Published by Addison-Wesley Professional (March 10, 2021) © 2020

Silvano Gai
    VitalSource eTextbook (Lifetime access)
    €34,99
    Adding to cart… The item has been added
    ISBN-13: 9780136624158

    Building a Future-Proof Cloud Infrastructure: A Unified Architecture for Network, Security, and Storage Services ,1st edition

    Language: English

    Prepare for the future of cloud infrastructure: Distributed Services Platforms

    By moving service modules closer to applications, Distributed Services (DS) Platforms will future-proof cloud architectures—improving performance, responsiveness, observability, and troubleshooting. Network pioneer Silvano Gai demonstrates DS Platforms’ remarkable capabilities and guides you through implementing them in diverse hardware.

    Focusing on business benefits throughout, Gai shows how to provide essential shared services such as segment routing, NAT, firewall, micro-segmentation, load balancing, SSL/TLS termination, VPNs, RDMA, and storage—including storage compression and encryption. He also compares three leading hardware-based approaches—Sea of Processors, FPGAs, and ASICs—preparing you to evaluate solutions, ask the right questions, and plan strategies for your environment.

    • Understand the business drivers behind DS Platforms, and the value they offer
    • See how modern network design and virtualization create a foundation for DS Platforms
    • Achieve unprecedented scale through domain-specific hardware, standardized functionalities, and granular distribution
    • Compare advantages and disadvantages of each leading hardware approach to DS Platforms
    • Learn how P4 Domain-Specific Language and architecture enable high-performance, low-power ASICs that are data-plane-programmable at runtime
    • Distribute cloud security services, including firewalls, encryption, key management, and VPNs
    • Implement distributed storage and RDMA services in large-scale cloud networks
    • Utilize Distributed Services Cards to offload networking processing from host CPUs
    • Explore the newest DS Platform management architectures

    Building a Future-Proof Cloud Architecture is for network, cloud, application, and storage engineers, security experts, and every technology professional who wants to succeed with tomorrow’s most advanced service architectures.
    Preface
    Chapter 1:  Introduction to Distributed Platforms
    1.1 The Need for a Distributed Services Platform
    1.2 The Precious CPU Cycles
    1.3 The Case for Domain-Specific Hardware
    1.4 Using Appliances
    1.5 Attempts at Defining a Distributed Services Platform
    1.6 Requirements for a Distributed Services Platform
    1.7 Summary
    Chapter 2:  Network Design
    2.1 Bridging and Routing
        2.1.1 L2 Forwarding
        2.1.2 L3 Forwarding
        2.1.3 LPM Forwarding in Hardware
        2.1.4 VRF
    2.2 Clos Topology
    2.3 Overlays
        2.3.1 IP in IP
        2.3.2 GRE
        2.3.3 Modern Encapsulations
        2.3.4 VXLAN
        2.3.5 MTU Considerations
    2.4 Secure Tunnels
    2.5 Where to Terminate the Encapsulation
    2.6 Segment Routing
    2.7 Using Discrete Appliance for Services
        2.7.1 Tromboning with VXLAN
        2.7.2 Tromboning with VRF
        2.7.3 Hybrid Tromboning
    2.8 Cache-Based Forwarding
    2.9 Generic Forwarding Table
    2.10 Summary
    2.11 Bibliography
    Chapter 3:  Virtualization
    3.1 Virtualization and Clouds
    3.2 Virtual Machines and Hypervisors
        3.2.1 VMware ESXi
        3.2.2 Hyper-V
        3.2.3 QEMU
        3.2.4 KVM
        3.2.5 XEN
    3.3 Containers
        3.3.1 Docker and Friends
        3.3.2 Kata Containers
        3.3.3 Container Network Interface
        3.3.4 Kubernetes
    3.4 The Microservice Architecture
        3.4.1 REST API
        3.4.2 gRPC
    3.5 OpenStack
    3.6 NFV
    3.7 Summary
    3.8 Bibliography
    Chapter 4:  Network Virtualization Services
    4.1 Introduction to Networking Services
    4.2 Software-Defined Networking
        4.2.1 OpenFlow
        4.2.2 SD-WAN
        4.2.3 gRIBI
        4.2.4 Data Plane Development Kit (DPDK)
    4.3 Virtual Switches
        4.3.1 Open vSwitch (OVS)
        4.3.2 tc-flower
        4.3.3 DPDK RTE Flow Filtering
        4.3.4 VPP (Vector Packet Processing)
        4.3.5 BPF and eBPF
        4.3.6 XDP
        4.3.7 Summary on Virtual Switches
    4.4 Stateful NAT
    4.5 Load Balancing
    4.6 Troubleshooting and Telemetry
    4.7 Summary
    4.8 Bibliography
    Chapter 5:  Security Services
    5.1 Distributed Firewalls
    5.2 Microsegmentation
    5.3 TLS Everywhere
    5.4 Symmetric Encryption
    5.5 Asymmetric Encryption
    5.6 Digital Certificates
    5.7 Hashing
    5.8 Secure Key Storage
    5.9 PUF
    5.10 TCP/TLS/HTTP Implementation
    5.11 Secure Tunnels
        5.11.1 IPsec
        5.11.2 TLS
        5.11.3 DTLS
    5.12 VPNs
    5.13 Secure Boot
    5.14 Summary
    5.15 Bibliography
    Chapter 6:  Distributed Storage and RDMA Services
    6.1 RDMA and RoCE
        6.1.1 RDMA Architecture Overview
        6.1.2 RDMA Transport Services
        6.1.3 RDMA Operations
        6.1.4 RDMA Scalability
        6.1.5 RoCE
        6.1.6 RoCE vs iWARP
        6.1.7 RDMA Deployments
        6.1.8 RoCEv2 and Lossy Networks
        6.1.9 Continued Evolution of RDMA
    6.2 Storage
        6.2.1 The Advent of SSDs
        6.2.2 NVMe over Fabrics
        6.2.3 Data Plane Model of Storage Protocols
        6.2.4 Remote Storage Meets Virtualization
        6.2.5 Distributed Storages Services
        6.2.6 Storage Security
        6.2.7 Storage Efficiency
        6.2.8 Storage Reliability
        6.2.9 Offloading and Distributing Storage Services
        6.2.10 Persistent Memory as a New Storage Tier
    6.3 Summary
    6.4 Bibliography
    Chapter 7:  CPUs and Domain-Specific Hardware
    7.1 42 Years of Microprocessor Trend Data
    7.2 Moore’s Law
    7.3 Dennard Scaling
    7.4 Amdahl’s Law
    7.5 Other Technical Factors
    7.6 Putting It All Together
    7.7 Is Moore’s Law Dead or Not?
    7.8 Domain-specific Hardware
    7.9 Economics of the Server
    7.10 Summary
    7.11 Bibliography
    Chapter 8:  NIC Evolution
    8.1 Understanding Server Buses
    8.2 Comparing NIC Form Factors
        8.2.1 PCI Plugin Cards
        8.2.2 Proprietary Mezzanine Cards
        8.2.3 OCP Mezzanine Cards
        8.2.4 Lan On Motherboard
    8.3 Looking at the NIC Evolution
    8.4 Using Single Root Input/Output Virtualization
    8.5 Using Virtual I/O
    8.6 Defining “SmartNIC”
    8.7 Summary
    8.8 Bibliography
    Chapter 9:  Implementing a DS Platform
    9.1 Analyzing the Goals for a Distributed Services Platform
        9.1.1 Services Everywhere
        9.1.2 Scaling
        9.1.3 Speed
        9.1.4 Low Latency
        9.1.5 Low Jitter
        9.1.6 Minimal CPU Load
        9.1.7 Observability and Troubleshooting Capability
        9.1.8 Manageability
        9.1.9 Host Mode versus Network Mode
        9.1.10 PCIe Firewall
    9.2 Understanding Constraints
        9.2.1 Virtualized versus Bare-metal Servers
        9.2.2 Greenfield versus Brownfield Deployment
        9.2.3 The Drivers
        9.2.4 PCIe-only Services
        9.2.5 Power Budget
    9.3 Determining the Target User
        9.3.1 Enterprise Data Centers
        9.3.2 Cloud Providers and Service Providers
    9.4 Understanding DSN Implementations
        9.4.1 DSN in Software
        9.4.2 DSN Adapter
        9.4.3 DSN Bump-in-the-Wire
        9.4.4 DSN in Switch
        9.4.5 DSNs in an Appliance
    9.5 Summary
    9.6 Bibliography
    Chapter 10:  DSN Hardware Architectures
    10.1 The Main Building Blocks of a DSN
    10.2 Identifying the Silicon Sweet Spot
        10.2.1 The 16 nm Process
        10.2.2 The 7 nm Process
    10.3 Choosing an Architecture
    10.4 Having a Sea of CPU Cores
    10.5 Understanding Field-Programmable Gate Arrays
    10.6 Using Application-Specific Integrated Circuits
    10.7 Determining DSN Power Consumption
    10.8 Determining Memory Needs
        10.8.1 Host Memory
        10.8.2 External DRAM
        10.8.3 On-chip DRAM
        10.8.4 Memory Bandwidth Requirements
    10.9 Summary
    10.10 Bibliography
    Chapter 11:  The P4 Domain-Specific Language
    11.1 P4 Version 16
    11.2 Using the P4 Language
    11.3 Getting to Know the Portable Switch Architecture
    11.4 Looking at a P4 Example
    11.5 Implementing the P4Runtime API
    11.6 Understanding the P4 INT
    11.7 Extending P4
        11.7.1 Portable NIC Architecture
        11.7.2 Language Composability
        11.7.3 Better Programming and Development Tools
    11.8 Summary
    11.9 Bibliography
    Chapter 12:  Management Architectures for DS Platforms
    12.1 Architectural Traits of a Management Control Plane
    12.2 Declarative Configuration
    12.3 Building a Distributed Control Plane as a Cloud-Native Application
    12.4 Monitoring and Troubleshooting
    12.5 Securing the Management Control Plane
    12.6 Ease of Deployment
    12.7 Performance and Scale
    12.8 Failure Handling
    12.9 API Architecture
    12.10 Federation
        12.10.1 Scaling a Single SDSP
        12.10.2 Distributed Multiple SDSPs
        12.10.3 Federation of Multiple SDSPs
    12.11 Scale and Performance Testing
    12.12 Summary
    12.13 Bibliography
    Index