Virtualization Abdullah Aldhamin June 3, 2013

Outline  Virtualization: what and why?  Server Virtualization Offerings  Shortcoming and Challenges on SV  Sustaining Performance while Virtualizing  Future Perspective on SV  Data Center Network Virtualization, what and why?  Overview of VN Projects and how they compare with each others  Future Perspective on DC Network Virtualization  Conclusions 2

Virtualization  Virtualization  Techniques, methods, approaches to create a virtual instance of a computing resource.  Why?  Advances in h/w technologies, e.g. multi-core  H/W optimization  Cloud computing  Economic factors 3

Server Virtualization  Key features:  Multiple  Isolated 4

Server Virtualization: Offerings  Improved H/W utilization  Consolidation  VMs are just files  Faster provisioning and deployment  Better availability and BC solutions 5

Server Virtualization: Offerings  Lower TCO  Longer h/w purchase cycle  Smaller datacenter  Lower maintenance, power, cooling … etc 6

Server Virtualization: Challenges  Performance:  CPU and Network  Overhead to do virtual-related emulations  A single NIC = shared bandwidth  Not good for I/O bound apps  Propagation delay  latency  Storage  Latency  Needs enough physical storage power to support the multiple VMs  Memory  Amount needed for the application 7

Server Virtualization: Challenges  Scalability  How many VMs can each physical server accommodate?  Asset management  Tracking a dynamic environment  Service management burdens  Security  Malicious access to the hypervisor means you’re screwed up!  Single-point of failure? 8

Server Virtualization and Performance: Can we have both? 9

Virtualization and Performance  Selective virtualization  Direct assignment of physical NICs to VMs  Isolation and and better I/O − Cost for more NICs and cabling − Flexibility constraints 10

Virtualization and Performance  Firmware-based I/O virtualization  Virtual I/O channels connected to the same NIC − No true isolation, a channel will impact all other channels  H/W-based I/O virtualization  I/O channels are built in the H/W - Vendor-specific NICs 11

Virtualization and Performance  Consolidation in a shared resource pool  Allocate VMs to a resource pool instead of physical server  Dynamic resource allocation to VMs based on workload − Complexity and poor visibility on how performance is managed − Adds challenges to asset management 12

Virtualization and Performance  Management tools  Help manage performance, track SLAs and set priorities  Optimize resource allocation  Proactive failure assessment  Advances in processors and memory  Multiple logical CPUs and improved instructions  faster comm. between hypervisor and VMs  Integrate I/O memory mgmt and DMA remapping  better I/O virtualization 13

Highlights on SV Trends  Open-source tools  Joint collaboration between server virtualization vendors and processors’ manufacturers  Hardware-based hypervisor  Convergence of server, storage, desktop and apps virtualization. 14

So…  Server virtualization  Pros and Cons  How can we overcome (or minimize) the impact on performance  Future perspectives 15

Is this enough? Does it solve everything we want from Virtualization? 16

Server Virtualization is NOT enough!  No performance isolations  Security  Poor application deployability  Limited management flexibility  No support network innovation 17

Data Center Network Virtualization  Multiple virtual networks (VNs) on top of physical network.  Challenges  Addressing schemes  Scalability  Failure tolerance  Security  Resource management 18

Examples of DC Network Topologies  Conventional DC network topology 19

Examples of DC Network Topologies  Clos topology  Path diversity 20

Examples of DC Network Topologies  Fat-tree topology K=4 21

Network Basic Functionalities/Features  Packet forwarding schemes  Bandwidth guarantees  Relative bandwidth sharing  Multipathing techniques 22

23 Examples of Virtual Network Proposals/Implementations

Traditional Data Center  Objective: isolation between tenants  Pros:  Uses VLANs to provide means of isolations  Uses commodity switches and popular hypervisors  SPs can have their own L2 & L3 address spaces  Cons:  Imposes scalability concerns 24

Diverter  Objective: to provide software-based VN solution for packet forwarding  L3 network virtualization to allow tenants control their addresses  Software module VNET on every physical machine  Replaces VM MAC with physical MAC  Special IP scheme ( 10.tenant.subnet.vm ) − Lacking QoS 25

NetLord  Objective: virtual network designed to provide solution for scalability of tenants, in order to increase resource utilization and revenue  Utilizes L2 and L3 virtualization: L2+L3 encapsulation  Full address-space virtualization  Uses Diverter forwarding  Uses SPAIN multipathing 26

NetLord 27

NetLord  Pros:  Takes advantage of already implemented schemes to provide basic functionalities  Cons  Not all commercial off-the-shelf switches support IP forwarding  Large packet encapsulation results in more drops and fragmentation  No bandwidth guarantee 28

Oktopus  Issues with multi-tenant data center networks:  Difficult application performance management  Unpredictable network performance  decrease app. performance  unhappy customers  revenue lo $$ e $  Objectives: to design virtual network abstractions and to explore the trade-off between the guarantees offered to tenants, the tenant cost and provider revenue  Key design concept: two virtual network abstractions:  Virtual cluster  Virtual oversubscribed cluster 29

Oktopus  Cluster 30

Oktopus  Virtual cluster 31

Oktopus  Virtual oversubscribed cluster 32

Oktopus  Pros:  Increases application performance  Flexibility to InP  Balance between higher application performance and lower cost  Cons  Deployability: only for tree-like physical network topologies 33

Gatekeeper  Objectives: a virtual network to provide bandwidth guarantees, and achieves high bandwidth utilization  Design features:  Scalable in terms of number of VMs  Predictable in terms of network performance  Flexible based on minimum and maximum bandwidth guarantees  Design elements:  Minimum guaranteed rate  Maximum allowed rate for each VM 34

Gatekeeper 35

Gatekeeper  Pros:  Flexible bandwidth guarantees  Cons:  Other performance features are not addressed  Still under development  Scale of experimental evaluation is small 36

Seawall  Objective: a virtual network to provide bandwidth sharing in a multi-tenant data center network 37

Seawall  Pros:  Policy enforcement so no one tenant can consume all bandwidth  Dynamic nature allows for tenant requirement change adjustment  Cons:  Deployability: currently for Windows and Hyper-V 38

39 Project Feature Forwarding Scheme Bandwidth Guarantee MultipathingRelative BW Sharing Traditional DC ✔✔ Diverter ✔ NetLord ✔✔ VICTOR ✔ VL2 ✔✔ PortLand ✔✔ SEC2 ✔✔ SPAIN ✔ Oktopus ✔ SecondNet ✔✔ Gatekeeper ✔ CloudNaaS ✔✔ Seawall ✔ NetShare ✔✔ Classification of Projects by Feature

Highlights on Research Direction  Virtualized Edge Data Center: concerned about placement of small data centers at the edge of the network to be closer to end- users  Benefits:  Better QoS for delay sensitive applications  Reduces network communication cost by reducing network traffic across network providers  Lower construction cost compared to large remote data centers  Challenges:  Service placement problem: finding optimal trade-off between performance and construction cost  How to efficiently manage services hosted in multiple data centers? 40

Highlights on Research Direction  Virtual data center embedding algorithms: to accommodate a high number of VDCs in data centers  Dependent on how efficient virtual resources are mapped to physical ones  Challenges:  Need to consider all physical resources, in addition to servers  Dynamic nature of the demand for data center applications  Energy efficiency: how to optimize the placement of VMs and VNs for energy efficiency? 41

Highlights on Research Direction  Network performance guarantees:  The design and implementation for bandwidth allocation schemes  Find a good trade-off between maximizing network utilization and guaranteed network performance  Data center management:  Monitoring  Energy management  Failure detection and handling 42

Highlights on Research Direction  Security:  Mitigating security vulnerabilities  Monitoring and auditing infrastructure  Support for multi-layer security depending on tenants needs 43

Conclusions  Server virtualization: what and why?  Techniques to address performance issues related to server virtualization  Datacenter network virtualization: what and why?  Recent virtual network architectures: no ideal project to solve all problems!  Future perspectives on server and network virtualization research: we still have a lot to do… 44

45 Thank You!

References  Fauzi Kamoun, “Virtualizing the Datacenter Without Compromising Server Performance”, ACM Ubiquity, Vol 2009, Issue 9.  Md. Faizul Mari, et. al., “Data Center Network Virtualization: A Survey”, in IEEE Communications Surveys & Tutorials, Vol 15, pg , Sep  [online] “Virtualization”, May  T. Benson, et. al., “CloudNaaS: A Cloud Networking Platform for Enterprise Applications”, SOCC’11,  A. Edwards, et.al., “Diverter: A New Approach to Networking Within Virtualized Infrastructures”, WREN’09,  J. Mudigonda, et. al., “SPAIN:COTS Data-Center Ethernet for Multipathing over Arbitrary Topologies,” in Proceedings ACM USENIX NSDI, April  J. Mudigonda, et. al., “NetLord: A Scalable Multi-Tenant Network Architecture for Virtualized Datacen- ters,” in Proceedings ACM SIGCOMM, August  F. Hao, et. al., “Enhancing Dynamic Cloud-based Services using Network Virtualization,” in Proceedings ACM VISA, August