ONOS moves out of lab with Drake release
More security, more SDN
ONOS is pitching high availability and scale-out capabilities in the latest iteration of its SDN operating system.
The Drake release, available for download now, comes at a time where ONOS participants are letting the architecture escape from laboratories and into their live networks, according to ONOS Labs' Ram Appalaraju.
As that happens, he told El Reg's networking desk, operators are using the structure to start deploying a wider range of new services.
“Drake is an infrastructure-oriented release to enable additional use-cases”, ONOS Labs' Bill Snow told us.
To get there, Snow said, Drake has focussed on security, device configuration, infrastructure support, and integration with other open source projects.
The integration piece includes Huawei's OpenStack Neutron Layer 2 product, the ONF's Atrium SDN deployment suite, and Cloudrouter. The Huawei-driven OpenNFV release will also include the Drake releases, Snow added.
There's a fairly extensive list of security enhancements that have been developed in collaboration with SRI, Snow said.
Security's been improved on both the CLI and GUI, with proper authentication enforced at default; inter-server communications are now protected with TLS, and application permissions are now built into the application's manifest.
There's also a new security mode that lets admins constrain an application to a particular network segment or header space, Snow said. That means, for example, that an application can be confined to things like VLANs, based on OpenFlow rules.
A new configuration subsystem means that application config can be held in a central repository.
There's more information in the release notes, here. ®