How to build SDN - eight open source tools
Today, we have prepared for our readers a selection of SDN controllers that are actively supported by GitHub users and large open source funds like the Linux Foundation.
/ Flickr / johannes weber / cc by
OpenDaylight is an open modular platform for automating large-scale SDN networks. Its first version appeared in 2013, which later became part of the Linux Foundation. In March of this year , the tenth version of the tool was born, and the number of users exceeded one billion.
')
The controller includes a system for creating virtual networks, a set of plug-ins to support various protocols, and utilities for scanning a full-featured SDN platform. Thanks to the API, you can integrate OpenDaylight with other controllers. The core of the solution was written in Java, so you can work with it in any JVM systems.
The platform is distributed both in the form of RPM packages and universal binary builds, as well as in the form of pre-configured images of virtual machines based on Fedora and Ubuntu. You can download them on the official website along with the documentation. Users note that it can be difficult to work with OpenDaylight, but a large number of tutorials on setting up the tool are presented on the project’s YouTube channel .
This is an open source framework for developing SDN controllers. It is an SDK based on the OpenDaylight platform. The goal of the Lighty.io project is to simplify and accelerate the development of SDN solutions in Java, Python and Go.
The framework offers a large number of tools for debugging the SDN environment. In particular, Lighty.io allows you to emulate network devices and program their behavior. Also worth noting is the Network Topology Visualization component - it is used to visualize network topology.
Guide to creating SDN-applications using Lighty.io look in the repository on GitHub . There is also a guide on the migration of existing applications to the new platform.
This is a controller with a set of applications for managing OpenFlow networks. The solution architecture is modular and supports many virtual and physical switches. The solution has already found application in the development of a scalable streaming service based on SDN - GENI Cinema , as well as software-defined Coraid storage.
According to a number of tests , Floodlight exceeds OpenDaylight when working with high-load networks. But in networks with low and medium loads, Floodlight has a higher latency rate. Guide on installation look in the official project documentation .
A set of software components to configure OpenFlow switches. OESS offers a simple web-based user interface, as well as an API for web services. The advantages of the solution include automatic switching to backup channels in case of failures and the availability of visualization tools. Cons - support for a limited number of models of switches.
The OESS installation and configuration guide is in the GitHub repository .
/ Flickr / Ernestas / CC BY
This is a controller whose network abstraction levels are represented as SQL queries. You can manage them through the command line. The advantages of the approach are that due to SQL queries are sent faster. In addition, the tool allows you to control several levels of abstractions using the automatic orchestration function. The disadvantages of the solution include the lack of visualization and the need to examine the command line arguments .
The step-by-step tutorial of working with Ravel is on the project’s official website . In compressed format, this is all set out in the repository .
Software-defined tool for protecting virtual networks. It automates the deployment of firewalls, intrusion prevention systems and antiviruses. The OSC acts as an intermediary between the security manager and a variety of protective functions and environments. At the same time he is able to work with multi-cloud.
Plus OSC - no binding to specific software or hardware products. However, the tool is sharpened to work with large-scale corporate networks. For this reason, it is hardly suitable for the needs of a startup.
A quick start guide can be found on the website with OSC documentation .
It is the operating system for managing SDN networks and their components. Its peculiarity is that it combines the functionality of an SDN controller, a network and server OS. Due to this combination, the tool allows you to keep track of everything that happens in networks, and simplifies the migration from traditional architecture to SDN.
The “bottleneck” of the platform can be called security. According to the 2018 report , ONOS has a number of unpatched vulnerabilities. For example, exposure to DoS attacks and the ability to install applications without authentication. Some of them are already patched, while others are working on the rest. In general, since 2015, the platform has received a large number of updates that enhance the security of the environment.
You can download the tool on the official documentation page . There are also installation guides and other tutorials.
This project used to be called OpenContrail. But it was renamed after the Linux Foundation went “under the wing”. Tungsten Fabric is an open network virtualization plugin that works with virtual machines, bare-metal loads and containers.
The plugin can be quickly integrated with popular instruments for orchestration: Openstack, Kubernetes, Openshift, vCenter. For example, it takes 15 minutes to deploy Tungsten Fabric to Kubernetes. The tool also supports all the traditional functions of SDN controllers: management, visualization, network configuration, and many others . The technology is already being used in data centers and the cloud, as part of SDN stacks for working with 5G and Edge computing.
Tungsten Fabric is very similar to OpenDaylight, so the disadvantages of the solution are the same - it’s hard to figure out right away, especially when working with containers. But here will come to the aid instructions for installing and configuring and other additional materials in the repository on GitHub .
/ Flickr / johannes weber / cc by
Opendaylight
OpenDaylight is an open modular platform for automating large-scale SDN networks. Its first version appeared in 2013, which later became part of the Linux Foundation. In March of this year , the tenth version of the tool was born, and the number of users exceeded one billion.
')
The controller includes a system for creating virtual networks, a set of plug-ins to support various protocols, and utilities for scanning a full-featured SDN platform. Thanks to the API, you can integrate OpenDaylight with other controllers. The core of the solution was written in Java, so you can work with it in any JVM systems.
The platform is distributed both in the form of RPM packages and universal binary builds, as well as in the form of pre-configured images of virtual machines based on Fedora and Ubuntu. You can download them on the official website along with the documentation. Users note that it can be difficult to work with OpenDaylight, but a large number of tutorials on setting up the tool are presented on the project’s YouTube channel .
Lighty.io
This is an open source framework for developing SDN controllers. It is an SDK based on the OpenDaylight platform. The goal of the Lighty.io project is to simplify and accelerate the development of SDN solutions in Java, Python and Go.
The framework offers a large number of tools for debugging the SDN environment. In particular, Lighty.io allows you to emulate network devices and program their behavior. Also worth noting is the Network Topology Visualization component - it is used to visualize network topology.
Guide to creating SDN-applications using Lighty.io look in the repository on GitHub . There is also a guide on the migration of existing applications to the new platform.
Reading on the topic in our corporate blog:
Floodlight
This is a controller with a set of applications for managing OpenFlow networks. The solution architecture is modular and supports many virtual and physical switches. The solution has already found application in the development of a scalable streaming service based on SDN - GENI Cinema , as well as software-defined Coraid storage.
According to a number of tests , Floodlight exceeds OpenDaylight when working with high-load networks. But in networks with low and medium loads, Floodlight has a higher latency rate. Guide on installation look in the official project documentation .
Oess
A set of software components to configure OpenFlow switches. OESS offers a simple web-based user interface, as well as an API for web services. The advantages of the solution include automatic switching to backup channels in case of failures and the availability of visualization tools. Cons - support for a limited number of models of switches.
The OESS installation and configuration guide is in the GitHub repository .
/ Flickr / Ernestas / CC BY
Ravel
This is a controller whose network abstraction levels are represented as SQL queries. You can manage them through the command line. The advantages of the approach are that due to SQL queries are sent faster. In addition, the tool allows you to control several levels of abstractions using the automatic orchestration function. The disadvantages of the solution include the lack of visualization and the need to examine the command line arguments .
The step-by-step tutorial of working with Ravel is on the project’s official website . In compressed format, this is all set out in the repository .
Open security controller
Software-defined tool for protecting virtual networks. It automates the deployment of firewalls, intrusion prevention systems and antiviruses. The OSC acts as an intermediary between the security manager and a variety of protective functions and environments. At the same time he is able to work with multi-cloud.
Plus OSC - no binding to specific software or hardware products. However, the tool is sharpened to work with large-scale corporate networks. For this reason, it is hardly suitable for the needs of a startup.
A quick start guide can be found on the website with OSC documentation .
ONOS
It is the operating system for managing SDN networks and their components. Its peculiarity is that it combines the functionality of an SDN controller, a network and server OS. Due to this combination, the tool allows you to keep track of everything that happens in networks, and simplifies the migration from traditional architecture to SDN.
The “bottleneck” of the platform can be called security. According to the 2018 report , ONOS has a number of unpatched vulnerabilities. For example, exposure to DoS attacks and the ability to install applications without authentication. Some of them are already patched, while others are working on the rest. In general, since 2015, the platform has received a large number of updates that enhance the security of the environment.
You can download the tool on the official documentation page . There are also installation guides and other tutorials.
Tungsten fabric
This project used to be called OpenContrail. But it was renamed after the Linux Foundation went “under the wing”. Tungsten Fabric is an open network virtualization plugin that works with virtual machines, bare-metal loads and containers.
The plugin can be quickly integrated with popular instruments for orchestration: Openstack, Kubernetes, Openshift, vCenter. For example, it takes 15 minutes to deploy Tungsten Fabric to Kubernetes. The tool also supports all the traditional functions of SDN controllers: management, visualization, network configuration, and many others . The technology is already being used in data centers and the cloud, as part of SDN stacks for working with 5G and Edge computing.
Tungsten Fabric is very similar to OpenDaylight, so the disadvantages of the solution are the same - it’s hard to figure out right away, especially when working with containers. But here will come to the aid instructions for installing and configuring and other additional materials in the repository on GitHub .
Posts on a subject from our blog on Habré:
Source: https://habr.com/ru/post/446058/
All Articles