<div dir="ltr">Hi Jonathan,<br><br>There's also Calico [1,2], which in its simplest form (and as currently implemented):<br class="gmail_msg">
<br class="gmail_msg">
- uses just IP routing (v4 and/or v6) to connect workloads (VMs / containers / pods / bare metal)<br class="gmail_msg">
<br class="gmail_msg">
- has a security model that works across workloads hosted in different
clouds, and so can specify whether and how hybrid cloud workloads should
be able to talk to each other (and an agent, Felix, that implements
that model).<br class="gmail_msg">
<br class="gmail_msg">
(That does imply a couple of restrictions: that current Calico doesn’t
support (1) workloads that genuinely need to be L2-adjacent to each
other, and (2) overlapping IPs or "bring your own addressing." We have
plans for those if they're really needed, and in the meantime we're
seeing plenty of interest in adoption where those points aren't needed,
and the simplicity and scalability of Calico's approach are attractive.)<br><br class="gmail_msg">
<span class="inbox-inbox-message_body">One of the reasons for choosing a flat
routed IP model was precisely so that workloads just fit into whatever network
infrastructure is already there — and a big driver for that was so that
interconnection between “in cluster” and “out of cluster” resources
would be completely straightforward (not requiring on/off ramps,
configuring virtual router ports, mapping between VLANs, etc.)<br><br class="gmail_msg"></span>
Calico has been separately integrated for some time with OpenStack,
Kubernetes and Docker, and there's work underway to demonstrate hybrid
cloud combinations of those, I hope in Barcelona. <br class="gmail_msg">
<br class="gmail_msg">
I hope that's of interest; sorry for replying relatively late to this thread. <br class="gmail_msg">
<br class="gmail_msg">
Neil <br class="gmail_msg">
<br class="gmail_msg">
<br class="gmail_msg">
[1] <a href="http://docs.openstack.org/developer/networking-calico/" rel="noreferrer" class="gmail_msg" target="_blank">http://docs.openstack.org/developer/networking-calico/</a><br class="gmail_msg">
[2] <a href="https://www.projectcalico.org/" rel="noreferrer" class="gmail_msg" target="_blank">https://www.projectcalico.org/</a><br class="gmail_msg">
<br><br><div class="gmail_quote"><div dir="ltr">On Mon, Oct 3, 2016 at 6:54 PM Jonathan Proulx <<a href="mailto:jon@csail.mit.edu">jon@csail.mit.edu</a>> wrote:<br></div><blockquote class="gmail_quote" style="margin:0 0 0 .8ex;border-left:1px #ccc solid;padding-left:1ex"><br class="gmail_msg">
So my sense from responses so far:<br class="gmail_msg">
<br class="gmail_msg">
No one is doing unified SDN solutions across clouds and no one really<br class="gmail_msg">
wants to.<br class="gmail_msg">
<br class="gmail_msg">
Consensus is just treat each network island like another remote DC and<br class="gmail_msg">
use normal VPN type stuff to glue them together.<br class="gmail_msg">
<br class="gmail_msg">
( nod to <a href="http://romana.io" rel="noreferrer" class="gmail_msg" target="_blank">http://romana.io</a> an interesting looking network and security<br class="gmail_msg">
automation project as a network agnostic alternative to SDN for<br class="gmail_msg">
managing cross cloud policy on whatever networks are available. )<br class="gmail_msg">
<br class="gmail_msg">
-Jon<br class="gmail_msg">
<br class="gmail_msg">
_______________________________________________<br class="gmail_msg">
OpenStack-operators mailing list<br class="gmail_msg">
<a href="mailto:OpenStack-operators@lists.openstack.org" class="gmail_msg" target="_blank">OpenStack-operators@lists.openstack.org</a><br class="gmail_msg">
<a href="http://lists.openstack.org/cgi-bin/mailman/listinfo/openstack-operators" rel="noreferrer" class="gmail_msg" target="_blank">http://lists.openstack.org/cgi-bin/mailman/listinfo/openstack-operators</a><br class="gmail_msg">
</blockquote></div></div>