From the blog.

Managing Digital Racket
The more I tune out, the less I miss it. But that has presented me with some complex choices for a nuanced approach to curb
Complexity – My Friend, My Enemy
Over my years of network engineering, I've learned that the fewer features you can implement while still achieving a business goal, the better. Why? Fewer

ONUG Spring 2015 Live Blog – Day 1

2,255 Words. Plan about 15 minute(s) to read this.

All times are EST/NYC.

May 13, 2015

7:40am – Hello, and good morning.

I’ll be live blogging today from ONUG, the Open Networking User Group, held May 12-14, 2015 in NYC. I’ll be covering as many of the sessions as I am able to attend, sharing the big ideas and interesting thoughts that come from the speakers.

You’ll need to refresh periodically to see my updates. The plugin I tried that would support live event scrolling didn’t work out – sorry about that!

8:21am – Morning Agenda

Sessions lined up for this morning…

  • 8:45-9:30 State of ONUG (Nick Lippis)
  • 9:30-10:15 Creating Business Value with Cloud Infrastructure (Adrian Cockcroft)
  • 10:25-11:10 SD-WAN Working Group Test Results Presentation (Bank of America, Talari, Glue Networks, Viptela, Cisco, Riverbed, Silver Peak, VeloCloud)
  • 11:40-12:25 Virtual Networks / Overlays Working Group Test Results Presentation (Citigroup, Cisco, Nuage Networks, Big Switch Networks, Pluribus Networks)

8:45am – State of ONUG (Nick Lippis)

Venue move to Columbia University is about embracing the larger community of academia and science. The program is driven largely by research facilities and universities.

Demonstrators on site were invited to be at ONUG because they have specific solutions that map to ONUG use cases. (Use cases are displayed on large placards around the venue.)

SD-WAN is a hot topic. The retailer Gap will be discussing their need for SD-WAN and rollout plans across their massive network.

One theme is that it’s time to stop talking about technology in a unicorns and butterflies way, and start “operationalizing” SDN & open networking. So, ONUG is in part about putting technology into action.

The scope of ONUG conversations has expanded dramatically since the first ONUG meeting back in spring 2013. The conversations now include overlays, NSV, branch/WAN, storage networking, cloud infrastructure, SD-WAN, and more. The common thread is commoditization. Still, ONUG has a strong focus on networking; networking is ONUG’s roots.

Nick suggests we are seeing the beginning of the end for traditional MPLS / private WAN, to be replaced with SD-WAN architectures.

What’s the biggest challenge with SDN and open technology adoption? Organizational design. Siloed expertise (deep knowledge in narrow areas confined to specific people) doesn’t work well in modern cloud architectures. Cross-discipline groups and professionals are required.

According to ONUG polling, capex reduction is interesting, but not a huge driver for new technology adoption. More or less an assumed benefit.

Time to market is a bigger concern, and according to more ONUG polling, “networking is a drag on the IT industry.” Putting new gear into production takes months. Part of the reason might be that 71% of ONUG members polled have networks that are not open at all. 26% are somewhat open, while only 3% are totally open.

Nick wraps up, summarizing that ONUG as an organization promises sustainability, operationalization, and the creation of business value.

9:47am – Creating Business Value with Cloud Infrastructure (Adrian Cockcroft)

Adrian’s presentation will be sharing what developers are dealing with. He jokes about “network functions vaporization.” Describes his role in Battery Ventures.

Docker wasn’t on anyone’s roadmap in 2014. It’s on everyone’s roadmap in 2015. One of the fastest growing phenomenons in the open source world. Also, 2014 was the year that enterprises finally embraced cloud and DevOps. (My two cents…I guess it’s all how you define “enterprise.”) Look up presentations from a conference in 2014 on YouTube under “devops enterprise.”

Adrian points out that the key goal of the CIO is to align IT with the business. Okay. So…what does a business want? Well, they want to survive and grow. They want to define and achieve a purpose. They want to survive existential threats. IT supports all of these functions (see: value chain mapping).

Old companies tend to create many processes over time, which look essentially like scar tissue. Scarring is an encumbrance that reduced agility.

Adrian distinguishes between “cross team” and teams that have cross functions. You shouldn’t have to go outside of your team to get done what needs to be done. In a software context, this might be a product team, some group that owns the entire product for its lifecycle. This is part of the “continuous delivery” paradigm.

One big idea of this sort of structure is to get things done quickly via a combination of freedom and responsibility.

Docker is interesting for platform distribution – you can abstract away the platform from the development side. Docker is also good with it’s hub.docker.com site. You can use a proven base image that thousands of others are using and have therefore tested as a foundation for code deployment.

If you run microservices, it’s easier for individual coders to maintain responsibility for maintenance of their own code, as opposed to a monolithic architecture where all developers tied to the project might need to be contacted in the case of a problem. Not surprisingly, devs start producing higher quality code, because they are personally tied to the end result. If the code is lousy, they will feel the pain of that and be responsible to fix it.

Releasing more often means that there’s fewer changes, with less to test, and less to go wrong. Less complexity in a release. Adrian suggests, “Change one thing at a time!”

Fast tooling supports continous delivery of many tiny changes, thus Docker’s rapid rise in popularity.

Adrian recommends “The Phoenix Project” from 2014, about a group who had to learn how to become agile or risk their jobs being outsourced.

Adrian defines a microservice as a loosely coupled service oriented architecture with bounded contexts. A number of presentations available on the web about webscale microservices that explain flow through systems architected in this way. Too many to catch, was a busy slide.

Adrian points out that from a developer point of view, this isn’t about SDN (i.e. the context of ONUG). It’s more about DNS, as much of what’s being relied upon on REST APIs between microservices across a geographically distributed microservice infrastructure. He described this model as a “bag of marbles,” each marble a microservice. Breaking into one is hard, and if you do, it doesn’t give you access to anything else because each microservice is self-contained.

Adrian shares that all of the emerging software seems to be written in the Go language. Go is designed purposefully to get common development barriers out of the way. Anecdotally, Java programmers that try Go often don’t want to go back to Java.

For more: http://slideshare.com/adriancockcroft.

10:35am – SD-WAN Working Group Test Results Presentation

Nick begins with an introduction of how the working group testing was done, and discusses testing with partner Ixia via chat with Errol Ginsberg, chairman of Ixia’s board.

Also, note that downloads of test results will be available from here: http://opennetworkingusergroup.com/spring-2015-downloads/.

Conrad Menezes (Bank of America) takes the stage to discuss the context behind the SD-WAN testing.

Seven SD-WAN vendor representatives, plus an Ixia representative has taken the stage. Ixia is describing the testing that was done, starting with the topology, moving onto the testing methodology.

Cisco IWAN discussed, tested with ISR-4451/ASR1000 as a border router, ISR-4451 as DC/POP domain controller and IWAN branch, ISR-4431 as IWAN branch and border router, and CSR-1000V as border router (and something else, went too quickly). All tests passed. Cisco opts to dive more deeply into test #4, prioritization & steering of business critical traffic & real-time traffic. Explanation of how policies are pushed, path control via PfR (Cisco’s performance routing), and prioritization. (My two cents, this appears to be a cobbling together of legacy Cisco technologies into a unified & orchestrated solution. I need to investigate IWAN a bit more.)

Viptela takes the stage to discuss their testing configuration. Zero touch provisioning pointed out at the bottom of a slide. Centralized policy management highlighted. Viptela architecture is central controller and “vEdge” routing appliances. Did not get a slide describing which specific tests were or were not passed. The “all tests passed” slide was up there, but I missed it. Emphasis was on how the Viptela solution can map different traffic flows to different queues depending on business policy and network state.

Glue Networks takes the stage. Glue orchestrates Cisco gear, is not a router or traffic forwarder of its own. Glue automates Cisco IWAN in this example. Glue shows a slide where all tests were passed. Glue points out that Cisco PfR version 3 “got it right this time.” Glue continues to emphasize that their solution is orchestration, and thus some of the passed tests were actually due to the Cisco IWAN solution doing what it does. ZTP brought up, along with life-cycle management, and near real-time monitoring.

Talari Networks steps up. Talari points out that they’ve been in the SD-WAN space before it was a space, going back to 2007. Uses the buzzword “thinking WAN” in their slide. All tests taken were passed, but they chose to omit a couple of tests (FIPS and one other I didn’t catch before slide changed). They highlight test case #5 – instant detection of failed links (very fast failure detection) with no loss during shift to remaining link. The point being application continuity even when a WAN link degrades or dies altogether.

VeloCloud is up next. Jokes that the Rolling Stones got it wrong. “Get off of my cloud” should be “get on my cloud.” Quiet giggling in the room. Emphasizing architecture of public cloud hosted applications and dual (or better) Internet connections, as well as other “dual” circuit strategies. Points out that some of their architecture is, in fact, cloud hosted. States that no network is trustworthy as such. Session does not have to drop to shift to a different link during a brownout. What about multiple brownouts? Then VeloCloud can do forward error correction. Central business policy definition and distribution, including regulatory awareness. All tests passed. (Note that I has previously listed that there was no slide, but there was a very brief display of it that I missed while head down. My apologies to VeloCloud.)

Silver Peak describes their SD-WAN architecture. Emphasizes that virtual machines are better than 50% of their appliance deployment. (My two cents, note that Silver Peak is historically a WAN optimization company, and SD-WAN is a new feature set for them.) They passed all tests except for FIPS, which they omitted – have not applied for FIPS compliance yet, but pointed out that they are using IPSEC for all traffic. Test #5 comes up again, as with others.

Riverbed appears. They used SteelCentral controller with the Net Express Server, and Steelhead models VCX255L, CX755, and CX5050. (My two cents, I had no idea Riverbed was offering an SD-WAN solution at all. Fascinating.) All tests passed. Talks a bit about their open APIs. Points out that they have been a very application focused company, and understand how to handle complex application protocols for hybrid networks. They see the world in application-centric way. “Business run on applications. They don’t care about interfaces and networks.” Riverbed is strong with templated applications and being able to define many traffic classes that cater to those application needs.

11:35am – SD-WAN Working Group Q&A, then Lunch Break

Folks, I’ll be signing off for a while here. Sessions have run over, and I’ve got a couple of other places I’ll be heading, including a Tech Field Day presentation.

1:47pm – Nuage Presentation to Tech Field Day

Just finished up listening to a presentation by Nuage Networks about their new Virtualized Services Assurance Platform (VSAP). The big idea with VSAP is to add operations-friendly capabilities to the Nuage network virtualization platform. I think this will be one of many presentations coming up from SDN vendors over the next several months, where they are addressing “operationalizing” their products. Or put another way, they are working on taking their abstractions (overlay) and mapping them into real (underlay) network elements.

There are two main components to VSAP. One monitors routes by listening to the activities in the routing domain. Set up a BGP peer for example, and detect route flaps in iBGP domains, AS paths in eBGP, etc. The next component detects what hosts are connected to what switches, using whatever means are available, most likely (at this point) SNMP.

With that information discovered, Nuage’s correlation engine puts together what it knows about the the physical network & L3 topology with the virtual network — that Nuage already knows, naturally. Events in the underlay now are correlated to availability of virtual resources in the overlay. This data is all presented in an easy-to-use GUI that should be immediately intuitive for operators to grasp.

Nuage was able to bring this market fairly quickly, citing that they have an “unfair advantage.” Recall that Nuage is a company under the umbrella of Alcatel-Lucent, a vendor with many service provider customers. Many of the pieces and parts that make up VSAP came from that business — proven software components that have been in production for 4-5 years.

There will be a Tech Field Day video of Nuage’s presentation that talks through the “why,” but then moves into a talk through a demo of VSAP correlating network events and displaying the resultant impact to virtual switches and machines.

2:05pm – Silver Peak Presentation to Tech Field Day

Note that I’ll be signing off for a bit yet again today. This presentation about to kick off is given under embargo, an advance presentation of an announcement Silver Peak will be making in June 2015. Silver Peak, for those unfamiliar, is a WAN optimization company making a hard charge into the SD-WAN space.