Home > Blogs > Tribal Knowledge > Author Archives: Martin Casado

The Sandwich…Network Virtualization Main Stage at Interop

This morning I’m joining representatives from Microsoft and Broadcom onstage as part of a keynote panel in front of hundreds of Interop attendees in Las Vegas. We’ll be discussing the trends shaping the future of networking. In particular, we’ll be talking about how software vendors are playing a more significant role in the networking discourse as a layer of network functionality is emerging at the software edge, and how merchant silicon vendors are fueling the architectural shift to general-purpose network hardware in the datacenter. I wrote about these trends in more detail in a previous post.

It will be an interesting mix on stage. VMware and Microsoft do not have a strong history of agreement, so it is nice to see alignment on, and recognition of, a common trend. Also, having server software vendors share the stage with a network silicon vendor would seem unnatural. The reality is, however, that this new trend in network architecture is exactly about software at the edge and the dramatic increase in price/performance in the physical network, which is being driven by the merchant silicon vendors.

With this in mind, I’m a bit intrigued by how the overall keynotes will unfold. It occurs to me, looking at the schedule, that my panel is sandwiched between the presentations from two big time network hardware vendors, Cisco and Juniper. They will, of course, be sharing perspectives on how customers can benefit from their vision and innovations. But the irony is that our panel highlights a very different sandwich, one in which the software running on the server and the silicon underlying the networking gear are having an ever-increasing role in the discussion.

Without trying to over rotate on this sandwich metaphor, there really is a new, emerging network architecture that has evolved organically in the mega datacenters over the last decade, and is now being adopted throughout the industry. In this architecture, software on the edge, whether it is part of a virtual network overlay, a new web application, Big Data, PaaS, etc. provides functionality that has typically been found in the network. As a result, this software is largely decoupled from the underlying physical network and can be run over any general purpose network hardware that provides IP connectivity.

While there are many benefits to this architecture, such as a software operational model and software innovations speeds, the benefit I would like to highlight in this post is customer choice. A customer can choose to use network hardware from any point in the value chain. This could be from a traditional vendor with custom silicon, from a vendor with custom packaging but using merchant silicon, or from a reseller who is effectively silk screening a whitebox directly from the ODMs. Hardware will continue to differ on cost, performance, manageability, and debugability of the physical gear, but as features such as security, discovery, billing, isolation, load balancing, mobility, service chaining, etc. migrate to software, they are no longer a critical factor in the hardware procurement decision. As the switch supply chain evolves to ever better cost/performance, so does the customers’ ability to consume it without disruption.

It is a very exciting time to be in networking, and I’m having a blast participating in this community. This morning’s panel will be fun, but nothing is more satisfying than knowing that the trends underway – powered by software that provides networking features running over (and decoupled from) general purpose networking hardware – are going to provide customers with choice and flexibility in how they build their networks like never before. And we’ll all get to see how they put those networks to use!

- Martin

OpenStack and Network Virtualization


by Martin Casado,
Chief Architect
Networking

I remember giving the networking talk at the 2010 OpenStack design summit to a sparsely populated room in San Antonio. At the time, there were few real deployments to point to, there was no Quantum, Open vSwitch was relatively unknown, and the term “SDN” had only been coined a year-and-a-half earlier.

Much has changed since that time. OpenStack has grown wildly in popularity and has become the leading open cloud orchestration framework. We have seen a number of large-scale production OpenStack deployments — many of which have involved VMware. And, we have seen the creation of a proper networking layer within OpenStack that enjoys significant multi-vendor support.

Of course, things have changed for Nicira as well. In July 2012, we were acquired by VMware. At the time, there was some concern that VMware would not embrace OpenStack with the same enthusiasm as Nicira had. Since the VMware acquisition, however, we’ve almost doubled the number of developers on OpenStack, we were a top 10 contributor toward Grizzly, and we have broadened our efforts to integrate more technology, including VMware vSphere® and VMware vShield Edge™. We also continue to participate in some of the largest and most sophisticated OpenStack deployments in the world.

The rationale for VMware’s involvement in OpenStack is simple. The transformation to the software-defined data center will take many forms, and VMware understands that many customers will want to piece together different technologies based on their requirements using open frameworks. Nicira was quite successful with this model, and VMware is committed to supporting that trajectory not just with networking, but with compute and management as well.

OpenStack continues to mature, and so have networking technologies in their suitability for the cloud. So, as we gather in Portland this week for the latest edition of OpenStack Summit, I’d like to highlight two major technical trends in networking and discuss how these trends are materializing in OpenStack to change the way networking is done in the cloud.

Network Functions are Moving to the Edge

A longstanding yet often missed trend in networking is the movement of traditional networking functions to the server. For example, it is not uncommon for a Web 2.0 data center to use only a very simple IP fabric, and for load balancing, security, isolation, failure handling, billing, etc. to be implemented in the web application or the ADC’s (the L4-L7 load balancers). This approach is not limited to HTTP; it can be found underlying PaaS offerings, IaaS offerings, big data and many other modern data center applications.

The benefits of this approach are largely self-evident. Moving functionality into software allows it to be provisioned programmatically rather than configured manually as is the case with networking today.  Further, network services can be implemented and deployed at software time scales without requiring any hardware changes.  Software running on servers can also implement functionality that would be very difficult to do in hardware at the switch, which has to handle tens or hundreds of ports simultaneously.

Although clearly an improvement, this is not a general solution.  App- and platform-specific services generally only apply to the platform for which they were written and cannot easily be used by other workloads. This results in tremendous reduplication of core services and also greatly limits the applicability to traditional workloads.

Ideally we would see the emergence of a software layer of networking services that applies to all workloads. For that, we look to the next trend.

The Network Access Layer Goes Virtual

In 2012, the number of virtual ports surpassed the number of physical access ports globally. This means that today the majority of access ports reside on the server and the “first hop” switching intelligence is implemented in software.

It is not uncommon for a single server to host dozens of VMs, and as a result the virtual switching layer within most hypervisors has evolved to include sophisticated networking functions.

It is not difficult to see how the movement of the access layer of the network into the server — in software – starts to provide many of the same benefits enjoyed by the applications discussed in the previous section.  Until recently, however, the virtual networking layer still relied on the physical networks for a number of services, thereby limiting the ability to fully take advantage of software.

This is where network virtualization comes in.

Network Virtualization: Networking at the Edge for All Workloads

Similar to a server hypervisor, which provides virtual machines as an operational abstraction, a network virtualization solution provides virtual networks.  Virtual networks look like physical networks. They provide L2-L7 services and standard management interfaces, and therefore they do not require any changes to the application or existing network management tools.  Yet they have the operational model of a virtual machine so they can be programmatically managed.

One way to look at network virtualization is that it provides the benefits of running network services in software to all workloads.  It can do this without requiring any change to the guest operating system, the application, or the networking hardware because all the functionality is implemented in the vSwitch running in the hypervisor.  In some sense it is an alignment of these two trends (edge services and access delivered through software at the server level).  Modern datacenters set the model for cost, speed to provision and speed of innovation, and the prevalence of virtual ports and virtual switches provides the insertion point.

Network Virtualization in OpenStack

OpenStack is an excellent platform for deploying network virtualization. There are already multiple offerings that provide full software-based network virtualization that is fully compatible with Quantum and OpenStack. For those of you who want to play around and understand the basic model, I suggest starting with the Quantum Open vSwitch plugin.

I’ve always been a huge fan of OpenStack and continue to be. I’m also a big believer in the transformation of networking to a more agile, software model.  I’m excited to talk more about these two loves at the OpenStack Summit this week.

.martin