Cloud computing platforms have almost unbounded potential. They facilitate innovation and shoulder large workloads...
with beguiling elasticity and impressively low costs. This has required great strides in resource virtualization and service automation, including important developments in virtual networking protocols and tunneling systems specially tuned to cloud service environments -- notably VXLAN, NVGRE and Stateless Transport Tunneling.
Although progress has been great, challenges remain. Cloud services should behave transparently across large domains, stitching modules together across data centers and multiple service providers with minimal constraints. A key part of making this possible is ensuring the networks working between the service-delivery endpoints behave as seamlessly in support of the cloud computing platforms as those platforms themselves operate. This involves integrating policies for security, availability and performance in support of the offered service -- and northbound application programming interfaces (APIs) offer a solution.
Currently, cloud computing platforms do well at provisioning and tuning the resources under their control -- virtual machines (VMs), storage and the overlay network -- to support the cloud service they provision. From there, the cloud service is layered on top of network infrastructure that connects the service to necessary resources. To date, these networks have largely operated as mere transports for the cloud data riding on them. But achieving stronger policy and operational integration between these "underlay" networks and services demands a new approach that involves not only the overlay virtual networks of the cloud platforms themselves, but also the transports in between. Ideally, intermediate domains would share the same level of awareness of required policies that the resources in the cloud data centers possess. With this level of integration, cloud providers could deliver more differentiated, flexible and valuable services.
One avenue for making this happen is for developers of software-defined networking (SDN) controllers to include versatile northbound integration layers -- that is, northbound API suites -- in their systems. These components could expose their domain's unique capabilities that the cloud service may use. For efficiency in uptake, the northbound APIs should express their capabilities in a manner that a cloud automation platform can understand, allowing policies a given cloud's services requires to be activated in a specific SDN domain.
By creating this type of multilingual integration layer -- that is, a northbound API suite that allows a provider's wide area network to work intelligently with various cloud platforms -- a variety of cloud providers (whether they're independent over-the-top providers or different units within one service provider) could consume the software-defined network's services. Additionally, its capabilities could be adapted to a broad mix of cloud computing platforms, such as OpenStack, CloudStack, VMware vCloud and others.
SDN vendors work on tighter cloud service and network integration
Examples of this approach have started to emerge in different network virtualization and SDN systems. Nuage Networks' Virtualized Services Platform listens to the activity and networking requirements of multiple cloud service delivery platforms -- VMware vCloud, OpenStack and CloudStack -- and automatically enables the required networking capabilities within and between data centers, and in virtual private networks users employ to access the cloud. This is done by translating native inputs from the cloud orchestration system and applying them -- via an embedded SDN control layer -- to the virtual network infrastructures required for the service. Deutsche Telekom, in its Terastream SDN pilot, is similarly using an SDN intelligence layer to translate the requirements of services into policies that are enforceable throughout the infrastructure it is managing. And recently, SDN and packet-optical transport vendor Cyan has introduced its Blue Orbit ecosystem of partners harnessing a similar vision of creating not just flexible networking capabilities via SDN, but also making those capabilities available to support cloud and other services by incorporating northbound APIs that blend the network domains more effectively with the applications.
In all these cases, the goal is to avoid cloud computing "overlays" and SDN "underlays" behaving independently, unaware of each other's circumstances and needs. The driving vision is to equip virtual networking systems in domains outside the cloud's data center environment with the capability to automatically and flexibly add value to the services. By creating these multi-cloud integration suites, SDN vendors will make themselves more valuable to both cloud providers and their enterprise customers. And by encouraging SDN platform developers to accommodate their service management interfaces, cloud operators will make it easier and faster to deliver their services with a richer mix of features and service-level agreements. Embracing integration of this intelligence will bring us that much closer to the goals of arbitrarily scalable and capable clouds.
About the author:
Paul Parker-Johnson is the practice lead for cloud computing and virtual infrastructure technologies at ACG Research.