Building a Vmware Powered Hybrid Cloud using Ecalyptus

The Cloud means many things to many different persons,but personally I view a Cloud as a distinct pool of  computing resources that can be manage centrally, provides the ability to scale resources via pre configured policies and lastly provides the ability to automate manual requests such as Virtual Machine creation and deployment.

Though not recommended by many IT professionals, I am planning on making our IT department an internal service provider. In this vain it is my vision to build out a Private Cloud that can provide self service to authorized internal clients such as our developers and application administrators.Currently we utilize a Vmware Vsphere platform, but in another few months this platform will possess all the attributes of a true cloud.To provide the functions necessary I have decided that we will look at the Open Source Eucalyptus platform.

Eucalyptus is Open Source so it reduces our initial capital expenditure ,it is compatible with Vmware and it has the ability to support Amazon based workloads thus providing a Hybrid platform mangement tool.

At Stage one, we will roll out a Private Cloud  that will allow authorized internal clients to perform various tasks related to a an assigned blocked of computing resources.

At Stage two we will seek to allow the migration of workloads between Amazon and our Vmware based private cloud,this should provide Disaster recovery and scalability benefits to our group.

 

 

Large Layer 2 Domains and Vmotion

Vmware V-motion requires physical hosts to be in the same layer two domain. This goes against the grain in networks that were built around the principle of reducing the size and reach of broadcast domains.Layer 2 broadcast domains reduces the bandwidth available to our applications due to effect of frame flooding and also because Spanning tree’s operation disables redundant paths in our layer 2 networks.

Vmotion’s layer 2 requirement may be one of major reason why Flat layer 2 networks are being optimized.These optimization’s mitigate against the effects of broadcasts and unknown Unicast flooding which wastes network bandwidth.TRILL which is not really necessary to support Vmotion, has been developed to replace spanning tree in bandwidth intensive use cases that need all links to be forwarding at once. The existence of applications that require huge Flat networks will ensure the continued evolution of the layer 2 switching space and thus augment the simple plug N play nature of Ethernet networks that most people appreciate.

 

 

 

 

 

 

 

 

Looking at Dell Force 10

Dell has hit a home run with their force10 line. Born in the world of high frequency trading, Force10 with its huge output buffer provides Dow Jones, twitter and Facebook with low latency switching infrastructures. At prices lower than the nexus line and providing a command line that is syntactically similar to Cisco’s IOS. Force10 represent bridge to a hybrid network where Cisco IOS and force10 FTOS in concert with open standards such as lldp and gvrp gives the enterprise the ability to ensure that we receive the best features at the lowest pricepoints.

 

Successor based Flow Failover in Open Flow Networks

The failure of links in software defined networks based on Open Flow will result in the need to converge on a new topology which will be the same at layer 2 or 3 since open flow seems to merge to control and data planes resulting in topologies. Since Open Flow utilizes flow tables the concept of feasible successors can be applied to flow tables by inserting alternate paths as less preferred flow entries. The use of successor routes will result in no need to contact a controller on link failures.

 

My Software Defined Networking Wishlist

The primary goal i would be seeking to meet when i decide to implement Open Flow or some other SDN framework is management simplicity.Below i have listed two things that i hope SDN will address when it becomes main stream in enterprises.

Automatic VLAN Grafting

Connectivity issues resulting from the absence of Vlans on trunk links is a common problem that network techs face when provisioning access ports.SDN can be really valuable if it is able to graft vlans to trunk links based on learnt layer two traffic flow.

Advanced Optimized Edge Routing that integrates QOS

Currently OER/PFR is unable to implement QOS policy decisions on flows that are not operating within a certain threshold. An OPEN FLOW controller that implements QOS policies while managing policies below edge devices such as those in the network core would greatly enhance policy based routing design and overall network architecture design.

 

HTML5 May Make Mobile Apps Redundant

Mobile Applications are the rage right now and as they like to say they is an APP for everything or almost everything.

With the move to mobile, users are now able to access services from anywhere using any of three popular Mobile Operating Systems,this convenience is cool but comes with a  few disadvantages that i feel will lead to Apps becoming a thing of that past on mobile devices,especially smart phones.

The memory used by some apps make them unsuitable for lower end devices.

The functionality of some mobile apps such as facebook for android is way below that of a Web Browser on a PC

Mobile Apps require frequent updates which have to be downloaded to your device,A HTML5 browser based app can be upgraded from the server side

The development effort required in app development may be a little higher than native wep app development. While most mobile apps are developed in JAVA there will still be some tweaking required on a per OS basis for things to work out. If apps are developed in a device agnostic manner, developers will be able to quickly reach a wide market and a larger ecosystem in one development cycle.

HTML5 has the potential to not only replace FLASH but also to provide app functionality in a web browser. HTML5 supports offline apps, Multimedia APIs and Built-in database support. Drag an drop functionality along with with the ability to utilize existing scripting language means that existing web programmers will still be able to leverage existing skills to create rich application experiences. By executing complex code on the server side,low end phones with a capable browser may be able to provide their owners with the capabilities currently provided by apps.

 

Trying to Achieve Server Load Balancing on a Cisco 3560 switch.

Server Load Balancing is an advanced feature supported by Cisco Switches in the 45XX and 65XX Line of Multi-Layer Switches.

The Feature allows a Virtual IP address to be configured on the switch. This Virtual Ip Address or VIP will be used to represent a cluster of servers on a given network.Most persons will never require a 65XX or even a 45XX series switch in their Lans but we all would like have highly available systems. While they are Hardware and Software Load Balancing solutions it would be great to leverage your existing investment in your cisco switches so here is an idea may be able to support Server Load Balancing on a Cisco 35XX series switch.

Let say We need to load balance two MS Exchange 2010 front end servers. First Configure a loopback adaptor on each Server. The IP address of the loopback adaptors will be our chosen Virtual IP address. so lets say our VIP is 172.16.1.1  both loop back adaptors will be assigned this address.

On Your 3560 create two Static Routes pointing to our VIP via the Physical Addresses of the Servers.
# Locate VIP
ip route 172.16.1.1 255.255.0.0 172.16.1.2 with 172.16.1.2 being the address of one of the exchange servers
ip route 172.16.1.1 255.255.0.0 172.16.1.3 with 172.16.1.3 being the address of the second  exchange front End
Configure CEF Destination Load Sharing by issuing the command IP load-sharing per-destinantion. This command shares traffic based on source/destination address pairs. We can use IP SLA to track the

reachability of the physical hosts and assign a tracking object to the static route above.

Note I have yet to use the technique above but it should work in theory.

 

Software Defined Networking first Look at OpenFlow

Software Defined Networking is an attempt at providing a programmable network protocol that can be used to virtualize entire network infrastructures. By virtualiziing your network infrastructure Open Flow will someday allow us to overcome network vendor compatibility issues surrounding how routing protocols are implemented and also to manage layer 2 and layer 3 network constructs such as SONET and IP using a single protocol without worrying about a Layer three IP addresses or Layer Two Virtual Circuit numbers. At layer three Open Flow seems like a protocol that is used to implement distributed policy based routing at layer two i see no current equivalent tool or tech.

SDN Advantages as i see it (note my knowledge of SDN is nascent)

1: Easier to Manage End to End Infrastructure Elements at layer two and three (Reduce Opex?)

2: Network equipment prices should fall since SDN/Open Flow relies on a central controller to push policies to devices (Capex reduction).

3: Enhance Traffic Engineering at Layer two without the need for spanning tree.

4: Engineers can now acquire knowledge instead of studying vendor specific equipment commands

5: Being Open Source there will be less RFC interpretation discrepancies between vendors (Yes OSPF is implemented differently by vendors trying to enhance/lock out the competition)

Questions for the Experts:

1: While being an advantage, isn’t the programmability of Software Defined Networking also a way of adding complexity to current networking  paradigm,programming is viewed as being complex imagine if we could create macros for all our current tasks it would reduce future work but would be difficult and time consuming upfront.

2: The SDN controller will control traffic flows by adding and removing entries from flow tables embedded in our switches and routers. By using a central controller will this not add latency to policy execution in large infrastructres ?

3: Will Open Flow replace current Layer 2 and layer three protocols such as MPLS, BGP and OSPF ?

 

Will Type I Hypervisors Replace Current Server Operating

A Type I hypervisor essentially encapsulates our guest operating systems as just another application. The fact that our guest OS is being executed by another layer results in some latency that is impermissible in some use cases, for example heavily utilized transaction databases. However with the advances in CPU micro architectures  and the inevitable reduction in the price of solid state storage the current execution and I/O latencies being experienced can be greatly reduced thus making more use cases virtualization friendly.

Taking a 30 foot view of future OS architectures, I see a TYPE I Hyper visor such as XENSERVER or VSPHERE becoming the physical servers Operating System while current server operating systems will evolve into lightweight hyper visor aware execution containers playing a role similar to the present day Java Virtual Machine.Future apps written written for windows are presented by the execution shell’s presentation layer (such as WPF) while access to hardware devices is transparently handled by the Hypervisor via the execution containers API functions which are implemented as interfaces that request hardware related services from the hyper visor.

The current server OS’s might evolve into hyper visor aware apps.This means they are now fully aware of their encapsulation within a hypervisor and are constructed to make calls directly to their hosting hyper visor instead of sending commands to virtual devices. Think how windows uses direct memory access today except that all hardware related calls would be sent directly to the Hyper Visor / primary operating system.

 

Govnet should be our precursor to A J-CLOUD

5BNNC7UC54QY

The Jamaica Government has plans to launch one huge network that spans all major Government agencies and ministries called Govnet.The economies of scale that can be created by Govnet are significant but our government should consider taking things a step further.All agencies of government are responsible for purchasing software and hardware to meet their respective needs. One of the main benefits of Virtualization and by extension multi tenant cloud infrastructure is the optimization of hardware resource utilization.

The cost of maintaining various IT infrastructures is significant so it would be wise to create on top of the E-Learning Jamaica physical network an MPLS based Govnet network which will interconnect all Government agencies. This Govnet can be used as the highway serving information from the governments cloud called J-Cloud or any suitable identifier. A J-Cloud can provide Desktops as a service,Email,Unified communications and host applications that are peculiar to each government agency. The infrastructure could be deployed using Flex Pods or Vblocks available from multiple vendors such as MS, Netapp and Vmware.

Flex Pods and Vblocks are integrated vendor certified solutions consisting of Storage, Hypervisors, virtualization and Network equipment that is used to deploy Cloud Infrastructures,they prevent the customer from having to build their clouds in piecemeal manner using equipment and software that is not certified to work together.

The benefits of a J-Cloud are:

1: Optimization of IT hardware utilization

2: Reduced Licensing cost since all agencies can potentially access one set of licenses

3:  Effective collaboration and access to data via cloud hosted virtual desktops which can be accessed on many  mobile devices

4: Increased access to applications by all agencies

5: Ability to Scale Up as needed by adding infrastructure components as needed

Future government wide infrastructure projects such as Internet Telephony encompassing all agencies.