Re: [vnfpool] new VNFPool draft charter

Zu Qiang <zu.qiang@ericsson.com> Fri, 06 June 2014 18:41 UTC

Return-Path: <zu.qiang@ericsson.com>
X-Original-To: vnfpool@ietfa.amsl.com
Delivered-To: vnfpool@ietfa.amsl.com
Received: from localhost (ietfa.amsl.com [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id D85241A01F6 for <vnfpool@ietfa.amsl.com>; Fri, 6 Jun 2014 11:41:04 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -1.9
X-Spam-Level:
X-Spam-Status: No, score=-1.9 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, HTML_MESSAGE=0.001, SPF_PASS=-0.001] autolearn=ham
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id xjkISKROWJpz for <vnfpool@ietfa.amsl.com>; Fri, 6 Jun 2014 11:41:00 -0700 (PDT)
Received: from usevmg20.ericsson.net (usevmg20.ericsson.net [198.24.6.45]) (using TLSv1 with cipher DHE-RSA-AES256-SHA (256/256 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id 63D051A016C for <vnfpool@ietf.org>; Fri, 6 Jun 2014 11:41:00 -0700 (PDT)
X-AuditID: c618062d-f79be6d000006b89-f8-5391baa1959c
Received: from EUSAAHC008.ericsson.se (Unknown_Domain [147.117.188.96]) by usevmg20.ericsson.net (Symantec Mail Security) with SMTP id 72.1A.27529.1AAB1935; Fri, 6 Jun 2014 14:57:05 +0200 (CEST)
Received: from EUSAAMB107.ericsson.se ([147.117.188.124]) by EUSAAHC008.ericsson.se ([147.117.188.96]) with mapi id 14.03.0174.001; Fri, 6 Jun 2014 14:40:48 -0400
From: Zu Qiang <zu.qiang@ericsson.com>
To: Zongning <zongning@huawei.com>, "vnfpool@ietf.org" <vnfpool@ietf.org>
Thread-Topic: new VNFPool draft charter
Thread-Index: Ac9/DzUG5MYMA7tZTIGTdsdOpyTKjgCmc3oQ
Date: Fri, 06 Jun 2014 18:40:47 +0000
Message-ID: <A4288FE24C337B47BB634F1E76CBF2EC28B59C1A@eusaamb107.ericsson.se>
References: <B0D29E0424F2DE47A0B36779EC6667796613FC41@nkgeml501-mbs.china.huawei.com>
In-Reply-To: <B0D29E0424F2DE47A0B36779EC6667796613FC41@nkgeml501-mbs.china.huawei.com>
Accept-Language: en-CA, en-US
Content-Language: en-US
X-MS-Has-Attach:
X-MS-TNEF-Correlator:
x-originating-ip: [147.117.188.9]
Content-Type: multipart/alternative; boundary="_000_A4288FE24C337B47BB634F1E76CBF2EC28B59C1Aeusaamb107erics_"
MIME-Version: 1.0
X-Brightmail-Tracker: H4sIAAAAAAAAA+NgFnrNLMWRmVeSWpSXmKPExsUyuXRPgu7CXRODDZ72KFjMuPSfxaLp8ilG ByaPliNvWT2WLPnJFMAUxWWTkpqTWZZapG+XwJXx+Pp+5oKGlcwVnRdXMzcw/pjL3MXIySEh YCJx+u5bRghbTOLCvfVsXYxcHEICRxklDp/4xwzhLGOUeHyvGyjDwcEmoCZx8TAjiCki4Cnx c4kkSK8wUPTA15/MEGF1ickrskDCIgJGEtNnnGcCsVkEVCQub7gLZvMK+ErcfnaJBcQWEgiV WPJ8NSuIzSkQJvHk7Dmw0xgFZCV2n70OVs8sIC5x68l8JogzBSSW7DkPdb6oxMvH/1ghbEWJ ff3T2SHq8yUuvpnHDrFLUOLkzCcsExhFZiEZNQtJ2SwkZbOAPmAW0JRYv0sfokRRYkr3Q3YI W0Oidc5cdmTxBYzsqxg5SotTy3LTjQw2MQJj55gEm+4Oxj0vLQ8xCnAwKvHwLrCfECzEmlhW XJl7iFGag0VJnFf7ZlWwkEB6YklqdmpqQWpRfFFpTmrxIUYmDk6pBsallZPPSJ8ViNq2OfX9 4UgdYd1fE1ec+brlZ0Nm7VLBt/+aVF7Vxm35vCt6YWE7X5hh/au5Sy0Nv936ZHb8dPlC5n6b FUpPLvw80Xbz7spXMw6em+fYUJj+NubsXnXZuYaMN/76L7hrUpiqrbxLn/XKO8dYQzWuH1Kl qQ813fwibojYH0nWkZZWYinOSDTUYi4qTgQA+7z33X4CAAA=
Archived-At: http://mailarchive.ietf.org/arch/msg/vnfpool/sACac0MW-MEBFShoCRRUjIUfomc
Subject: Re: [vnfpool] new VNFPool draft charter
X-BeenThere: vnfpool@ietf.org
X-Mailman-Version: 2.1.15
Precedence: list
List-Id: "Discussion list for virtual network function resource pooling." <vnfpool.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/vnfpool>, <mailto:vnfpool-request@ietf.org?subject=unsubscribe>
List-Archive: <http://www.ietf.org/mail-archive/web/vnfpool/>
List-Post: <mailto:vnfpool@ietf.org>
List-Help: <mailto:vnfpool-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/vnfpool>, <mailto:vnfpool-request@ietf.org?subject=subscribe>
X-List-Received-Date: Fri, 06 Jun 2014 18:41:05 -0000

Hello, Zongning
                Thanks for updating the charter. It looks better than the first version. However, I have some concerns below:

-          It is good to narrow down the scope to redundancy module only. I’m assuming that a transparent redundancy module is the preferable solution of this WG. With transparent solutions, no impacts are expected on the pool user. Therefore, I would avoid any linkage with SFC.

-          I also don’t understand the statement “When a live VNF instance goes out of service, how does the service control entity learn which instance in a VNF Pool will replace it, and learn the characteristics of the new instance?” If transparent solutions are expected, why SCE needs to learn the failover?

-          There was some discussions in the mailing list regarding the virtualized/non-virtualized case where a network application may run on a server with/without a hypervisor. In both cases (with/without a hypervisor), the application may not have any redundancy solutions. Both cases shall be covered by the solutions provided by this WG. However the charter only have virtualized functions covered. Is the non-virtualized use case out of the scope?

-          Some statements, such as “Identify and analyze reliable transport protocols”, sounds like we do have a specific solution already. I won’t assume there is always an IP connection between the pool manager and the pool instance. The interface between the two entities can be a TCP based protocol if there is an IP connection, or it can be an API if they both locate in the same server. It is real dependence on the solutions itself. Besides, if HW redundancy is needed that there may be always a “remote” instance. The question is really how the “remote” instance is handled, by whom; what homogeneity is assumed or whether this should be part of the investigation. If it is expected that the VNF instances of a pool come from different vendors then even the state synchronization becomes an issue. If the pools are expected to be built from identical instances then one questions why should the pool manager come from a different vendor. I won’t want to see any solution limitations at this stage of the discussion. And I prefer to keep it open until the solution discussion phase.

-          My assumption is that the output from this proposed WG is one or more generic HA solutions. As we are in the early stage of the discussion, I don’t think we shall limit the solution to a specific one. I do have a hard time to understand why the Applicability and Gap Analysis shall be done based on a specific protocol?

-          Reading the charter, it is not very clear that what the scope of the VNF is. Is it the service/function, or the entities providing this service/function? Some clarification of this use would be good.

Have a nice day
Zu Qiang

From: vnfpool [mailto:vnfpool-bounces@ietf.org] On Behalf Of Zongning
Sent: Tuesday, June 03, 2014 5:36 AM
To: vnfpool@ietf.org
Subject: [vnfpool] new VNFPool draft charter

Hi, folks,

Please see the below new draft charter of VNFPool. We believe that we have updated the charter to address most of the comments from London BoF. Main changes are:

1)       We narrow down our scope to only focus on the redundancy model and the related interfaces associated with the VNF Pool in a single VNF.

2)       Service state synchronization between VNF instances is out-of-scope. We may consider how to maintain the pool states in a VNF Pool only for pooling purpose.

3)       We assume that a VNF Pool contains redundant VNF instances of same functional type. Different types of VNFs are envisoned to be held in separate VNF Pools.

4)       We do not address reliability related control or routing between adjacent VNFs in the service graph. This is also applied to update the relation between VNF Pool and SFC WG.

==========================================================================
Network functions such as firewalls, load balancers, and WAN optimizers are conventionally deployed as specialized hardware servers in both network operators' networks and data center networks as the building blocks of the network services. There is a trend to implement such network functions as software instances running on general purpose servers, via a virtualization layer (i.e., hypervisors). These virtualized functions are called Virtualized Network Functions (VNFs), which can be used to build network services.

The use of VNFs introduces additional challenges to the reliability of the provided network services. A single VNF instance would typically not have built-in reliability mechanisms on its host (i.e., a general purpose server). Instead, there are more factors of risk such as software failure at various levels including hypervisors and virtual machines, hardware failure, and instance migration that can make a VNF instance unreliable.

In order to provide a reliable function, a VNF may adopt a pooling mechanism by using a number of VNF instances providing the same function, which we call a “VNF Pool”. Conceptionally, a Pool Manager is used to manage the VNF Pool, e.g., selects active/standby VNF instances, and potentially interacts with a service control entity. Such a service control entity is an entity that orchestrates a set of network functions to build network services. The major benefit of using VNF Pool is that reliability mechanisms such as redundancy model are achieved by the VNF Pool inside the VNF and thus not visible to the service control entity. A VNF Pool-enabled VNF still appears as a normal VNF when orchestrated by a service control entity.

Questions that are raised by the addition of a pooling mechanism to VNF include:

·    How to manage the redundancy model, e.g., select active/standby VNF instances in a VNF Pool?

·    What pool states need to be maintained to support the pooling mechanism itself, and how are such states maintained?

·    What information is exchanged between a VNF and a service control entity? For example, how can a VNF Pool be addressed by the service control entity?

·    When a live VNF instance goes out of service, how does the service control entity learn which instance in a VNF Pool will replace it, and learn the characteristics of the new instance?
The WG initially focuses on several reliability mechanisms that are mainly associated with a redundancy model based on a VNF Pool in a VNF. Additional mechanisms that may be needed include state maintenance in a VNF Pool only for pooling purpose (service state synchronization is out of scope). The WG assumes that a VNF Pool contains redundant VNF instances of same functional type. Different types of VNFs are envisoned to be held in separate VNF Pools. The WG will address the reliability of an individual VNF, but not the reliability related to the control or the routing between adjacent VNFs that can form a network service.
Specifically, the WG will work on the following technical aspects:

·           Redundancy management within a VNF Pool, such as the signaling between the Pool Manager and the instances in the pool for instance registration, backup instances selection, and switching between active and standby instances.

·           The protocol between the Pool Manager and the underlying network to collect the network information required for appropriate placement/selection of backup instances.

·           The protocol between a VNF and the service control entity to exchange operational information between a VNF Pool and the service control entity.

·           Identify and analyze reliable transport protocols, such as MPTCP and SCTP for reliable delivery of the messages associated with the redundancy management within a VNF Pool.

·           Analysis of pooling security characteristics and requirements to identify and mitigate threats against the pooling mechanism. Identification of an appropriate trust model between pool members, and between pool members and Pool Manager.
The WG plans to deliver a problem statement, a set of use cases, VNF Pool requirements and an architecture covering the aforementioned technical aspects, and applicability and gap analysis of existing technologies such as RSerPool. It is our expectation that we will be able to rely heavily on existing IETF technologies, but that gaps will be found around problems like redundancy mechanisms, state maintenance solely for pooling purposes, reliable transport, and trust/security, all of which will need to be considered and addressed. The WG will include consideration of the manageability of a VNF Pool. The WG will seek re-chartering before adopting any work to develop new, or extend existing, protocols.

In particular, we will work closely with the SFC WG, as we believe that SFC and VNF Pool are independent but complementary. SFC would essentially see a VNF Pool-enabled VNF as a normal service function and therefore be able to merge it into an SFC just like any other service functions. Information exchanged between the VNF Pool and the SFC may include some operational information from the VNF Pool including the pool address, pool instance characteristic, and so on, as requested by the SFC WG.

Goals and Milestones:
December 2014 - Submit VNFPool Problem Statement to IESG for publication as Informational
April 2015 - Submit VNFPool Use Cases to IESG for publication as Informational
August 2015 - Submit VNFPool Requirements, including the manageability of VNF Pool to IESG for publication as Informational
August 2015 - Submit VNFPool Architecture to IESG for publication as Proposed Standard
December 2015 - Submit Applicability and Gap Analysis of RSerPool to IESG for publication as Informational
==========================================================================

Your comments and suggestions to the charter text are highly appreciated!

Thanks.

-Ning