OVS Orbit artwork

NetBricks: Taking the V out of NFV, with A. Panda from Berkeley

OVS Orbit

English - May 13, 2017 23:49 - 45 minutes - 41.2 MB - ★★★★★ - 1 rating
Technology Education How To Homepage Download IPFS Apple Podcasts Google Podcasts Overcast Castro Pocket Casts RSS feed
Previous Episode: NEAt: Network Error Auto-Correct, with Bingzhe Liu
Next Episode: Deploying OVN on Windows with OpenStack and Kubernetes, with Alessandro Pilotti and Alin Balutoiu from Cloudbase Solutions


Panda is a PhD candidate in the computer science department at the
University of California, Berkeley. In this episode, we discuss the
paper “NetBricks:
Taking the V out of NFV,” by Panda, Sangjin Han, Keon Jang, Melvin
Walls, Sylvia Ratnasamy, and Scott Shenker, which was published in OSDI 2016. The
abstract for the paper is:


The move from hardware middleboxes to software network functions, as
advocated by NFV, has proven more challenging than expected. Developing
new NFs remains a tedious process, requiring that developers repeatedly
rediscover and reapply the same set of optimizations, while current
techniques for providing isolation between NFs (using VMs or containers)
incur high performance overheads. In this paper we describe NetBricks, a
new NFV framework that tackles both these problems. For building NFs we
take inspiration from modern data analytics frameworks (e.g., Spark and
Dryad) and build a small set of customizable network processing
elements. We also embrace type checking and safe runtimes to provide
isolation in software, rather than rely on hardware isolation. NetBricks
provides the same memory isolation as containers and VMs, without
incurring the same performance penalties. To improve I/O efficiency, we
introduce a novel technique called zero-copy software isolation.


One of my favorite quotes from the discussion is the following:


The fewer lines of code you have to reason about, the easier it is.
That's the lesson that, I would guess, if you're a developer, to take
away. Don't think of isolation as this thing you do for security.
That's one use case, it's not even a very good use case because everyone
seems to violate isolation all the time: there's ten bugs on any given
day for hypervisors breaking out of their isolation boundary.


For earlier discussion of NFV, refer back to Episode 2:
OPNFV and OVS, with Dave Neary from Red Hat or Episode
10: SoftFlow, with Ethan Jackson from Berkeley.


For more information on NetBricks, visit netbricks.io. You can also contact Panda
via email or Twitter.


OVS Orbit is produced by Ben Pfaff. The
intro music in this episode is Drive,
featuring cdk and DarrylJ, copyright 2013, 2016 by Alex. The bumper
music is Yeah Ant
featuring Wired Ant and Javolenus, copyright 2013 by Speck. The outro
music is Space
Bazooka featuring Doxen Zsigmond, copyright 2013 by Kirkoid. All
content is licensed under a Creative Commons Attribution 3.0
Unported (CC BY 3.0) license.

Twitter Mentions