Download - Virtualization features
1
Miguel Angel SotosVirtualization features
FEDERICA TUTORIALJune 7th, 2009, Malaga, Spain
1
2
Agenda
1. Physical resources2. Virtualization in FEDERICA3. Network virtualization4. Hosts virtualization5. Monitoring
2
3
Network topology
GARRIT
DFNDE
CESNETCZSWITCH
CH
Red.esES
GRNETGR
HungarnetHU
PSNCPL
HEAnetIE
i2CATES
KTHSENORDUNET SUNET
FCCNPT
RENATERFR
1 Physical GbE from GN2+
1 Physical GbE tbd
Core Nodes
1 GbE VLAN or L2MPLS
Legenda
All the devices that will compose the FEDERICA infrastructure will be slicedwith different techniques.
Talk about the infrastructure, deployed over L2 and L3 GN2 and NRNs networks (done virtualizing the GN2 and NRNs networks)
3
4
Sample POP
Explain the pop with the components that are going to be virtualized:switcheslinksserversrouters
4
5
Agenda
1. Physical resources2. Virtualization in FEDERICA3. Network virtualization4. Hosts virtualization5. Monitoring
5
6
Virtualization
1. Virtualization in computing systems and in network is available. It creates “resources”, given a supporting physical substrate, which :- Have a looser or none dependency from a specific
physical location or entity (computing, data, circuits may migrate)
- On-the-fly reconfiguration, cancellation and creation of resources in the e-Infrastructure (e.g. a routing element)
- off-the-shelf components offers embedded virtualization functionalities.
An ISP instantiating virtual nodes on remote sites of a third infrastructure provider can minimize the costs of deploying and operating these equipments on his own. Performing test of new protocols on a safe network slice sharing the physical infrastructure of the network slice in production guarantees more reliable results than canonical test activities performed in a lab or on a geographically limited testbed. Running several virtual network instances on the same infrastructure guarantees limited or no impact on existing configurations of a production network when new services must be provided to end users, by leveraging on the isolation guaranteed between each instance.Another interesting application of these techniques refers to the possibility to move virtual routers between different physical locations inside the network; while simplifying existing network maintenance tasks, this application can be seen as a tool to reduce energy consumption in the network, a rising challenge nowadays.In conclusion, network virtualization is going to play a key role in Future Internet not only as enabler for the development of new network protocols and architectures but also as a tool for introducing innovation into current worldwide Internet Service Provider scenarios, by effectively triggering a decoupling between infrastructure and service providers and by improving the operation and maintenance of their networks.
6
7
Virtualization in FEDERICA
FEDERICA Design Principles:
- To provide a virtual infrastructure for the purpose of network, computing, security…Internet research
- Virtualization- Network and systems resources
- Almost clean slate- Simultaneous use- Interconnection with general Internet- Extensible, open to federate and to host users’
resources
All the devices that will compose the FEDERICA infrastructure will be sliced with different techniques.
FEDERICA, an infrasgtructure to be virtualizaed
7
8
8
Slicing the Core (Substrate)
FEDERICA substrate
Switches: Juniper MX480, (virtual and logical routing, MPLS, VLANs, IPv4 v6, QoS linecards)
V-Nodes: Up to 8-16 images/node, Unix OS, 4-8 Ethernet NICs, ~ 1 TB disk, 4core CPUs
Routers will be sliced with the concept of logical routers; alogical router is a partition of a physical router. When a logical router is created, all thehardware’s functionality is replicated creating different routing domains within a singlephysical router. For example, the routing table is replicated for every instance of alogical router created in the physical router. Thanks to this, it is possible to configuredifferent protocols in different logical routers sharing the same physical device and notinterfering between them. Specifically the technique which is going to be used is theone implemented by Juniper networks.Switches have been widely virtualized during the past years; the technique usedto create this virtualization has been Virtual LAN (VLAN). Virtual LAN (VLAN)creates level 2 virtual circuits over the Ethernet infrastructure. While with VLANtechnology it is possible to isolate some ports of the switch from each other, it is not thesame as fully virtualizing the Ethernet switch: a VLAN only isolates some interfacesfrom the others; it does not create independent management domains and control agentsat the switch. In FEDERICA, the protocol IEEE 802.1Q will be used to manageVLANs.
9
SLICES
A global pictura showing what we do in FEDERICA regarding network virtualization, slice creation, etc…
9
10
Virtual world creation
General explanation from the substrate to the final slice, of the proccess of virtualization in FEDERICA, different agents, actors, requestors, etc
10
11
Agenda
1. Physical resources2. Virtualization in FEDERICA3. Network virtualization4. Hosts virtualization5. Monitoring
11
12
12
Network virtualizationin FEDERICA
A simple case of a slice containg only two hosts connected by a single circuit is explained here for simplicity.
Creating a virtual circuit between the two virtual system requires the main steps:
- Connect the network interface(s) in the virtual hosts to one of the physical interface(s) in the hosting platform.
- Create a virtual circuit from one host the other, with a specified assured capacity or with a best effort quality.
The following slides describes the architectural decision to optimize reproducibility in slice behaviour.
Explanation, step by step, of how we create an slice, architectural decisions, slice behaviour, technnical requirements
13
13
Network virtualization (V-nodes)
To avoid contention at the V-Node level, more than one physical interface is installed in the V-Nodes. This to allow to preferably assign only one virtual interface to each physical interface.Also in the virtualization software to the logical interface of each nodes is assigned a single (software) bridge.
Virtualslice
Physicalsubstrate
Why we have chosen to have multiple links between the host and the switches/routers
14
14
Network virtualization (network)
There are various technologies available in FEDERICA to slice the 1 Gbps physical capacity between the two switches(next slide).
The main distinction is whether assured capacity is requested or only reachability with no capacity guarantees.Computing elements is supposed to be dedicated
Virtualslice
Physicalsubstrate
Question about assured capacity and the technniques we use and the issue of guaranteed bandwith
15
15
Network virtualization (network)initial technologies
Technology Non assured Capacity
Capacity Guarantees
Without HW
With HW assistance
MPLS no limitation
Ethernet VLAN 4K vlans
Physical circuitIP packet based policers Limited to IP*
The switches have line rate switching capabilities for all its ports and the V-Nodes contain HW capable of supporting full line rate in each interface.
----------- Limited availability (1G) -----------
Technnologies available and the relation with assured and not-assured capacity
16
16
Network Virtualization
Although the mentioned technologies all work well on a single point to point link, in the case of assured capacity requests, the extension to a multi-hop meshed virtual network requires additional planning to avoid resource congestion.
By a careful engineering of each virtual network topology and hardware assistance the NOC can provide, on a the FEDERICA scale, capacity assurances for virtual networks in each slice.
For these reasons it is not possible to allow, at least in the first phase of the project, complete open access to researchers. The request will instead be served through the UPB/NOC.
Finosh of the example and why we have choosed not to give complete access of the infrastructure to the researchers.
17
Network Virtualization – virtual routers
Slices can be implemented over virtual routers, using virtual links
How the slices can be implemented in the FEDERICA substrate
17
18
Virtual routers
Key concept for Network VirtualizationEven in one chassi you can have serveral routersShare resources
ChassisElectricity
Different routing control planes and different interfacesSoftware routers
On Virtualization serversImage for VMWare
Hardware routersJuniper MX
General ideas about virtual routers (logical routers)Maybe include some words about software routers
18
19
Virtual routers
A general explanation of the concept of a virtual router and a possible use
19
20
Terminology
Juniper boxes – what we use in FEDERICA
Virtual router – routing instanceOne routing table
Logical system – Phisical partitionDifferent routers in same chassisNew routing daemonmultiple logical devices that perform independent routingtasks
logical routers:is a feature that segments a physical router to be configured and operate as multiple independent routers within a platformprovides flexible segmentation of routing
20
21
Agenda
1. Physical resources2. Virtualization in FEDERICA3. Network virtualization4. Hosts virtualization5. Monitoring
21
22
22
VM comparison table
Docs and Examples of the Management API
Management API interface
Jumbo Frames support
Physical NICs per host
Virtual NICs per Virtual Machine
XEN Poor XML-RPC Yes 6 7 VirtualBox Poor SOAP No 10 6 VMWare Rich SOAP Yes 25 6
Comparison
- -
The last technique used to virtualize computers it is the technique used during allthe past years: the hypervisor. A hypervisor is a virtualization platform that allowsrunning different operating systems in the same host at the same time. Every instancethat is running an operating system is called a Virtual Machine (VM). A hypervisor alsovirtualizes the hardware of the host; for example, if the host has one network interfacecard (NIC), it is possible to generate different virtual NICs bridged to this physical one.Then it is possible to assign these different virtual NICs to different VMs. Also theCPU, the RAM memory, the CD-ROM, the hard disk or the USB port can be virtualizedand shared by different VMs. There are two main types of hypervisor: native hypervisoror hosted hypervisor. The former is the one that directly runs on a given hardwareplatform as an operating system control program. The latter runs within an operatingsystem environment. The one that will be used in FEDERICA is the native hypervisor.The reason is very straightforward: native hypervisors have better performance thanhosted hypervisors. The hypervisor selected to manage the virtual machines is VMwareESXi [5]; it has been selected because it has good performance, it has fewer hardwarelimitations than other tools and it has a good remote management API.FEDERICA will also manage software routers; a virtual machine with somesoftware installed that makes it work as a router. A software router in FEDERICA willbe a virtual machine with Ubuntu Server [6] as the main OS and Xorp [7] as the routingtool installed. Xorp has been selected because it is open source and supports a lot ofprotocols comparing with other similar tools. All these kind of tools are managed by acommand line interface (CLI).
23
Server Virtualization
We choose VMWare:
Fewer hardware limitationsIt’s the easiest tool
To installTo develop code
Widely usedSupportExperienceESXi server freeGood remote managementNative mode – better performance
Why we have chosen Vmware
23
24
Software routersOur suggested chocie
VM with a software installedWork as a routerUbuntu serverXORP as the routing toolOpen sourceSupport of a wide range of protocols
Why we have chosen Vmware
24
25
Server Virtualization
We use VMWare to divide one physical server into multiple isolated virtual environments
PartitionsInstances
Virtual Machine modelDifferent operating systems running side by side on the same hardware
Running under a virtual machineThe guest operating system runs without modifications
General ideas about Vmware
25
26
Virtual machines
A general explanation of how we use ESXi to provide VM
26
27
Server Virtualization
Provision new services
EncapsulationVM saved to a fileState, memory, I/O, devicestateRapid provisioning
IsolationFault and security isolationat the hardware levelPerformance guaranteed
General ideas about server virtualziation
27
28
Server Virtualization
How we provide the VM to the users
28
29
Server Virtualization
Explain how VM ware works with ethernet interfaces
29
30
Agenda
1. Physical resources2. Virtualization in FEDERICA3. Network virtualization4. Hosts virtualization5. Monitoring
30
31
Monitoring
We are monitoring the substrateWe are extending to virtual slices:
As virtual slices are created, we take into account:Physical connectivity between equipment participating in slice must be validatedVirtual connectivity within/between slices must be validatedMonitoring infrastructure is enabled on virtual nodes/hostsPhysical and virtual statistics are provided for operationVirtual statistics are be provided to the end user, owner of theslice
31