Welcome!

Containers Expo Blog Authors: Liz McMillan, Pat Romanski, Yeshim Deniz, Elizabeth White, Zakia Bouachraoui

Related Topics: Containers Expo Blog, Java IoT, Microservices Expo, Microsoft Cloud, Agile Computing, @CloudExpo

Containers Expo Blog: Blog Feed Post

Midokura - The SDN with a Hive Mind

Centralized control, decentralized execution comes to life with Midokura's MidoNet

Whether bees or Martians, science or science-fiction, the notion of a hive mind is one that pops up frequently within the realm of psychology, philosophy, theology, science and, last but not least, technology. A hive mind is one that has a collective memory, sharing information from the past and present with every other member of the hive.

This capability (if it really exists) enables incredible resiliency on the population as a whole, because every member of the population has the information necessary to replace another at any moment. This concept has been applied to scaling applications since scaling applications because a necessity. If applications share session state information – usually by sharing a session data base – then any instance can immediately take over for another without disrupting a user session. Like bees, there is no need for on-the-job-training, it just "knows" – as though it tapped into a shared database full of not only standard hive knowledge but of the current state of the hive.

shared-session-arch

This concept is partially included in many SDN implementations, with varying degrees of success. In the most common, centralized-controller model of SDN a singular entity (the controller) maintains this vault of knowledge but disseminates only partial views of that state to relevant pieces of the infrastructure. Thus it is not a fully participative hive mind, but a partial one. This leads to over-reliance on the controller, which is responsible not just for management of the shared knowledge but of dissemination. Like the queen bee, loss of the controller is devastating to the ability of the controller-focused SDN to function.

Midokura, offers a new model with a more complete collective "hive mind" that inherently supports resilient software-defined networks and alleviates the potential risk of relying on a singular entity through which to disseminate state of the network.

MidoNet

Midokura is a global startup focused on network virtualization. It officially entered the US market in mid-October 2012 with the introduction of its primary solution: MidoNet.

 

MidoNet virtualizes the network stack for popular cloud platforms such as OpenStack®. Midokura’s approach not only adds automation that significantly reduces the human cost (OPEX) of managing the network, but also impacts the overall economics of cloud computing (CAPEX) by simplifying network requirements.

MidoNet is a distributed, de-centralized, multi-layer software defined virtual network solution for IaaS. By taking an overlay-based approach to network virtualization, MidoNet sits on top of any IP-connected network, and pushes the network intelligence to the edge of the network, in software.

-- Midokura Press Release

 

Cutting through the marketing speak, MidoNet is a fabric of distributed, software-defined networking services. It requires no specialized hardware infrastructure, but rather turns any Linux-based host running the Open vSwitch kernel module and the MidoNet agent into a node on a fully-meshed, L2-4 virtual network fabric.The network executes on a role-based networking principle, with each node able to execute on a broad set of L2-4 policies based on its assigned role in the flow. By taking an overlay-based approach to network virtualization, MidoNet can be deployed atop any existing network, using traditional L2/L3 connectivity as the means to create and utilize its peer-to-peer virtualized tunnels.

midonet-2 MidoNet applies faithfully the idea of centralized management coupled with de-centralized execution.Traditional edge services are applied at the perimeter of the network using virtual policy execution, and then packets are routed via a tunnel to the designated end-point.  Policies are not so much deployed as they are simply applied at the appropriate ingress node. Each node may play multiple roles, guided by the process governing specific flows.

Failure, then, is inherently managed by the ability of any edge node to apply the appropriate policies based on the role being executed. There is no reliance on a controller - commonly associated with SDN implementations – because local agents manage the application of appropriate policies on ingress and egress traffic. It's a "shared session" approach to networking, in which the entire state of the network is stored in scalable database systems and distributed throughout the network. Just as is the case with "shared session" applications, failure in any given node simply means flows are directed through a different node – which has complete knowledge of all the information previously known to the failed node by virtue of sharing the network state database.

Like a hive mind, every node knows what every other node knows – and has known – and it is only the roles assigned to any given node that indicates a difference in how that node executes on traffic.

The difference between MidoNet's architecture and the centralized architecture of a controller-based SDN is in the execution. While both models "share" state and configuration, ostensibly, a controller-based SDN relies on centralized execution. MidoNet does not, leveraging shared state and configuration as a means to enable resiliency.

MidoNet does not come without questions. Any agent-based system brings with it overhead, and MidoNet is no exception. The question becomes how much overhead and does it significantly impact performance of the host system. Similarly, how many roles can a single node assume before it becomes overwhelmed? How well does MidoNet react to failures in the underlying L2/L3 physical network?

And while MidoNet offers a mix of stateless and stateful services, the higher up the stack one traverses, the less robust such services become. Layer 4 load balancing as currently offered by MidoNet is acceptable for simple load balancing, but depending on the application and demand may result in uneven distribution that can make capacity planning and elasticity less efficient and more difficult to perform.

Also problematic with any simple L4 load balancing service are issues with application dependencies on persistence and topological architecture and the resulting impact on load balancing algorithms. Midokura does not refute the unique challenges associated with moving up the stack – nor with the rudimentary nature of its existing L4 services – but believes these challenges can eventually be addressed.

All in all, MidoNet is an impressive adaption of SDN principles into a more resilient, flexible model. The application of a shared session architecture combined with role-based networking is a fascinating twist on the more common centralized control and command model put forth by competing SDN players.

Read the original blog entry...

More Stories By Lori MacVittie

Lori MacVittie is responsible for education and evangelism of application services available across F5’s entire product suite. Her role includes authorship of technical materials and participation in a number of community-based forums and industry standards organizations, among other efforts. MacVittie has extensive programming experience as an application architect, as well as network and systems development and administration expertise. Prior to joining F5, MacVittie was an award-winning Senior Technology Editor at Network Computing Magazine, where she conducted product research and evaluation focused on integration with application and network architectures, and authored articles on a variety of topics aimed at IT professionals. Her most recent area of focus included SOA-related products and architectures. She holds a B.S. in Information and Computing Science from the University of Wisconsin at Green Bay, and an M.S. in Computer Science from Nova Southeastern University.

IoT & Smart Cities Stories
The deluge of IoT sensor data collected from connected devices and the powerful AI required to make that data actionable are giving rise to a hybrid ecosystem in which cloud, on-prem and edge processes become interweaved. Attendees will learn how emerging composable infrastructure solutions deliver the adaptive architecture needed to manage this new data reality. Machine learning algorithms can better anticipate data storms and automate resources to support surges, including fully scalable GPU-c...
Machine learning has taken residence at our cities' cores and now we can finally have "smart cities." Cities are a collection of buildings made to provide the structure and safety necessary for people to function, create and survive. Buildings are a pool of ever-changing performance data from large automated systems such as heating and cooling to the people that live and work within them. Through machine learning, buildings can optimize performance, reduce costs, and improve occupant comfort by ...
The explosion of new web/cloud/IoT-based applications and the data they generate are transforming our world right before our eyes. In this rush to adopt these new technologies, organizations are often ignoring fundamental questions concerning who owns the data and failing to ask for permission to conduct invasive surveillance of their customers. Organizations that are not transparent about how their systems gather data telemetry without offering shared data ownership risk product rejection, regu...
René Bostic is the Technical VP of the IBM Cloud Unit in North America. Enjoying her career with IBM during the modern millennial technological era, she is an expert in cloud computing, DevOps and emerging cloud technologies such as Blockchain. Her strengths and core competencies include a proven record of accomplishments in consensus building at all levels to assess, plan, and implement enterprise and cloud computing solutions. René is a member of the Society of Women Engineers (SWE) and a m...
Poor data quality and analytics drive down business value. In fact, Gartner estimated that the average financial impact of poor data quality on organizations is $9.7 million per year. But bad data is much more than a cost center. By eroding trust in information, analytics and the business decisions based on these, it is a serious impediment to digital transformation.
Digital Transformation: Preparing Cloud & IoT Security for the Age of Artificial Intelligence. As automation and artificial intelligence (AI) power solution development and delivery, many businesses need to build backend cloud capabilities. Well-poised organizations, marketing smart devices with AI and BlockChain capabilities prepare to refine compliance and regulatory capabilities in 2018. Volumes of health, financial, technical and privacy data, along with tightening compliance requirements by...
Predicting the future has never been more challenging - not because of the lack of data but because of the flood of ungoverned and risk laden information. Microsoft states that 2.5 exabytes of data are created every day. Expectations and reliance on data are being pushed to the limits, as demands around hybrid options continue to grow.
Digital Transformation and Disruption, Amazon Style - What You Can Learn. Chris Kocher is a co-founder of Grey Heron, a management and strategic marketing consulting firm. He has 25+ years in both strategic and hands-on operating experience helping executives and investors build revenues and shareholder value. He has consulted with over 130 companies on innovating with new business models, product strategies and monetization. Chris has held management positions at HP and Symantec in addition to ...
Enterprises have taken advantage of IoT to achieve important revenue and cost advantages. What is less apparent is how incumbent enterprises operating at scale have, following success with IoT, built analytic, operations management and software development capabilities - ranging from autonomous vehicles to manageable robotics installations. They have embraced these capabilities as if they were Silicon Valley startups.
As IoT continues to increase momentum, so does the associated risk. Secure Device Lifecycle Management (DLM) is ranked as one of the most important technology areas of IoT. Driving this trend is the realization that secure support for IoT devices provides companies the ability to deliver high-quality, reliable, secure offerings faster, create new revenue streams, and reduce support costs, all while building a competitive advantage in their markets. In this session, we will use customer use cases...