The three pillars of IT computing, networking and storage have always been embraced in an odd dance of shifting functionality responsibility as Moore´s Law continues to break down, blur and redistribute lines of responsibility across the three pillars in an effort to increase application performance. For example, networking has always off loaded tasks that were once done by computers. In fact some of the first routers were DEC mini and micro VAX systems back in the early 80s. This trend continues today with more computer functions such as load balancing, caching, security and certain aspects of computer operations migrating to the network fabric. Access to and configuration of storage has gone through huge changes over the years, thanks to networking, with the introduction of Network Attached Storage (NAS) and Storage Area Network (SAN). Computing functionality, applications acceleration, storage access and many other functions have shifted into the network fabric. The latest shift is network virtualization where better utilization, increased flexibility and application performance is promised in the data center and the overall enterprise. In this Lippis Report we dive into the new topic of network virtualization; a new IT paradigm is born ushering in the virtual enterprise. Cisco´s Data Center 3.0 and its VFrame appliance announcement at Networkers and $150M investment in VMware are leading the change in data center architecture, control and management.

Virtualization is the newest IT tool to share computer resources, reduce license fees and optimize existing data center investments. Networking provided its first virtualization service over ten years ago with virtual local area networks or VLANs, which provide a means to manage bandwidth by creating broadcast domains. The second generation of network virtualization is focused in two areas. First, network virtualization is changing the paradigm of the data center. Then on a broader scale, network virtualization is automating network configuration and application prioritization to change a network´s characteristics in an effort to improve application performance.

Network virtualization, whether in the data center or in the broader enterprise, is focused on one function; increase application performance and reduce operational spend. In this Lippis Report I´ll focus on the new virtualized data center. Many of the concepts below stem from Cisco´s latest data center product called VFrame, an innovative data center product that more vendors will be quick to emulate.

Across IT resources and assets the only one horizontal asset that any corporation has is its network infrastructure. Cisco´s VFrame leverages networking´s position as a horizontal connectivity service for learning, discovering, and optimizing applications, extracting value out of existing data center investments. The network has equal visibility to all data center IT assets thanks to its ubiquity. Network virtualization transforms network ubiquity to a business advantage increasing the value of IT to deliver on business and IT leader initiatives.

The network is the business platform and VFrame is one of the best examples of this concept. Network virtualization virtualizes many physical IT assets and turns them into virtual services to be deployed in support of increased application performance. Network virtualization and VFrame in particular will impact IT operations, corporate governance, corporate value propositions and the entire value chain that an organization creates. So what is VFrame?

VFrame is an appliance that sits in the data center providing control and management services. It´s a management feeder and control point designed to improve service orchestration. VFrame talks to both Ethernet and fiber channel fabrics via HBA (host bus adapter) placing it logically between computer and storage fabrics. In this position, VFrame can see and discover all key data center IT assets such as applications, firewalls, LANs, level 4 through 7 devices, Server I/O, boot operating systems plus SAN infrastructure and turn them into virtual services. These virtual services can be manipulated, molded and shaped to support applications. Failover is automated, new applications are rolled out based upon templates and policy based resource optimization schemes, service maintenance is easier, change management is much easier and there is management integration via a new ecosystem based upon a Cisco API. VFrame abstracts all of the key physical IT assets and virtualizes them adding a degree of freedom and flexibility not yet available to data center operations.

Network Virtualization Means Increased Flexibility and Data Center Efficiency

Network-enabled virtualization of computing and storage resources, as well as virtual network services, provides an abstraction between the physical infrastructure and the applications running on that infrastructure. At the first stage of network virtualization this offers greater resource utilization, but ultimately will allow much greater flexibility in the choice, management, provisioning of resources to better support changing business applications.

One of the requirements for end-to-end service orientation is the creation of virtual service elements, or what is becoming known as data center virtualization. Each service element is an abstraction of the physical element that has the entire relevant configuration for a particular application service. The benefits of this approach are that physical resources can be pooled and used on an as-needed basis. Physical infrastructure need no longer be over-provisioned to meet peak demand or 1:1 High Availability requirements. The same physical resources can be used across all application services, thereby reducing capex spend.

For example, when a physical server fails in the datacenter, VFrame is able to detect it and pick another server from a spare server pool and replace the failed server. The storage and network configurations that are required to bring in the new server are done automatically. Since VFrame follows a remote boot model, the OS image of the original server is applied to the new server ?¬¢‚Äö?ᬮ‚Äö?Ñ?? this way to the outside world the new server appears exactly identical to the failed server.

A New Approach To Data Center Design

So how will data center design and operations change with network virtualization? Most applications start off with a set of business requirements or business architecture, which drives application architecture.

Application architecture is translated into physical architecture or a blueprint meaning computing, storage, networking, etc. In the traditional method of deploying an application, a set of architects develop a design and partition that blueprint into multiple entities: the network administrator, server administrator, core administrator tasks, etc. Each group deploys their piece and builds the architecture. At the end of deployment there is an infrastructure that´s running the application. What VFrame does is take that infrastructure and programmatically represent it as an abstracted view of what the application means. Then VFrame takes the application architecture and instantiates it on a physical network. Let me explain.

Typically an architect will start with an application architecture, which drives a physical and logical infrastructure such as firewalls, network devices, load balancing, operating system, data base, number of computer and amount of storage required, etc. Now enter VFrame. VFrame discovers the physical and virtualized devices that represent the data center as part of the application architecture. With discovery and templating features VFrame can analyze the application architecture and calculate the number of servers and capacity required which will result in desired performance characteristics, etc.

Consider a web service. Most architects will transition through a design abstraction process to define a web service. VFrame contains various templates for application delivery. A template is basically a logical design based upon an existing application infrastructure. For this web service, assume that the data center has a firewall, switch, load balancer, set of servers, and some storage all connected to each other. A service template is the logical definition that has a set of properties associated with it but no direct linkage to the physical infrastructure. To link to the physical architecture VFrame needs to discover what is available and its associated capacity.

VFrame does discovery on multiple fronts. Its leverage is the presence it has on the network for discovery. VFrame discovers servers connected to the network and storage connected to fiber channel as well as IP addressing.

Part of the discovery process is the building of an inventory of different devices available and their capabilities, both physical and virtual. A pool of available resources is being built during the discovery process. Once the pool of resources is understood VFrame can start on the deployment task.

VFrame performs a mapping of the requirements set for design in the above template area to the capabilities that were discovered in the discovery area. VFrame then selects appropriate resources from the appropriate pool and configures them.

In the end, VFrame is dividing the initial provisioning of the different data center resources available in support of an application. So for the web service design above, VFrame has a template web service from which an architect can create N number of instances off that web service. For each instance the architect creates, VFrame takes the set of discovered resources available then maps it to the physical and logical network and configures the resources so the new web services application is available.

What if servers are moved or storage is added or reduced? VFrame discovery is scheduled by operations. If new storage is added, then that will be discovered during the next discovery run and be added to the pool of resources to be divided accordingly. The same process is true for servers or other assets.

If application performance becomes an issue, one of the typical ways to address this is to add more compute capacity. VFrame has an understanding of the relationships among different devices as part of the application design abstraction and discovery. For example, if operations needs to add a server, VFrame knows what software image needs to be associated with the server, what VLANS the server needs to connect to, if the service needs to be load balanced, etc. For the web services application VFrame would know how to apply load balancing, IP addressing, and what firewall rules/ additions need to be made so that client traffic can reach the new server. A set of automated coordinated actions needs to be orchestrated in support of server addition that can occur thanks to VFrame´s virtualized infrastructure.

Architects now have insight into the data center´s physical and logical resources plus associated capacity. Not only are architects able to perform streamlined initial provisioning, but they´re able to automate the run time behavior of the application needs. Life in the data center becomes more automated with VFrame thanks to its ability to virtualize IT assets.

There is a lot more to VFrame and network virtualization than we have time for. VFrame and network virtualization provides template driven provisioning, optimizes storage operations, automates server failover, enables a SOA-based application development environment, normalizes network connectivity between front- and back-end networking and more. VFrame embodies Cisco´s clear value add in the data center. Cisco is now tightly linked to application deployment and management in ways that it never was before. Cisco has successfully moved up the IT ladder and will have a seat at the business and IT leader table.

VFrame is a complex product as it touches on so many different parts of IT infrastructure. Actually it touches all parts of IT data center infrastructure. There is a good side and a down side to that. On the good side Cisco has the permission from the marketplace to take on this new role where other companies couldn´t in the networking space. Cisco is granted a huge amount of the ?¬¢‚Äö?ᬮ??¨benefit of the doubt?¬¢‚Äö?ᬮ¬¨?? as it will continue to invest in VFrame and improve its feature set. The down side is that VFrame is touching everything in the data center. For some there´s going to be a go slow, build trust before they start to roll this out pervasively. VFrame is going to take some time before it´s fully utilized. One thing is for sure, however; if you are running a data center you need to implement VFrame and experiment with its capabilities to see how it can be put to work for your corporation.

As computing, networking and storage square dance around each other, it seems like VFrame has stepped up to the square dance caller role.

Posted 30 July 2007 at 9:56 am under Lippis Report, The Networked Business Platform. You can follow any responses to this entry through the RSS 2.0 feed. You can leave a response, or trackback from your own site.