When planning network infrastructure for a Private Cloud, there’s a number of technologies to consider and leverage in Windows Server 2012. At many of my events, IT Pros have lots of questions on when to use various network technologies in their overall Private Cloud design, such as:
In this article, I’ll walk through a sample architecture for building a Private Cloud network foundation and discuss “when” to leverage each of these components in your overall design. At the end of this article, I’ll also provide additional references for “how” to implement each configuration item.
When building a Private Cloud, most environments find that they really have two main types of network connections from their Hyper-V hosts: Datacenter Networks and Client VM Networks.
Sample Network Architecture for Private Cloud Foundation – Datacenter and Client VM networks
Datacenter networks are the “back-end” networks that Hyper-V hosts use for:
These datacenter networks tend to be relatively static in nature – once the “back-end” network architecture is implemented, it doesn’t usually change drastically until another major network upgrade window occurs. Commonly, these networks will connect within the datacenter via a set of intelligent core network switches that have a backplane optimized for a high level of concurrency between network ports.
For datacenter networks of this nature, I see most organizations trending towards using dual 1GbE or 10GbE NICs in a teamed configuration for load balancing and redundancy – 10GbE NICs are growing in popularity for new installations to provide higher bandwidth, consolidated physical connections and advanced features, such as RDMA which can be leveraged for high-speed data transfers across storage networks using the newly updated SMB 3.0 network protocol. When implementing a NIC team for datacenter networks, you will generally see the best load balancing and overall performance by configuring your team with:
This configuration works well for static datacenter networks because it provides resilient, high-speed network connectivity while leveraging VLANs to isolate major categories of back-end network traffic for security and QoS. VLANs and VLAN tags are well understood in modern datacenters, and this approach implements a network architecture that integrates well with other hardware devices that may exist in the datacenter.
If datacenter networks are “back-end” networks, think of Client VM Networks as the “front-end” networks that carry client-server traffic between client devices and VMs. In contrast to the relatively static datacenter networks discussed above, Client VM Networks tend to be much more dynamic in nature. As new sets of applications are brought online for “customers”, which could be internal or external application consumers, it is often advantageous to be able to isolate traffic from collections of applications for security, routing or QoS purposes. However, minimizing network router and switch reconfiguration for these dynamic networks is also important to delivering a maintainable Private Cloud solution.
While VLANs could be used to isolate Client VM Traffic from different applications, there are a couple common limitations that you’ll likely encounter if you have a larger environment that is hosting lots of applications for lots of “customers”. First, managing large numbers of VLANs in an enterprise network can be complex – a level of complexity that often needs to “touch” many Layer-2 devices with every VLAN change to handle traffic efficiently. Second, most network switches have finite limits on the maximum number of VLANs that they can handle concurrently – even though many intelligent switches appear to support VLANs with a maximum ID value of 4,094, most switches cannot efficiently process traffic from more than 1,000 VLANs concurrently.
To provide resiliency, load balancing and traffic isolation for these dynamic Client VM Networks, you will generally see the best results by configuring your network teams for:
Once you’ve decided when to use each of the teaming modes, load balancing modes and network isolation options in your Private Cloud network foundation, leverage these great resources to step through how to configure each component:
This article is part of a series of articles on Building Your Private Cloud with Windows Server 2012, Hyper-V Server 2012, System Center 2012 SP1 and Windows Azure. Check out the complete series at:
And, as you read along in this series, be sure to download each product so that you’re prepared to follow along through the configuration steps as you go …
Be sure to check out these additional resources:
Keith Mayer is a Principal Technical Architect at Microsoft, focused on helping ISV partners leverage the Azure cloud platform. Keith has over 20 years of experience as a technical leader of complex IT projects, in diverse roles, such as Network Engineer, IT Manager, Technical Instructor and Consultant. He has consulted and trained thousands of customers and partners worldwide on design of enterprise technology solutions.
Keith is currently certified on several Microsoft technologies, including Azure, Private Cloud, System Center, Hyper-V, Windows, Windows Server, SharePoint, SQL Server and Exchange. He also holds other industry certifications from VMware, Amazon AWS, IBM, Cisco, Citrix, HP, CheckPoint, CompTIA and Interwoven.
You can contact Keith online at http://aka.ms/AskKeith.