One Network to rule them all
DevOps.Barcelona, March 18
Christian Adell @chadell0 
is this about networking? 😱🤯🤮🤢
SDN, NFV, Network Programmability, Intent-based, Open Networking, Linux/Container networking, OpenConfig, SD-WAN? 🤔
problem statement
hybrid ecosystem
let's connect them...
we tried to solve all in one
and we failed 😞
but we learned a lot
then, we built a network service 👩🏻🔧
Developers 💛 being autonomous
Developers 💛 APIs
Developers don't care about network details 😑
Developers 💛 performance
Support multiple providers 🤯
Continuous monitoring 👩🚒
Visibility 🧐
New approach
Underneath
Architecture
Written in Python 🐍 following 12-Factor App
some code snippets
class Connection(object):
@staticmethod
def factory(connection):
if not connection.get('ctype'):
try:
evaluator = ConnectionEvaluator.factory(connection)
connection['ctype'] = evaluator.evaluate()
except (VpcPeeringLimitReached, CIDROverlap) as fe:
raise ProcessConnectionUnrecoverableError(fe)
if connection['ctype'] == 'AWS_PEERING':
return AWSPeeringConnection(connection)
...
else:
raise NotImplementedError("Unknown connection type: {}".format(connection['ctype']))
class AWSPeeringConnection(Connection):
def __init__(self, connection):
super(AWSPeeringConnection, self).__init__(connection)
...def create(self):
try:
if self._already_present():
raise GSNVPCPeeringUnrecoverableError('VPC Peering betwen {} and {} already present'.format(
self.left_vpc.vpc_id, self.right_vpc.vpc_id))
response = self.left_vpc.ec2_client.create_vpc_peering_connection(
VpcId=self.left_vpc.vpc_id,
PeerOwnerId=self.right_vpc.account_id,
PeerVpcId=self.right_vpc.vpc_id,
PeerRegion=self.right_vpc.region_name,
)
self._peering_id = response['VpcPeeringConnection']['VpcPeeringConnectionId']
...CI / CD
Platform as a Service
version: 3
replicas:
minimum: 2
maximum: 2
ingress:
- host: ${INGRESS_DNS}
metrics:
prometheus:
path: /prometheus
resources:
limits:
memory: 1G
cpu: 1
ports:
- port: 8080
connectivity:
- serviceA
- serviceBUsers' POV
Mappings
Demo Scenario
