Networking Without Limits: SDN

Networking Without Limits: SDN

  • Comments 14
  • Likes

After nearly 40 years of creating enterprise software, there are few companies who have come to appreciate the importance of infrastructure in the quite the way we have at Microsoft. We recognize that to host great software and great apps, you need an equally great infrastructure for your datacenter.

At Microsoft, we create and deliver first party apps (both on-premises and in our cloud datacenters), as well as host the apps that our customers and partners build. All of this runs on our own network infrastructure alongside workloads like Exchange, SQL, SharePoint, Xbox Live, and Office 365.

Our experiences with key workloads like these help us to deeply understand what is required to deliver infrastructure and networking that is optimized for the apps that enterprises need most. The cloud has been an incredible learning experience for us. Over the last 10+ years, as we have built and operated some of the world’s largest services like Xbox Live, Bing, Outlook.com (in total more than 200 cloud services), we have developed a set of skills and experience that enable us to build better applications, platforms, and infrastructure. Not only do these services operate better on our end, but the things we learn while building and refining them at scale are then included in the products we deliver for use in your datacenters.

From this experience, there are a key set of beliefs and understandings that form our point of view on the cloud, as well as the architecture of what we build. For example:

  • We believe infrastructure is deployed and exists to support applications. Windows Server has become the most used operating system in the datacenter in large part due to what we learned as we built Exchange, SQL, Sharepoint, and all the Microsoft workloads. We are doing this again as we continue our journey by operating cloud services of Exchange, SQL, Sharepoint and more. Our cloud platform (Windows Azure) is better because of the 1st party services that we operate. And, every step of the way, we take what we learn in the cloud and deliver it to you in Windows Server and System Center.
  • We believe that every single element of an infrastructure should be programmable – storage, compute, network – and be automated, and software-controlled so that you can automate the infrastructure in support of the application’s needs. This approach allows for a level of responsiveness and scalability (e.g. scale out apps on demand, optimize connectivity, etc.) that is not possible any other way.
  • We are building the infrastructure that operates our public cloud to come together in support of the applications that we are hosting. The infrastructure can be optimized to enable innovation in the applications. Our infrastructure is application-centric.
  • We are delivering consistent capabilities across public, private and service provider clouds (aka infrastructure) to enable the innovation happening across the industry in compute, storage, security, and networking.

Networking in particular is an area where people are looking for innovation. That’s why we have been working to make powerful and extensible software-defined networking (SDN) a reality.

SDN allows organizations to use the cloud to overcome traditional hardware problems. The result are things like flexibility (movement between public/private clouds and on-premises), scale (capacity that is effectively bottomless), and efficiency (abstracting hardware with software). This use of SDN enables enterprises to go well beyond simple network virtualization, and it allows them to leverage existing infrastructure investments.

Our approach to supporting SDN is straightforward: Put the best possible technology in the hands of enterprises all over the world. We do this in four primary ways: We simplify adoption, we provide deep integration between the cloud and on-prem infrastructure, we support great workload performance, and we simplify interoperability.

This approach makes Microsoft’s role in cloud industry very exciting; we are the only company to provide apps and infrastructure for both on-premises and cloud-based workloads and operations.

SDN is particularly top of mind right now because last week we released the latest versions of Windows Server and System Center which are foundational to help customers realize Microsoft’s Cloud OS vision. Core to our vision is the notion of where customers can transform their infrastructure into a shared, elastic resource pool that can deliver on-demand capacity in a boundary-less manner.

In that context, I noted earlier how these new products include innovative new functionality that enable IT teams to use Windows Server and System Center for high-scale virtualization, high-performance storage at dramatically lower costs, as well as in-the-box SDN.

image

I promised in that earlier post to write more about each of these areas, and today I’ll focus specifically on SDN.

SDN is a frequent topic in my meetings with partners and customers. Many CIO’s, IT Decision Makers, and IT Implementers that I talk with are looking to develop an approach that can support the growing apps and services their businesses deploy. They want scale on demand, cost efficiencies, and continuous availability. They are also working to deliver more with less.

The simple fact of the matter, however, is that to deliver more services you need more resources – whether these resources are physical or virtual.

The number of servers is growing (onsite or offsite, virtual or physical), the volume of services and workloads are proliferating, and the devices that consume these services are increasing exponentially.

This is leading to an incredible amount of IT complexity in three areas:

  1. Compute
  2. Storage
  3. Networking

With hypervisors and virtualized servers becoming the norm, the adoption of compute innovation is now mainstream, and I’ll cover storage innovation in another post. Networking, however, (specifically traditional hardware-based solutions) has not kept pace with these complexities, thus making it a growing burden on IT. Datacenters with traditional networking architectures are just too rigid for cloud-based computing.

For example, provisioning and configuring networks continues to be time consuming, cumbersome and error-prone. This makes getting a holistic view of the network for diagnostics and troubleshooting difficult since network operations continue to be done on a per-device basis. I’ve had many conversations with enterprise customers about providing IT teams with the ability to deliver a truly shared infrastructure (including a shared network fabric) where IT can host internal LOB constituents (or ‘tenants’) in a cost-effective manner while still meeting their unique business requirements. Many of these enterprise infrastructures, however, are constrained, end up “physically” isolating tenants, and/or the administrators have to make peace with inflexible VLAN-based approaches.

The biggest limiting factor with today’s networking approaches is that they don’t focus nearly enough on the application or workload requirements. This is critical because, after all, applications are what your business really cares about, and infrastructure exists to support them. Tight coupling between workloads and the physical network makes it difficult to efficiently deploy and migrate them dynamically, thereby limiting agility. I firmly believe the network has to dynamically adapt to application and workload demands and not be constrained by the shortcomings in today’s networking approaches. In addition, public clouds have added to the demands of IT by requiring an easy way to extend networks across datacenters so that applications and workloads can be deployed or moved at a dynamic pace to keep up with today’s business requirements.

As a company, we are very confident in our ability to impact these challenges – after all, we already deliver top-tier enterprise applications like SQL, Exchange, SharePoint as well as fantastic infrastructure assets that are widely deployed across our customers’ datacenters (both in private and public cloud computing models).

Many in the industry believe the solution is limited to virtualized networking, but our experience tells us that it’s much more than that.  The solution is to go beyond virtualized networking and deliver software-defined networks.

Our experience running Windows Azure globally using SDN to support industry-leading scale and flexibility has convinced us about the practical applicability & benefit of SDN for enterprises and service providers. Windows Azure runs on a massive global network that is constantly and dynamically modified to meet the needs of services and customers. SDN technologies enable us to manage and update our networks with ease and at scale. It is really exciting to bring this technology from Windows Azure to our customers. This will enable network automation from the ground up, delivering a software-defined network and integrating policy control driven by application requirements and patterns.

So, let me talk a bit more about how we are bringing these SDN principles we use in Windows Azure to our enterprise customers and service providers.

At its core, SDN is all about using software to make your network a pooled, automated resource that can seamlessly extend across cloud boundaries. This allows optimal utilization of your existing physical network infrastructure, agility and flexibility resulting from centralized control, and business-critical workload optimization from deployment of innovative network services.

SDN begins with abstracting your applications and workloads from your underlying physical network through network virtualization. It then provides a consistent platform to express and enforce policy across all clouds – in-built services such as gateways seamlessly extend your datacenters across these clouds. Finally, SDN provides for a standards-based mechanism to automate deployment of both your physical and virtual networks (not just virtual!), while being extensible enough to allow deep integration with existing networking solutions that may already be deployed.

Delivering on the above-described SDN functionality in an easy-to-consume manner is core to our mission to democratize technology transformations.

To deliver on our mission with SDN, below is our four-pronged approach to help our customers leverage the technology and the skills they have today to get to a transformed tomorrow:

  1. Simplify adoption by delivering customers an in-box solution with Windows Server Hyper-V and System Center (including the ability to seamlessly extend to Windows Azure)
    • Windows Server already runs 3 out of 4 workloads on the planet. We want to help our enterprise and service providers reduce complexity by consuming SDN as “just another feature of Windows.” We also support the use of existing hardware without having to plan, deploy, and integrate multiple layers of additional products – or pay for them.
    • With Windows Azure you can extend your datacenter to benefit from the scale, speed, and the economics of the public cloud.
    • The ability to plan and deploy hybrid cloud computing models holistically across your datacenter, service providers, and Windows Azure is something that only Microsoft delivers today.
    • Said another way: SDN is a core capability of a true cloud platform – NOT something you should have to pay extra for.
  2. Provide customers with best-in-class, deep integration between our solutions and physical network infrastructure
    • We believe it’s critical for many workloads and application classes to have the flexibility of software combined with the scale and performance of hardware. It’s essential to have the ability to define network policies that span physical and virtual, as well as enable real-time control and visibility into the health of the physical network fabric. We do this in a way that carries forward our customers’ significant investments in the physical network fabric.
    • For example, you can use the Microsoft stack to build your datacenter, or you can work with the stack you’ve already built. Either way, the Microsoft SDN solution can support your cloud-based networking strategy.
    • To do this, we continue to work closely with our hardware partners (e.g., Cisco, Juniper, HP, Arista – to name a few) to enable the broadest possible support for our platform while enabling them to showcase their own differentiated hardware solutions. Through these efforts, we want to ensure co-operative efforts between server and networking professionals as they plan their organization’s unique path to hybrid cloud computing. We are all well aware of the impact such transitions have on our customer’s organizations, and our goal is to equip them to choose a cloud solution on their terms.
    • Said another way: Deep physical and virtual integration is critical to what our customers workloads need today – and we will deliver on that.
  3. Deliver best-in-class performance for first-party Microsoft workloads on our networking stack
    • Most of our enterprise and service provider customers use Microsoft applications and workloads like SharePoint, SQL, Exchange, and Lync.
    • Our goal is to make sure that we optimize the performance and diagnostics of these top-tier workloads by having the network adapt to their requirements – rather than the other way round. Some requirements that are particularly valuable include network security, load balancing, service quality guarantees, adaptive traffic flow engineering, and application health diagnostics (across physical and virtual networks).
    • Said another way: We will ensure that Microsoft applications run best on Microsoft networking solutions.
  4. Enable simplified interoperability by using extensible, standards-based protocols to change the landscape of networking solutions
    • We are committed to promoting industry innovation around Microsoft platforms by adopting an extensible, standards driven approach. Our goal is to drive industry standardization so that our customers (and the industry at large) can benefit from the simplicity and economics this will create.
    • Our approach is deeply informed by our work architecting and operating large scale software-driven public cloud networks like Windows Azure – in fact, the standardized schemas we have helped develop for managing physical infrastructure through OMI, cover Windows Azure-scale use cases and scenarios and are, therefore, well proven in practice. Looking around the industry, I believe that such knowledge and expertise is unique to Microsoft. We take the responsibility of democratizing this knowledge very seriously.
    • Said another way: We want to make our solutions so easy to evaluate, adopt, deploy, and maintain that literally any organization can benefit from its “plug-and-play” simplicity

Over the last year we’ve made a ton of progress on our four-pronged approach and our customers rolling out the latest versions of our products are seeing the benefits of SDN.

First, Windows Server 2012 R2 and System Center 2012 R2 deliver a hybrid cloud-enabled, built-in, SDN solution that is inspired by, based on, and consistent with the technology we use in Windows Azure. Through Windows Server 2012 Hyper-V Network Virtualization and System Center 2012 SP1, we delivered the abstracted data plane and centralized control to transform your network into a pooled, automated resource. We also delivered multi-tenant isolation and network policy deployment for optimal workload placement/mobility, as well as comprehensive network policy enforcement through an extensible logical switch. As promised throughout the “What’s New in 2012 R2” series, we have built on these innovations in our new R2 releases via fully enabled hybrid cloud scenarios, and through our unique multi-tenant software gateway that supports site-to-site VPN, forwarding and NAT capabilities in highly-available configurations. This gateway will allow enterprise customers to extend their datacenter to service providers seamlessly, while enabling them to consume virtual networking infrastructure in a way that’s similar to how they would with Windows Azure (through the Windows Azure Pack). Put another way, service providers can deploy this built-in gateway to deliver easy and efficient connectivity for multiple enterprise customers to access their hosted resources. Of course, enterprises can extend their datacenters seamlessly to Azure through the Windows Azure Virtual Network.

Again, these technologies are built-in, so you get the benefits without spending an additional dime.

Another major accomplishment has been the work we’ve done to deliver integration across the networking ecosystem. For example, we’ve integrated Windows Server Hyper-V Extensible Switch and System Center with the Cisco Nexus 1000V switch. Our goal is to integrate Cisco networking solutions deeply within our platform so that network administrators at our enterprise customers can continue to operate a virtual networking environment that’s familiar. As mentioned above, we intend to support our customers’ diverse datacenter investments and skill-sets by working with other networking partners to achieve this level of deep integration. See how EmpireCLS is benefiting from our joint solutions.

We also work with a variety of ecosystem partners to build joint solutions so that customers have choice at each layer of the networking solution they deploy. We’ve worked with chipset extensions partners (Broadcom, Emulex, Mellanox, Intel) to help maximize virtual network performance by taking advantage of native hardware offloads. We’re also working with some key partners (F5, Huawei, and Iron Systems, etc.) to create gateway appliances that will support a broader set of cloud-based scenarios. Network security and manageability is yet another important area, and the Hyper-V Extensible Switch has enabled our partners (like 5NINE or inMon) to extend our platform.

SDN is also a critical factor for Microsoft Lync, the market leader for enterprise Unified Communications. Lync uses SDN to signal out-of-band its requirements and performance information to the network for active real-time media flows. This unique approach allows SDN networks to become aware of the demands for real-time media (like voice and video) so that networks can dynamically diagnose, traffic engineer, and orchestrate themselves. This automation lowers the cost of ownership and increases the quality of the end-user experience. In this context, a great example of how SDN truly modernizes applications and networks was demonstrated at the last Open Network Summit (ONS) in April 2013 and can be viewed here. What this means for you is that the network can dynamically prioritize real-time communications as per your business requirements – to illustrate, if you’re in the customer support business, then Lync can support higher quality experiences for your top-tier customers.

Finally, over the last year we’ve also defined and evangelized standards-based schemas for managing networking elements. Specifically, we’ve open sourced a version of WMI (OMI) that enables Windows Server and System Center to manage network devices in a consistent manner, thus allowing administrators to plug and play with network devices without fear of lock-in. Today, Cisco Nexus 3000 switches and Arista TOR switches can be managed using OMI via System Center, and we’re working hard to drive broader industry adoption and compatibility. We’ve worked with NEC to integrate Hyper-V and System Center with their switches using OpenFlow extensions.

To see these attributes in action, consider this diagram.

SDN_diagram

I am really excited by this progress, but, as we all know, in the technology industry your work is never really done. In this industry, our jobs don’t end with delivering the best possible solutions today – we’re responsible for identifying what our organization is going to need tomorrow.

As our customers’ infrastructure (virtual, physical, or in the cloud) continues to grow in an effort to keep up with the rapid growth of services/apps/data/devices, the complexity of their networks will continue to increase. At each of these steps, Microsoft is committed to helping them successfully address each of these challenges.

Teams throughout this company are already hard at work on new innovations for in-box SDN solutions, improved integration between these solutions, and support for the entire networking ecosystem of switches, chipsets, and gateways (physical, virtual, or in the cloud).

Perhaps the most important work we’ll be doing is our work with the industry to deliver a truly extensible and interoperable approach to the full SDN stack. Pursuing this idea is what makes me so excited about how we’ve joined with Open Networking Foundation to work on standardized northbound API’s for third party controller integration, the work we’ve done with DMTF to develop standardized southbound API’s to interface with physical infrastructure, and our work with OpenDaylight to build open implementations of these standards. We place incredible emphasis and importance on delivering standardized API’s to enable first-party and third-party network services.

Customers shouldn’t wait for that day to get into software-defined networking – the challenges they’re encountering today are real and the solutions are already here. IT teams around the world now have the flexibility to scale, the ability to integrate with public clouds, and gain the efficiency an SDN solution provides.

With the solutions we have in-market today, customers can begin benefitting from the advantages of SDN right now:

  • They can virtualize their network with our built-in solution.
  • They can leverage their existing investments in networking infrastructure.
  • They can be assured of a solution that supports hybrid cloud scenarios.

These are three incredibly exciting opportunities for enterprise IT and service providers – and they are all currently available in-market within Windows Server 2012 R2, System Center 2012 R2, and Windows Azure.

This is an awesome time to work in the IT industry, and it’s a genuinely game-changing moment in technology. IT teams have a big opportunity to set themselves apart as decision makers and difference makers in their organization, and my team is committed to providing all the products, tools, and support to enable this. The Cloud OS approach to enterprise IT is a great way to get the most power and flexibility from your infrastructure while leveraging the knowledge we’ve gained from operating a massive worldwide datacenter network.

Welcome to your network without limits for your datacenter without boundaries.

Your comment has been posted.   Close
Thank you, your comment requires moderation so it may take a while to appear.   Close
Leave a Comment
  • Hello Brad

    Sorry, but we cannot use your Azure IaaS Service without multiple Site-To-Site VPN.

    Please add this feature ASAP. Also see the links below.

    IaaS - Multiple Site-To-Site VPN

    social.msdn.microsoft.com/.../iaas-multiple-sitetosite-vpn

    Allow VPN from multiple sites and Direct access

    feedback.windowsazure.com/.../3332170-allow-vpn-from-multiple-sites-and-direct-access

    /Jesper

  • Hi Jesper -- thanks for your question.

    This is a high priority for the Windows Azure team, and they are already working to enable it as soon as possible.

  • Brad thanks for the InMon mention. The combination of support for the sFlow measurement standard in the Hyper-V extensible switch, along with sFlow support from the physical switch partners that the article mentions (Cisco Nexus 3000, Arista, NEC, ...) gives the consistent, real-time, end-to-end view of network, server, storage and virtual machine performance that combined with SDN and OMI will allow the architecture to adapt to changing application demands and ensure performance isolation between tenants, protect the infrastructure from DDoS attacks, improve efficiency, and account for resource usage.

    For anyone interested in a deep dive into dynamically optimizing infrastructure, here is a talk that discusses the role of analytics in building adaptive infrastructure:

    blog.sflow.com/.../bay-area-network-virtualization-talk.html

  • Cisco is almost ignoring SDN. They had joined OpendayLight to calm down stock analysts, but Opendaylight source code is terrible and far away from being a real-world product.

  • admen