Speaker: Masoud Moshref Javadi
Cloud operators increasingly need many fine-grained rules to better control individual network flows for various management policies. In this paper, we explore automated rule management in the context of a system called vCRIB (a virtual Cloud Rule Information Base), which provides the abstraction of a virtual cloud rule information base. The challenge in our approach is the design of algorithms that automatically place rules considering resource constraints on hypervisors and/or switches while minimizing the redirection traffic overhead and responding to system dynamics. vCRIB contains novel algorithms for finding feasible rule placements and adapting traffic overhead induced by rule placement in the face of traffic changes and VM migration. We demonstrate that vCRIB can find feasible rule placements with less than 10% traffic overhead even in cases where the traffic-optimal rule placement may be infeasible with respect to hypervisor CPU or me mory constraints.