Network virtualization explained
Server virtualization and storage virtualization have been around for years, allowing additional workloads to operate on existing devices, or pooling and provisioning resources without regard for their physical locations. But virtualization has moved beyond servers and storage systems, extending across the network and reaching all the way to user endpoints. This article explains the ideas behind network virtualization, highlights the main deployment considerations, and notes the major opportunities for solution providers.
What is network virtualization and why is it important to the channel?
Network virtualization is a process of abstraction which separates logical network behavior from the underlying physical network resources. Network virtualization allows network aggregation and provisioning, combining different physical networks into a single virtual network, or breaking a physical network into multiple virtual networks that are isolated from each other. This is sometimes called "external network virtualization." Network virtualization can also be applied within virtual servers to create synthetic networks between virtual machines (VMs); this is often dubbed "internal network virtualization."
"A good example of an external virtual network would be VLAN technology, where many logical networks can be operated on one VLAN-capable switch," said Scott Gorcester, president of Moose Logic, a solution provider located in Bothell, Wash. "Internal virtual networks would be the facilities built into virtual server host software such as Microsoft Hyper-V, Citrix XenServer and VMware products."
Network virtualization lends itself to cost savings, efficiency, security and flexibility -- four key benefits for any client. "The whole point of everything we're doing with virtualization is to get more utilization out of hardware," said Dave Sobel, CEO of Evolve Technologies, a solution provider headquartered in Fairfax, Va. In physical environments, adding switch ports requires cabling, connections and configuration -- along with the investment in physical switch ports. In a virtual environment, logical switch ports are created and abstracted from the underlying physical ports. This allows more "virtual" switch ports to be added and "connected" (or directed) to other logical switch ports quickly and without having to commit real ports or cable them together in the data center.
Suppose that the client required a separate network for iSCSI traffic, application development or some other business purpose. Traditionally this would require the creation (and expense) of a different physical network, but network virtualization would allow a new logical network to be created and configured using the same physical hardware. The new network could be isolated from other virtual networks even though it's using the same physical cables, switches, routers and other devices. This ensures security between virtual networks. Further, the new network could be created, configured and managed with few (if any) changes to the physical network.
This kind of flexibility is impossible with physical networks. "When we are out of ports in a physical switch we need to buy another one," said Carlos E. Vargas, lead analyst at Exelon Corp., an energy company in Chicago. "In the virtual world we just change the size of our switch and reboot the virtual host and we are back in business."
Network virtualization is most effective with other forms of virtualization already in place. "The rub is making sure that we've got all the parts that we need in all the right places," Sobel said. "As you start to virtualize server and storage components, the idea of virtualizing the switches … starts to make more sense," he said, noting that network virtualization is a natural extension to virtual servers and storage.
Early on, network virtualization was the domain of large hosting companies that used the technology to create logical environments for each of their subscribers. Medium-sized to large enterprises are adopting network virtualization to separate networks by business function or geographic location -- often related to compliance obligations. Businesses are also adopting the technology to ensure security between the client and their business partners that require some form of access to the client's network. Small and medium-sized businesses (SMBs) may not be ideal candidates for network virtualization yet. But experts like Sobel predict that rapid adoption of storage and server virtualization, combined with falling prices for powerful networking hardware, may make network virtualization a suitable technology for the SMB by late 2009 or 2010.
What are the hardware and software elements of network virtualization?
Network virtualization can be implemented at the server or cluster level using hypervisor software -- you can create a virtual network on a single system. The hypervisor provides the abstraction layer that allows different types of internal networks to mimic the physical world. Hypervisor products include VMware ESXi, Citrix XenServer 5, Virtual Iron from Virtual Iron Software, Microsoft Hyper-V Server 2008 and the open source VirtualBox.
As you connect multiple systems, the network itself must support virtualization in the routers and switches. This may require the use of managed (or "intelligent") switches -- often termed Layer 3 switches. The switches run virtualization software modules that abstract the physical switch ports and surrounding network into VLANs. Fortunately, VLAN-capable switches are readily available. "VLAN technology is everywhere today, from high-end providers such as Cisco to lower-end/mid-tier vendors such as DLink," Gorcester said.
This relationship between hardware and software is leading to convergence. For example, a Layer 3 intelligent switch may be able to run virtualization software from VMware. Experts point out that vendors are working together to ensure interoperability, which can only help the adoption of virtualization. "Currently, Cisco is working to embed their technology in several hypervisor network topologies," Vargas said. "This will allow Cisco to extend the physical network to the virtual world."
What planning or upgrades may be needed for network virtualization?
While the hardware and software for network virtualization is readily available, its deployment in the enterprise requires careful planning. Bandwidth is the most obvious consideration. In some cases, the creation of multiple virtual networks is strictly a security play to isolate existing traffic -- usually to meet some compliance-related goal. This is rare, however, and virtual networks are more commonly deployed to improve utilization of the network by supporting additional workloads. Virtualization itself should add no additional traffic to the network, but the traffic from additional workloads has to be considered. Parts of the network (especially the network backbone) may need to be upgraded to 1 Gigabit Ethernet (GbE) or even 10 Gigabit Ethernet. Also consider the traffic types on the virtual network. VLANs block broadcast traffic, so applications that rely on broadcast traffic may not work properly.
Bandwidth upgrades may necessitate faster ports (and maybe cabling), but the network switches and routers will also have to be validated for proper virtualization support. For example, the switches will need to run virtualization software along with other software modules. "You have to make sure that your processors and memory on your switches and routers are able to handle the extra workload that will be placed on them," said Michael S. Wherry, technical architect with Global Hyatt Corp. in Chicago. As an example, Wherry pointed to a recent in-house effort where all routers were evaluated and upgraded as needed to support MPLS (Multi Protocol Label Switching) cloud traffic.
Network virtualization also raises the question of redundancy. As more workloads operate on existing hardware, faults and failures will have a greater impact on your client's operation. Solution providers that are assessing an existing infrastructure or planning a network virtualization project should identify single points of failure and recommend corrective action to ensure robust operation. For example, critical servers may be configured into a cluster to share processing resources and connectivity. When one element of the cluster fails, the remaining elements take over the processing to keep data flowing. Similarly, redundant switches may be introduced using failover techniques to shift traffic when faults occur.
Network virtualization adds complexity to the client's environment. Each new virtual network makes it more difficult to relate virtual resources back to the underlying physical resources, so limit the number of virtual networks to keep complexity to a minimum. "If you create too many VLANs, that network infrastructure will become a nightmare to administer," Vargas said. Any network virtualization project will require virtualization-aware management tools that can create, configure, provision and report on the virtual networks created for your client. Bandwidth monitoring and reporting may also be an important management feature -- not just to ensure smooth operation from a technical standpoint, but also to facilitate accurate chargeback billing to network users (if the client uses a chargeback model).
What are the channel opportunities and trends in network virtualization?
There are revenue opportunities in the initial deployment and setup of a network virtualization project. Clients are running with smaller IT teams -- especially in tightening economic conditions -- so relying on the services of an experienced solution provider is increasingly appealing, even for larger enterprises. "This is not one of those things you want to sit down and try to figure out yourself on the weekend, especially when you're working with compliance," Wherry said.
Beyond the initial installation, solution providers can find recurring revenue opportunities in auditing and regular management. For example, auditing can help verify that the client's environment is still safe and secure, ensuring that the virtualization project has not exposed any resources to unexpected threats.
Experts like Sobel note that network virtualization projects rarely exist in a vacuum, and are most often an extension of previous virtualization initiativesinvolving storage and servers. "I think a network virtualization project doesn't make much sense in its own," Sobel said. "No one would come in and say, 'I want to virtualize your network,' and talk just about virtualizing switches."
Consequently, solution providers can find additional project opportunities extending the virtual environment to other elements of the client's infrastructure. For example, a solution provider may be able to demonstrate a cost savings by proposing a subsequent server virtualization project to consolidate several remaining application servers onto a single platform. In some cases, a solution provider may recommend the reverse -- forestalling a network virtualization project until more elements of the client's infrastructure are virtualized.
Successful virtualization initiatives take planning. "The customer needs to sit down with the solution provider and plan where they want to take their environment in the next three to five years … and start working toward it," Vargas said. Many solution providers choose to plan and implement virtualization initiatives in phases -- often opting to start with nonessential elements of the environment. This minimizes disruption, allowing the client to gain confidence and see value in virtualization before it rolls out to the entire enterprise.
Planning should also involve a perspective on the future network technologies. As more workloads are handled by less hardware, additional network bandwidth must be added. Vargas pointed to unified fabric technology as one near-term development, allowing native storage and network traffic to coexist on the same network. An example of this is Cisco's Nexus 7000 series switching platform, which supports IP and Fibre Channel traffic on the same 10 GbE cable (dubbed Fibre Channel over Ethernet or FCoE). Additional bandwidth should also be available with the continued adoption of 10 GbE and the eventual development of 100 GbE.
No comments:
Post a Comment