When vendors put out a free version of their software, it may not cost any money, but IT pros know that using it in an enterprise environment often comes at a price -- be it limited features or nonexistent support. Midokura bucked that trend last year when it released an open source version of its core platform for network virtualization, MidoNet Community Edition.
MidoNet Community Edition sacrifices none of the commercial platform's Layer 2-4 networking features in OpenStack-based clouds, and it takes a unique approach to support. That's what makes it the latest winner of SearchNetworking's Network Innovation Award.
SearchNetworking spoke with Susan Wu, a director of technical marketing at Midokura, a global company with U.S. headquarters in San Francisco, to learn more about what went into making the free version of MidoNet.
Editor's note: This Q&A has been edited for length and clarity.
What drove Midokura to release an open source version of MidoNet?
Susan Wu: A lot of Midokura Enterprise MidoNet was already built on an open source foundation. For example, we make use of something called ZooKeeper as the key value store to keep track of the virtual topology, and we use another very popular open source project, called Cassandra, to back up the flow state.
The other reason is engineers are distributed. We have engineers in Tokyo, Barcelona and Israel, so they were very used to using tools like GitHub, Gerrit for making reviews, Atlassian to make changes and things like that. We were very used to even the open source software development methodologies.
Then, the third reason is that it really helped in terms of evaluation. Users can actually bypass the traditional procurement or legal [restrictions].
What do you mean by that?
Wu: If you were to evaluate software from even Cisco, Citrix or Oracle, even getting a free evaluation or 30-day evaluation, there is a click-through legal agreement. So if you're an engineer, if you did not have your company's lawyers review that, you are not permitted to [try it out].
But by making our software completely open source, there is none of that. There is no restriction. You're using open source software; there's no onus for you to take it over to your legal department, because you can sign up as an individual and evaluate the software over the weekend. Users are able to try things out on their own and gain expertise on MidoNet.
What else stands out about the open source version of MidoNet?
Wu: There is certainly no shortage of open source products and projects for developers to contribute. With that many projects, it's actually pretty difficult to gain commercial acceptance; there's more than one project for every segment. But I think why we found such success is not only is our software open source, but we also make it really easy for you to evaluate.
For example, on midonet.org we have a quick-start [script] that is deployed on a Docker container, so we made our software so much easier to consume and try out. So we took away the business barriers, but by putting it into Docker containers, now we also made it so easy technologically for you to get started.
In addition, we open up private Slack channels with people that are evaluating our products. That's unlike other open source projects, where you have to interact with a big community through IRC, and then your question may not get answered because there's just too much cross-talk between so many different interests. The Slack channels are not filled with support people; it's actually with the engineers who contribute to Neutron. They are the same engineers that built MidoNet and contribute to MidoNet.
What's the difference between the commercial and open source versions of MidoNet?
Wu: We don't hold back any capability in the Community edition. The product has all of the core capabilities, like Layer 2 switching, logical routing, distributed gateways, Layer 4 load balancing and all the firewalls.
But by putting everything out there, we had to differentiate the Enterprise edition, which is the version that you pay for. It has the 24/7 support, and that support starts as soon as you start to evaluate the commercial product with us.
We also made support logs a lot easier in the Enterprise version. Support logs in the Community edition are available to you, but you would have to output them manually. But in the Enterprise edition, we wrote a code so that you only need to issue one command and all of the support logs can be outputted. Then, you could present the output logs and support logs to the Midokura Enterprise MidoNet support organization, so you can quickly find the root cause of something.
The other part that we've done to differentiate the product is we built in GUI-based management, as well as big data analytics, which made it a lot easier to use the Enterprise product.
Where does big data analytics come into play?
If you are using the Community edition, you would trace flows per host. Let's say you have 10 hosts; you would have to use the CLI [command-line interface] and log into every host. That could be a little bit tedious if you have more than 10 hosts. But with the Enterprise product, we aggregate all of the information onto the one management portal. Then, you can specify the parameters or protocols that you would like to see across all of those hosts. If you have 20 or 30 or 100 [hosts], then you can see all of them all at once in the GUI, which makes the network administrator's job a lot easier.
Have you seen any interesting deployments of the open source version?
Wu: We have a user [who works for a company] where they build telecom equipment. They build WAN devices, as well as sniffers. They have a very, very strong Linux background; they know the Linux kernel. They use MidoNet [Community Edition] in their managed cloud service because they have the Linux capability.
They write scripts against our host to automate all those things I mentioned earlier. So, remember how you have to log into each host? Instead of doing that, they write scripts to draw [flows] from the host. So they have to have some degree of development capability, as well as Linux competence. Those are the types of customers that would use the Community edition because the software is fully functional.
In your opinion, what are some of the cooler features in MidoNet?
Wu: Our coolest capability is the ability to trace past flows. Other software can only do the live flows. But in networking, you're always troubleshooting networking problems from the past. [A developer] will always be saying, 'Oh, I think something was wrong about a week ago. I chucked in some code and it really messed me up. I think it was the network. I don't think it's my code.' There's a little bit of finger-pointing between network operations and the developers, so the ability to trace the flows and the traffic patterns for past events -- and to troubleshoot and [find the] root cause -- has been something network administrators really, really value. This is a virtual network; it's not like in the past where it's a physical network where you might log into a box and look for something.
This is a capability that we put into the Community edition as well. Of course, you have to look at it per host, rather than aggregate it with the GUI, but that is something that people with Linux savviness and developer skills [can work around]. They can write scripts to pull it from each one of those hosts.
Midokura helps VMware customers with OpenStack deployments
More on Midokura's take on network virtualization
Midokura partners with Cumulus on bare-metal VXLAN gateway
- A Technical Introduction to Bro: Network Security's Best Kept Secret –Corelight
- Dramatically Reduce Incident Response Time with Splunk® and Bro –Corelight
- Open Source Network Security Tools for Beginners –AT&T Cybersecurity
- 5 Ways Bro Gives You Better Data for Incident Response and Threat Hunting –Corelight