- 1 When Virtualized Infrastructure Comes at an Added Cost
- 2 Docker's DCT Delivers Digital Signing for Security
- 3 Securing Containers without the Need for Virtualization Technology
- 4 VMware Hints at Potential Evolution for Container Strategy
- 5 Twistlock Emerges to Strengthen the Security of Containers
Big Switch Relieves Virtual Machine Mobility Migraines
One of the benefits of server virtualization, combined with virtualization platforms offered by the likes of VMware and Microsoft, is virtual machine mobility — you can move a running VM to another physical host in your data center in order to maximize utilization rates, or for any one of countless other reasons.
But in practice the movement of VMs within the data center across subnets is limited because of IP address configuration issues. That's why companies like Nicira are pushing products that decouple virtual networks from the underlying pool of physical hardware on which they run. The virtual networks can then be configured and reconfigured in software, without having to worry about the physical network infrastructure.
Another company involved in the virtual networking space is California-based Big Switch Networks. Its solution is based on software-defined networking (SDN) using OpenFlow. In theory, a Big Switch virtual network would be made up of OpenFlow-compatible switches (physical or virtual) and a Big Switch network controller that bosses them around, but there is a very obvious problem — who has a data center in which all the switches are OpenFlow-enabled?
To really get going with Big Switch, and thus to get the full benefits of server virtualization technology and virtual machine mobility, would mean going on an epic OpenFlow-enabled switch shopping spree. And that simply isn't going to happen. "Any company that tries to promote a rip-and-replace approach to virtual networking is going to have a difficult time with that," says Zeus Kerravala, principal analyst at ZK Research, with a certain amount of understatement.
This leaves Big Switch in something of a predicament. "The problem we face is this: how do we bring OpenFlow to companies that have networking hardware that doesn't support OpenFlow today?" states Kyle Forster, Big Switch's co-founder.
What the company is proposing (and currently beta testing) is incorporating OpenFlow overlay technology — which can be used with both OpenFlow-enabled physical switches and vSwitches in virtualization hypervisors — into its Big Virtual Switch application. This enables a virtual OpenFlow network to be overlaid on top of existing non-OpenFlow-enabled physical networks.
"What we are doing is using tunneling to overlay a virtual OpenFlow network. We are tunneling a packet from switch A to switch B, encapsulating the packet as it passes intermediate (i.e. non OpenFlow-enabled) switches," says Forster. "We think there will be demand for hybrid networks which might use 10% OpenFlow-enabled switches and 90% overlay (using existing, non OpenFlow-enabled switches).
Using this solution would involve installing a limited number of top-of-the-rack OpenFlow-enabled switches, or pointing the OpenFlow controller at vCenter or other hypervisor management software to upgrade hypervisor-based vSwitches to OpenFlow.
There are drawbacks to this overlay approach, Forster admits. "The downside of the 10:90 approach is that with an overlay you are effectively managing two networks. That means that if there is a problem, you have two networks to troubleshoot." He also cautions that "there may be performance caveats," which is PR-speak for "the network probably won't run very quickly."
But if you operate a highly virtualized server environment, and you use vMotion (or equivalent) to any appreciable extent, this does open the aperture for an SDN pilot without committing to buying large amounts of OpenFlow-enabled hardware. It's not an end solution, but one that is backward-compatible with existing hardware and forward-compatible with OpenFlow-enabled hardware that may be purchased in the future.
Whether Big Switch's technology will end up being widely adopted is difficult to guess right now. But it certainly brings the prospect of any IP address anywhere in the data center a little closer to reality. And that should make life just a little bit easier for any company involved in server virtualization and private or public cloud computing projects.
Paul Rubens is a technology journalist and contributor to ServerWatch, EnterpriseNetworkingPlanet and EnterpriseMobileToday. He has also covered technology for international newspapers and magazines including The Economist and The Financial Times since 1991.
Read more on "Cloud Computing" »