network design in cloud-ready idc
DESCRIPTION
To study the network key point in cloud enable datacenter. It includes network analysis, design and knobs.TRANSCRIPT
S O L U T I O N S
c o mm V e r eG • Hong Kong
• Bangkok
• Beijing
• Brunei
• Kuala Lumpur
• Manila
• San Jose
• Seoul
• Shanghai
• Singapore
• Taipei
14th TWNIC OPM &TWNOG Seminar
2010/7/1, Taipei
雲端運算機房網路環境建置探討
智匯亞洲有限公司許至凱 CCIE/JNCIE
kaeatforum [at] gmail.com
2
WW
W.C
OM
MV
ER
GE
.CO
M
14th TWNIC OPM & TWNOG Seminar; 2010/7/1 Taipei
Agenda
這裡討論的雲端運算分類為何? 雲端運算機房網路建置要點
– 外部頻寬– 內部頻寬– 資訊安全
Private Cloud Hadoop cluster網路環境 雲端運算網路趨勢
– Higher bandwidth– Lower latency– Unified and converged interconnection
參考資料
3
WW
W.C
OM
MV
ER
GE
.CO
M
14th TWNIC OPM & TWNOG Seminar; 2010/7/1 Taipei
這裡討論的雲端運算分類為何? “S-P-I” model
– Software-as-a-Service– Platform-as-a-Service– Infrastructure-as-a-Service
Storage-as-a-Service
Database-as-a-ServiceCommunication-as-a-Service
Information-as-a-Service
Process-as-a-Service
Monitoring-as-a-Service
Platform-as-a-Service
Service-as-a-Service
Security-as-a-ServiceInfrastructure-as-a-Service
4
WW
W.C
OM
MV
ER
GE
.CO
M
14th TWNIC OPM & TWNOG Seminar; 2010/7/1 Taipei
這裡討論的雲端運算分類為何? Cloud computing “S-P-I” stack
» From “Cloud Computing Explained” by John Rhoton
Colocation
Hardware
Virtualization
Platform
Application
Real Estate Power Cooling Bandwidth
Memory Computation Storage
Provisioning Virtualization Billing
APIs Development Environment
Programming Language
CRM Email UC …
IaaS
PaaS
SaaS
5
WW
W.C
OM
MV
ER
GE
.CO
M
14th TWNIC OPM & TWNOG Seminar; 2010/7/1 Taipei
雲端運算機房網路建置要點– 頻寬:外部頻寬
• 雲端服務用戶皆利用 Internet連至雲端機房– 間隔過多的 ISP將難以掌握網路連線狀況– 足夠且直接的連線頻寬是維護雲端服務品質的基本要求
6
WW
W.C
OM
MV
ER
GE
.CO
M
14th TWNIC OPM & TWNOG Seminar; 2010/7/1 Taipei
雲端運算機房網路建置要點– 頻寬:內部頻寬
• Virtualization– User-to-VM; VM-to-VM, server-to-server
» VM流量行為難以掌握,充足的頻寬是必要條件» 使用 Non-blocking, Non-oversubscription網路環境
• Cross-datacenter– Business continuity; Disaster recovery
» 為考慮 BC/DR,跨資料中心的 VM連線扮演重要角色» 也需一併考慮 Internet連線設計如 GSLB
GE GE
10GE
GE GE
10GE
Internet Internet
7
WW
W.C
OM
MV
ER
GE
.CO
M
14th TWNIC OPM & TWNOG Seminar; 2010/7/1 Taipei
雲端運算機房網路建置要點– 資訊安全
• Face to Internet– 阻卻所有惡意的流量
» Scalable Firewall/IPS/DDoS mitigation/Web Application Firewall
• Face to cloud customers– 提供安全快速的存取方式
» SSLVPN, Dedicated connection
» WAN acceleration
SSL VPN
Cloud Service
8
WW
W.C
OM
MV
ER
GE
.CO
M
14th TWNIC OPM & TWNOG Seminar; 2010/7/1 Taipei
Private cloud
企業若希望享有 cloud computing的優勢,但又不希望把企業資訊儲存在他人的平台上– 建立自有的 cloud – private cloud
Private cloud特色– 規模較小
• 可採取更扁平的網路架構,而非傳統三層式架構– 降低複雜度– 增進整體網路效能
– 效能要求較高• High bandwidth
• Low latency
– 更豐富的虛擬化整合• 除了 server virtualization,還可以進行 desktop virtualization
– 提昇虛擬化效益– 網路必需能夠分辨重要性高的流量與一般流量 (QoS)
9
WW
W.C
OM
MV
ER
GE
.CO
M
14th TWNIC OPM & TWNOG Seminar; 2010/7/1 Taipei
Hadoop cluster網路環境 在 over-subscription網路環境中, Hadoop可優先使用同
一 rack 的 node進行MapReduce,以獲取較佳的效能。– 跨 rack傳輸將使得延遲增加與可能造成 uplink壅塞– 讓 Hadoop了解 node的網路架構
• 修改 DNSToSwitchMapping
Sufficient bandwidth, less
latency
In-sufficient bandwidth,
more latency
N:1 over-subscription
N:1 over-subscription
Hadoop Cluster
10
WW
W.C
OM
MV
ER
GE
.CO
M
14th TWNIC OPM & TWNOG Seminar; 2010/7/1 Taipei
Hadoop cluster網路環境 區分 data traffic 與 client communication所使用網路卡
– 獨立之 HDFS segment 可進行 Ethernet jumbo frame 調整以增進傳輸效能• 修改 dfs.datanode.dns.interface
HDFS segment; MTU>9000
(jumbp frame)
IP segment; MTU=1500
11
WW
W.C
OM
MV
ER
GE
.CO
M
14th TWNIC OPM & TWNOG Seminar; 2010/7/1 Taipei
雲端運算網路趨勢 Higher bandwidth
– Over-subscription網路造成潛在效能瓶頸• 虛擬化將造成網路流量需求大增
– 將 Cloud computing LAN昇級至 non-oversubscription網路• 避免任何壅塞發生
4:1 over-subscription
GE GE GE GE
GE
Non-oversubscription
GE GE GE GE
10GEUPGRADE
12
WW
W.C
OM
MV
ER
GE
.CO
M
14th TWNIC OPM & TWNOG Seminar; 2010/7/1 Taipei
雲端運算網路趨勢 Lower latency
– Wire latency (1500 bytes)• GigabitEthernet: ~12μs
• 10GigabitEthernet: ~2μs
– 在 SOA (Service-Oriented Architecture) 環境下,一個交易(transaction)需要跨多個 SOA元件與網段才能完成• 與單純的 standalone server solution比起來,延遲時間增加• 由於這是 GigabitEthernet電氣規範造成的限制,更換 GE交換器或網卡無法有效解決 SOA環境延遲增加的狀況
– 昇級 Cloud LAN 自 GE 至 10GE• 降低延遲時間• 增加有效頻寬
Internet
Network latency = A
A
Internet
Network latency = A + B + C + D
A C
B D
13
WW
W.C
OM
MV
ER
GE
.CO
M
14th TWNIC OPM & TWNOG Seminar; 2010/7/1 Taipei
雲端運算網路趨勢 Unified and converged interconnection
– 目前 server上主要 I/O種類 :• GigabitEthernet - LAN
• IBA – InfiniBand Network
• FC - SAN
• SAS/SATA – Local storage
– Cloud datacenter approaches• 使用 Enhance Ethernet or IBA來進行實體連線整合
– VM使用虛擬化 /模擬裝置存取 I/O資源» vFC, vFCoE, vGbE etc…
– 更有效使用高頻寬、低延遲網路
GbE IBA FC SAS/SATA Enhance Ethernet; IBA
Virtualization
14
WW
W.C
OM
MV
ER
GE
.CO
M
14th TWNIC OPM & TWNOG Seminar; 2010/7/1 Taipei
參考資料 Books
– Cloud & Virtualization• Cloud Computing and SOA Convergence in Your Enterprise; A
Step-by-Step Guide by David S. Linthicum
• Cloud Computing Explained by John Rhoton
• Cloud Computing; Implementation, Management, and Security by John W. Rittinghouse and James F. Ransome
• The Green and Virtual Data Center by Greg Schulz
– Hadoop• Hadoop: The Definitive Guide by Tom White
• Pro Hadoop; Build scalable, distributed applications in the cloud by Jason Venner
15
WW
W.C
OM
MV
ER
GE
.CO
M
14th TWNIC OPM & TWNOG Seminar; 2010/7/1 Taipei
Q & A