TY - GEN
T1 - NetBricks
T2 - 12th USENIX Symposium on Operating Systems Design and Implementation, OSDI 2016
AU - Panda, Aurojit
AU - Han, Sangjin
AU - Jang, Keon
AU - Walls, Melvin
AU - Ratnasamy, Sylvia
AU - Shenker, Scott
N1 - Funding Information:
We thank our shepherd George Porter and the anonymous reviewers for their comments. We also thank Ion Stoica, Amin Tootoonchian and Shivaram Venkatraman for their helpful feedback, which influenced both the design of our system and the contents of this paper. This work was funded in part by a grant from Intel Corporation, and by NSF awards 1216073 and 1420064.
Funding Information:
8 Acknowledgment We thank our shepherd George Porter and the anonymous reviewers for their comments. We also thank Ion Stoica, Amin Tootoonchian and Shivaram Venkatraman for their helpful feedback, which influenced both the design of our system and the contents of this paper. This work was funded in part by a grant from Intel Corporation, and by NSF awards 1216073 and 1420064.
Publisher Copyright:
© 2016 by The USENIX Association All Rights Reserved.
PY - 2016
Y1 - 2016
N2 - The move from hardware middleboxes to software network functions, as advocated by NFV, has proven more challenging than expected. Developing new NFs remains a tedious process, requiring that developers repeatedly rediscover and reapply the same set of optimizations, while current techniques for providing isolation between NFs (using VMs or containers) incur high performance overheads. In this paper we describe NetBricks, a new NFV framework that tackles both these problems. For building NFs we take inspiration from modern data analytics frameworks (e.g., Spark and Dryad) and build a small set of customizable network processing elements. We also embrace type checking and safe runtimes to provide isolation in software, rather than rely on hardware isolation. NetBricks provides the same memory isolation as containers and VMs, without incurring the same performance penalties. To improve I/O efficiency, we introduce a novel technique called zero-copy software isolation.
AB - The move from hardware middleboxes to software network functions, as advocated by NFV, has proven more challenging than expected. Developing new NFs remains a tedious process, requiring that developers repeatedly rediscover and reapply the same set of optimizations, while current techniques for providing isolation between NFs (using VMs or containers) incur high performance overheads. In this paper we describe NetBricks, a new NFV framework that tackles both these problems. For building NFs we take inspiration from modern data analytics frameworks (e.g., Spark and Dryad) and build a small set of customizable network processing elements. We also embrace type checking and safe runtimes to provide isolation in software, rather than rely on hardware isolation. NetBricks provides the same memory isolation as containers and VMs, without incurring the same performance penalties. To improve I/O efficiency, we introduce a novel technique called zero-copy software isolation.
UR - http://www.scopus.com/inward/record.url?scp=85077011241&partnerID=8YFLogxK
UR - http://www.scopus.com/inward/citedby.url?scp=85077011241&partnerID=8YFLogxK
M3 - Conference contribution
AN - SCOPUS:85077011241
T3 - Proceedings of the 12th USENIX Symposium on Operating Systems Design and Implementation, OSDI 2016
SP - 203
EP - 216
BT - Proceedings of the 12th USENIX Symposium on Operating Systems Design and Implementation, OSDI 2016
PB - USENIX Association
Y2 - 2 November 2016 through 4 November 2016
ER -