

Core Features Enhancements cont.

1.1 Security : OPNFV Security Core Infrastructure Initiative (CII) is a project managed by The Linux Foundation

that enables technology companies, industry stakeholders and esteemed developers to collaboratively identify,

fund and improve the security of critical open source projects.

Fig.1 :Core Infrastructure

Initiative (CII) Badge

OPNFV has added twelve patches related to security in this release

• Security Scanning for CI/CD - Automated NIST (National Institute of Standards and Technology,

US) based SCAP (Security Content Automation Protocol) scans to ensure the OPNFV platform

deploys free from known CVE (Common Vulnerabilities and Exposures) vulnerabilities, and meets

a security compliance level.

• OPNFV Security Vulnerability Management (OSVM) - The OSVM process is to manage and

coordinate the disclosure and management of vulnerabilities reported or discovered within the

OPNFV- eco system (network virtualization, SDN controller, OpenStack, virtual storage etc.) and

upstream projects.

• The OPNFV Security Guide - The OPNFV Security Guide is the collaborative work of many

individuals, involved in both the OPNFV Security Group and the wider OPNFV community.

• Secure Design - In order to ensure limited exposure to security exploits within the OPNFV

platform, OPNFV recommend developers learn and implement secure coding practices.

Security Related News/blogs

ETSI Network Functions Virtualisation

(NFV) Industry Specification Group

released three more specs relevant for

security

CIS (Center for Internet Security)

published update on their security

guidance (CIS critical security

controls- CIS Control)

Amazon launches Inspector, a tool

that automatically finds security and

compliance issues Google launches its Cloud Platform

Security Scanner

Core Features Enhancements cont.

2. Service Function Chaining (SFC) : Service Function Chaining provides the ability to define an

ordered list of a network services (e.g. firewalls, NAT, QoS) and then "stitched" together them in the

network to create a service chain. This project is to install the upstream ODL SFC implementation

project in an NFV environment.

• SFC is tricky business, the big idea being to move traffic through a specific set of virtual network

devices that are not physically inline.

Brahmaputra release was focused on only one compute node thus ODL SFC did not work

well with multiple compute nodes.

• With Colorado, service chain support has been improved

and stood up across multiple nodes and controllers, and

then tested — helpful in a number of cloud scenarios.

Core Features Enhancements cont.

1.3 IPv6 : OPNFV has improved IPv6 support includes IPv6-only deployments, full underlay and

overlay support and integration with additional installation tools like Apex.

1.4 VPN : The SDN VPN project which is for the inter-operation of a NFV Infrastructure (NFVI) and

wide-area networks (WAN), is now enable full Layer 2 and Layer 3 VPN along with BGP peering.

• The proposed architecture both links NFVI networking services seamlessly into the WAN network

architecture and provides a solution for distributed routing functionality in the virtual Switches using

standard ODL southbound interfaces.

1.5 ARM : With the Colorado release, OPNFV can fully support multiple hardware platforms,

including x86 and ARM, fully integrated with the OPNFV automated testing and DevOps

infrastructure.

This will promote end user flexibility in their NFV architectures

1. Core Features Enhancements

2. Testing Enhancement

3. Infrastructure and Testing Environment Advancements

4. Community Process Enhancements

5. Efficient Network Forwarding

Colorado Release : Advancements & Improvements

• Colorado includes a greater integration across testing projects with additional

feature testing capabilities, increased automation, Infrastructure and testing

environment advancements.

• Also testing advances come by increasing the number of possible scenarios

from 24 to 42.

2. Testing Enhancement

• The standard naming convention for a scenario is:

<VIM platform>-<SDN type>-<feature>-<ha/noha>

Example: os-odl_l2-sfc-noha

1. Core Features Enhancements

2. Testing Enhancement

3. Infrastructure and Testing Environment Advancements

4. Community Process Enhancements

5. Efficient Network Forwarding

Colorado Release : Advancements & Improvements

3. Infrastructure and testing environment advancements

• New labs coming online during Colorado include facilities from

Nokia and CENGN.

• The Pharos community labs were instrumental in both development and Colorado

release validation.

• Colorado brings improved governance, consistency, availability, and quality to the

labs, increasing efficiency and creating the groundwork for a robust Lab-as-a-

Service program.

Example : CENGN is participating in the project FDS under Colorado release by providing

CENGN environment (Test/Pharos) for CI/testing.

1. Core Features Enhancements

2. Testing Enhancement

3. Infrastructure and Testing Environment Advancements

4. Community Process Enhancements

5. Efficient Network Forwarding

Colorado Release : Advancements & Improvements

• OPNFV continues to build relationships with key upstream communities.

4. Community process enhancements

• Example : OpenDaylight has given its fifth SDN platform release 'Boron' SDN and that was out just before

the OpenDaylight Summit, focuses on the cloud, NFV, performance and tools.

• OPNFV launched its intern program during the Colorado release timeframe, already providing

valuable contributions across work on the Pharos Labs

• OpenStack

• OpenDayLight

• Data Plane Development Kit

• FD.io

• OpenVSwitch

• Open Network Operating System

• Kernel Virtual Machine

• OpenDataPlane

• OpenContrail

Colorado Release : Advancements & Improvements

1. Core Features Enhancements

2. Testing Enhancement

3. Infrastructure and Testing Environment Advancements

4. Community Process Enhancements

5. Efficient Network Forwarding

5. Efficient Network Forwarding

• Colorado introduces scenarios created by the FastDataStacks project which

include the VPP (Virtual Packet processor) as a software forwarder provided by

FD.io project to enable both carrier grade forwarding performance, scalability

and open extensibility in NFVi.

apex-os-odl_l2-fdio-noha

Key Features

•Automated installation using the APEX installer.

•Fast and scalable tenant networking using

FD.io/VPP as forwarder.

•Layer 2 networking using VLANs, managed and

controlled through the VPP ML2 (drive APIs).

•Layer 3 connectivity for tenant networks supplied

centrally on the Control node through standard

OpenStack mechanisms.

Frank Brockners, Distinguished Engineer, Cisco

Michael Weir, Vice President, CENGN

September 27-29 /2016, Seattle, Washington

Composing Solution Stacks with OpenDaylight and

OpenStack in OPNFV: The FastDataStacks Example

https://opendaylightsummit2016.sched.org/event/7xOp/frank-brockners-cisco

https://opendaylightsummit2016.sched.org/michaelweir

Conclusion

• The OPNFV 3rd release enables the community to become even more fluent in system level

feature development and testing in support of NFV.

• It has included laying a foundation for the industry's management and network orchestration

(MANO) layer.

• Colorado sets the stage for upstream communities to put significant enhancements towards

OPNFV continuous integration and continuous delivery (CI/CD) practices.

• OPNFV has worked during it’s C release to expand its community with the creation of various

working groups across management and network orchestration.

• Open Source MANO Community (OSM)

• OPNFV Security Vulnerability Management (OSVM)

Now Available

Opnf.org /colorado

OPNFV : "Colorado is an indicator

that collaboration is the central theme

of OPNFV these days"

Members Companies

OPNFV : “OPNFV would not

be possible without the support of

our member companies”

What’s Next after ‘C’ Release ?

• OPNFV ‘D’ Release – Danube (name after the second-longest river in Central and Eastern Europe)

• Enhancement on existing OPNFV-projects. There are various projects which

are indented to participate in the D release.

• Forty projects are intended to be the part of Danube release so far. (Apex,

FDS, Yardstick, Doctor, Octopus, SDNVPN, Pharos, VSPerf, SFC, Copper,

DaisyforNFV, IPv6, Models, Opera, QTIP (Platform Performance

Benchmarking), StorPerf, VES (VNF Event Stream), Software Fastpath

Service Quality Metrics), OVSNFV, OPNFVDOC).

Glossary

• CI/CD – Continuous Integration / Continuous Deployment

• CII – Core Infrastructure Initiative

• CVE – Common Vulnerability and Exposures

• DPDK – Data Plane Development Kit

• FDS – Fast Data Stack

• KVM – kernel based Virtual Machine

• MANO – Management and Network Orchestration

• ML2 – Modular Layer 2

• NAT – Network Address Translation

• NIST – National Institute of Standards and Technology

• ODL – OpenDayLight

• ODP – Open Data Plane

• ONOS – Open Network Operating System

• OS – OpenStack

• OPNFV – Open Platform for Network Function Virtualization

• OSM – Open Source MANO

• OSVM – OPNFV Security Vulnerability Management

• OVS – Open Virtual Switch

• QoS – Quality of Service

• SCAP – Security Content Automation Protocol

• SFC – Service Function Chaining

• SDN – Software Defined Network

• VES – VNF Event Stream

• VIM – Virtualized Infrastructure Manager

• VLAN – Virtual Local Area Network

• VNF – Virtual Network Function

• VPN – Virtual Private Network

• VPP – Vector Packet Processing

References• https://www.opnfv.org/software/technical-overview

• https://www.opnfv.org/news-faq/press-release/2016/09/open-source-nfv-project-delivers-third-platform-release-introduces-0

• https://wiki.opnfv.org/display/SWREL/Colorado+scenario+inventory+and+dependencies

• https://wiki.opnfv.org/display/SWREL/Colorado+Scenario+Status

• https://bestpractices.coreinfrastructure.org/projects/164

• https://scap.nist.gov/

• https://wiki.opnfv.org/display/sfc/Service+Function+Chaining+Home

• https://wiki.opnfv.org/display/sfc/SFC-ODL+Colorado+Testing

• http://artifacts.opnfv.org/sfc/colorado/docs/scenarios_os-odl_l2-sfc-ha/index.html

• https://www.opnfv.org/sites/opnfv/files/collateral/files/opnfv_odl_vcpe_sfc_brief.pdf

• https://developer.cisco.com/fileMedia/download/4dc486ce-c4e6-45ff-acb5-0263aad93687

• https://wiki.opnfv.org/display/SWREL/Releases+Colorado+Projects

• http://www.etsi.org/news-events/news/1015-2015-10-news-etsi-nfv-isg-publishes-security-and-reliability-specifications

• https://www.cisecurity.org/critical-controls.cfm

• http://venturebeat.com/2015/10/07/amazon-launches-inspector-a-tool-that-automatically-finds-security-compliance-issues/

• http://venturebeat.com/2015/10/07/google-launches-its-cloud-platform-security-scanner-out-of-beta-minutes-after-amazon-announced-inspector/

• https://wiki.opnfv.org/display/sdnvpn/Sdnvpn

• https://wiki.opnfv.org/display/SWREL/Colorado+Testing+-+Discussion+and+Proposals

Image Credit

• https://www.opnfv.org/sites/opnfv/files/opnfv_arno_overview_diagram.jpg

• https://www.opnfv.org/software

• https://www.opnfv.org/sites/opnfv/files/collateral/files/opnfv_bp_diag_030116_notitle.png

• https://bestpractices.coreinfrastructure.org/

• https://www.opnfv.org/news-faq/events/2015-07-27/opendaylight-summit

• https://twitter.com/opnfv

• https://www.cengn.ca/president-ritch-dusome-presents-cengn-and-its-vision-for-innovation-at-the-opnfv-summit/

• https://en.wikipedia.org/wiki/Danube#/media/File:Donaustadtbruecke-Praterbruecke-DSC_0024w.jpg

• https://www.opnfv.org/sites/opnfv/files/styles/opnfv_header/public/front_page_slides/images/opnfv_colorado_we

bsite.jpg?itok=qBtvWKK3

How to Connect ?

• During the Colorado release, the most of the discussion regarding the features have

been done at the OPNFV technical discussion webpage with subject Colorado release

planning.

https://lists.opnfv.org/mailman/listinfo/opnfv-tech-discuss

#Colorado release planning

opnfv-tech-discuss@lists.opnfv.org

• IRC Channel for discussion and setting up the meetings :

http://irc.freenode.net

#opnfv release

• There is separate link for FDS project :

https://wiki.opnfv.org/display/fds

#opnfv-fds

fds-dev@lists.opnfv.org

Thank you

32

Access the Slides for more Information

Watch Video and Download Slides Here!

https://www.cengn.ca/resources/webinars/opnfv-

colorado-release/