Container Network: An SDN system designed for developers
What is the difference between a container network and a traditional SDN?
The SDN system is still in the development stage. It is often created as a logical version of a physical network. It is connected to a logical network switch through an abstract port, network, or subnet, and to a virtual machine. As a service project, OpenStack network Neutron and other SDN software support this concept. This has many advantages for those who use virtual machines because their workloads can be mirrored to physical servers. Although virtual machines are easier to compare with physical machines, they are more stable than container-based computing. With the development of microservice systems, many containers can be dynamically configured and deleted quickly. Therefore, you need a network system that can accommodate this situation.
Basic knowledge about container network and its limitations
Basically, a network-related container, in turn, may also bridge to a network interface. This is what the Docker network system does by default, but it seems unsatisfactory in actual use. Its limitations are more serious when there are multiple hosts, because containers on different hosts cannot communicate, or it can be used for container management or business process systems such as Kubernetes. Docker launched a new multi-host container network architecture called libnetwork, which can solve these problems.
Kubernetes
Kubernetes allows the network to deploy servers in pods. It is a collection of resources shared by applications and containers. Each pod is assigned an IP address, which is different from that of a traditional system. In a traditional system, each server or virtual machine is assigned an IP address. A Pod is not a container, but a collection of containers. On the contrary, container and Port Coordination ensures that applications communicate with each other.
This is back to how to design and deploy applications. Apps are deployed in containers and run in pods. These apps are highly available and can handle faults at any time. On the contrary, in traditional virtual environments, you must always pay attention to virtual machines to avoid faults. This reflects the differences in application load design and infrastructure operation.
New SDN System
The traditional SDN architecture has gradually developed to support container deployment. Orchestration architecture systems such as OpenStack or vSphere were originally used for virtual machines, but are now used to run containers. For example, the Kuryr project can map the Docker network to the OpenStack Neutron network. VMware NSX also supports container deployment. Of course, these need to protect investment in existing infrastructure to adapt to container network adjustment.
However, the new SDN architecture is a container-compatible architecture. These new systems are most useful to APP developers because they create a simple view network instead of worrying about the underlying network infrastructure. Developers are concerned about connectivity, but less about traditional concepts, such as two-layer networks. The three-layer IP address is sufficient for them. The new SDN system provides these IP addresses. They can simplify configurations and accelerate deployment.
Case
Below are some examples of new open-source network systems:
• Calico: Calico is a layer-3 Virtual Network Service. It uses the built-in Linux network and BPG protocol and forwards data based on the IP tables. It shares routes in the data center and does not rely on any hardware, only in the network. This system can run on multiple platforms, such as OpenStack, Docker, and Kubernetes.
• Contiv: Contiv is a project that associates applications with infrastructure business decisions. Plug-ins that can be used for Docker network and storage capacity.
• CoreOS Flannel: Flannel is an SDN system designed for container networks. It enables containers on different hosts to communicate with each other as they do on the same host.
• Weaveworks Weave Net: Weaveworks Weave Net is a container-specific SDN that can be used on multiple platforms and can work across hosts. It provides an automatic discovery service to avoid port ing. It makes building applications composed of multiple containers easier.
How are these systems associated?
In fact, it is difficult to know how these systems are linked, but fortunately, many developers have merged during design. A basic container system such as Docker has a default implementation mechanism that runs outside the box and the battery is built in, but the plug-in may be used to change functions and replace the battery. This is similar to OpenStack's Neutron and also uses plug-ins.
The network is the adhesive that combines all containers, but it is difficult to use it in the early days. These new SDN systems still need to be improved, but they are worth exploring. The development and production teams can use them to simplify the network infrastructure of new container-based applications. It simplifies security and multi-data center deployment based on different systems.
I suggest enterprises check new open-source projects to simplify and improve the efficiency of development and operation teams. Although it is not easy to unpack, it is worth mentioning that it often has professional companies to provide guidance behind the scenes.