Orchestrate virtual application networks accelerate the


Orchestrate virtual application networks accelerate the...

2 downloads 120 Views 1MB Size

Business white paper

Orchestrate virtual application networks  accelerate the move to the cloud LEAVE no cloud unturned, with a consistent, and agile FlexNetwork architecture

Table of Contents 3 Data center networks are at the breaking point 4 Starting with architectural simplification 4 Virtualizing the FlexNetwork architecture 5 Provisioning delays in the cloud data center 5 Virtual Application Networks 5 Rapid cloud application deployment and data center network provisioning 6 Provisioning—a simple and automated model 7 Extend your reach with open APIs 8 Move ahead to the cloud 8 Learn more

The cloud is a desirable destination where applications and information are readily available and can be consumed quickly, efficiently, and anywhere. But the path to the cloud can be filled with unseen challenges, including the network itself. The legacy networks used today limit business and the ability to freely move applications to the cloud. The proprietary nature of these legacy networks lock in customers and prevent them from choosing the best solution to fit their business.

A typical data center with 500 servers, including approximately 20 virtual machines per server, requires manual provisioning of more than 50,000 networking attributes on a port-by-port basis. Those 50,000 network attributes may require over 250,000 command-line entries on dozens of network switches. These manual command-line entries cause both time delays and reduces reliability. Even if only one error is made for every 1,000 entries, 250 errors will be made. The challenge in ensuring reliability of the cloud of virtual data center is being able to find the error in order to remedy it.

Legacy networks are application indifferent, with rigid, multi-tier architectures which limit the deployment of cloud applications and impede the traffic flows across the network from the data center to the user in the campus or branch. In addition, legacy networks require dozens of disaggregated manual management applications to configure, deploy, and monitor physical and virtual networks, causing swivel-chair management and resulting in an incomplete view of the network.

Data center networks are at the breaking point Successful cloud data centers require a network to enable rapid deployment of applications, meet the traffic demands of large-scale virtual workload mobility and federated applications, and deliver secure multitenancy. There’s no time to delay. More than two-thirds of all server workloads will be running in virtual machines (VMs) by 2014.1 More than 80 percent of data center traffic will be between servers by 2014.2 But today’s data center networks are too inflexible to deliver rapid deployment of virtualized workloads and adapt to the needs of large-scale workload mobility. Legacy network processes and tools use device-by-device manual configuration and provisioning which are error-prone, time-consuming, reactive, and isolated from IT-wide orchestration.

These manual network processes can take up to several weeks, delaying the deployment of new applications and putting reliability at risk because most network outages are the result of human error—changes made to the network that are incorrect, mis-timed, or fail to follow the appropriate workflow procedures.3 In addition, IT operating models are bureaucratic and compartmentalized. The current complexity of IT is holding back cloud applications.

To accelerate the move to the cloud, the network must offer tools and processes that predictably automate previously manual processes, streamlining orchestration of both physical and virtual resources to give businesses speed and reliability. The tools and process must allow for network provisioning to account for the application requirements to provide users with the anticipated service levels and experience. At the same time, the data center network must be simpler and flatter to speed performance of federated workflows and VM mobility.

1

 artner G00207476: Emerging Technology Analysis G Gartner G00175764: Key Issues for Communications Strategies, 2010

2

 artner, Inc. “Your Data Center Network Is Heading for Traffic Chaos,” Bjarne Munch, G April 27, 2011.

3

Forrester—Feb. 2007 “Who Has Changed My Network” by Evelyn Hubbert with Robert Whiteley and Rachel Batiancila

Figure 1. The FlexNetwork Architecture delivers simplicity as the industry’s only architecture that unifies the data center, campus, and branch

FlexFabric

FlexCampus

FlexBranch

FlexManagement FlexNetwork Architecture Open

Scalable

Secure

Agile

Consistent

3

Figure 2. Virtual Application Networks

SAP

Virtual Application Networks characterize, virtualize, and orchestrate networks to deliver applications and content to campus, branch, and mobile users.

Microsoft

Outlook 2010

Microsoft

Lync

IMC Virtual Application Network Manager Module enables network administrators to preconfigure connection profile templates, accelerating the deployment of cloud applications; it’s part of IMC, HP’s single-pane-of-glass management for physical and virtual networks.

POLYCOM

Virtualize the network infrastructure end to end for on-demand topology and device-independent provisioning.

ORCHESTRATE VIRTUALIZE CHARACTERIZE

Orchestrate the network to rapidly and dynamically connect users to applications.

NETWORK

NETW ORK

Characterize and template applications for consistency, reliability, and repeatability.

Reference the full view of the HP Networking Portfolio Guide

Starting with architectural simplification HP is changing the rules of networking with HP FlexNetwork architecture, a component of HP’s proven Converged Infrastructure. The HP FlexNetwork architecture (see Figure 1) is the industry’s only converged architecture from the data center—where applications and services are generated, to the campus and branch—where users consume them. The FlexNetwork architecture allows networks to be open, scalable, secure, agile, and consistent. FlexManagement delivers a single-pane-of-glass for managing the FlexNetwork architecture and its core platform is the Intelligent Management Center (IMC). IMC is a service-oriented architecture (SOA) platform with modules that deliver full Fault, Configuration, Accounting, Performance, and Security (FCAPS) management. As a service-oriented architecture, the modules share information and combine to deliver powerful management solutions.

Virtualizing the entire network by providing a single control plane across the end-to-end network, from the data center to the campus and branch, is achieved by applying principles similar to that of IRF to all networking devices. The abstraction layer created through a single control plane across the entire network enables IT to orchestrate the network using policies instead of managing device-by-device as conducted on legacy networks. Having a control plane across the network is akin to a hypervisor controlling server resources in virtualization (see Figure 3). Figure 3. Virtual Application Networks

Control Plane

FlexFabric

IMC allows IT to shift from swivel-chair management to centralized control and orchestration of the network.

Hypervisor

FlexCampus

FlexBranch Server CPUs

FlexManagement FlexNetwork Architecture Open

Scalable

Secure

Agile

Consistent

Virtualizing the FlexNetwork architecture With a consistent architecture for the data center, campus and branch, and single-pane-of-glass management for the FlexNetwork architecture, HP is in a position to virtualize the network from the data center to the campus and branch. This sounds like a tall order, but one that is already familiar.

Through virtualization of the entire network, from the application to the user, IT can use orchestration tools to characterize the delivery requirements of an application and provision a virtual network that meets the service levels and experience expected by the user.

Intelligent Resilient Framework (IRF), a unique networking innovation offered by HP, is a switch virtualization technology. In IRF, the control plane and data plane are separated. This framework groups the switches together under a single IP address, which allows them to be managed as a single switch.

HP is leading the industry in OpenFlow, an open standard based technology, a protocol that allows a standards-based programmable interface. By leveraging OpenFlow, HP can provide standards-based mechanism to extend the control plane abstraction concept beyond HP Networking devices.

4

Provisioning delays in the cloud data center

Rapid cloud application deployment and data center network provisioning

Cloud data center administrators need an agile, error-free, and dynamic solution for provisioning network connections for virtualized workloads.

Data center administrators need a more agile, error-free, and dynamic solution for provisioning network connections for virtualized workloads.

Today, provisioning server access switches is a series of back-and-forth, iterative steps between the system administrator and the network administrator. The network administrator manually configures the network connections, which is complex and time consuming given the number of required CLI commands as we have seen with the example of provisioning a data center. If errors are introduced through manual provisioning, application rollouts are delayed even further.

FlexFabric is the data center solution module of the FlexNetwork architecture, and it is HP’s vision for a next-generation, highly scalable data center network. The FlexFabric solution is a high‑performance, low-latency interconnect which converges and secures the data center network, compute, and storage with single‑pane-of-glass management for physical and virtual elements, reducing complexity and cost.

While system administrators may use vSwitches to speed provisioning, they create other operational complexities. vSwitches add another networking layer which increases data center network latency, slowing performance of virtual machine mobility and federated applications. vSwitches typically require an additional management tool for the system domain. Finally, vSwitches limit visibility for the network administrator and reduce the security over the traffic passing between workloads on VMs. The desired pace of cloud application deployment on a VM is five minutes—a pace server virtualization has brought to server administrators. This pace is desirable when application workloads must be migrated to other servers. Today, network administrators must perform additional device-level provisioning, adding further delay and disruption.

Virtual Application Networks A Virtual Application Networks (see Figure 2) is a new cloud functionality that speeds application deployment, simplifies management, and supports network service level agreements (SLAs) across the HP FlexNetwork architecture. Virtual Applications Networks connect users to an application by designing and implementing them to meet the requirements of application classes such as voice, real-time transaction processing, or video over a secure, shared infrastructure built with the FlexNetwork architecture. Virtual Application Networks support multitenancy in which each Virtual Application Network is dedicated to a business unit or company. With Virtual Application Networks, you can separate network provisioning from device management with connection profile templates and leverage proven network virtualization technologies to simplify management and reduce the time to deploy cloud applications.

VAN Manager is a module that runs on the IMC which provides single‑pane-of-glass management. The VAN Manager module includes three components: the designer, the policy engine, and the VMware plug-in. The VAN Designer (see Figure 4) provides a flexible, intuitive, graphical interface for network administrators to quickly and efficiently design network connectivity for cloud applications. Administrators can design connection profiles called Virtual Service Interfaces (VSIs) for different physical and virtual application workloads. VSI connection profiles can be designed for specific application delivery requirements. Some of the attributes in a connection profile include committed information rate, peak information rate, prioritization, priority policy (IP Precedence, DiffServ, etc.), and access policy. These attributes allow the Virtual Application Network to be characterized by the delivery requirements of the application or class of applications. With the VAN Designer, the network administrator and server administrator can design a set of connection profiles that can be used repeatedly for the rapid and consistent deployment of cloud application workloads. For a business migrating hundreds of existing applications to a private cloud, only a dozen connection profiles may be needed once the applications with similar delivery requirements are organized into classes. The VAN Policy Engine stores the connection profiles and fulfills connection requests from both physical and virtual servers. The VAN VMware plug-in allows the connection profiles to be visible in VMware vCenter. When a new cloud application workload needs to be deployed, the server administrator can simply select the appropriate connection profile—defined as a VSI type in IMC—characterized for the application delivery requirements. When the administrator selects the “power on” button, the Policy Engine in the VAN Manager will automatically configure the data center access switch, eliminating the manual configuration previously required. Within five minutes, the new cloud application workload can be connected to the network and be available to users. HP plans to offer other plug-ins that integrate into other hypervisor environments such as Microsoft Hyper-V, Citrix Xen, and KVM for Linux. As with support of other hypervisor environments, Virtual Application Networks supports HP and third-party switches that support Edge Virtual Bridging (EVB) and non-EVB implementations. 5

Figure 4. Virtual Application Networks—management across physical and virtual networks

Delivering Virtual Application Networks Today Hypervisor management

Intelligent Management Center

VAN Plug-In

vSwitch Manager

VAN Policy Engine

• Characterize app using template

VAN Designer

VAN API

• Program virtual network resources • Orchestrate network resources

VM VM

vSwitch/HP open vSwitch

VM NIC

VAN access switch SW HPN access switch

VAN Manager components HPN Core Switch

HPN Core Router

IMC enterprise/Standard components

Server

What is Edge Virtual Bridging? The lack of management visibility into traffic at the server-network edge is challenging within a virtualized environment. Traffic between virtual machines installed on a server is not visible to the network and therefore not managed and is susceptible to security threats. Edge Virtual Bridging (EVB) with Virtual Ethernet Port Aggregator (VEPA) technology is one way to overcome the lack of visibility of traffic between VMs. EVB is an IEEE 802.1Qbg standard that enables network management and service provisioning as close to the edge as possible. EVB combines the best of software and hardware switches and does not force changes into installed environments. HP supports EVB with VEPA, as well as non-EVB technologies. Using VEPA technology shifts the network processing activities close to the server-network edge, just inside of the network fabric. This lets the access switches manage the virtual network traffic, resulting in greater traffic visibility and better performance. EVB technologies will play a key part in the evolution of VAN for FlexFabric, enabling more scalable and secure solutions and hypervisor environments including Citrix Xen and KVM for Linux.

New cloud workloads can be instantly connected to the network by subscribing to the appropriate connection profile. When a workload moves, the connection profile moves with it, verifying the network connection is always characterized to the delivery requirements of the application. If the service level of the Virtual Application Network is not being met, the connection policy can be modified appropriately and IMC will automatically provision the network according to the changes. IMC includes vSwitch Manager, which is used to set and monitor vSwitch features in the VM manager. IMC provides visibility of the physical and virtual networks and monitors VM connectivity which is accomplished through the vSwitch component within IMC. The connectivity and status of VMs that are deployed through VAN Manager will be visible in IMC. Virtual Application Networks specific Web services-based extended APIs (eAPIs) enable external access to its functions from cloud and network orchestration frameworks.4 VAN Manager provides network administrators with an entirely new level of agility and flexibility by allowing them to proactively design and provision the network. Network administrators can work

6

collaboratively with system administrators to deliver networking connectivity more quickly yet still retain consistent control and security over the network. Together, they can provision server access in minutes, rather than weeks.

Provisioning—a simple and automated model Compared to the old process of provisioning servers, the process with HP Virtual Application Networks is streamlined and straightforward (see Figure 5). Through Virtual Application Networks, provisioning the network through automation eliminates CLI configuration. IMC has in-depth intelligence of the network and, beyond provisioning the network with Virtual Application Networks, it can automate the creation of VLANs and simplify switch management and configuration with IRF. Virtual Application Networks establishes a new model to allow data center managers to expand their use of virtualization by giving them a proactive and flexible approach to consistently provision and secure network connectivity. Virtual Application Networks can quickly and efficiently deliver support to the large scale virtualization that’s required for cloud services. VMs on the server edge can also be thoroughly monitored and audited. With virtualization scale outs and/or the need for virtual machine migration across physical servers or data centers, orchestration is critical to providing continuous service to users. Virtual Application Networks assists orchestration by enabling the connection for a VM to be automatically migrated if the VM is moved by the system administrator. Provisioned connections stay bound to the VM.

4

 hese eAPIs are included in the IMC Enterprise Platform and are a licensable upgrade in T IMC Standard Platform

Figure 5. Virtual Application Networks simplifies and automates the labor-intensive process of provisioning network access to virtual servers.

Rapid Application Deployment with Virtual Application Networks System admin

Network admin 1

Virtualize the network

Characterize the application

2

IMC VAN Manager Define attributes

VM manager IMC VMware plug-in

Choose connection profile

3

Orchestrate the network IMC VAN Manager VM

Extend your reach with open APIs

HP has extended the reach of Virtual Application Networks by publishing the Virtual Application Networks-specific IMC eAPIs to allow enterprises and third-parties to develop customized management solutions. Like IMC itself, eAPIs are built on a service‑oriented application platform, making it open and extensible.

Virtual Application Networks is built to enable flexible integration of server and networking operations together to let those teams more quickly deliver connected server resources. In the context of advanced cloud provisioning environments, Virtual Application Networks also delivers a robust set of APIs for enterprises to integrate Virtual Application Networks operations into E2E orchestration solutions (see Figure 6). In these models, the discrete Virtual Application Networks functions and process steps can be integrated seamlessly into server, storage, and networking DevOps models to deliver complete IT services quickly and efficiently.

eAPIs allow developers to tap into the rich information and functionality of IMC, whether they are developing a new application or integrating an in-house management tool with IMC.

Figure 6. Virtual Application Networks provides flexibility to integrate server and network operations and align with Cloud Provisioning/orchestration frameworks leveraging Virtual Application Network APIs

CI controllers/cloud provisioning apps using VAN API for network services

Network admin configures Virtual Application Network with the Designer

DevOps/Cloud Manager

VAN Designer IMC VAN API

Cloud Provisioning Logic (Matrix/CIC/CSA/Openstack etc.)

Network Admin

IMC device adapter layer

Other Resource Managers/Zone Managers

Network Infrastructure

Storage Targets, Volumes

OS images, App Deployment

Servers, Server Profiles, Enclosures

Hypervisors, VM VM Templates

Fabric

VPN

Firewall

Power Cooling, Facilities

Edge Connect

ADC

DC Core

Core Routing

WAN MPLS/VPLS

IDS/IPS

7

Move ahead to the cloud

Learn more

The first instantiation of Virtual Application Networks will begin in the data center networks by characterizing the applications, virtualizing the network control plane, and automating the orchestration of the data center. HP plans to extend these principles to encompass the entire FlexNetwork architecture through the expansion of Virtual Application Networks to tune the application delivery requirements in the data center and ultimately improve the user experience for these applications in the campus and branch networks.

To learn more about HP products, contact your HP sales representative. For more information on HP Networking visit hp.com/go/networking

Virtual Application Networks provides a fundamentally better operating model for IT, allowing for the greater agility long demanded by the business, as well as tailored delivery of network connectivity, scalability, and security is are necessary with cloud services. With Virtual Application Networks, IT can deliver applications quickly to support changing business requirements while automating and orchestrating management to lower cost. With HP FlexNetwork solutions, IT can truly do more with less.

Learn more about extensible and open single-pane-of-glass management in the HP Intelligent Management Center (Enterprise Platform) Extended APIs (eAPIs) http://h20195.www2.hp.com/v2/ GetPDF.aspx/4AA4-0791ENW.pdf Learn more about Cloud Network Maps for the data center http://www.hp.com/networking/van Learn more about virtualized networks enabled by OpenFlow http://h17007.www1.hp.com/us/en/solutions/technology/ openflow/index.aspx

Get connected hp.com/go/getconnected Get the insider view on tech trends, support alerts, and HP solutions © Copyright 2012 Hewlett-Packard Development Company, L.P. The information contained herein is subject to change without notice. The only warranties for HP products and services are set forth in the express warranty statements accompanying such products and services. Nothing herein should be construed as constituting an additional warranty. HP shall not be liable for technical or editorial errors or omissions contained herein. Microsoft is a U.S. registered trademark of Microsoft Corporation. 4AA4-0790ENW, Created April 2012