Over the past decade, virtual machines have become the de facto standard in the enterprise. A parallel trend is emerging as more and more organizations are unwittingly finding themselves with heterogeneous hypervisor environments. While managing multiple hypervisor environments may present an IT challenge, the increase in operational costs is outweighed by the reductions in licensing from moving from proprietary software to open source hypervisors.
The quest for agility and movement to open source has prompted the rise of the DevOps culture in enterprise IT.
Many of us in the DevOps world are familiar with the pets vs. cattle metaphor when talking about virtual machines (VMs). “Cattle” refers to the set of virtual machines in a cloud where all are alike and no single one is more important than another — if one, two or a handful go down and stop working, there are other VMs to take their place. On the other hand, “pets” are VMs that have been customized and optimized for running a specific workload, and when they get a bug or stop working for some reason, IT will spend time and resources restoring them back to health. Workloads on proprietary hypervisors are like pets and more and more workloads are turning into cattle VMs by replacing the proprietary virtual machines with open source.
Cloud management solutions that come from the same hypervisor vendors tend to make their own hypervisor the first-class citizen and shortchange other hypervisors in feature parity. As a result, customers end up with a hodgepodge of cloud management solutions, none of which provide a holistic view of the heterogeneous environment. To make things worse, customers are left to implement point-to-point integrations between the cloud management solutions that are difficult to maintain.
On the networking side, the picture is no better. Network protocols were designed for static environments where change is infrequent. Today’s application environment is dynamic and puts a burden on physical networks that weren’t designed for agility. For the organization adopting cloud, few solutions on the market today provide network management for both the virtual and physical, while fewer can provide networking across multiple hypervisors, and even fewer can provide networking across private cloud regions/data centers.
Why network virtualization?
Because applications are becoming electronic storefronts and often the sole source of revenue for some businesses. If sign-ups/churn can be a predictor for monthly recurring revenue for SaaS companies, then the frequency of application releases can be a weighted variable in the equation. If the network is the conduit for the application, then the speed of transaction processing through the application is directly proportional to monthly revenue growth. That’s the reality for the modern enterprise and the web scale internet companies.
Network Virtualization can provide some relief to those most afflicted. Network Virtualization Overlay (NVO) solutions provide software-programmable access to the network without disturbing the physical network, which means application developers can write APIs to the controller via pre-defined templates or blueprints. NVO solutions like MidoNet go a step further, giving application owners self-service access to the network through the software abstraction layer using the CLI. However, unlike server virtualization, where developers can have their own virtual machines, network domains are still set up using templates, which still typically involve bringing in networking professionals. With NVO, application developers have more or less the same degree of flexibility and agility they have grown accustomed to with server virtualization. Application developers can also essentially program the network in software. On top of that, when NVO is paired with the private IaaS cloud, application developers can rely on self-service access to any network service including even advanced network services like LBaaS.
By definition, solutions like NVO and SDN blur the silos between network, server, virtualization, and application teams and forces stronger DevOps collaboration, leading more and more organizations to embrace the DevOps culture altogether.
Where can NVO provide instant value?
In this discussion, we want to explore the application use cases where network virtualization overlay solutions can provide the application developers with the fine-grain control of the networking services underneath their applications.
Use case 1: Mix and Match Virtual Machines (VMs): Implement a connection gateway between the cattle VMs and the pet VMs using a network virtualization overlay
Traditionally, virtual machines deployed on separate VLANs cannot communicate with each other. The cattle VMs are isolated from the pet VMs, which would not work for multi-tiered applications leveraging both.
The advantages of using a L2/L3 and VLAN gateway — instead of having separate VLAN networks for each hypervisor environment — are many. For one, the two types of VMs supporting multi-tier applications deployed on separate VLANs can now communicate with each other through the L2 Gateway. Network provisioning can be done with just a few mouse clicks. Customers who are extending their network into the cloud can migrate applications on a subnet to a cloud infrastructure seamlessly, without changing the IP address of the application.
The VLAN gateway makes it possible for network admins to access the layer 2 gateway functionality without having to invest in new networking hardware. Even systems administrators with intermediate Linux skills can connect bare-metal or virtual servers to an overlay on existing physical network topology.
Use Case 2: Bridging physical and virtual using Virtual Tunnel End point (VTEP)
Contrary to popular belief, not all workloads deployed in enterprises are virtualized. Organizations still run workloads on physical machines; this is especially true for legacy databases tied to mission-critical applications. Even modern applications like telephony, voice, and/or video streaming with low latency requirements tend to be deployed on physical infrastructure. Making changes to a running network can be error prone, and lead to unwanted network failures or to a downgrade in network performance.
The introduction of the underlay and overlay provides some relief to this headache. The elegance of a network underlay solution like Cumulus Networks’ provides the disaggregation of the network hardware from the network operating system. NVO solutions like MidoNet makes the network programmable via API-driven software.
Integrating the L2 gateway service support providing vXVLAN support from an underlay like Cumulus enables the connection between the virtual networks and the physical networks using VTEP/L2 bridging from the MidoNet overlay. The marriage of the underlay and overlay provides unmatched agility and scale for physical networks that weren’t designed for either.
In addition, the underlay and the overlay working together can facilitate migrations between the physical and virtual environment, enabling VMs to communicate with the application workloads sitting behind the switches deployed on physical machines.
Use case 3: Connect VMs to VMs in different regions or data centers by implementing Virtual Private Cloud (VPC) peering between two or more regions
IT professionals have grown accustomed to the security of a private data center and want to have the same features in shared private cloud infrastructure. The Virtual Private Cloud (VPC) was invented to provide logical isolation in a public shared service for cloud operators. However, VPCs have yet to see widespread adoption even by public cloud providers like Amazon Web Services or Google Cloud, which is partly due to the difficulty in setting up the network connections. But with Network Virtualization Overlay solutions like MidoNet, there’s no need to create a hardware virtual private network (VPN) between the VPC in the cloud and the one in the data center.
With VPC peering in MidoNet, traffic on private IPs can communicate between, say, two tenants deployed on separate VPCs representing two separate on-premise OpenStack clouds. Such network Virtualization Overlay solutions allow the on-premise cloud to communicate with the other on-premise cloud across the geographically disperse data centers via the Top of Rack (TOR) switching fabric.
With VPCs slowly gaining momentum in the enterprise, VPC peering can be a useful solution for enterprises operating in countries where they have to keep data in-country to meet regulatory requirements, but maintain data integrity across the entire enterprise.
NVO solutions drive DevOps cultures
By definition, solutions like NVO and SDN blur the silos between network, server, virtualization, and application teams and forces stronger DevOps collaboration, leading more and more organizations to apply the DevOps principles widely used for automating compute to managing the networks.