1

1

Network Virtualization

&

Cloud Networking

9/3/2010

Pascale Vicat-Blanc Primet

Senior Researcher at INRIA

Leader of the RESO team

LIP Laboratory

UMR CNRS-INRIA-ENS-UCBL

Ecole Normale Supérieure de Lyon France

Pascale.primet@inria.fr

2

2

Outline

1. Context & Motivations

2. Cloud networking

3. Network virtualization

4. The ViPXi Concept

3

3

Context: Clouds & Networks

Convergence of computing and communication

Expansion of Cloud Services

IaaS, PaaS, SaaS…XaaS

Invest => Rent

CAPEX => OPEX

4

4

Palo Alto

Lyon

Berlin

Bengalore

Genève

Benjing

Tokyo

Amsterdam

=

A huge collection of virtualized

computing resources

accessible via the Internet Cloud

Cloud Technology

5

5

Palo Alto

Lyon

Berlin

Bengalore

Genève

Benjing

Tokyo

Amsterdam

But the legagy Internet

Cloud:

…Is only “communication oriented”

Exposes a “Best effort” service

= “tuyaux percés”

6

6

Outline

1. Context & Motivations

2. Cloud networking

3. Network virtualization

4. The ViPXi Concept

7

7

Data Center Network

Today’s Data Center Network

Data intensive applications are experiencing bandwidth bottleneck in the tree structure data center networks. E.g. Video data processing, MapReduce …

End of Row

Switch

Top of

Rack

Switch

Core

Switch

Picture from: James Hamilton, Architecture for Modular Data Centers

8

8

Network Virtualization with XEN

9

9

Results : Sending

Aggregated throughput ±= Theoretical throughput (941,49Mb/s)

Fair bandwidth sharing

Important CPU overhead (between +58%

and +140%)

Fair CPU sharing between domains U

~32% without

virtualization

10

10

Outline

1. Context & Motivations

2. Cloud networking

3. Network virtualization

4. The ViPXi Concept

11

11

Context: Internet ossification

Workarounds = overlays, http, firewall traversal…

Clean slate ?

DCCP

IP

UDP TCPSCTP

12

12

Virtualization is the solution !!

Decouples the physical hardware from the service level

M-to-N mapping (M “real” resources, N “virtual” resources)

Deliver greater resource utilization and flexibility

How can this concept help in Internet de-ossification ?

Server virtualisation (XEN, KVM…) as used in Clouds (EC2)

13

13

Network virtualization

Virtualisation layer = network hypervisor

IP

BIC

IMG

UDT

Grid

IP

HTCP

P2P

Tube

IP

RCP

Game

IPv4

TCP

Chat

IPv6

VoD

IP

cuBIC

CDN

Concurrent & independant networks

Security, Isolation, Appliance

Customization: routing, traffic engineering, protocols…

Physical layer

TeleP

14

14

Benefits of virtualization

1. Security: provide a confined environment where non-trusted applications can be run;

2. Isolation: limit hardware resource access and usage, through isolation techniques, or expand it transparently for the applications

3. Appliance: adapt the runtime environment to the application instead of porting the application to the runtime environment;

4. Customization: use dedicated or optimized OS mechanisms (scheduler, virtual memory management, network protocol) for each application;

5. Ease management: manage as a whole applications and processes running within a virtual machine.

6. Cost reduction: resource consolidation, load balacing, dynamic resizing, resource provisioning, power saving

7. Ease development process: Testing, experiments

15

15

Virtualization in networks is not new !

So what?

Overlays

Active NetworksVPNs

VLANs

16

16

Dynamic Ethernet Virtual Circuit

Automatic Switched Optical NetworkTransport Service Switch

(Ingress ROADM)

OCh

[PSC,WDM]

TE-link

TSS Add/Drop Ports

OCh

TSS Add/Drop Ports

Transport Service Switch

PSC

(Egress ROADM)

PSC TE Link WDM FA-LSP

Automatic end-to-end Ethernet Virtual Circuit provisioning

[WDM,WDM] TE-link [WDM,WDM] TE-link[WDM, PSC]

TE-link

PSC

WDM LSP

Dynamic mapping

(CE-VLAN)

Mapping

(CE-VLAN)

17

17

Virtualization of networks is more

Overlays

Active NetworksVPNs

VLANs

Virtual

Networks

18

18

Virtual Networks with Virtual Routers

Virtual Routers

19

19

Network Slicing

Goal: Allow multiple instances to co-exist

Mechanism: Virtual forwarding tables

a

t

c

s b

t a

t c

Slice 1

Slice 2

dst next-hop

20

20

Outline

1. Context & Motivations

2. Cloud networking

3. Network virtualisation

4. The ViPXi Concept

21

21

ViPXi : virtual infrastructure concept

A virtual (private execution) infrastructure : ViPXi is defined as:

A collection of individual virtual resources and groups

A virtual network topology with weighted links (rate, latency…)

An executing timeline (for co-scheduling).

[G.Koslovski, PVB and al. Grid05, GridNets08, ICNS09, CCGrid09, IJNM10]

HIPerNet software: selects, allocates, schedules nodes&channels

ViPXI A iVPXI B

22

22

Virtual Infrastructures Solutions

• Computing+Network resource virtualisation

• ViPXi: Virtual Private eXecution Infrastructure

• VXDL: Virtual Infrastructure description

• Time-aware Virtual Infrastructure Allocation

• Security model: SPKI, CBIDs, cryptography

23

2323

Application-mapping principles

24

24

QuickTime™ et undécompresseur

sont requis pour visionner cette image.

24

1) Bootstrap: virtualized substrate creation

Virtualized substrate: VXspace

Underlying physical ICT infrastructure

25

2525

2) ViPXi specification

VXDL language

Specification of virtual resources sets

Specification of virtual topology

Specification of time line

Example:

Specification of three ViPXis :

Same resource set & topology, different link rates

4 virtual resources: VN 1, VN 2, VN 3, VN 4

2 virtual routers: VR 5 and VR 6

VN X – VR Y VR 5 – VR 6

100 Mbps 200 Mbps

75 Mbps 150 Mbps

50 Mbps 100 Mbps

�

�

�

�

� �

VN 1 VN 2

VN 3VN 4

VR 5 VR 6

ViPXI-3

ViPXI-2

ViPXI-1

26

26

VXDL

file

3) Allocation and creation

ViPXi request submission

VXDL

fileVXDL

file

HIPerNet

engine

HIPerNET framework is a component-based software technology.

Set of independant & replaceable modules to:

Parse VXDL requests

Allocate & schedule ViPXIs

Control of ViPXIs & Virtual resources

Manage users & security

27

2727

4) ViPXI deployment & configuration

HIPerNET framework:

combines system and network virtualization

provisions and configures virtual resources

creates and manages ViPXIs

Virtualized resources

�

�

�

�

� �

VN 1 VN 2

VN 3VN 4

VR 5 VR 6

HIPerNet

engine

28

28

VN 1

VR 5VN 3 VN 2 VR 6

VN 4

VPXI deployment

HIPerNet

engine

5) ViPXI & application deployment

�

�

�

�

� �

VN 1 VN 2

VN 3 VN 4

VR 5 VR 6

29

29

6) Execution

Execution of NAS with different bandwidth setups

VN X – VR

X

VR 5 – VR

6

100 Mbps 200 Mbps

75 Mbps 150 Mbps

50 Mbps 100 Mbps

30

30

ViPXi

editor

ViPXisor

From HIPerNet to ViPXisor

ViPXi

admin

31

31

Conclusion & perspectives

The current Internet model cannot face the Cloud challenges

Network virtualization offers Flexibility

Dynamicity

Security

Guarantied performances

ICT Infrastructure virtualization is the KEY for Future Internet

New business models for Network Infrastructure & Network Service Providers

Advanced Internet Services with SLAs

Approach contributing to GreenICT

Visit LYaTiss booth to learn more on

Network virtualization & Clouds

32

32

Annexe:

Some of our references on network virtualisation

1. Julien Laganier and Pascale Vicat-Blanc Primet. HIPernet: a decentralized security infrastructure for large scale gridenvironments. In 6th IEEE/ACM International Conference on Grid Computing (GRID 2005), November 13-14, 2005, Seattle,Washington, USA, Proceedings, pages 140-147, 2005

2. Fabienne Anhalt, Guilherme Koslovski, Pascale Vicat-Blanc Primet Specifying and provisioning Virtual Infrastructureswith HIPerNET. International Journal of Network Management (IJNM) - special issue on Network Virtualization and itsManagement, 2010.

3. Pascale Vicat-Blanc Primet, Sebastien Soudan, and Dominique Verchere. Virtualizing and scheduling optical networkinfrastructure for emerging IT services. Optical Networks for the Future Internet (special issue of Journal of OpticalCommunications and Networking (JOCN)), 1(2):A121-A132, 2009.

4. Guilherme Koslovski, Tram Truong Huu, Johan Montagnat, and Pascale Vicat-Blanc Primet. Executing distributedapplications on virtualized infrastructures specified with the VXDL language and managed by the HIPerNETframework. In First International Conference on Cloud Computing (CLOUDCOMP 2009), Munich, Germany, October 2009.

5. Pascale Vicat-Blanc Primet, Fabienne Anhalt, and Guilherme Koslovski. Exploring the virtual infrastructure serviceconcept in Grid'5000. In 20th ITC Specialist Seminar on Network Virtualization, Hoi An, Vietnam, May 2009.

6. Pascale Vicat-Blanc Primet, Jean-Patrick Gelas, Olivier Mornard, Guilherme Koslovski, Vincent Roca, Lionel Giraud, JohanMontagnat, and Tram Truong Huu. A scalable security model for enabling Dynamic Virtual Private ExecutionInfrastructures on the Internet. In IEEE/ACM International Conference on Cluster Computing and the Grid (CCGrid2009),Shanghai, May 2009.

7. Guilherme Koslovski, Pascale Vicat-Blanc Primet, and Andrea Schwertner Char. VXDL: Virtual Resources andInterconnection Networks Description Language. In GridNets 2008, Oct. 2008.

33

33

Slice concept

PlanetLab (march 2002 - Princeton) Dedicated overlays for researchers

Resource virtualization

Over the Internet

34

34

Overlay Networks: end user has a better view!

logical links

normal path

route around

the problemInternet

A B

C

35

35

Low aggregated throughput compared to the theoretical

throughput (941,49Mb/s)

Fair bandwidth sharing

Very important CPU overhead (+~230%)

Results : Forwarding

377Mb/s

~18% without

virtualization