大家好,我是CNCF公司的生态系统总监,洪雪晴。I'm the CNCF Director of Ecosystem, Xiaohang.This is a meeting for the vendors and operators within the telecoms user group.So to begin with, I would like to ask who is here from an operator.So please raise your hand if you're from telecom operator.OK.And how many people from vendor?OK.So probably two-thirds vendor, one-third operator.And then if you would like to say which company you're from,like just say which, say out.What company are you from?China mobile.OK.Great.Great.OK. Perfect.What was that?I'm going to hand over to Dan Kahn,who is the Executive Director of CNCF,and to Taylor.Thank you, Cheryl.Neigh-how.I'm not going to do any more Mandarin than that.We're very happy to have the kickoffof the telecom user group here in China.We had the first meeting a month agoin Barcelona at Jubcon Europe.Our goal,we're now doing two phone calls a monthas I'll show.And we have a document and other work going forward.We're also very open to doing Chinese language meetingsif that is helpful.But we would like there to be a single telecom user groupthat is collaborating together around the world.That's really the whole point of our event.This is an out-of-date slide.We're missing our Apple logo on there.So I will just mentionthe next in-person meeting we're going to havewill be at the Open Networking Summit Europe,which will be in Antwerp in September.And we're going to have a half-day meetingof the telecom user group to try and move things forward.And also be meeting in San Diegoat Jubcon CloudNativeCon in November.I hope many of you can attend.So we're launching this group.It is similar to our end user community.You might have seen yesterday afternoonthe DD just received the award from Cherylfor being the top end user this year.We have 89 companies in our end user community.The telecom is the newest one.The telecom sector is different.And so we want to allow both the operatorsand also their vendors to collaborate togetherin our telecom user group.And to help try and document some best practicesaround how to run network functionson top of Kubernetes.So let's say that the goal of this groupis not to develop new softwareor even necessarily to develop new patchesto the existing software.We want the technology work to occur upstreamin the specific projects.But we do hope via collaborationto help be able to document the best practices.So some of the upstream projectsthat we need to keep track ofare Kubernetes federation version 2which is now being calledcube fed.And each of these is a linkand we will have these slidesposted to the scheduleso you can access them.Helm as a package managerand also customize.Envoy as a service proxy.The CNF testbedwhich Taylor is going to talk aboutin a minute.Open policy agentwhich has a lot of interest.Permetheus Fluent D,Jager and now the newest oneopen telemetry.Service meshes like linker Dand Istio.And I will point out that Istio is notunlike the other things listed herea CNCF hosted project.Network service meshwhich is a very excitingbut still very immature project.It's a new sandbox projectin CNCF.Operators as a way ofconcernalityare the Kubernetes IoTedge working groupand then finally there's a linkhere to using Kubernetesas an inventory managerto keep track of all theequipment on a network.So the kind of analysisthat we want to dothe kind of work that we wantto do hereas I said is not codingbut things like gap analysisof talking about what are thethere's a particularly three areasaround connectingvnfs and cnfsmultisdanm and network service meshtalking about best practicesfor cloud nativefor cnfsand thenone of the goals here is thatif we are beginning to work onwhite paper that white paperwould notjust be a descriptionof different approachesbut that we would actuallyimplement those different approachesin the CNF test bedand Taylor will talk more about thatand then be able to makerevaluations of the comparison.So at a very high levelwe would say that thearchitecture in the pastof NFV or virtual networkfunctions has beenparticularly the first versionof ONAP ran on top ofrackspace.You've now seen an evolutionover the last couple of yearsand with the current versionof ONAPthat you can run it on top ofeither open stack or kuberneteskubernetes lets you run on top ofeither bare metal or any cloudand the evolutionof where we think this is goingis to have cnfsto haveyour open source systemyour business support systemsall running on topof kubernetes that kubernetescan be this universalobstraction layer.There's still going to be a number oflegacy vnfs, virtual networkfunctions. Those can run on topof kubernetes on vertleton open stack and thenyou can still have the ONAPorchestrator helping theseconnect together and thekubernetes can run on topofeither bare metal or any cloud.So this is just a phrase that I likedescribing a key aspectof the kubernetes architecture.The entire system can be describedas an unbounded number ofindependent asynchronous control loopsreading and writingto the schematized resourcestore is the source of truthand as I talked about in my keynoteit's resilient,volvableand extensible.So I do want to emphasizeone of the key thoughts for this groupis about evolution.It's not feasible to throwaway all the work that'shappened over the last hundred years.The only way that cnfs can beuseful to the telecomindustry is if there's anevolutionary approach of taking theexisting equipment existing approachesand helping evolve that to becloud native.And it's really criticalthat at each stepthat evolution adds value.None of your organizationsare going to be able to make meaningful investmentsunless you can actually see the benefitsin terms of resiliency,in termsof lower cost,in termsof faster time to market.Okay.I think I just have a couple more slidesand then I'm going to hand this offto Taylor.So there's one morekind of high levelthought that I wouldcommunicate here,which isimagine aphysical firewall devicethat might have beeninstalled ten years agoin an operator's networkand then maybe five yearsago it was portedto become a VNFa virtual network functionrunning in a virtual machinebut really nothing elsewas changed about it.So nowif you want to take that firewalland make it a cnfit's no longer possibleto keep custom kernelpackages or to use customcernel modules andthe technologyneeds to be compatiblewith any kernelversion 3.10 or higherthat could run Dockerbut that very minimalnumber of changes what you could calla lift and shift approachof your firewall doesn'tactually get you that many benefitsand so the particularlyyou could call itso that if we callthis a bronze cnfand there's a argument about thisthat maybe we should call ita iron or a copperor something very badmetal but that you stillhave a completelyproprietary management interfaceyou might even need like a windows pcrunning a special applicationin order to configure itit can have stateful storageit can have a very opaque formatit may have no supportfor horizontal scalabilityto be able to go across multiple machinesno support for vertical scalabilityto be able to go to larger smaller machinesno support forautomatic configurationand then a completelyproprietaryinstallerso this is kind of the worst casefor a cnfand I mean it's still cnf in thatit is a container and it isby Kubernetesit's not clear that this generates very muchvalue forin the real worldthen you have the other extremewill call this a gold cnfand the idea is thatthis is a set of best practicesabout how you can implementthe network functionsso it should be compatiblewith any certified Kubernetes implementationwe now have I believe89 of thoseit should becan scale horizontallystored state in a databaseor another serviceit should be able to run unprivilegedto be more secureI mentioned scaling supportconfiguration and life cycleso it should be upgradeableit should be configurable using standard mechanismsobservability is key in terms ofmondering and tracing and loggingsupporting all of these projectsinstallable and upgradeableand then to the degree it needswhere it could take advantage of itthere's a standard ways that it should be accessing thatsowe would like toengage with youthat's a very rough draftof what a bronze and a gold could beand we do want to try and define that morewe'd like to engage with youand one of the key ideaswould beto definea silver cnfto define something in the middlethat's good enough that it's adding valueeven if it's notperfect in every waybut you could imagine in a couple yearsthe china mobile and othercarriers might start specifyingthat you need a silver cnfas part of an rfpok so I thinkI'm going tojust very quickly mention herethere's a lot of different approaches on networkingthere's a lot of different approaches on securitythere is a ton of progressthat has been made herethat people aredoing PCI level 1and HIPAA and ISO27001 usingkubernetesthat micro vms are ausefultechnology that people are investing inbut it's not at all clearthat those are necessaryor useful in a telecom environmentand with that I will hand it offto Taylor and maybe if we can dolike 5 or 10 minutesand then leave 5 or 10 for questionsthank youokay so this is awho are you?I'm Taylorleading the cnf testbet initiativethis is one of theinitiatives related to the telecom music groupthis will bethe project that'salso trying to complementitem projectsso there's a lot of other initiativesto build testing platformsand softwares at different leveland this is there to complement thosesothis is on githuband the idea isto provide examplesin a codebasethat's completely open sourcethat anyone can downloadand see whatmaybe an existing use casethat you useas a telecom operatoryou have use cases whereyou may have srvnetwork functionsand firewalls and other thingsand you want to show how they work togetherand you want to collaborate with othersso this is an area where you candownload the software and testand we do that by usingpacketit's there in the bottompacket's a providermedal serversand if you have a api keyfrom packetyou can download the softwarefrom github and you'll be able to test thosesothis is one of the examplesof a test casethat we've done and this is focused onperformance testingand this is more ofwhat is the base levelso that you cantry more complex scenariosat the topwe're showing awe're able to deployopensack clusters on packetand deploy some vnfswhat this is isip routers so very simpleand that would be somethingthat you would put in a service chaina set of network functionsand we send the trafficthrough thoseand they loop back outand weset the packets per secondand then we show the same sort of thingon kuberneteswe're also on the bottom areawe're showingwhat you can dowhich is currentlyjust available with containersyou can do thesememif interfacesso we can directly connectand this is on one physical nodeone physical machineyou can directly connect the network functionsvia memory interfaceand then we look atwhat the throughput is on thatso this is some of the testing that we've doneand this is somethingthat could be applied to any typeof network functionon the per machineswe also support multi-nodemachine to machinebut we're doing different typeof example testthis is just some morestats on the comparisonsand what we're doing istestingperformancethings like this to verifythat you're going toget the performance that you would have expectedwhen you were running it as a VMa virtual network functionthat we can meet or exceed thoseand then build out the more complexuse casesso going back here for anyonethat wants to participatesimilar to the telecom user grouphas white papers and documentsthat you can contribute tofor understandingthe testbed is about contributingcode and real examplesthat you can go in and understandso if youcreate an API keyon packet you can downloadthe code and you'll be ableto recreate it on packetthe code is portablewe're trying to make it where if youwanted you could take pieces out and teston your own lab equipment at different levelswhether that's deploying thekubernetes clusteror setting up the networkor deploying the actualCNFsmost of theCNFs were originally based onsome own app codewe're starting to get more contributionsthere will be some other talkstoday aboutnetwork service mission this weekwe're hoping that theBelgiumnetwork summit to demonstratea use case usingnetwork service meshon one of the use casesand doing some SRVand thenfuture use caseswe're looking atto show a hybridtype of configuration where you may havean open stack clusterrunning a BNF from avender that hasn'tthey haven't even gone to a bronzeand you need to be able to connectto that we're going to be showinga kubernetes clusterrunning and clients connectingover a tunnel to thevnfand some other stuff like that sothat you have that migrationas you're moving forward on yourplatformsI think some of these are principleswe have a lot of other informationin these slides once we upload themwe upload them that go intospecs and stuff about the actual machinesthe packet that we're testing withandsome difference we go intosome of the challenges this goes intostuff like the gaps that Dan was talking aboutwhat do we need in the platformswhat's missing what's therethere's a lot of solutionstrying to add pieces around thedevice plugins and other stuffso we want contributions boththe code to test new examplesas well asto the different white papersthat are in progressyou think that's probably got goodmaybe we can switch toall of the q and a slideyou want to just mentionthat it doesn't have to use packetit doesn't have to use packetyes soright now this is kind ofan overview of thestages that we havethis is to set upif you wanted everything set upwhat we have in packetso you've downloadedyou're creating a top levelconfiguration number of nodesmachines in your clustersand then you can runsome software that we havethat'll provision the machinesand go onyou can actually if you wereinterestedin using your owncubernettys cluster you could justyou and Iyeah sure would you mindokayyeah why don't youthanks to youokay I would like to open itto question and answersnow and we can have a discussionwithin the groupso please think aboutif this is useful for whatyou're doing, introduce yourselfand your company and what are thechallenges that you seeI'm Rastis Alsabofrom Pantheon Techactually we dosome cnf deploymentsfor some of our customersI don't have any specific questionbut maybe some additional informationif anybody is interestedin cnfsthere is an open source projectcalled Orgatowhich actuallypackages fdio vppinto a Docker containertogether with a managementagent which providessomenordbound APIoutside cloud nativeway of configuringthe vppthat's readyfor anybody who is interestedand wants to play with some cnfsyou can check it outonlygato.ioalsothere is one more cniwhich I would mentionthat is called Comtvppwhich runs also fdio vppas are-sleech between the containersthat can help you as wellif you need to connect multipleinterfaces towards the podsand also it supportssome simple service chainingbetween the podsjust quickly on thecncfi think many of you have seenthe cncf cloud native interactive landscapeand it's available atlandscape.cncf.ioand you can get to it from your phoneand I'll just mentionthat under the networking sectionhere we havelegato which was the projectyou mentioned a control planemanagement agent for fdio's vppand then alsoI had earlier mentioneddanmwhich is a project out of Nokiathat provides accessconnectsbetween cnf and vnfyou have multisright here out of intelbut redhat and otherssupported as a way of doingmultiple cni interfacesand then network service meshis thevery new projectfrom some of the same peopleinlegatoout of sysco and othersbut that now is a cncf sandboxprojectand then cniis the standard wayof doing kubernetes native networkingand alsoopen vswitch is usedin the cnf testbedand so you cancome in here and click thereand then learn all aboutthese projectsis now hereused for high performancedataplanerso these are allvery likely to become part of the solutionor atleast to be evaluatedas alternativesdan let me bring a slide that's related to thispleasesoif it wasn'tcompletely clear one of the thingswas seen of testbed is we're notsaying here is one piece of softwarethat you should use everywheresimilar to cncf in generalis saying there's many optionsand here's what they doso that you can pick the one that worksso the implementationthat we have the mainexamples that we haveright nowthis is what it's coveringbut we could use additional softwareso we actually do usevpp as a vswitchand this kind of goes over thatbut we havehere's vpp right here as a vswitchon opensack and we use thevpp opensackplugin that connectsthe talking to vppwith neutronand then on Kuberneteswe havethe equivalent of a vswitchrunning both as a hostor you can run it as a cnfthat runs just in a containeron the systemthat'sfor some of the use caseswhere we actually needwhat would be a vswitchwe have some use casesthat we're building right nowthat wouldn't have a vswitchit would be like a SROV gatewaymost of those are using vppand we collaboratewith a lot of different projectswe're using nfvbenchfor the traffic generatorwe use most placesalthough we'll probably be testingthe intel pluginfor vppand not use the dbdkbut essentiallyif there's aproject that lookslike it could be a good solutionfor a use casethen we're interested in trying to build that outcontent vppis definitely somethingthat we were looking atplatformwhat we're not trying to do is build a productwe want to helpthe projects that arebuilding something like network service meshhas very extensive featureswhat we're trying to do is highlightthe piecesfor a use case for discussionsand that's a drive aroundlike the telecom user groupis white papers and documentsto have discussions onhow best we should go about itand to have contributions from the other groupsand if you're doing somethingthat's maybea complex setupand you're wanting to highlightparts of itand how it would workthen be happy towork with you on thatcan you pull up the cnftestbed repojust to show theschedule for thetug callthis isinconvenientit'sgoing to be 11pmhere in Chinabutwe would love to have your participationif you're willing to stay up lateto join us and then we also dopost all of thesecalls to youtubeif you have a VPN afterwardsto access itbut these are all open meetingswe would love to have yourengagement participationand then we also have a slack channelandthe white papersthere's a slackit's tugon the cloud native slackthere's also a cnf testbed slackand a lot of theseprojects that are on cnf like nsmyou'll find those thereso please join if you're interested in the projectswe need tostop therewe will be up here for five minutesso please come introduce yourselfand we would love to have your involvementgoing forwardthank you very much