In part one of this series we discussed how the next major meta trend in networking will cause global change. Part two takes a closer look at changes in the data centre.
Getting Started in the Data Centre
To meet the escalating expectations of users and close the relevance gap, customers will be using private clouds, public clouds or a hybrid solution, and will need to move data and workloads among them. Customers need something programmable to support rapid innovation and commercial models need to change to allow pay as you cost structures.
So what’s the architecture of a New IP network and how do they get there?
Let’s start with NFV (network functions virtualisation) basically replacing the routers, switches, firewalls, load balancers, application delivery controllers, and other physical equipment they already have with software. Reduce the need for capex, in some cases by 90%, and increase their ability to spin up and down resources as they need them - supported by agile commercial models. Their services become mobile. They can take all the network services a virtualised application needs and put them right next to the VM on the same server. The application doesn’t need to leave the server, and as a result they increase speed, efficiency and simultaneously reduce north/south traffic and costs. They also increase security they provide with a virtual firewall security layer attached right to each application and it moves with the application as it moves around their infrastructure.
They also need SDN, which provides the tools to manage and control the network services and infrastructure, whether its been virtualised or not. Open Day Light is an Open Source SDN solution that provides granular visibility and control over network functions. It allows your customer to visualise, control, provision and manage their resources. It also allows the network to see and respond to traffic flows and dynamically adjust, such as in the case of a denial of service attack or elephant flows, and it does it in an automated fashion. Any service in the network that they’ve created, physically or virtually can be controlled by one SDN controller in a fully programmable way. They can standardise data modules using YANG and NetConf, and use REST APIs to mix and match vendors in their network.
But the network is only one important part of their infrastructure. There is compute and storage too, and that’s where orchestration comes in. OpenStack, an Open Source protocol for the orchestration layer, can provide the same benefits of ODL at the network layer across compute, data and network. In addition, because customers are likely to have a multi-cloud environment (private and public), they have to make the clouds work together in a predictable, scalable and manageable way. And OpenStack orchestration provides that ability, allowing their orchestration to stretch across their full environment.
This is all the cool stuff.
It’s what’s called the ‘overlay’. But if they have an overlay, they need an ‘underlay’ to go with it.
They have to be able to forward the packets. Fabrics are the most often-recommended underlay architecture, specified by companies like VMWare, Cisco and Brocade to name a few. Today’s rigid architecture in most data centre networks are hierarchical and topologically dependent - this won’t allow you to take advantage of the agility of the virtual constructs of NFV and SDN. That’s why fabrics are so critical and why so many analysts recommend them too.
Why use a fabric underlay? You need an infrastructure that is flexible, scales up and out, and adapts to handle instantaneous changes in traffic flows, flow sizes, packet sizes and protocols. In fact, customers probably want this even before their move to the rest of the New IP architecture.
Fabrics deliver New IP value today, into the current network, by creating a giant sandbox in which the virtual applications are optimised for virtual deployment. Because applications are now modular and distributed, it’s important for the network to be aware of where these modules live and how they relate to each other. The network fabric is virtual-machine-aware, and this increases capacity of traffic flow dramatically, along with the speed and performance of the network. Why? Because the traffic automatically takes the shortest or best path. It can move ‘east-west’ saving money and time compared with traffic flow that’s limited to ‘north-south’ directions because of rigid topologies.
The automation of fabrics reduces costs, increases performance and availability, and sets customers up for their NFV and SDN migration.
And what about security?
Security must be pervasive and behavioural-based. You need a programmable network to take advantage of the state of the art security capabilities available in the new IP ecosystem. For example, a customer may need to create virtual DMZs when the network or the security layer perceives inappropriate action. Since fabrics minimise the number of hops and automate otherwise manual functions, they increase the inherent security in a network.
NFV and SDN make services mobile, and allow firewalls and other services to be deployed with and tied to the application. This delivers fine grained security that’s ubiquitous and mobile. The result is a network that can adapt to security requirements in real time.
The 5 must have’s with any fabric
1. True Democracy: This means every switch is equal to every other switch. The architecture is flat and without hierarchy, so that there is no single point of failure. This results in a flat layer 2 or 3 surface that is a self-forming and self-healing network. All paths are equal and available, and devices of different capacity and design can be mixed together. You can mix and match chassis and fixed configuration (ie: pizza boxes) meaning the wars around architecture are rendered meaningless.
2. Distributed Intelligence: Every port is aware of every other port. This means you can move workloads with their associated characteristics (called automatic migration of port profiles or AMPP). These characteristics access control, QOS and other port-oriented application characteristics. A fabric should abstract this information and thus give you the ability to move workloads at will. And if a port is lost, the workload is moved to an available port, so you don’t degrade availability.
3. Native Automation: Fabrics should be built from the ground up for automation, making them five to ten times faster to deploy than individual elements and providing a range of additional capabilities such as AMPP self-configuration and self-healing. Native automation delivers near-perfect load balancing throughout the mesh, at layer one. You don’t need additional devices or manual configuration. Native automation is critical to get New IP benefits from the network underlay, for scale, availability and performance without human intervention and lost time.
4. Absolute persistence: This means when a customer forms a fabric it will, to the very last port on the very last switch, optimise and maximise the flow of traffic through the fabric. You can lose a port, or a whole switch, and the fabric will react in real time and balance. You get transparent interconnection of lots and lots of links. It works like the Internet itself. In a classic or hierarchical architecture, the network can shut down until human intervention fixes the problem.
5. Fast! This means no compromise between scale and latency. Fabrics take the most efficient path, automatically. They should combine hardware performance with software programmability. Since a fabric by definition means they have more than one node, you can’t be forced to compromise scale or latency because of their added nodes. You need to be able to be really big, and really fast. That’s what a fabric does.
A customer’s data is their most precious asset, and applications are only as effective as the data they source. Today we consume an unprecedented variety of data through an unprecedented number of applications. And the best way to hook them together in an efficient, scalable and reliable way is through the mediation of a fabric. It’s the foundation of the New IP, and it unlocks value and creates freedom even in the current network, with or without the additional benefits of NFV or SDN.
The New IP is a modern network, built on your time, and your terms. To find out more about the New IP, click here.
Article by Gary Denman, Brocade regional director for Australia and New Zealand