Date: Fri, 29 Mar 2024 07:20:29 +0000 (UTC)
Message-ID: <1252995768.3677.1711696829216@aws-us-west-2-tungsten-confluence-1.web.codeaurora.org>
Subject: Exported From Confluence
MIME-Version: 1.0
Content-Type: multipart/related;
boundary="----=_Part_3676_1624392809.1711696829216"
------=_Part_3676_1624392809.1711696829216
Content-Type: text/html; charset=UTF-8
Content-Transfer-Encoding: quoted-printable
Content-Location: file:///C:/exported.html
TF DDF 2019: K8s enhancements for Telco applicability Kubernetes=
Service Chaining
TF DDF 2019: K8s enhancements for Telco applicability Kubernetes Se=
rvice Chaining
Date
Minutes
- Aniket Daptari fro=
m Juniper
- While the slides are all about Contrail, please note that all o=
f this functionality is in Tungsten Fabric
- What's a network function service chain?
- Routing in the dataplane (via vRouter) to steer traffic through a speci=
ied set of network functions
- TF abstracts away the complexity
- Independent of workload, location, and form factor of the network funct=
ion
- Only constraint: must be anchored to Virtual Networks
- Telcos use this=E2=80=A6
- =E2=80=A6to add value added functions inside the datacenter of a servic=
e provider
- Add resiliency
- Add scale, and load balance across all the instances of network functio=
ns
- CSRX: Next gen firewall in a docker container
- Containerising network functions
- Run an L7 firewall inside a small container that boots in seconds
- Could do this on every host if you desire, minimising exposure of netwo=
rk to bad traffic
- Only possible because of service chaining
- But the problem with k8s, ports with multiple interfaces aren't support=
ed in vanilla upstream k8s
- Network functions typically need multiple interfaces
- Juniper dev team is working on this, and to upstream it to k8s
- Also working to add service chaining in k8s
- Problem with Multus in k8s
- Designed to enable multiple network providers on interfaces to pods
- But does not allow for single provider on a single pod
- TF Pod will be able to to this
- Have enhanced the pod manifest and yaml files
- Also have a custom resource definition to help define what network a po=
d should connect to
- Questions
Action items
------=_Part_3676_1624392809.1711696829216--