How virtual service networks lay the foundation for an agile, secure data center network
By Ben Van Kerkwyk, Architect, Advanced Technology Group HP Networking
Consider the network infrastructure approach used in most data centers today, where we have the full range of virtualized services, applications, users and tenants at the edge of the network, logically separated though server and virtual machine clustering.
As we move away from the network edge itself, all those different traffic types with different requirements, SLAs (or relative importance to the business) are converged together into a single physical and logical network that relies on complex protocols and management to ensure reliable delivery across the infrastructure.
It is difficult to map the features of a single network device (router, FW/IDS, etc.) into multiple yet individually distinct enterprise application environments or for different tenants—without considering how those policies might impact each other both in the device and in an end-to-end context every time a change is made.
It is also not cost effective to deploy a separate physical device for each “service.” But, from an operational perspective, this is effectively the goal—to be able to configure and modify dedicated network services for a specific application or tenant without concern for the impact those changes might have on the other apps or tenants in the infrastructure.
Virtual service networks: a new method for interacting with network infrastructure
The VSN architecture provides us a new method of interacting with network infrastructure in the data center. It introduces a new paradigm to network infrastructure operations by decoupling the dynamic provisioning and configuration processes of the network from the device-centric management tasks of the physical network itself.
VSN operation virtualizes network devices and their services while organizing them into structured, policy-based VSNs that can be rapidly provisioned or modified to effectively connect network users to distinct application services, then dynamically respond to the requirements of the enterprise application environment.
VSNs become a virtual, configurable element in the infrastructure that represents the end-to-end environment for a particular service, application group, or tenant. Each VSN can be configured, modified, and monitored distinctly and without impact on other VSNs in the infrastructure.
Key operational advantage to VSNs
By slicing the physical network into multiple, independent virtual contexts it allows network administrators to act freely and respond dynamically to the specific needs of a particular app environment or tenant.
Changes to a single VSN can be made in isolation to other VSNs—without the complex protocols and change management processes that are required when making those same changes in the context of a single physical infrastructure that is trying to balance the needs of all the apps and tenants concurrently.
Virtual service network—built on Converged Infrastructure
The VSN concept is built on several key technology areas that we are driving as part of HP Converged Infrastructure:
• The development of centralized, policy-driven management tools that use virtualized network resources in a structured, hierarchical manner and that are integrated with the adjacent control points in server and virtual switching and are aware of the enterprise application environment.
• The evolution of network control plane technologies that allow the dynamic control and abstraction of complex, virtualized network services across a wide array of network infrastructure device types, accounting for network virtualization and end-to-end multi-tenant requirement.
Through the virtualization of networking features and devices, VSNs allow a simplification of management complexity by vastly reducing the number of statically configured elements in the network. When organized into centralized command-and-control management tools, these virtualized network resources can be used to dynamically build network services that are specific to a particular enterprise application, to a particular tenant, or even for a particular traffic type, such as latency sensitive traffic such as video or voice.
With the end-to-end visibility that comes with a centralized control plane, the network can also be more effectively managed and maintained. Now we can directly map network health and status to “logical” connections between users and the applications they are accessing. The network can be configured to systematically adapt to device failures or peak demand periods – and more network capacity can be added to the solution without requiring additional dedicated configuration steps.
Virtual service networks in depth
VSNs can be created, modified or destroyed dynamically without “bare-metal” provisioning or impact to other VSNs. These collections of virtualized, end-to-end network services are overlaid on the physical network in a policy or template based manner and effectively decouple the dependencies on physical hardware in day-to-day operations. This is a step that leads to significant operational benefits—as anyone who follows hypervisor and virtualization technology in the server technology space will understand.
Virtualizing network resources in the manner abstracts much of the device level complexity and allows the automated “place and route” of new service networks, or adjustments made to existing VSNs on the fly. Virtual capability can be effectively over-provisioned in terms of capability compared to physical networks, and tuned to allow burst capability and intelligent load balancing. This fundamental operational shift to a profile-driven management architecture combined with the technology components of a VSN architecture is required for IT organizations to fully deliver on the promise of the next-generation cloud data center.
Ultimately the value proposition for infrastructure virtualization has been well established. It is now a matter of time until we have the technology convergence across networking to fully deliver on it.
HP Networking is investing in and driving key network virtualization technologies to enable the operational vision of a VSN-enabled infrastructure. More to come on this topic, so stay tuned. And let us know what you think too.
>> Learn more about HP Networking products and solutions for the Instant-On Enterprise.
>> Follow HP Networking on Twitter | Join HPN LinkedIn Community | Like us HPN Facebook
