Cloud Computing Networks

(1)

Cloud Computing Networks

q

(2)

UNDERSTANDING CLOUD COMPUTING NETWORKS

CLOUD COMPUTING'S IMPACT ON THE NETWORK: HOW TO PREPARE

CLOUD NETWORKING: INTER-NETWORKING DATA CENTERS AND CONNECTING USERS

Understanding cloud computing networks

Cloud computing network architecture often includes a flat,

leaf-spine topology to reduce latency and balance bandwidth

use.

BY RIVKA GEWIRTZ LITTLE

THE DEFINITION OF cloud computing changes readily, so the definition of cloud

computing networks changes as well. Ultimately, the goal of cloud computing— regardless of model—is to create a fluid pool of resources across servers and data centers that enable users to access stored data and applications on an as-needed basis. Cloud computing networks, therefore, have two missions: to en-able the movement of that pool as a single virtual resource, and to connect users to these resources regardless of location.

To make that happen, cloud computing networks—whether they support public, private or hybrid clouds—must be able to:

DBurst up and turn down bandwidth on demand.

DProvide extremely low latency throughput among storage networks, the data center and the LAN.

DAllow for non-blocked connections between servers to enable automated movement of virtual machines (VMs).

DFunction within a management plane that stretches across enterprise and service provider networks.

DProvide visibility despite this constantly changing environment.

Cloud computing networks can be seen as three interdependent structures: the front-end, which connects users to applications; a horizontal aspect, which interconnects physical servers and the movement of their VMs; and storage works. The larger cloud network can be built as either a Layer 2 or a Layer 3 net-work.

UNDERSTANDING CLOUD COMPUTING

(3)

CLOUD COMPUTING NETWORKS SUPPORT PUBLIC, PRIVATE AND HYBRID CLOUDS

Enterprises can use cloud computing in a number of ways, each posing a unique set of challenges to networking teams. At this point, many users rely on a public cloud model in which they access hosted applications and data through a service provider that makes resources available over the public Internet on a pay-per-use or subscription basis.

This is probably the simplest approach for enterprise networking teams, who basically work to enable and secure connection to the public Internet. Some companies use a virtual private network

(VPN) or dedicated lines to access these hosted applications and storage, taking a little more work on the part of the net-working team. One concern there is avoiding bottlenecking at the main link. For example, if branch Internet traffic is backhauled through corporate headquar-ters, placing cloud access on that same

connection could congest the network and constrain key applications. Generally, though, cloud computing is more of a challenge for companies moving to private or hybrid cloud models. Larger firms tend to build internal or private clouds in which they turn their own data center or portion of a colloca-tion center into a hosted environment.

Others are moving toward a hybrid cloud model in which they provide and manage some resources in private data centers and some in the public cloud. This enables users to place their most security-sensitive applications and data in a private facility while depending on a public cloud for less sensitive applications.

In both scenarios, enterprise networking teams must build internal cloud computing networks, which involve seamlessly linking storage and servers to the LAN. In a hybrid model, things get even more complicated because net-working teams must inter-network public and private clouds as well.

UNDERSTANDING CLOUD COMPUTING NETWORKS

CLOUD NETWORKING: INTER-NETWORKING DATA CENTERS AND CONNECTING USERS UNDERSTANDING CLOUD COMPUTING NETWORKS

Cloud computing

is more of a challenge

for companies

moving to private or

hybrid cloud models.

(4)

CLOUD COMPUTING NETWORK ARCHITECTURE: GIGABIT ETHERNET SWITCHING FABRICS

Cloud computing networks are moving away from the typical three-layer switching topology in which access switches are connected to a large pool of ag-gregation or distribution switches that are then connected to the core. The con-cern with the traditional model is latency—it forces packets to stop at hops at every layer and doesn’t provide any-to-any communication between the hun-dreds of servers and migrating VMs necessary in a cloud environment.

It is expected that, over time, enterprises will build cloud networks with a distribution layer of 10 GbE switches (and ultimately 40 GbE and 100 GbE once these standards are approved) that is flattened or broadened out, becoming the communication link between servers with as few blocks as possible. This mid-dle layer of Ethernet switches will be built as a larger fabric so that enterprises can manage them as one or a couple of large switches.

LEAF-SPINE OR FAT-TREE SWITCHING TOPOLOGY FOR CLOUD COMPUTING NETWORK ARCHITECTURE

Some describe this two-layer switching method as a leaf-spine switching top-ology or, similarly, a fat-tree switching toptop-ology. In this scenario, servers are connected to leaf switches, which are then connected to a broad web of spine switches that provide interconnected bandwidth between leafs and spines. That fabric of switches is ultimately connected to the larger Internet through the core router.

This fabric of switches, which include as many ports as possible, allows equal bandwidth access to every connection, enabling non-blocked movement of VMs in a visible, any-to-any server environment. By providing enough memory within each switch, the network can forward packets through the fabric more easily. Cloud leaf fabric controls the flow of traffic between servers, while the spine switching fabric moves traffic between nodes bi-directionally.

UNDERSTANDING CLOUD COMPUTING NETWORKS

UNDERSTANDING CLOUD COMPUTING

(5)

STORAGE IN CLOUD COMPUTING NETWORKS

Storage plays a major role in cloud computing networks. Applications and data must flow seamlessly among storage systems, the data center and the LAN. Storage arrays, whether Fiber Channel or iSCSI based, must be connected to data center servers. Servers are generally equipped with Fiber Channel or Eth-ernet adapters, which connect them to a Fiber

Channel or Ethernet switch. That switch pro-vides connectivity to storage arrays.

Many vendors are pressing for the conversion to Fiber Channel over Ethernet (FCoE) compo-nents, which enable the transport of Fiber Chan-nel traffic over Ethernet. Currently, Ethernet is

used for server-to-server and server-to-client connectivity, while Fiber Channel provides server-to-storage connectivity. FCoE encapsulates Fiber Channel traf-fic in an Ethernet frame, eliminating the need for Fiber Channel adapters in servers and enabling enterprises to manage all of the traffic on one network through one system. Increasingly, manufacturers are introducing FCoE-ready storage and switching components to enable this convergence.

VIRTUAL SWITCHING CRUCIAL TO CLOUD COMPUTING NETWORKS

In addition to Gigabit Ethernet switches and network interface cards (NICs), network architects and administrators must work with virtual switches and virtual Ethernet adapters, which handle switching between VMs and some-times between physical servers. VMs connect to the physical network by link-ing to virtual Ethernet adapters and virtual switches, which then connect to physical Ethernet adapters and switches. Virtual switches not only manage the movement of VMs, they also aid in the management of virtual LANs (VLANs) in the data center, which network architects create to help segment, secure and manage large groups of servers and their flexible VMs.

Every virtualization software product—or hypervisor—comes with a virtual

UNDERSTANDING CLOUD COMPUTING NETWORKS

CLOUD NETWORKING: INTER-NETWORKING DATA CENTERS AND CONNECTING USERS UNDERSTANDING CLOUD COMPUTING NETWORKS

Storage plays a

major role in

cloud computing

networks.

(6)

switch that manages the traffic of network frames within the physical host server. For the most part, these virtual switches have been invisible to network administrators’ tools, leaving virtual switching entirely in the hands of systems administrators and causing nightmares for networking teams. Now, switch vendors are introducing their own virtual switch products which either replace or cooperate with hypervisors’ embedded virtual switches, giving network managers and administrators control over the movement of VMs inside and be-tween blade servers.

NETWORK AUTOMATION NECESSARY FOR CLOUD COMPUTING NETWORKS

Very little is static in a cloud environment. Instances of servers and networks are provisioned at the drop of a dime. Automated network processes are essen-tial to provisioning these virtual resources. This means that the network archi-tect must seek out automation tools that handle IP address management, configuration management and resource allocation. While these tools exist, they are constantly evolving, and networking teams may find themselves as-sembling a patchwork of solutions in addition to the offerings of their network-ing or data center portfolio vendors. ■

UNDERSTANDING CLOUD COMPUTING NETWORKS

UNDERSTANDING CLOUD COMPUTING

(7)

Cloud computing’s impact on the

network: How to prepare

Cloud computing's impact on the network must be

considered, especially in terms of data sourcing and storage,

and network distribution.

BY TOM NOLLE

CLOUD COMPUTING ISone of the hottest topics in all of information technology

today. This is the outsourcing of data center functionality and resources to a third party via a network connection. For many companies with highly variable IT needs, cloud computing can be an alternative to maintaining an expensive oversupply of in-house computing power. The challenge may come in ensuring that your network costs don’t eat all of the savings.

There is no such thing as a “typical” application of computing. Companies use IT for highly distributed activities including transaction processing, Web retail and customer support, data analysis and mining, and regulatory report-ing. If these applications are hosted via cloud computing, it will be necessary to link cloud resources to a company’s own data center resources for data access, and it will also be necessary to provide user access to the applications in the cloud. How this will affect the network will depend on three important dimen-sions.

The first is the source data dimension. Applications running in the cloud will need data, and where they get it is the most significant single factor in the net-work’s impact on cloud computing cost and performance. Where there are large quantities of data involved (a large database or several large databases) in an application, access to the data must be fast and reliable or the application’s runtime will be excessive. That means you’ll either need to store the data in the cloud (which may present cost and privacy concerns) or have a very fast net-work with very high QoS to support your cloud connections.

UNDERSTANDING CLOUD COMPUTING NETWORKS

CLOUD COMPUTING'S

IMPACT ON THE NETWORK

(8)

It’s also critical to consider a second dimension, the question of source data updates and backup. If the source data for the application is highly dynamic, or if it has to be backed up or synchronized with other company data, the link be-tween the cloud data resources and enterprise data resources will need to be very efficient. Where the data is more static, network requirements for main-taining the data will be less stringent and there may be little impact on a com-pany’s network.

The third dimension is the distribution of access. If the application is to be accessed from many locations in many countries, most of the access will proba-bly have to come via the Internet or an Internet VPN. If access is primarily from a company’s own facilities, then it may be necessary to connect the cloud com-puting resource to the company’s own network.

INTEGRATION BETWEEN CLOUD COMPUTING INFORMATION RESOURCES

Where a cloud application is highly integrated with a company’s own data cen-ter resources for any reason, the performance of that connection is absolutely critical. If it fails, not only is there a risk that the application will fail, there is a risk that data between the cloud and the enterprise’s own storage resources will lose synchronization, requiring a complex and expensive restructuring. Thus, this kind of cloud application should probably be supported with a private data link to the cloud computing resource. Tight integration between cloud comput-ing information resources and the data center may also increase requirements on the data center network and on any trunk connections between the data cen-ter and other primary or regional headquarcen-ters locations.

The Internet and Internet VPNs can be used to provide cloud computing communication, provided that the quality of service and availability are ade-quate, that the cloud resource can be properly secured, and that the connec-tions needed between the cloud resource and the enterprise IT infrastructure are robust enough to handle the traffic. Companies often neglect the traffic gen-erated by their own employees’ access to cloud resources if that access is

pro-UNDERSTANDING CLOUD COMPUTING NETWORKS

CLOUD COMPUTING'S IMPACT ON THE NETWORK: HOW TO PREPARE

CLOUD COMPUTING'S

IMPACT ON THE NETWORK

(9)

vided by the enterprise WAN through an Internet portal. Since these portals are normally maintained in or near the headquarters location, cloud computing may increase branch network traffic significantly.

The most difficult application class to support effectively in cloud computing outsourcing is simple “overflow” or backup applications where traditional en-terprise applications are run in the cloud instead. This class of application can create enormous data access requirements

un-less the entire enterprise database is hosted in the cloud, something few organizations would consider. If this application of cloud computing is supported, the only effective strategy will be to create a high-speed connection between the cloud computing data center and the enterprise data center, so that traffic can then jump to the normal enterprise network.

The easiest application of cloud computing to support in the enterprise network is one where

access to the application is via the Internet/VPN, where the cloud computing host can be joined to the VPN, and where little synchronization of data is

needed between the cloud host and the enterprise data center. In this case, there will be little traffic impact on the enterprise network, but the support of a cloud resource as a member of the VPN will pose security considerations that will have to be resolved both in a technical sense and through a contract with the cloud computing provider.

Nobody should jump into cloud computing on a massive scale; it must be managed as a careful transition. A smart enterprise will trial out applications of cloud computing where network impact is minimal and gradually increase commitments to the cloud as experience develops. That way, network costs and computing savings can both be projected accurately. ■

UNDERSTANDING CLOUD COMPUTING NETWORKS

CLOUD NETWORKING: INTER-NETWORKING DATA CENTERS AND CONNECTING USERS CLOUD COMPUTING'S IMPACT ON THE NETWORK

Nobody should

jump into cloud

computing on a

massive scale; it

must be managed

as a careful

(10)

Cloud networking: Inter-networking

data centers and connecting users

Cloud networks have a mission: connect a pool of resources

that any user, anywhere can access without fail.

BY TOM NOLLE

WHEN IT COMESto cloud computing implementation, there’s a lot of talk about

sharing and managing compute resources and improving application experi-ence, but rarely is there enough discussion about what makes an optimal cloud computing network. Yet when an enterprise decides to implement cloud com-puting on a large scale, it is committing to a significant shift in policy, planning practices, and application management—each of these has network impact. That impact requires a new practice that

could be dubbed cloud networking. Network planners today recognize that “enterprise networking” is really a com-bination of “resource networking” and “access networking.” The former con-nects the IT elements together to create data centers, and the latter allows users to access the applications running in those data centers. The transformation to cloud computing will change both

re-source and access networking, and it will add a new category: federation net-working, or the networking of one cloud to another.

Cloud computing performance is the sum of the performance of the network connections and the performance of the IT resources. The task of the network manager in cloud networking is to fulfill two distinct missions: to create a re-source pool with servers and storage that appear as much as possible like a sin-gle virtual resource with constant performance; and to connect that resource

UNDERSTANDING CLOUD COMPUTING NETWORKS

CLOUD NETWORKING: INTER-NETWORKING DATA CENTERS AND CONNECTING USERS INTER-NETWORKING DATA CENTERS AND CONNECTING USERS

Network planners

today recognize that

“enterprise

network-ing” is really a

combi-nation of “resource

networking” and

“access networking.”

(11)

pool to users, regardless of their location, with minimal performance variation. It’s easiest to accomplish these missions by addressing the issues in a specific order.

CLOUD NETWORKING WITHIN THE DATA CENTER: ADDRESSING LOSS AND LATENCY

In a cloud computing model, a resource pool is only efficient if all of the re-sources in it appear equal in performance and availability. That means that the network connections that build the resource pool are the most important of all.

Nearly all clouds are established by first build-ing “data center clouds” usbuild-ing local network con-nections and then connecting these data centers. The two specific variables likely to determine success in data center networking are the “two ’L’s” of loss and latency. All network protocols have to protect against data loss through retrans-mission of corrupted information, and loss of an information packet is particularly critical with storage protocols because of the risk of creating a

corrupt file or leaving a storage device in a bad operating state. The problem is that retransmission of lost packets takes time, and latency is a special problem in data center and storage networks because it accumulates quickly across the tens of millions of operations involved.

CLOUD COMPUTING NETWORK:

FLAT NETWORKS MEAN FEWER INTERFACES ALONG THE WAY

Network specialists know that latency accumulates in networks largely in pro-portion to the number of interfaces a packet transits from source to destination, and each switch that handles packets poses a risk of loss, in addition to

con-UNDERSTANDING CLOUD COMPUTING NETWORKS

CLOUD COMPUTING'S IMPACT ON THE NETWORK: HOW TO PREPARE

Most data center

network planners

understand that

the best network

is one that is as

“flat” as possible.

(12)

tributing to the total delay. The best way to reduce the “two L’s” is to reduce the number of interfaces that traffic transits from source to destination. As a practi-cal matter, that means reducing the number of switches.

Most data center network planners understand that the best network is one that is as “flat” as possible, meaning that the network should not include many layers of devices to create connectivity. A few very large switches will provide better performance than several layers of smaller ones, but concentrating switching into a few devices could increase failure risk too. This means that it will be very important for the switches to have the highest possible mean time between failure (MTBF) and also that the components be redundant and sup-port automatic failover in operation.

IF YOU CAN’T GO FLAT: MANAGING TRUNK AND PORT CONNECTIONS IN LAYERED CLOUD NETWORKS

When multiple switch layers are required, a general rule of traffic management is to ensure that the trunk connections between or within layers are 10 times the speed of the port connections. For gigabit Ethernet ports, you’ll need 10G trunks. Obviously, this kind of ratio will be impossible to achieve with ex-tremely fast switch port connections to servers or storage, and in those cases flat topologies created by the so-called “fabric” switches (Infiniband is an exam-ple) will perform better.

INTER-NETWORKING DATA CENTERS FOR CLOUD NETWORKING

Building a cloud normally means connecting the data centers to create a seam-less resource pool, though that is not always the case. These connections must be as fast as possible to be effective, and it will be absolutely critical to manage packet loss.

Storage networking protocols and other protocols to provide for packet error

UNDERSTANDING CLOUD COMPUTING NETWORKS

(13)

recovery may be necessary in any case, but no protocols will compensate for high utilization on inter-data-center trunks. When utilization exceeds about 50%, both loss and delay will mount and cloud performance will be affected. This must be considered when managing traffic routes between data centers in your cloud.

CLOUD NETWORKING TRAFFIC MANAGEMENT: START WITH USER CONNECTIONS

Connecting users to the cloud is a good place to start your consideration of cloud traffic management. When users are homed into a specific single data center, their traffic will have to transit your inter-data-center trunks to reach re-sources sited in other data centers. That will quickly reduce performance.

It’s best to ensure that the users (the facility and branch networks) are con-nected directly (homed) to multiple data centers and to control cloud resource allocation so that applications serving users are run in data centers to which the users are directly linked. That will save inter-data-center trunks for data ex-change among application components.

ADDRESS MANAGEMENT FOR VIRTUAL COMPONENTS IN A CLOUD NETWORK

The type of network connections needed to support cloud computing are largely the same as those needed to support traditional client/server comput-ing—with one exception: In cases where resource locations are flexible, there must be a mechanism for addressing applications or components once they’re assigned to a resource.

It’s best to query data center networking and IT vendors for their strategies in address management for virtual components in a cloud. Solutions deployed today tend to be based on managing the domain name server (DNS) decoding of logical application URLs into IP addresses, or using a form of NAT (network address translation).

UNDERSTANDING CLOUD COMPUTING NETWORKS

(14)

CONNECTING PUBLIC AND PRIVATE CLOUDS

It is almost inevitable that companies will deploy both private computing clouds and public cloud facilities. This may require hybridization of the two, creating connections to make the public and private clouds appear to be a ho-mogeneous resource pool. That can be done either by making both clouds a part of a common VPN or by employing a form of federation networking using a cloud management and interconnection standard. Unfortunately, there is no solid standard for federation at this point, so it will be necessary to check with cloud providers and with your internal network and IT vendors to ensure that you have a compatible option for interconnection. ■

UNDERSTANDING CLOUD COMPUTING NETWORKS

UNDERSTANDING CLOUD COMPUTING

(15)

Rivka Gewirtz Little is

the Senior Site Editor for

TechTarget Networking

Media.

Tom Nolle is president of

CIMI Corporation, a

strate-gic consulting firm

special-izing in telecommunications

and data communications

since 1982.

UNDERSTANDING CLOUD COMPUTING NETWORKS

Cloud Computing Networks

is produced by TechTarget Networking Media.

Rivka Gewirtz Little

Senior Site Editor

Kara Gattine

Senior Managing Editor

Linda Koury

Director of Online Design

Kate Gerwig

Editorial Director

Tom Nolle

ContributingWriter

FOR SALES INQUIRIES Tom Click

Senior Director of Sales

[email protected] 617-431-9491 TechTarget Inc. 275 Grove St., Newton, MA 02466 www.techtarget.com ABOUT THE AUTHORS

(16)

RESOURCES FROM OUR SPONSOR

•Utilizing 10GBase-T for broad 10 Gigabit Ethernet Deployment

•_{Intel 10 Gigabit Ethernet - Intel Chip Chat episode 103}