Pages

Thursday, May 07, 2009

Federated networking for the Cloud

We see in the VMware Cloud space lots of discussion around the federated cloud. In this context we are referring to the federation of the VMware management layers to orchestrate interaction between a companies on-premise internal cloud with a cloud provider.

What if we take this federation to the next step and federate the networking, here is what I mean and why I think this next evolution is important.

If an organisation wants to extend their Data Center into the cloud the networking capabilities should not play a second cousin to the virtual machine capabilities that are delivered from the cloud. If I can operate my virtual machine in all its glory via the the same interface irrespective of location, I should be able to do this will my networking. If I want to apply an ACL, create VLANs, monitor ports or use RMON to troubleshoot a network issue within my internal cloud we should be able to do this within the external cloud.

Not all implementations are going to to require such rich features. Yet if the cloud is to be relevant to each and every organisation, which it should be then it is elements such as these which will allow the majority adoption. I think the key here is security, many of these features are security requirements and will help to address some of the cloud security issues.

How could this happen? Take some of the emerging technologies in the networking space, vSphere vNetwork Distributed Switches, Cisco Unified Compute System and the Nexus range including the N1000V. The N1000V brings the rich networking features of the Nexus Data Center fabric right up to the virtual machine layer and interfaces. If you have experimented with the N1KV as I have you will know that it is executed as a virtual machine and can communicate back to your physical Nexus equipment. So lets take this architecture one step further. What if the external cloud ran a N1K virtual switch instance which created a vNetwork Distributed Switch simply for me as a customer on that cloud, in my own realm/domain that federated and communicated back into my own Data Center networking fabric. Now just as for my Virtual Machine management I have location transparency for networking configuration and management between my internal and external clouds. My network staff can provision network ports with appropriate with rich settings just as if they were doing it internally. A key benefit here is the increased demarcation and functions in the security area.

Its early days on my thoughts on this but I hope you get the idea of the concept and why this really should be on the roadmap for the vendors. So how about it Cisco and VMware, can we have a date? When can we have federated networking for the cloud?

As a side note, notice how this architecture is only possible because the switching is executed as a virtual machine and not as a physical piece of hardware. When we state that the new atomic unit of the data center is the virtual machine you can see just how fundamental this is to the data centers of the future and how true it is coming to be, maybe faster than many of us thought.

Rodos

1 comment:

  1. Just an update on this. We could see this sooner that you might think. Having been looking at the vmSafe technology now in vSphere 4 this does not need to be a Nexus type thing. A vendor could create a unified security system through vmSafe. Interesting!

    ReplyDelete