The infrastructure now needs to become automated. And instead we need to now focus on delivering services.
We need to now introduce a layer in the network that concentrates on the service delivery, the matching of those services to applications and the applications to users, says Mark Pearson, Chief Technologist Data Center and Core, Advanced Technology Group, HP Networking.
“So we are introducing a concept we call the virtual application network and this concept is based on the principles of software defined networking in which we have a control plane that hides the infrastructure, and instead concentrates on the delivery of these services.
Now one of these services is virtualisation. Last week I was at the conference for the open network symposium and this is the conference for the open flow standards. And the question asked to many panellists, is “What is the killer application for cloud computing?” And clearly the answer was virtualisation. And so here, not only are we trying to provide virtualisation but we’re trying to match it to application awareness and matching it to the configuration automation systems for cloud computing.
So how do we build this? Well we start with an architecture that’s end to end that encompasses, campus, branch and data centre. And across that end to end should be a management infrastructure, and this is what we call the flex network architecture. So we want to build on this type of architecture.
So, if we take this starting architecture of the flex network and now what we want to do is introduce virtualisation and virtualisation with programmability. And we do this by introducing the end to end control plane. The end to end control plane being separate from the infrastructure, not necessarily embedded with every device, but rather a central control plane.
Now, have we done this before? And the answer is yes. A couple of examples are where we have virtualised chassis’ with the technology we have it’s called intelligent resilient framework or IRF in which we can create a single control plane that manages multiple boxes or multiple pieces of infrastructure as if they are one device. There is one configuration file, there’s one interface; it’s a central control plane. So we can leverage that technology to create a larger end to end control plane for the flex network.
Another example is with wireless and AP management. So, it’s very common nowthat access points are managed through a centralised control plane called the wireless controller. So, between these two technologies we can leverage that experience and now create the central control plane that manages a complete cloud computing infrastructure. Okay. There are some other functions that are required beyond just the virtualisation and an important one that we believe in is in application characterisation. And so, by introducing the concept of a template to describe an application instance, we can now use policy based management to match the network requirements to application requirements.
Now these network templates need not be one for one for every application they can instead be a choice that the server administrator uses to match against his deployment of the application. So, for example, the server administrator may have up to 200 applications. And instead of picking policy on a one by one basis and customising them they can choose from a set of network templates that represent capabilities of the network. So this creates a fast automation between systems administration and network administration.
The next step then is to take this network template and allow the server administrator who has matched that template to his application to create a concept of a virtual network. So to the systems administrator the virtual network represents a logical grouping of his servers and his applications. At that point the service administrator is now ready to start the network. And he simply says start and to the network the network now takes on this role of orchestration. And it’s this job of orchestration through this end to end control plane that automates all of the infrastructure and hides all of that device by device configuration.
This is the beginning of the end of CLI. That now we go to an automated system managing an infrastructure and instead focus on the delivery of the service and in our case a virtual application network.
So, if we look at our model of the end to end architecture called the flex network, we can now start to deliver these templates. These templates as a layer above the virtualisation control plane. As we deliver these applications we go through these functionalities of characterisation, virtualisation of the network and finally the automatic orchestration of the automation of the visors.
So, even though we consider this game changing, it’s also familiar and comfortable technology. Because it’s very analogous to what the hypervisor did to the server. The hypervisor created virtualisation of the server; it created policy tools to rapidly deploy virtual machines. So now we take the same concept and apply it to the network. In effect we get the network hypervisor.
So the network hypervisor, having these attributes of virtualisation, application, characterisation and orchestration of the actual physical infrastructure, just as the hypervisor did for the server. So much of this technology can be leveraged on top of open flow. Open flow is a complementary technology to delivering the virtual application network. So HP has actually been very involved with open flow from the very early inception. It started with collaboration at Stanford University, with a project called Ethane and HP and our research laboratories called HP Labs was a key participant in this project.
From there we instantly created a demonstration firm ware for our switches that was available with the open flow one [diode] standard. We made this available to researches from early on and it became deployed throughout universities and research institutions.
And then after this we started to see rapid deployment of acceptance of this technology and so we went from 10 to 20 to over 60 deployments of the open flow based firm ware. And some of these installations are not only research or academic but they’re actually used in production and mission critical
environments. And then finally last year the standards organisation for open flow was created, called the Open Networking Foundation and HP was one of the initiating members of this. In fact it is a member of HP that runs the standardisation of the protocol for open flow called the Extensibility Work Group.
So, what does all this mean, open flow? It does a couple of things to the virtual application network. Number 1, it creates an open standard for device programmability. And it’s through that open standard that helps the orchestration aspects of automating configuration.
And so what we have done is we have released up to 16 models now with open flow capability, and that will continue to grow throughout the portfolio. Okay, so let’s put this to use. How does it work in a use case? So, we talked about orchestration, we talked about virtualisation and we talked about – I’m sorry, characterisation, virtualisation and orchestration.
So, let’s start with characterisation. What happens here is the network administrator and systems administrator they work together to develop these templates. These templates represent the class of needs that the system administrator will need. These templates are stored within the network administration system; the end to end control plane. Those templates are then published to a systems administrator policy tool in which the system administrator now sees these templates when designing his applications. At that point the systems administrator has defined the virtual network with the applications, and when he’s ready to deploy he says “Start”. This triggers now the orchestration aspects of the central control plane and which handles the complete device configuration throughout the network.
So this takes an important aspect. I talked about network delivery of cloud applications taking weeks or months and this reduces that from weeks down to minutes; literally five minutes of time to configure the network. So another thing to consider here is how do we ensure correctness and testability of the network? Early on I discussed how we may have to configure 250,000 network attributes. And those, if you consider that maybe 1 in 1,000 of those attributes can be an error, the hard problem for the network administrator is how to find that error.
And with a system like this we can now automate that configuration and we can start to introduce tools that verify the network, that ensure its state consistency with the policy.
So a little more on how we actually deliver this. So, we have a tool that we call the IMC as a network end to end control plane. And so we introduce a virtual application network policy engine and a virtual application network designer. It is through that designer that we develop these network templates. And in the case with a server administrated tool such as the hypervisor manager we have a plug in that allows that publishing of templates between the network administration and the server administration.
From there the virtual application network policy engine will deploy or orchestrate the network for all of the configuration. And so this is where we see an actual switch with the virtual application network policy configuration.
So we believe virtual application networks will deliver the cloud. It introduces an end to end concept called the control plane which is a foundation of software defined networks. It’s a control plane that is separate from the integrated data plane and thus provides an end to end programmable multi tenant environment.
This allows us to number 1, to tune the network to application requirements. And then we virtualise the network and orchestrate it into the actual infrastructure. It enables the IT manager to use policies instead of CLI or scripts. And, as I said, this is now the beginning of the end of the CLI. We have a single pane of glass to manage the network and orchestrate it with the systems administrative tools.
So we believe this is the new model for networking in the cloud computing area. It ensures choice, it ensure flexibility through the use of programmability, API’s, open standards like open flow, and it’s built on architecture that’s end to end that we call the flex network architecture; which we believe is the blueprint for developing network applications for the cloud.