Monitoring a virtual network infrastructure - An IaaS perspective

917 views

Published on

A summary of the paper on Computer Communication Review - Nov. 2010

Published in: Education, Technology
0 Comments
0 Likes
Statistics
Notes
  • Be the first to comment

  • Be the first to like this

No Downloads
Views
Total views
917
On SlideShare
0
From Embeds
0
Number of Embeds
2
Actions
Shares
0
Downloads
19
Comments
0
Likes
0
Embeds 0
No embeds

No notes for slide

Monitoring a virtual network infrastructure - An IaaS perspective

  1. 1. Monitoring a virtual network infrastructuresummary of the paper in Computer Communication Review Nov. 2010 DOI:10.1145/1880153.1880161 Augusto Ciuffoletti 24 gennaio 2012
  2. 2. Provisioning networking for an IaaS infrastructure• The IaaS approach has been initially aimed mainly at storage/computing resources
  3. 3. Provisioning networking for an IaaS infrastructure• The IaaS approach has been initially aimed mainly at storage/computing resources• Technology is ready to support the provision of network resources as well
  4. 4. Provisioning networking for an IaaS infrastructure• The IaaS approach has been initially aimed mainly at storage/computing resources• Technology is ready to support the provision of network resources as well• There is demand for composite networking infrastructures (like Grids)
  5. 5. Provisioning networking for an IaaS infrastructure• The IaaS approach has been initially aimed mainly at storage/computing resources• Technology is ready to support the provision of network resources as well• There is demand for composite networking infrastructures (like Grids)• However IaaS providers still offer flat LANs
  6. 6. Provisioning networking for an IaaS infrastructure• The IaaS approach has been initially aimed mainly at storage/computing resources• Technology is ready to support the provision of network resources as well• There is demand for composite networking infrastructures (like Grids)• However IaaS providers still offer flat LANs• We claim that the problem is in the interface between user and provider
  7. 7. Why IaaS networking is difficult• It is more difficult to describe a network than a host
  8. 8. Why IaaS networking is difficult• It is more difficult to describe a network than a host• Quite evident: (topology, technology, throughput) versus single option (small, medium, large)
  9. 9. Why IaaS networking is difficult• It is more difficult to describe a network than a host• Quite evident: (topology, technology, throughput) versus single option (small, medium, large)• Monitoring and controlling the network is more complex
  10. 10. Why IaaS networking is difficult• It is more difficult to describe a network than a host• Quite evident: (topology, technology, throughput) versus single option (small, medium, large)• Monitoring and controlling the network is more complex• Less evident: explaining why and how to cope with is the topic of the paper
  11. 11. How to implement a network in the cloud• The key technology is the virtual bridge (IEEE802.1Q)
  12. 12. How to implement a network in the cloud• The key technology is the virtual bridge (IEEE802.1Q)• This technology is mature and available OTS
  13. 13. How to implement a network in the cloud• The key technology is the virtual bridge (IEEE802.1Q)• This technology is mature and available OTS• Implements an ethernet LAN over an arbitrary (bridged) topology
  14. 14. How to implement a network in the cloud• The key technology is the virtual bridge (IEEE802.1Q)• This technology is mature and available OTS• Implements an ethernet LAN over an arbitrary (bridged) topology• Frames (layer 2) labeled with a virtual network identifier (VNI)
  15. 15. How to implement a network in the cloud• The key technology is the virtual bridge (IEEE802.1Q)• This technology is mature and available OTS• Implements an ethernet LAN over an arbitrary (bridged) topology• Frames (layer 2) labeled with a virtual network identifier (VNI)• Bridges route labeled frames across ports based on a VNI
  16. 16. How to implement a network in the cloud• The key technology is the virtual bridge (IEEE802.1Q)• This technology is mature and available OTS• Implements an ethernet LAN over an arbitrary (bridged) topology• Frames (layer 2) labeled with a virtual network identifier (VNI)• Bridges route labeled frames across ports based on a VNI• The same port can be associated with multiple VNI
  17. 17. Example• An enterprise in a 3 floor building
  18. 18. Example• An enterprise in a 3 floor building• Logistics motivate a per floor cabling (left)
  19. 19. Example• Usual bridges force network topology to follow logistics
  20. 20. Example• Usual bridges force network topology to follow logistics• Instead enterprise organization might prefer a different arrangement...
  21. 21. Example• Enterprise might prefer separate networks for desktops (VLAN1), printers (VLAN2) and archive (VLAN3)
  22. 22. Example• Enterprise might prefer separate networks for desktops (VLAN1), printers (VLAN2) and archive (VLAN3)• Each having an interface on each floor
  23. 23. Example• The introduction of IEEE802.1Q bridges solves the problem (right)
  24. 24. Example• The introduction of IEEE802.1Q bridges solves the problem (right)• Virtual LANs span across floors
  25. 25. Example• The introduction of IEEE802.1Q bridges solves the problem (right)• Virtual LANs span across floors• Frames do not leak outside each VLAN (security)
  26. 26. Bridging virtual hosts• Inside a IaaS cloud, a real host in a data-centre implements several virtual hosts
  27. 27. Bridging virtual hosts• Inside a IaaS cloud, a real host in a data-centre implements several virtual hosts• An internal software bridge splits communication across virtual TAP interfaces
  28. 28. Bridging virtual hosts• Inside a IaaS cloud, a real host in a data-centre implements several virtual hosts• An internal software bridge splits communication across virtual TAP interfaces• Virtual hosts appear as sharing a LAN
  29. 29. Bridging virtual hosts• Inside a IaaS cloud, a real host in a data-centre implements several virtual hosts• An internal software bridge splits communication across virtual TAP interfaces• Virtual hosts appear as sharing a LAN• Routing through the provider infrastructure is transparent to the user
  30. 30. Bridging virtual hosts• Inside a IaaS cloud, a real host in a data-centre implements several virtual hosts• An internal software bridge splits communication across virtual TAP interfaces• Virtual hosts appear as sharing a LAN• Routing through the provider infrastructure is transparent to the user• Frames are confined within user’s virtual infrastructure
  31. 31. Bridging virtual hosts• Inside a IaaS cloud, a real host in a data-centre implements several virtual hosts• An internal software bridge splits communication across virtual TAP interfaces• Virtual hosts appear as sharing a LAN• Routing through the provider infrastructure is transparent to the user• Frames are confined within user’s virtual infrastructure• Frame routing is efficiently managed at layer 2
  32. 32. Bridging virtual hosts• Inside a IaaS cloud, a real host in a data-centre implements several virtual hosts• An internal software bridge splits communication across virtual TAP interfaces• Virtual hosts appear as sharing a LAN• Routing through the provider infrastructure is transparent to the user• Frames are confined within user’s virtual infrastructure• Frame routing is efficiently managed at layer 2• Virtual networks can be dynamically configured using a spanning tree protocol
  33. 33. Network monitoring (in the age of the cloud)• The user needs to monitor the performance of the network
  34. 34. Network monitoring (in the age of the cloud)• The user needs to monitor the performance of the network• One basic need is load balancing
  35. 35. Network monitoring (in the age of the cloud)• The user needs to monitor the performance of the network• One basic need is load balancing• Network load is not covered by ordinary load balancing services
  36. 36. Network monitoring (in the age of the cloud)• The user needs to monitor the performance of the network• One basic need is load balancing• Network load is not covered by ordinary load balancing services• In a composite network (not a 2-tiers WS), the provider cannot anticipate what part of the network is under stress at a certain time
  37. 37. Example: Grid in the Cloud• Depending on processing phase, different links are under stress
  38. 38. Example: Grid in the Cloud• Collection of experimental data: Data acquisition to Storage
  39. 39. Example: Grid in the Cloud• Data retrieval: Storage to Web Server
  40. 40. Example: Grid in the Cloud• Data processing: Storage to Computing resources
  41. 41. User configurable monitoring• Under such circumstances, network monitoring requests cannot be anticipated by the provider
  42. 42. User configurable monitoring• Under such circumstances, network monitoring requests cannot be anticipated by the provider• The network monitoring activity should be dynamically configured by the user
  43. 43. User configurable monitoring• Under such circumstances, network monitoring requests cannot be anticipated by the provider• The network monitoring activity should be dynamically configured by the user• Configuration requires access to real and virtual network interfaces and to switching devices
  44. 44. User configurable monitoring• Under such circumstances, network monitoring requests cannot be anticipated by the provider• The network monitoring activity should be dynamically configured by the user• Configuration requires access to real and virtual network interfaces and to switching devices• The provider wants to maintain control over these devices
  45. 45. The network monitoring proxy• A proxy interacts with the user willing to implement network monitoring
  46. 46. The network monitoring proxy• A proxy interacts with the user willing to implement network monitoring• A network of proxies covers the complex networking infrastructure of the provider
  47. 47. The network monitoring proxy• A proxy interacts with the user willing to implement network monitoring• A network of proxies covers the complex networking infrastructure of the provider• The proxy configures network probes so that they are ready to respond to user requests in the expected way
  48. 48. The network monitoring proxy• A proxy interacts with the user willing to implement network monitoring• A network of proxies covers the complex networking infrastructure of the provider• The proxy configures network probes so that they are ready to respond to user requests in the expected way• A proxy has an authority that may be limited to a part of the provider infrastructure
  49. 49. The network monitoring interface• An interface must be provided between the user application and the proxy
  50. 50. The network monitoring interface• An interface must be provided between the user application and the proxy• The interface should inform the user about relevant changes in the virtual topology
  51. 51. The network monitoring interface• An interface must be provided between the user application and the proxy• The interface should inform the user about relevant changes in the virtual topology• The interface has the effect of restricting the authority of a user controlled sensor to owned traffic trunks
  52. 52. The network monitoring interface• An interface must be provided between the user application and the proxy• The interface should inform the user about relevant changes in the virtual topology• The interface has the effect of restricting the authority of a user controlled sensor to owned traffic trunks• The interface may be implemted using tools like SOAP, possibly embedded in a Enterprise System Bus
  53. 53. The network monitoring interface• An interface must be provided between the user application and the proxy• The interface should inform the user about relevant changes in the virtual topology• The interface has the effect of restricting the authority of a user controlled sensor to owned traffic trunks• The interface may be implemted using tools like SOAP, possibly embedded in a Enterprise System Bus• For performance reasons the same interface is not used to transfer streams of sensor results
  54. 54. Data streaming• Data are treated as a stream flowing from the sensor to the user
  55. 55. Data streaming• Data are treated as a stream flowing from the sensor to the user• The stream may be encoded for security purposes
  56. 56. Data streaming• Data are treated as a stream flowing from the sensor to the user• The stream may be encoded for security purposes• The stream may travel using owned traffic trunks
  57. 57. Grid legacy: Monalisa• Distributed infrastructure management
  58. 58. Grid legacy: Monalisa• Distributed infrastructure management• Glues together diverse monitoring tools
  59. 59. Grid legacy: Monalisa• Distributed infrastructure management• Glues together diverse monitoring tools• Dynamic control of sensors
  60. 60. Grid legacy: Monalisa• Distributed infrastructure management• Glues together diverse monitoring tools• Dynamic control of sensors• Fully deployed
  61. 61. Grid legacy: Monalisa• Distributed infrastructure management• Glues together diverse monitoring tools• Dynamic control of sensors• Fully deployed• BUT
  62. 62. Grid legacy: Monalisa• Distributed infrastructure management• Glues together diverse monitoring tools• Dynamic control of sensors• Fully deployed• BUT• Monitoring controlled by Grid Admin
  63. 63. Grid legacy: Monalisa• Distributed infrastructure management• Glues together diverse monitoring tools• Dynamic control of sensors• Fully deployed• BUT• Monitoring controlled by Grid Admin• Data stored in SQL repositories and retrieved to users
  64. 64. Grid legacy: Monalisa • Distributed infrastructure management • Glues together diverse monitoring tools • Dynamic control of sensors • Fully deployed • BUT • Monitoring controlled by Grid Admin • Data stored in SQL repositories and retrieved to usersRigid, hardly scalable
  65. 65. Grid legacy: GD2• Distributed infrastructure management
  66. 66. Grid legacy: GD2• Distributed infrastructure management• Glues together diverse monitoring tools
  67. 67. Grid legacy: GD2• Distributed infrastructure management• Glues together diverse monitoring tools• Sensors are controlled by user application
  68. 68. Grid legacy: GD2• Distributed infrastructure management• Glues together diverse monitoring tools• Sensors are controlled by user application• Monitoring sessions activated on demand
  69. 69. Grid legacy: GD2• Distributed infrastructure management• Glues together diverse monitoring tools• Sensors are controlled by user application• Monitoring sessions activated on demand• Data returned to the user with an UDP stream
  70. 70. Grid legacy: GD2• Distributed infrastructure management• Glues together diverse monitoring tools• Sensors are controlled by user application• Monitoring sessions activated on demand• Data returned to the user with an UDP stream• BUT
  71. 71. Grid legacy: GD2• Distributed infrastructure management• Glues together diverse monitoring tools• Sensors are controlled by user application• Monitoring sessions activated on demand• Data returned to the user with an UDP stream• BUT• only a proof of concept implementation
  72. 72. Grid legacy: GD2• Host A issues a network monitoring request (e.g., bandwidth from X to Y)...
  73. 73. Grid legacy: GD2• Host A issues a network monitoring request (e.g., bandwidth from X to Y)...• that is taken in charge by the proxy in A’s domain...
  74. 74. Grid legacy: GD2• that has authority to control a relevant sensor (agent in gd2 terms)...
  75. 75. Grid legacy: GD2• that has authority to control a relevant sensor (agent in gd2 terms)...• and data are returned to the originating host as a stream.
  76. 76. Grid legacy: GD2In principle this might be implemented in a virtualinfrastructure, using virtual components
  77. 77. Conclusions• the techniques for complex networks in the cloud are available OTS
  78. 78. Conclusions• the techniques for complex networks in the cloud are available OTS• the hard issue is the control of the virtual network
  79. 79. Conclusions• the techniques for complex networks in the cloud are available OTS• the hard issue is the control of the virtual network• network monitoring must be translated from virtual to real (and back)
  80. 80. Conclusions• the techniques for complex networks in the cloud are available OTS• the hard issue is the control of the virtual network• network monitoring must be translated from virtual to real (and back)• an effective infrastructure takes into accout multi-domain use cases for scalability
  81. 81. Thank you!Full reference:Augusto Ciuffoletti. Monitoring a virtual network infrastructure: an IaaSperspective. SIGCOMM Comput. Commun. Rev. 40, 5 47-52.DOI=10.1145/1880153.1880161http://doi.acm.org/10.1145/1880153.1880161 Download published version Download preliminary version

×