FLICK: Developing and Running Application-Specific Network Services Presenter: Richard G. Clegg, Imperial College Imperial College: Abdul Alim, Luo Mai, Lukas Rupprecht, Eric Seckler, Paolo Costa, Peter Pietzuch, Alexander L. Wolf Cambridge: Nik Sultana, Jon Crowcroft, Anil Madhavapeddy, Andrew W. Moore, Richard Mortier Nottingham: Masoud Koleini, Carlos Oviedo, Derek McAuley Kent: Matteo Migliavacca Richard G. Clegg FLICK: Application-specific network services USENIX ATC 0 / 23
87
Embed
FLICK: Developing and Running Application-Speci c Network … · 2020. 6. 23. · Nottingham: Masoud Koleini, Carlos Oviedo, Derek McAuley Kent: Matteo Migliavacca Richard G. Clegg
This document is posted to help you gain knowledge. Please leave a comment to let me know what you think about it! Share it to your friends and learn new things together.
Transcript
FLICK: Developing and RunningApplication-Specific Network
Services
Presenter: Richard G. Clegg, Imperial CollegeImperial College: Abdul Alim, Luo Mai, Lukas Rupprecht, Eric Seckler, Paolo Costa,Peter Pietzuch, Alexander L. WolfCambridge: Nik Sultana, Jon Crowcroft, Anil Madhavapeddy, Andrew W. Moore,Richard MortierNottingham: Masoud Koleini, Carlos Oviedo, Derek McAuleyKent: Matteo Migliavacca
Richard G. Clegg FLICK: Application-specific network services USENIX ATC 0 / 23
Packet processing vs application-specific middlebox
Client
Server1
Server2
Server3
Packet processing(ECMP loadbalancer)
process(packet):
dest=hash(packet.srcIP + packet
.srcport)
forward(packet ,dest);
Header data only used.
Packets have fixed format.
Basic data unit is packet.
Application-specific(memcached router)
process(key_val_pair):
dest=hash(key_val_pair.key);
forward(key_val_pair ,dest);
Applications have different dataformats (e.g. key-value pairs,HTTP request/reply).
TCP flow not packets.
One packet != one data item.
Richard G. Clegg FLICK: Application-specific network services USENIX ATC 1 / 23
Packet processing vs application-specific middlebox
Client
Server1
Server2
Server3
Packet processing(ECMP loadbalancer)
process(packet):
dest=hash(packet.srcIP + packet
.srcport)
forward(packet ,dest);
Header data only used.
Packets have fixed format.
Basic data unit is packet.
Application-specific(memcached router)
process(key_val_pair):
dest=hash(key_val_pair.key);
forward(key_val_pair ,dest);
Applications have different dataformats (e.g. key-value pairs,HTTP request/reply).
TCP flow not packets.
One packet != one data item.
Richard G. Clegg FLICK: Application-specific network services USENIX ATC 1 / 23
Packet processing vs application-specific middlebox
Client
Server1
Server2
Server3
Packet processing(ECMP loadbalancer)
process(packet):
dest=hash(packet.srcIP + packet
.srcport)
forward(packet ,dest);
Header data only used.
Packets have fixed format.
Basic data unit is packet.
Application-specific(memcached router)
process(key_val_pair):
dest=hash(key_val_pair.key);
forward(key_val_pair ,dest);
Applications have different dataformats (e.g. key-value pairs,HTTP request/reply).
TCP flow not packets.
One packet != one data item.
Richard G. Clegg FLICK: Application-specific network services USENIX ATC 1 / 23
Packet processing vs application-specific middlebox
Client
Server1
Server2
Server3
Packet processing(ECMP loadbalancer)
process(packet):
dest=hash(packet.srcIP + packet
.srcport)
forward(packet ,dest);
Header data only used.
Packets have fixed format.
Basic data unit is packet.
Application-specific(memcached router)
process(key_val_pair):
dest=hash(key_val_pair.key);
forward(key_val_pair ,dest);
Applications have different dataformats (e.g. key-value pairs,HTTP request/reply).
TCP flow not packets.
One packet != one data item.
Richard G. Clegg FLICK: Application-specific network services USENIX ATC 1 / 23
Packet processing vs application-specific middlebox
Client
Server1
Server2
Server3
Packet processing(ECMP loadbalancer)
process(packet):
dest=hash(packet.srcIP + packet
.srcport)
forward(packet ,dest);
Header data only used.
Packets have fixed format.
Basic data unit is packet.
Application-specific(memcached router)
process(key_val_pair):
dest=hash(key_val_pair.key);
forward(key_val_pair ,dest);
Applications have different dataformats (e.g. key-value pairs,HTTP request/reply).
TCP flow not packets.
One packet != one data item.Richard G. Clegg FLICK: Application-specific network services USENIX ATC 1 / 23
Problem: The application-specific middlebox
Figures from: Making Middleboxes Someone Elses Problem, Sherry et al. SIGCOMM 2012
Richard G. Clegg FLICK: Application-specific network services USENIX ATC 2 / 23
Problem: The application-specific middlebox
Application specific middleboxes
Figures from: Making Middleboxes Someone Elses Problem, Sherry et al. SIGCOMM 2012
Richard G. Clegg FLICK: Application-specific network services USENIX ATC 2 / 23
Problem: The application-specific middlebox
Application specific middleboxes
NetAgg: Using Middleboxesfor On-path AggregationCoNEXT 2014
Figures from: Making Middleboxes Someone Elses Problem, Sherry et al. SIGCOMM 2012
Richard G. Clegg FLICK: Application-specific network services USENIX ATC 2 / 23
Problem: The application-specific middlebox
Application specific middleboxes
NetAgg: Using Middleboxesfor On-path AggregationCoNEXT 2014
BlindBox: Deep Packet Inspec-tion over Encrypted TrafficSIGCOMM 2015
Figures from: Making Middleboxes Someone Elses Problem, Sherry et al. SIGCOMM 2012
Richard G. Clegg FLICK: Application-specific network services USENIX ATC 2 / 23
Problem: The application-specific middlebox
Application specific middleboxes
NetAgg: Using Middleboxesfor On-path AggregationCoNEXT 2014
BlindBox: Deep Packet Inspec-tion over Encrypted TrafficSIGCOMM 2015
Yoda: A Highly AvailableLayer-7 Load BalancerEuroSys 2016
Figures from: Making Middleboxes Someone Elses Problem, Sherry et al. SIGCOMM 2012
Richard G. Clegg FLICK: Application-specific network services USENIX ATC 2 / 23
Problem: The application-specific middlebox
Application specific middleboxes
NetAgg: Using Middleboxesfor On-path AggregationCoNEXT 2014
BlindBox: Deep Packet Inspec-tion over Encrypted TrafficSIGCOMM 2015
Yoda: A Highly AvailableLayer-7 Load BalancerEuroSys 2016
Introducing mcrouter:A memcached protocol routerFacebook blog
Figures from: Making Middleboxes Someone Elses Problem, Sherry et al. SIGCOMM 2012
Richard G. Clegg FLICK: Application-specific network services USENIX ATC 2 / 23
Creating new application-specific middlebox
Ease of implementation
Exp
ress
iven
ess
Richard G. Clegg FLICK: Application-specific network services USENIX ATC 3 / 23
Creating new application-specific middlebox
Ease of implementation
Exp
ress
iven
ess
C/C++ codefrom scratch
Richard G. Clegg FLICK: Application-specific network services USENIX ATC 3 / 23
Creating new application-specific middlebox
Ease of implementation
Exp
ress
iven
ess
C/C++ codefrom scratch
ClickOSexisting modules
Richard G. Clegg FLICK: Application-specific network services USENIX ATC 3 / 23
Creating new application-specific middlebox
Ease of implementation
Exp
ress
iven
ess
C/C++ codefrom scratch
ClickOSexisting modules
ClickOSnew modules
Richard G. Clegg FLICK: Application-specific network services USENIX ATC 3 / 23
Creating new application-specific middlebox
Ease of implementation
Exp
ress
iven
ess
C/C++ codefrom scratch
ClickOSexisting modules
ClickOSnew modules Software
Defined Networking
Richard G. Clegg FLICK: Application-specific network services USENIX ATC 3 / 23
FLICK for the datacentre
Richard G. Clegg FLICK: Application-specific network services USENIX ATC 4 / 23
FLICK for the datacentre
mcrouter mcrouterspam filter
IP firewallWAN opt
HTTPloadbalancer
HTTPloadbalancer
Richard G. Clegg FLICK: Application-specific network services USENIX ATC 4 / 23
FLICK for the datacentre
IP firewall
FLICK
FLICK
FLICK FLICK
Richard G. Clegg FLICK: Application-specific network services USENIX ATC 4 / 23
General system for application-specific middleboxes?
Challenge 1: Ease-of-use
Rapidly express many middlebox functions.System created in hours not weeks/months.
Challenge 2: Performance
Generality must not have large performance penalty.Performance similar to specially written system.
Challenge 3: Safety/Isolation
Middleboxes should be “safe” in resource usage.Applications on same machine share resources well.
Richard G. Clegg FLICK: Application-specific network services USENIX ATC 5 / 23
General system for application-specific middleboxes?
Challenge 1: Ease-of-use
Rapidly express many middlebox functions.System created in hours not weeks/months.
Challenge 2: Performance
Generality must not have large performance penalty.Performance similar to specially written system.
Challenge 3: Safety/Isolation
Middleboxes should be “safe” in resource usage.Applications on same machine share resources well.
Richard G. Clegg FLICK: Application-specific network services USENIX ATC 5 / 23
General system for application-specific middleboxes?
Challenge 1: Ease-of-use
Rapidly express many middlebox functions.System created in hours not weeks/months.
Challenge 2: Performance
Generality must not have large performance penalty.Performance similar to specially written system.
Challenge 3: Safety/Isolation
Middleboxes should be “safe” in resource usage.Applications on same machine share resources well.
Richard G. Clegg FLICK: Application-specific network services USENIX ATC 5 / 23
FLICK overview
Richard G. Clegg FLICK: Application-specific network services USENIX ATC 6 / 23
Flick programs
Domain specific language (DSL) for application-specific middleboxes.Tens of lines of code not tens of thousands
FLICK overview
Richard G. Clegg FLICK: Application-specific network services USENIX ATC 6 / 23
Flick task graphs
Break work into independently schedulable units (tasks).Join tasks by channels into task graphs.
FLICK overview
Richard G. Clegg FLICK: Application-specific network services USENIX ATC 6 / 23
Flick platform
The running implementation. Integrates the compiled C++ from DSL.Handles network connections, worker threads and scheduling tasks.
FLICK – the language
Richard G. Clegg FLICK: Application-specific network services USENIX ATC 7 / 23