20:03:58 <tbachman> #startmeeting gbp_usecase 20:03:58 <odl_meetbot> Meeting started Mon Jul 14 20:03:58 2014 UTC. The chair is tbachman. Information about MeetBot at http://ci.openstack.org/meetbot.html. 20:03:58 <odl_meetbot> Useful Commands: #action #agreed #help #info #idea #link #topic #startvote. 20:03:58 <odl_meetbot> The meeting name has been set to 'gbp_usecase' 20:04:06 <tbachman> #topic service insertion 20:05:02 <tbachman> mickey_spiegel: : https://plus.google.com/hangouts/_/calendar/YmFjaG1hbkBub2lyb25ldHdvcmtzLmNvbQ.o51d97i6bthoj48k5cgdkplj2k 20:05:14 <tbachman> (for use case meeting, if you’re interested) 20:05:20 <tbachman> uchau: : https://plus.google.com/hangouts/_/calendar/YmFjaG1hbkBub2lyb25ldHdvcmtzLmNvbQ.o51d97i6bthoj48k5cgdkplj2k 20:05:27 <dvorkinista> ALL: we're on hangouts 20:05:28 <tbachman> (for use case meeting, if you’re interested) 20:06:46 <tbachman> #info picking up conversation from last meeting 20:07:06 <tbachman> #info dlenrow had come up with a way of using EPGs to represent virtual functions 20:08:45 <tbachman> #info dvorkinista draws example on white board 20:09:00 <tbachman> #info starting with contract and a subject, with a bunch of actions, one of which is redirect 20:09:26 <tbachman> #info the chain has a set of logical functions that connect to each other 20:09:44 <tbachman> #info on each side of the chain there are two terminals, an In, and an Out 20:10:09 <tbachman> #info whoever consumes the contract implicitly gets connected to the terminals 20:10:15 <tbachman> The logical function is just like an object 20:10:21 <tbachman> #info The logical function is just like an object 20:10:29 <tbachman> #info it can be enforced like an EPG, but it doesn’t have to 20:10:50 <tbachman> #info If you look at various L4-7 enforcement in the Hypervisor where there is no redirection, you can do this in the dataplane 20:11:07 <tbachman> #info This way you can do firewalling and load balancing in a very straightforward way 20:11:28 <tbachman> #info This allows us to be very architectually independent 20:11:52 <tbachman> #info dlenrow asks if a redirect is a clause? 20:11:58 <tbachman> #info dvorkinista says this is an action 20:12:06 <tbachman> #info uchau asks how we represent the chain 20:12:24 <tbachman> #info dvorkinista says lets not talk about that yet, but it may be a model tweak 20:13:03 <tbachman> #info dlenrow says that we are the network policy service to the extent that anything visible to the network needs to be managed by the control plane, which is in our domain 20:13:21 <tbachman> #info dlenrow says that these functions are provided in the hypervisor, which makes them transparent 20:14:21 <tbachman> sorry folks, had to take a call 20:14:22 <tbachman> am back 20:15:42 <tbachman> #info dvorkinista says that you still need to describe these functions, and the goal is to describe the functions without caring where they’re are implemented or how they’re implemented. 20:16:28 <tbachman> #info dlenrow feels that the policy layer needs to specify that a particular EPG needs to go through a particular service chain, so there could potentially be 100’s of this service function across the network 20:16:43 <tbachman> #info but you don’t care about any of that - the policy is to just make it go through the service chain 20:17:23 <tbachman> #info dlenrow says that its up to the SDN controller to decide where to send it to. 20:17:32 <tbachman> #info dvorkinista agrees 20:18:02 <tbachman> #info dvorkinista doesn’t want to think in terms of addresses, b/c it only works for L3 services 20:18:24 <tbachman> #info dvorkinista says we should assume that it can be physical funciton, virtual function, or implemented in a hypervisor within a virtual switch 20:18:53 <tbachman> #info the idea is express the reqiurement in a way that doesn’t dictate an implementation detail. 20:19:30 <tbachman> #info readams1 notes that at one point we asked if we should do a special model of the service chain using L2 services, but model L3 services using the EP concept. 20:19:52 <tbachman> #info dvorkinista says what happens if you implement a load balancer in the hypervisor 20:20:01 <tbachman> #info dvorkinista is worried about overloading concepts 20:20:35 <tbachman> #info readams1 says you could say there are L2 services that are transparent, and L3 services that are definied as a service chain, and infrastructure can dictate some of this. 20:21:14 <tbachman> #info readams1 says that for L2 services, they are “bump-in-the-wire” services 20:21:46 <tbachman> #info In L3 services, the EP itself will have as its next hop as the destination of the service 20:22:07 <tbachman> #info dlenrow says that you don’t change default gateways — a redirect is an exception to the rules, nto a reconfiguration of the rules 20:22:46 <tbachman> #info dvorkinista says that with SLB, gateways, FW’s w/NAT, from the standpoint of the consumer, you’re talking to that specific function 20:23:05 <tbachman> #info dvorkinista draws a group1 and a group2, along with a load balancer 20:23:13 <tbachman> #info the load balancer has a VIP 20:23:27 <tbachman> #info group1 treats the load balancer as the IP address that it talks to 20:23:38 <tbachman> #info it’s kind of like an EP sitting in its dedicated group 20:24:01 <tbachman> #info dlenrow says that if you’re a tenant, you’d be completely unaware of the elements in the service chain 20:24:26 <tbachman> #info something further up the heirarchy is the one that handles adding the function transparently 20:24:35 <tbachman> #info dvorkinista says that typically those services are transparent 20:25:28 <tbachman> #info mickey_spiegel says that there are 3 cases 20:25:51 <tbachman> #info transparent where destIP/destMAC are the destination 20:26:00 <tbachman> #info a case where destIP is destination but destMAC isn’t 20:26:07 <tbachman> #info and case where destIP is the service 20:26:35 <tbachman> #info dvorkinista says there are a lot of devices out there that make this challenging, but we can separate them into these 3 categories 20:27:45 <tbachman> #info mickey_spiegel says that we also need to be careful with load balancers, the source address may be the original L3 address, but in other cases, it may be a much different address 20:28:10 <tbachman> #info dvorkinista says lets separate two use cases 20:28:26 <tbachman> #info one use case is where user knows which function he wants to subject his traffic two 20:28:38 <tbachman> #info and the other where a service provider wants to do this transparently 20:28:59 <tbachman> #info mickey_spiegel would like it to be the infrastructure policies to control this 20:32:21 <sanjayagrawal> hi 20:32:42 <sanjayagrawal> please send me the webex ID of the ongoing GBP meeting 20:33:07 <tbachman> sanjayagrawal: I don’t think we have it at the moment — we’re going to have to create a new one 20:33:09 <tbachman> stay tuned 20:33:26 <readams> https://plus.google.com/hangouts/_/calendar/ZHZvcmtpbkBub2lyb25ldHdvcmtzLmNvbQ.uolfotg4sa666uvf4iefogm44k 20:33:34 <tbachman> I think we’re at 10 20:34:56 <tbachman> #info dlenrow says there are two different things 20:35:11 <tbachman> #info case where theree’s a server load balancer that a tenant is aware of 20:35:25 <tbachman> #info dlenrow claims that none of that has nothing to do with service chaining 20:35:36 <tbachman> #info dlenrow and that the service chain is invisible to the tenant 20:35:47 <tbachman> #info dvorkinista says what if he wants to have his own firewall 20:35:59 <tbachman> #info and explicitly wants to define a chain that works a particular way 20:36:14 <tbachman> #info dlenrow looks at service chaining as a provider service 20:36:20 <tbachman> #info dvorkinista says that there are two cases 20:36:42 <tbachman> #info dlenrow says both cases have merit, but only one of them is NFV (i.e. which service providers care about) 20:36:54 <tbachman> #info dlenrow feels that service chaining is something very specific 20:38:44 <tbachman> #info dvorkinista says we can call the other case service insertion instead of service function chaining 20:39:27 <tbachman> #info The service provider case can remain service function chaining/NFV 20:41:11 <tbachman> #info readams provides an example of an AWS load balancer, where the user can allocate and manage the load balancer 20:41:30 <tbachman> #info alagalah says that one is explicit and the other is implicit 20:41:50 <tbachman> #info dlenrow says we should solve these two use cases separately 20:42:12 <tbachman> #info dvorkinista thinks we can still describe them in the exact same way (similar syntax and semantics) 20:42:25 <tbachman> #info and therefore can rely on a very similar model to achieve both of them 20:44:14 <tbachman> #info mickey_spiegel want says that the datacenter explicit use case is a very important one 20:46:38 <tbachman> #info dvorkinista says lets think about this and reconvene in Friday’s arch meeting 20:47:11 <tbachman> #info dlenrow would like to push on 20:47:20 <tbachman> #info dvorkinista unfortunately has another call in 15 minutes 20:47:46 <tbachman> #info dlenrow would like to see a specific proposal that we can execute against 20:47:55 <tbachman> #info dvorkinista asks the format of such a proposal 20:48:24 <tbachman> #info dlenrow asks if this is complete 20:48:34 <tbachman> #info dvorkinista feels it isn’t, but that it’s one we can add to 20:48:50 <tbachman> #info readams says that we need someone to come up with a strawman proposal to talk aruond 20:49:20 <tbachman> #action dvorkinista will draw up a strawman proposal 20:49:55 <tbachman> #action dlenrow will come up with a small handful of service chain examples to walk through based on the strawman to see how well it works 20:51:58 <tbachman> #action alagalah to set up webexs for the meetings 20:52:02 <tbachman> #endmeeting