With the rise and development of the concept of cloud computing in recent years, the virtualization technology of various data centers has been paid more and more attention, among them, the server virtualization solution represented by VMware, Citrix and other vendors is undoubtedly the most widely applied architecture as a service (IaaS) cloud computing implementation method in the private cloud field of enterprises.
However, with the deepening of server virtualization deployment, IT administrators are facing more and more network access challenges. Therefore, IT is necessary to innovate network access methods according to the access requirements of virtualization servers, it provides a better network support environment for enterprise private clouds.
Virtualization I/O Integration
First, implementing I/O Resource Integration for server access is an urgent direction for network optimization. After traditional server virtualization, to ensure the network interconnection performance required by each VM's I/O and virtualized system cluster, 6 ~ 8 Gigabit NICs, 2 HBA memory cards, and Server Management Network Ports inevitably lead to complicated management, low I/O efficiency, and increased network device costs.
Therefore, the I/O Integration Technology came into being. It includes several aspects:
● Servers use higher bandwidth links (such as 10G Ethernet) to replace traditional Gigabit Links;
● The NIC is virtualized to implement multiple virtual NICs (vNIC );
● Ethernet hosts the fiber channel storage protocol and data to implement a virtual memory card (vHBA ).
10G Ethernet Access provides greater I/O access bandwidth, which can alleviate the I/O shortage of virtual machines. With the virtualization of multiple vnics, 10-gb NICs not only have the same experience as multiple physical NICs, but also can be further allocated to multiple virtual machines and Hypervisor, each Vm or system connection maintains a unique network policy and service quality.
Previously, this technology was generally implemented through the standard Single Root-IO Virtualization alization (SR-IOV) proposed by pci sig Work Group. However, this technology does not solve the problem of identifying the vnic from the switch port, nor does it provide more detailed QoS functions for virtual NICs.
The earliest end-to-end virtualization feature was an Ethernet NIC and an Ethernet switch that supported the IEEE 802.1BR/Qbh standard. In this system, each Nic not only provides multiple virtual NICs, but also identifies each virtual Nic on the switch port by marking the VN-Tag of the Ethernet frame, additionally, you can flexibly divide the resources of each virtual network card on the network card to achieve fine-grained QoS management.
On the other hand, the traditional FC storage network functions can be integrated into Ethernet through the fiber channel Over Ethernet (FCoE) technology of ANSI INCITST11, this is a new generation of OLTP applications that are more and more focused on memory computing and lead to batch reading and writing of external storage, which is undoubtedly a significant increase in the utilization of network resources, while also simplifying management.
What is the actual effect after I/O integration?
Taking the traditional server access mode with eight Gigabit and two HBA ports as an example, after the above 10 Gigabit, virtualization, and FCoE combination, you only need a pair of Redundant Dual-active 10-Gigabit CNA (Converged Network Adapter) NICs to complete all the original functions. In addition, the storage I/O performance is improved by 10%, and the CPU usage is reduced by 8%, wiring management complexity is reduced by 80%, interface card cost is reduced by 40%, access switch cost is only 1/4, network power consumption is reduced by 30%, data bandwidth is increased from 8G to 20G, the storage bandwidth has increased from 16 GB to 20 GB *.
Currently, mainstream server vendors provide CNA Nic options. NICs using Cisco chip and Broadcom BCM57712 chip can also support IEEE 802.1BR/Qbh for end-to-end virtualization that works with switches.
Virtual Machine awareness of the Network
Virtual Machine Awareness Network has two main solutions: one is a "soft" solution represented by Cisco Nexus 1000v, the other is a "hard" solution represented by IEEE 802.1BR and IEEE 802.1Qbg.
The "soft" solution replaces the virtual switch in the Hypervisor with a more intelligent distributed virtual switch to solve the problem of policy migration and Management Configuration consistency, the user experience is that you only need to log on to a centralized management point, and you can use the familiar physical switch management interface to configure and manage all vswitch ports connected to virtual machines in the cluster, smart policies such as Netflow, SPAN, PVLAN, QoS, and ACL in physical networks can also be "lossless" migrated to vswitches to ensure the consistency of global policies of enterprises.
The other solution is a "hard" solution that allows virtual machines to perceive the user experience through a standard protocol followed by physical switches, physical NICs, and Hypervisor systems.
It represents Cisco/VMware-led IEEE 802.1Qbh and later HP-led IEEE 802.1Qbg (VEPA), each with distinctive technical characteristics.
802.1Qbh was commercially available earlier, with high performance, comprehensive functions, and good scalability. Due to the active participation of VMware and other Hypervisor vendors, its VM compatibility and high-performance features such as Hypervisor-Bypass are beyond the reach of other solutions, but it requires hardware support from switches and NICs;
802.1Qbg is an "Improvement Solution" for traditional devices. It uses existing protocols to modify software to implement similar functions. Therefore, 802.1Qbg is less dependent on hardware, however, the functional and performance limitations brought about by the "Improvement Solution" cannot be avoided.
In fact, they are different from some ideas in China that contradict the two for their own interests. These two types of protocols have been learning from each other and developing together, it is not difficult to find the Cisco expert of Qbh among 802.1Qbg compilers. The 802.1Qbh extension 802.1BR also claims to be compatible with the Qbg VEPA.
At present, IEEE 802.1BR has taken the lead in the market and has a higher level in IEEE standard planning. It also adopts a more tolerant and inclusive attitude towards Qbg, and the market prospect is brighter.
A complete cloud computing network environment centered on virtual servers
Although the above network access optimization can achieve some scalability and manageability improvement, it is not enough to achieve the complete virtual network environment required by private cloud computing, on the one hand, virtual network resources and smart service functions required for Virtual Machine deployment are missing, and on the other hand, cloud computing must be able to automatically schedule virtualized resources as needed.
In a private cloud environment, a complete set of virtual units encapsulated in a virtual application will be copied and called as needed. To ensure the independence of the topology and address of the replicated virtual unit, A large number of independent L2 Isolated network segments are required, and VLAN serving physical networks cannot meet the isolation requirements of large-scale Virtual Machine environments regardless of the number of extensions or the flexibility of a layer-3 network. Therefore, led by Cisco and VMware, Alibaba Cloud combined with multiple vendors such as Arista, Broadcom, Citrix, and Redhat to submit VxLAN standards dedicated to virtual network environments to IETF.
VxLAN provides more independent network segments than 802.1QVLAN, and implements cross-layer extension through MAC in UDP technology. In addition, traditional network services such as routers, virtual machine firewalls, Wan acceleration, and Server Load balancer are deployed in a virtual network environment in a progressive manner, and vendor-specific technologies (such as Cisco vPATH) are also provided) concatenates various types of intelligent services in an optimized path, and finally forms a pure virtual network layer on which resources can be freely scheduled in a virtualized computing environment and software-defined functions can be created. This is one of the implementations of the Software Defined Network (SDN), a cutting-edge technology hotspot.
If the preceding virtualized network and smart service resources can be managed and scheduled together with the virtual computing resources and storage resources by automated management tools, a complete private cloud resource scheduling system can be formed. Currently, automated management tools that support new-generation Virtual technologies such as I/O integration, virtual machine awareness, and Overlay SDN include Cisco Cloupia, CIAC, and VMware vCloud ctor, by working with the above-mentioned end-to-end virtualization network technology, they finally built a complete network environment for connecting Enterprise Virtualization servers, laying the foundation for further implementation of IaaS cloud computing services.