(SDN for End-to-End Networking @ Exascale) Project · (SDN for End-to-End Networking @ Exascale)...

SENSE(SDNforEnd-to-EndNetworking@Exascale)

ProjectInderMonga

LeadPI

WhatProblem(s)areWeSolving•  End-to-endnetworkserviceautomaEon

– Manualprovisioning– Noserviceconsistencyacrossdomains– Noservicevisibilityacrossdomains

•  ApplicaEon-NetworkinteracEonmissing– Abilityforscienceworkflowstodriveserviceprovisioning

–  ProgrammingAPIsusuallynotintuiEveandrequiredetailednetworkknowledge,somenotpre-known

– DetailednetworkinformaEonneeded,usuallynoteasilyavailable

WhatProblem(s)areWeSolving

•  MulE-domainservicevisibilityandtroubleshooEng– DataAPIsacrossdomainsforapplicaEons,users,networkadministrators

– Performance,servicestaEsEcs,topology,capabilityetc.

– Exchangeof‘scoped’andauthorizedinformaEon•  Alignmentwithsecuritypolicies@theend-site

Coreidea

End-to-end,mulE-domainprovisioningautomaEonandresourceorchestraEon

SENSEscopeddefiniEons•  End-to-End(networkpointofview)

–  DTNNICtoDTNNIC,acrossScienceDMZ,WAN(s),Openexchangepoints(ideally)

•  MulE-domain– MulEpleadministraEvedomains,independentpoliciesandAUP

•  ProvisioningautomaEon–  Bring-upandmanagementofserviceswithoutinterrupt-drivenhumaninvolvement

•  ResourceorchestraEon–  AllocaEonandreservaEonofresourcesincludingcompute,storageandnetwork

CurrentStateofSDN-Gaps•  Inter-domainSDNundefined

– Notfocusofopen-sourceorcommercialefforts– NoorganizedR&Eefforts

•  ResourcedescripEonsvarywildlyacrossprojects,industry– Minimalethernettopologydiscoverybycontrollers,representedinproprietaryJSONformats

•  MulE-domainadmissioncontrolandAuthz– NoclearwaytospecifyAA,policies,andenforcethemacrossdomains

•  A‘usable’mulE-domaintestbed

SENSEArchitectureandApproach

Defines Service Perimeter/Boundary

OrchestratorRole

ResourceManagerRole

WhydoweneedaNetworkOS?

•  MulEpleapplicaEonsupport– MissingfromexisEngSDNcontrollers–  Requiressecurity,AA,policyinfrastructure

•  Abilityforuserstodevelopcustomservices– Usinginfrastructureservices– Offerthemtotheirowncustomers

•  Resourcesharing(notcontrol)key– Networkissharedbymanytenants– Differentservicelevels(BestEffort,Guaranteed,Low-latencyetc.)

SENSERequirementsforanSDNOS

•  CommunicaEonandcoordinaEon– betweenthecontrolplanesatdifferentsites.

•  Securitymechanisms–  toprotecttheintegrityandavailabilityofnetwork,compute,andstorageresources

•  AbstracEonsofresourcestateandmetadata– ConsistentacrossmulE-domain

•  ExpressandEnforcelocalpolicies

SENSEOS(SENOS)Architecture

Resource Topology Service

API Resource

Computation Service

API

Policy Service

API

Monitoring Service

API NE Driver

(OpenFlow) Service

API

SENOS Intelligent Service Functions

SENOS Core Functions

Multi-Point VPN Service

Intent API

Persistent State

SSHD Python Messages

Roles Users Resources

ACL Thread

Generic API

System Services

ScienceDMZ Driver

Service

API

Big Science Service

Intent API User Services (Application Containers)

•  SeparaEonofkernel(privileged)andmulE-user(unprivileged)execuEonspace•  Supportstheconceptofresourcesandallowstheownersofresourcestospecifyhowthoseresourcesmaybeused,viaaccesscontrollists.•  AsetofgenericobjectdefiniEonsforcommonly-usedobjectsinSDNprograms,suchasnetworknodes,ports,andlinks.•  Aninter-processmessage-passingfacilityforcommunicaEonbetweenSENOSinstances.

•  ServicefuncEonsprovidetheintelligencetointerpretorrenderauser’sintent,enforcepolicies,andcoordinateworkflows.•  ServicefuncEonsarehierarchicalinnature,withatomicservicesbeingadiscretesetofservicesthatcanbecomposedtobuildamore

complex,customservice.

Core

FuncEo

ns

Service

FuncEo

ns

SENOSIntelligentServiceFuncEons(1/2)

•  ResourceInformaEonService(RIS)– Harvestandnormalizesresourcetopology–  Enforcespolicyviewsoftopology

•  ResourceComputaEonService(RCS)– MulE-ConstrainMulEResourcecomputaEon(fromRAINS)

– AddsupportforSENSErequirements•  Next-GeneraEonScienceDMZandsiteresources•  Flowmanagement,flowterminaEon,andsiteservicesintegraEonfuncEons

•  InteracEonwithSENOSPolicyService

SENOSIntelligentServiceFuncEons(2/2)

•  IntentandRendering–  IntentAPIsexposeveryhigh-levelserviceabstracEonsthatfocusesonthe‘what’theapplicaEonwantstoaccomplishandnotonthe‘how’

–  Rendererimplementsthebusinesslogicfortheservice•  AuthorizaEon•  Policyenforcement•  ComputaEontodetermineanextsetoftasks•  CreaEonofsubordinate(lower-layer)intents,ifany•  DirectlyperformingasetofacEons•  Returningrequeststatus

– MulE-PointVPNServicewillbethefirstnetworkserviceprototypedfortheSENSEproject

End-SiteOrchestraEon

•  ScienceDMZFlowManagement– RoutetorightflowstotherightDTNs,vlanormoregranularflowidenEficaEonusingOF

– SupportmulE-scienceScienceDMZ,withresourceallocaEonandtrafficsteering

– EnableaddiEonofNFVserviceslikeCaching,andflowservicechaining

End-SiteOrchestraEon(contd.)

•  DTNAutoconfig–  SystemsconfiguraEontoensuredatatransferapplicaEoncanconnect@Layer3and/orLayer2

•  Includes,VLANconfiguraEonontheNIC•  PrivateorpublicIPaddressconfiguraEonofL2orL3VPNs•  OtherconfiguraEonlikeTCPwindowsize,mightbeastretch

–  CreaEngVMsorcontainerswithrightdata-movementsoewareformulE-scienceDTNs

– OVSconfiguraEonandQoSconfiguraEon–  FlowsteeringandACLstoconnecttotheinternalfilesystemoverdifferentNICs

WAN/Regional/ExchangeNetworkOrchestraEon

•  Leveragepastexperiencewithdynamicpoint-to-pointcircuitservicestodevelopmulE-pointoffering

•  NetworkElement(NE)Control– SENOSNEDriverforsouthboundcommunicaEon(i.e.OpenFlow,NetConf/YANG,P4,CLI,etc)

SENSEEnd-to-EndOrchestraEon

•  ThreeScienceUse-cases– LHCCMSuse-case– NERSCBurstBufferuse-case– Superfacilityuse-case

LCLSCompu)ngUseCase:QuasiRealTimeNanocrystallographyPipeline

HPCAnalysis

~1GB/s-~1TB/s

StreamingdatafromthedetectortoscalableHPC●  Indexing,classificaEonandreconstrucEon●  Quasireal-Emeresponse(<10s)●  Currently(LCLS-I)requiring50TFLOPS●  CoriSupercomputer:500Kcores,28PBdisk

DiffracEonImage(Indexed)

ReconstructedStructure

Providingatomic-scalevisiontoresearchersatthebeamlinein<10s

Pipelinecri)calforexperimentsstudyingatomicscalestructuraldynamicsandfluctua)onsinmaHer:

●  Complexmaterials(novelfuncEonalproperEes)○  HeterogeneityandfluctuaEonsatthenano-scale○  Nano-parEcledynamics

●  Catalysis(efficient,selecEve,robust,earth-abundant)○  Chemical,structural,andelectronicchanges;Nano-parEcles;Interfacialchemistry

●  BiologicalfuncEon○  Proteincrystallography–structureanddynamicsfromreconstrucEons○  Macro-molecules–conformaEonaldynamics,heterogeneity,andinteracEngbiocomplexes

SuperfacilityPrototypeandUseCase:Processofsciencetransformed

-19- CompuEngSciencesArea

Real-)meanalysisof‘slot-die’techniqueforprin)ngorganicphotovoltaics,usingALS+NERSC(SPOTSuiteforreduc)on,remeshing,analysis)+OLCF(HipGISAXSrunningonTitanw/8000GPUs).

1

2

hup://www.es.net/news-and-publicaEons/esnet-news/2015/esnet-paves-way-for-hpc-superfacility-real-Eme-beamline-experiments/ResultspresentedatMarch2015meeEngofAmericanPhysicalSocietybyAlexHexemer.AddiEonalDOEcontribuEons:GLOBUS(ANL),CAMERA(BerkeleyLab)

InstrumentaEon/Monitoring/Measurements

•  Fortheuser:–  Servicespecificdatatotheuser–  FollowsthethoughtbehindtheintentAPI,abstractedservicemetrics

•  Fortheadministrator:–  MoredetailedinformaEonacrossalluser-services–  MulE-domaininformaEonexchangetohelpdebug/troubleshoot/

monitorservicelevels–  ConEnuousmonitoring

•  DataAnalysis–  Dataminedwillbeusedforsystemmodelingandmachinelearningto

performcapacitypredicEonsanddevelopstrategiesfornegoEaEngresources

–  ThistaskwillcollaboraEvelyleadbytheSDNNGenIAproject

End-to-EndSENSETestbed

FlyingStart:Leveragingpriorwork

•  Modeling– RAINSproject

•  Testbed– ExisEngcomputeandDTNequipment@sites– ESnetSDNtestbedacrossUS/Europe– GENIresources

•  SDNSoeware– ENOSandODLconceptsandsomecomponentsfromESnet/Harvey

Deliverables:Year1(Feb*–Feb)•  ScienceUse-Casesrequirements

–  InfluencethedesignandsiteimplementaEon•  SENOSArchitectureandDesign,overall

– WithiniEalimplementaEonofSDNsoewarecomponents•  IntentInterfaces

–  IniEalimplementaEonforMulE-pointVPNandDTNAutoconfiguraEon

–  DesignforservicemetricsfeedbacktoapplicaEon•  NGScienceDMZ

–  Designandarchitecture–  IniEalimplementaEonofSENOSforLocalScienceDMZnetwork

*KeySENSEmembershaven’treceivedfundingyet

Deliverables:Year2

•  ImplementaEonofSDNScienceDMZ@end-sites

•  EnhancetheSDNtestbedwithfeaturesneededforSENSE

•  FinalimplementaEonsof–  IntentRendering– SENOS– SENSEOrchestrator

•  IntegraEonintoScienceWorkflows

Deliverables:Year3

•  DemonstraEonofScienceWorkflows/Use-casesoverthetestbed

•  ImprovedIntentInterfaces•  OperaEonalinformaEonsharingbetweensites•  FinalimplementaEonofSENOScomponents•  TechTransferandtransiEon

ManagementPlandiscussion•  MonthlyPImeeEngs:Chin/Inder

– Progress,issues•  QuarterlyProgressreportsinbullets

•  WebsiteforinformaEonsharing,bothinternalandexternaltoproject

•  SoewareonGithub

RolesandResponsibiliEessharedacrosstheteam

•  Design/Architecture:Chin/Inder–  Define/Writerequirementsforthesoewarefeatures,andWAN,LAN,ScienceimplementaEonand

scienceuse-cases–  MulE-domainorchestraEon:TomLehman

•  Resourcemodels,design,AA,etc.

–  PoliciesandEnd-SiteOrchestraEon:PhilDeMar–  Sitepolicies,ScienceDMZautomaEon,end-hostautomaEonrequirements

•  Soeware:JohnMacauley–  Processes,releasemechanism,documentaEon,webpageetc.

•  Deployment:LindaWinkler–  DeploymentofSDNtestbed,architecture,Emeline

•  ScienceUse-cases&demos:Harvey/Azher–  CoordinaEonofscienceuse-cases,demosetc.

•  Outreach:TBD–  News,Bullets,Website,Wiki,Logo

•  OverallProjectManagement:Inder/Chin–  WorkwithThomas,deliverablestracking,reportsetc.

•  MulE-Resource,FullStack•  End-to-EndR&Epath

(SDN for End-to-End Networking @ Exascale) Project · (SDN for End-to-End Networking @ Exascale)...

Documents

Transcript of (SDN for End-to-End Networking @ Exascale) Project · (SDN for End-to-End Networking @ Exascale)...