PLUMgrid Open Networking Suite Service Insertion Architecture

Similar documents
PLUMgrid Toolbox: Tools to Install, Operate and Monitor Your Virtual Network Infrastructure

Virtualization, SDN and NFV

Achieving a High-Performance Virtual Network Infrastructure with PLUMgrid IO Visor & Mellanox ConnectX -3 Pro

Building Scalable Multi-Tenant Cloud Networks with OpenFlow and OpenStack

Open Source Networking for Cloud Data Centers

Use Case Brief CLOUD MANAGEMENT SOFTWARE AUTOMATION

Outline. Why Neutron? What is Neutron? API Abstractions Plugin Architecture

Use Case Brief BUILDING A PRIVATE CLOUD PROVIDING PUBLIC CLOUD FUNCTIONALITY WITHIN THE SAFETY OF YOUR ORGANIZATION

Software Defined Networking (SDN) and OpenStack. Christian Koenning

IO Visor: Programmable and Flexible Data Plane for Datacenter s I/O

SDN v praxi overlay sítí pro OpenStack Daniel Prchal daniel.prchal@hpe.com

SDN PARTNER INTEGRATION: SANDVINE

VIRTUALIZED SERVICES PLATFORM Software Defined Networking for enterprises and service providers

A Look at the New Converged Data Center

SOFTWARE DEFINED NETWORKING

HAWAII TECH TALK SDN. Paul Deakin Field Systems Engineer

Cloud Networking Disruption with Software Defined Network Virtualization. Ali Khayam

STRATEGIC WHITE PAPER. Securing cloud environments with Nuage Networks VSP: Policy-based security automation and microsegmentation overview

Bring your virtualized networking stack to the next level

How To Make A Vpc More Secure With A Cloud Network Overlay (Network) On A Vlan) On An Openstack Vlan On A Server On A Network On A 2D (Vlan) (Vpn) On Your Vlan

Network Virtualization

Introduction to Software Defined Networking (SDN) and how it will change the inside of your DataCentre

Cisco Prime Network Services Controller. Sonali Kalje Sr. Product Manager Cloud and Virtualization, Cisco Systems

White Paper. SDN 101: An Introduction to Software Defined Networking. citrix.com

SDN Applications in Today s Data Center

RIDE THE SDN AND CLOUD WAVE WITH CONTRAIL

Pluribus Netvisor Solution Brief

SINGLE-TOUCH ORCHESTRATION FOR PROVISIONING, END-TO-END VISIBILITY AND MORE CONTROL IN THE DATA CENTER

Network Functions Virtualization (NFV) for Next Generation Networks (NGN)

OpenStack Awareness Session

SOFTWARE DEFINED NETWORKING: INDUSTRY INVOLVEMENT

DECODING SOFTWARE DEFINED NETWORKING (SDN) Nico Siebelink Technical Director Northern Europe

Leveraging SDN and NFV in the WAN

Designing Virtual Network Security Architectures Dave Shackleford

NFV Management and Orchestration: Enabling Rapid Service Innovation in the Era of Virtualization

Software Defined Networks Virtualized networks & SDN

Use Case Brief NETWORK SECURITY

STRATEGIC WHITE PAPER. The next step in server virtualization: How containers are changing the cloud and application landscape

SDN CONTROLLER. Emil Gągała. PLNOG, , Kraków

Transform Your Business and Protect Your Cisco Nexus Investment While Adopting Cisco Application Centric Infrastructure

Definition of a White Box. Benefits of White Boxes

Business Values of Network and Security Virtualization

Analysis of Network Segmentation Techniques in Cloud Data Centers

Software Defined Network (SDN)

Deliver the Next Generation Intelligent Datacenter Fabric with the Cisco Nexus 1000V, Citrix NetScaler Application Delivery Controller and Cisco vpath

FROM A RIGID ECOSYSTEM TO A LOGICAL AND FLEXIBLE ENTITY: THE SOFTWARE- DEFINED DATA CENTRE

The Road to SDN: Software-Based Networking and Security from Brocade

Cisco Unified Network Services: Overcome Obstacles to Cloud-Ready Deployments

Cisco Network Services Manager 5.0

CloudEngine 1800V Virtual Switch

How To Manage A Virtualization Server

BRINGING NETWORKS TO THE CLOUD ERA

Unifying the Programmability of Cloud and Carrier Infrastructure

Software-Defined Networks Powered by VellOS

Testing Software Defined Network (SDN) For Data Center and Cloud VERYX TECHNOLOGIES

Data Center Infrastructure of the future. Alexei Agueev, Systems Engineer

How To Extend Security Policies To Public Clouds

Transport SDN - Clearing the Roadblocks to Wide-scale Commercial

Network Virtualization

JUNIPER. One network for all demands MICHAEL FRITZ CEE PARTNER MANAGER. 1 Copyright 2010 Juniper Networks, Inc.

Software Defined Environments

CloudLink - The On-Ramp to the Cloud Security, Management and Performance Optimization for Multi-Tenant Private and Public Clouds

HOW SDN AND (NFV) WILL RADICALLY CHANGE DATA CENTRE ARCHITECTURES AND ENABLE NEXT GENERATION CLOUD SERVICES

CoIP (Cloud over IP): The Future of Hybrid Networking

Getting More Performance and Efficiency in the Application Delivery Network

CON Software-Defined Networking in a Hybrid, Open Data Center

Dynamic L4-L7 Service Insertion with Cisco ACI and A10 Thunder ADC REFERENCE ARCHITECTURE

How To Orchestrate The Clouddusing Network With Andn

Bringing the Cloud to the Enterprise Branch and WAN: Unleashing Agility with Nuage Networks Virtualized Network Services EXECUTIVE SUMMARY

White Paper. Juniper Networks. Enabling Businesses to Deploy Virtualized Data Center Environments. Copyright 2013, Juniper Networks, Inc.

Building an Open, Adaptive & Responsive Data Center using OpenDaylight

A Cloud WHERE PHYSICAL ARE TOGETHER AT LAST

Sales Slide Midokura Enterprise MidoNet V1. July 2015 Fujitsu Limited

Software defined networking. Your path to an agile hybrid cloud network

Isaku Yamahata CloudOpen Japan May 22, 2014

Use Case Brief BORDERLESS DATACENTERS

Ubuntu OpenStack on VMware vsphere: A reference architecture for deploying OpenStack while limiting changes to existing infrastructure

VMware vcloud Networking and Security

Ryu SDN Framework What weʼ ve learned Where weʼ ll go

Telecom - The technology behind

Data Center Virtualization and Cloud QA Expertise

Global Headquarters: 5 Speen Street Framingham, MA USA P F

The promise of SDN. EU Future Internet Assembly March 18, Yanick Pouffary Chief Technologist HP Network Services

Exploring Software-Defined Networking with Brocade

Branches as Nimble as the Cloud: Unleashing Agility with Nuage Networks Virtualized Network Services EXECUTIVE SUMMARY

Copyright 2014, Oracle and/or its affiliates. All rights reserved. 2

OVERLAYING VIRTUALIZED LAYER 2 NETWORKS OVER LAYER 3 NETWORKS

Business Case for Open Data Center Architecture in Enterprise Private Cloud

Using SouthBound APIs to build an SDN Solution. Dan Mihai Dumitriu Midokura Feb 5 th, 2014

Software Defined Security Mechanisms for Critical Infrastructure Management

Security in the Software Defined Data Center

Accelerating Micro-segmentation

State of the Art Cloud Infrastructure

Transcription:

White Paper PLUMgrid Open Networking Suite Service Insertion Architecture Introduction A rapid increase in the use of cloud services across the globe require networks to be adaptable and flexible. PLUMgrid Open Networking Suite (ONS) was built from ground up to dynamically adapt with the growing needs of the cloud. The focus of PLUMgrid ONS is to provide industry leading flexibility to its customers without compromising performance. Keeping this philosophy in context PLUMgrid ONS provides seamless integration with various third party services allowing customers to utilize third party tools in conjunction with the PLUMgrid ONS, a bespoke service insertion architecture was developed to ensure effective integration with various third party services. The Need for Network Service Insertion Designing and implementing network infrastructure and integrating software capabilities, that we call Virtual Network Infrastructure (VNI) sometimes referred to as Software Defined Networks (SDN) requires planning and is part of the bigger picture in moving towards cloud based data centers. Building OpenStack networks isn t one size fits all. Customers have existing investments in network appliances (physical and virtual) that they also want to bring forward to their OpenStack clouds. In some instances, they can accomplish it by leveraging Neutron plugins from the network appliance vendor - and PLUMgrid s Neutron plugin will work side by side with FWaaS/LBaaS vendor plugins. However, not all network appliances have OpenStack plugins and this is where PLUMgrid SIA is a massive benefit. PLUMgrid s SIA is a generic framework that allows us to service chain/stitch in a topology any 3rd party network appliance - physical, virtual or container based - to complement PLUMgrid s VNF (Virtual Network Functions) portfolio inside a Virtual Domain. The network architecture can be complex with multiple vendors infrastructure taking their positions in customers data center, simplification of VNI and its integration with existing network and 3rd party vendor network services is crucial. With the increasing diversity in open-sources network services as well as commercial solutions, insertion of 3rd-party services on a case-by-case basis is becoming increasingly impractical. Hence, it is important that service insertion is supported at an architectural level in a production-grade virtual networking product. The SIA is one of the foundational block of PLUMgrid ONS. The PLUMgrid ONS is a software-only solution that provides a rich set of built-in distributed network functions such as routers, switches, NAT, IPAM, DHCP, and it also supports security policies and end-to-end encryption. The PLUMgrid ONS is deployed in OpenStack based deployment via OpenStack Neutron as a plugin forming an overlay network on top of the physical network. The architecture is designed to incorporporate 3rd party commercial and open source L3-L7 components into the virtual network infrastructure. www.plumgrid.com 1/6 2015 PLUMgrid, Inc. All rights reserved.

PLUMgrid Zone Components Before delving into the details of the SIA it is important to understand all the key components of PLUMgrid zone and the role they play: PLUMgrid Director, Virtual Domains and IO Visor which collectively form the PLUMgrid zone as shown in figure 1. Virtual Domain A Virtual Domain B PLUMgrid Directors PLUMgrid IO Visor Gateways VM VM VM VM VM VM VM Figure 1: PLUMgrid Zone PLUMgrid IO Visor Edges PLUMgrid Director The Director is the brain of the PLUMgrid Platform. It is responsible for coordinating and managing all the other platform components. Based on PLUMgrid s distributed system architecture, it provides built-in high availability and scaling. The Director allows you to create Virtual Domains on a per tenant or application basis. Virtual Domains Virtual Domain is a logical data center. A Virtual Domain can be created on demand as an overlay to provide all the networking services (e.g., routers, switches, IPAM, DHCP, NAT, etc.) necessary to build a cloud network. A single instance of PLUMgrid Platform can support thousands of Virtual Domains. Each Virtual Domain is managed by one tenant and provides complete security, isolation and administrative control for its tenant. Changes can be made in-service and without affecting other tenants or the underlying physical network. IO Visor The PLUMgrid s IO Visor technology is the programmable data plane component used to implement distributed network functions. It provides connectivity to virtual machines, other Virtual Domains, physical network infrastructure and the. The IO Visor provides the capability to develop new data plane functions through the SDK. It allows new network functions to be loaded at run-time and without requiring a reboot. The IO Visor is deployed as either an Edge (i.e. compute node) or a Gateway (i.e. interface to legacy or physical networks). PLUMgrid Service Insertion Architecture The PLUMgrid SIA is part of the holistic architecture of PLUMgrid Platform. SIA addresses increasing demands of the customers for a flexible, agile, manageable cloud infrastructure, where networking is enabler and not a roadblock. SIA allows third party network functionality into the existing virtual network infrastructure. The SIA enables third party Virtual Network Functions (VNF) such as,, NAT, DHCP, Firewall, Load Balancer and so on to be added as a plugin in L3-L7. www.plumgrid.com 2/6 2015 PLUMgrid, Inc. All rights reserved.

Physical Appliance Virtual Appliance Container Based Service Insertion Architecture PLUMgrid Platform Why PLUMgrid s SIA is Industry-leading Solution Figure 2: PLUMgrid Service Insertion Architecture Virtualization promise keeper: One of the key reasons why consumers felt the need of virtualization is efficiency in resource utilization. PLUMgrid SIA keeps this promise to its customers by minimizing its footprint on the hypervisor thus preserving the precious CPU and memory resources for tenant services. SDN promise keeper: It also keeps the promise of the Software Defined Networking (SDN) of vendor independent by being hypervisor and Cloud Management System (CMS) agnostic. Automated deployment, management and monitoring: This is provided throughout the lifecycle of the service. High Availability: This caters for service, Operating System or node-level crashes. PLUMgrid SIA Modes PLUMgrid SIA offers three modes for 3rd party commercial and open source software integration with the PLUMgrid Platform: Physical Appliance Virtual Appliance Container Based Physical Appliance PLUMgrid SIA leverages the existing Physical Network Function (PNF) of a physical service appliance such as a physical router in the Physical Network Infrastructure (PNI). This enables the Virtual Network to leverage existing hardware assets in datacenter and optimize the total cost for new cloud based deployment. PLUMgrid SIA also supports the multi-tenancy of the physical service appliance for example one VLAN per tenant can be shared among multiple Virtual Domains. The network functionality of physical service appliance becomes part of the virtual network and the traffic flows via the physical appliance. In the network topology, the physical appliance is inserted via PLUMgrid gateway. PLUMgrid gateway provides the connection between the external resources and PLUMgrid Platform such as external network, network service appliance and bare-metal servers as shown in figure 3. www.plumgrid.com 3/6 2015 PLUMgrid, Inc. All rights reserved.

1 2 4 3 LB Figure 3: Physical Appliance Service Insertion The network diagram above shows how the traffic from an external network for a tenant flows through the PLUMgrid gateway and physical appliance to the virtual machine. Note that the network function of router and bridge of the physical appliance here offers network functionality to the PLUMgrid Virtual Domain in the Virtual Network. Virtual Appliance The SIA mode for virtual appliance differs from the physical appliance in terms of the resource it leverages i.e. the network functionality of the virtual service appliance. Unlike the physical mode, the virtual service appliance are deployed as Virtual Machine on an edge. The edge is a key component of the PLUMgrid Platform that runs in the hypervisor and provides networking for the VMs. The ability to launch a virtual appliance as a virtual machine provides a high level of flexibility to the process. 1 2 4 3 LB Figure 4: Virtual Appliance Service Insertion Figure 4 shows how the traffic from the external network flows into the virtual network through a PLUMgrid gateway to virtual load balancer deployed as a VM on an edge. The virtual appliance then sends the traffic over virtual network fabric as per user s setting. www.plumgrid.com 4/6 2015 PLUMgrid, Inc. All rights reserved.

Container Based Similar to virtual appliance insertion, PLUMgrid ONS supports container based insertion of services based on business needs. PLUMgrid SIA allows the deployment of a container on an edge. A container is therefore deployed through a virtual machine residing on an edge. While using a container based mode, all traffic is hair pinned through the inserted container. Figure 4 shows how traffic flows when a container is leveraged within a PLUMgrid zone. Figure 5: Container Service Insertion The network diagram shows how the two VMs are utilizing resources such as third party router capability deployed in through container insertion. For VMs to communicate, network traffic flows from VM1 to VM2 in a Virtual Domain through the third party container. Last but not least, high availability is a mandatory requirement for any large-scale cloud solution. With the ability to automatically detect and recover from process-, docker-, hypervisor-, and server-level crashes, the PLUMgrid Platform can replay and restart services based on the stored service-level configurations. Distributed Data Plane PLUMgrid SIA is designed to enable integration of 3rd party network functions to the PLUMgrid Control Plane The deployed 3rd party VNFs in the control plane communicates with the existing PLUMgrid VNFs (PLUMlet) of the multiple VMs in the distributed data plane bringing scalability to the network. The deployment and configuration of the 3rd party open source software is as per all other VNFs. Figure 6: Distributed Data Plane Service Insertion www.plumgrid.com 5/6 2015 PLUMgrid, Inc. All rights reserved.

The network diagram indicates PLUMlets in the VMs such as PLUMgrid communicating through the third party router in the Control Plane. The network traffic flows from one VM to another VM as per Users setting through the third party router in data plane. Community and Partner Integration PLUMgrid SIA is designed to support multiple vendors and is vendor agnostic. This agnostic nature of the platform allows seamless integration across multiple third party services. The PLUMgrid Platform has been integrated with a large number of commercial 3rd party Layer 4-7 Network Services and a portfolio of open-source networking functions. This flexible integration of the platform allows businesses to leverage existing LBaaS and FWaaS components. PLUMgrid integrates with Quagga, pfsense and Bird which allows the deployment to leverage third party components and build a cohesive, flexible network deployment. Conclusion PLUMgrid SIA provides an industry leading solution for integrating 3rd party open source and commercial network services to the Virtual Network on top of the VNF services provided by the PLUMgrid Platform, so customers can have best of both worlds and leverage the resources that they currently have in their data center. PLUMgrid is a leader of secure and scalable software-defined networking (SDN) solutions for OpenStack clouds. To learn more about PLUMgrid visit: http://www.plumgrid.com/contact-us/ www.plumgrid.com 6/6 2015 PLUMgrid, Inc. All rights reserved.

2026 © DocPlayer.net Privacy Policy | Terms of Service | Feedback  | Do Not Sell My Personal Information