OVS Orbit

NetBricks: Taking the V out of NFV, with A. Panda from Berkeley

05.13.2017 - By Ben PfaffPlay

Download our free app to listen on your phone

Download on the App StoreGet it on Google Play

Panda is a PhD candidate in the computer science department at the

University of California, Berkeley. In this episode, we discuss the

paper “NetBricks:

Taking the V out of NFV,” by Panda, Sangjin Han, Keon Jang, Melvin

Walls, Sylvia Ratnasamy, and Scott Shenker, which was published in OSDI 2016. The

abstract for the paper is:

The move from hardware middleboxes to software network functions, as

advocated by NFV, has proven more challenging than expected. Developing

new NFs remains a tedious process, requiring that developers repeatedly

rediscover and reapply the same set of optimizations, while current

techniques for providing isolation between NFs (using VMs or containers)

incur high performance overheads. In this paper we describe NetBricks, a

new NFV framework that tackles both these problems. For building NFs we

take inspiration from modern data analytics frameworks (e.g., Spark and

Dryad) and build a small set of customizable network processing

elements. We also embrace type checking and safe runtimes to provide

isolation in software, rather than rely on hardware isolation. NetBricks

provides the same memory isolation as containers and VMs, without

incurring the same performance penalties. To improve I/O efficiency, we

introduce a novel technique called zero-copy software isolation.

One of my favorite quotes from the discussion is the following:

The fewer lines of code you have to reason about, the easier it is.

That's the lesson that, I would guess, if you're a developer, to take

away. Don't think of isolation as this thing you do for security.

That's one use case, it's not even a very good use case because everyone

seems to violate isolation all the time: there's ten bugs on any given

day for hypervisors breaking out of their isolation boundary.

For earlier discussion of NFV, refer back to Episode 2:

OPNFV and OVS, with Dave Neary from Red Hat or Episode

10: SoftFlow, with Ethan Jackson from Berkeley.

For more information on NetBricks, visit netbricks.io. You can also contact Panda

via email or Twitter.

OVS Orbit is produced by Ben Pfaff. The

intro music in this episode is Drive,

featuring cdk and DarrylJ, copyright 2013, 2016 by Alex. The bumper

music is Yeah Ant

featuring Wired Ant and Javolenus, copyright 2013 by Speck. The outro

music is Space

Bazooka featuring Doxen Zsigmond, copyright 2013 by Kirkoid. All

content is licensed under a Creative Commons Attribution 3.0

Unported (CC BY 3.0) license.

More episodes from OVS Orbit