Network boundaries: let my packets go
We reviewed several reasons why many data centers are equipped with more than one compute or storage vendor devices. Networking is another area where heterogeneity is quite common and network management has its own specific challenges.
Unlike storage, network devices are much more diverse in functionality. Storage devices offer 2-3 popular protocols, they could be very sophisticated inside but fairly uniform on the outside. Network devices cover multiple software and hardware protocols and offer various functions. Wide area networks are built and function based on very different hardware and software protocols than enterprise networks. Within the enterprise perimeter you may also have core, distribution and edge devices differing in speed and functions. Then you may have specialized devices like firewalls, intrusion detectors, load balancers. And very often some devices combine multiple personalities under the same cover.
Very few network vendors deliver equally identical support across all protocols and functions. Cisco is very popular within the enterprise perimeter whereas Alcatel-Lucent is a common solution for WANs. A large service provider can user 3-4 vendors to cover its networking needs.
Before virtualization these different functions and protocols rarely overlapped, they were sometimes managed by entirely different teams. But virtualization is a great force which encourages resource sharing and boundaries between perimeters and functions become much more fluid. When you need to deploy and provision several hundred virtual machines in your global enterprise you need to make sure that they communicate within a relatively small internal perimeter, but also can talk to other applications across WANs connecting remote data centers as well as talking to some applications running in public clouds. Every time a new piece of the load is deployed, multiple devices need to be configured to establish VLANs, ACLs, firewall rules, VPN, routing etc. etc.
The amount of variables and actions one needs to take into account is enormous. And every such action may have performance implications. Software-defined networking or SDN is trying to address such challenges by separating the packet delivery (a data plane) from control functions. This is a great approach, now you can buy commodity network devices from any vendor and only use a single vendor for the control plane – effectively, hiding heterogeneity from network users. Networks become uniform and flat, management and control are unified and underlying devices can be easily replaced without any downtime or extra work.
However, the need to maintain agility is still there, it just manifests itself in different parts. Before your networks were flat the workload mobility was limited by established L2 and L3 domains and you could afford to have different vendors and disciplines within every domain. After all, if the workload is confined within a boundary and never crosses it you don’t need to worry if it doesn’t support certain protocols or requires some specific features.
But now you can move a VM across the globe into a different datacenter built on hardware and software from different vendors. How do you know which resources and constraints you need to satisfy so the workload would receive all its needs and won’t have any performance problems? You simplified the network configuration and exposed yourself to a great variety of other configuration options around compute and storage fabrics.
If you don’t have enough support for that you will end up partitioning this beautiful flat space into specific regions with known and predictable config and behavior. And will start losing the main virtualization advantage – infrastructure efficiency.
So you need a solution that: a) understands all resources and constraints which every piece of the workload needs; b) understands the best place in this big flat network to provide such resources; and c) is capable of moving the load or reconfiguring the infrastructure to control it without any human intervention. Is there a single vendor that can deliver you this? Is it even possible?
Image Source: Moses and Pharoah having a network management debate, ten-commandments style: let my packets go! From the classic, The Ten Commandments.