Network Virtualization in the Future Internet - Forsiden · Logical interconnection of two virtual...

Andreas Fischer, University of [email protected]

Network Virtualization in the Future Internet

Concepts, Applications, and Challenges

2A. Fischer, Network Virtualization in the Future Internet, Oslo, Oct. 2014

Table of Contents

Introduction to virtualization

Network virtualization

Terminology and Concepts

Applications

Instantiation and Management

Virtual Network Embedding

Problem description

Problem complexity

Strategies

Evaluation

Conclusions

Virtualization of Resources –Definition

virtual: adj.[via the technical term virtual memory, prob.: from the term virtual image

in optics]

1. Common alternative to logical; often used to refer to the artificial objects (like

addressable virtual memory larger than physical memory) simulated by a

computer system as a convenient way to manage access to shared resources.

2. Simulated; performing the functions of something that isn't really there. An

imaginative child's doll may be a virtual playmate. Oppose real.

Eric S. Raymond – Jargon File

http://www.catb.org/~esr/jargon/

Virtualization of Resources: Create virtual resources

To partition and/or aggregate real resources

To create resources with new qualities


Virtualization of Resources

Aggregation and splitting of resources

Combination of resources (clustering)

e.g., Grid computing

Splitting of resources (zoning, partitioning)

e.g., Server virtualization


Resources that can be virtualized

CPU

Partition CPU time into slices

Memory

Use swap mechanisms to create virtual memory address space

Hard drive

Span multiple physical disks

Use file as virtual hard drive

Network card

Create virtual network adapter


System Virtualization

Virtual Machine Monitor (VM Monitor)

Virtualizes host resources

Multiplexes Virtual Machines onto physical hardware

Virtual Machine (VM)

Provides virtual hardware to guest operating system

Exists in an isolated environment

Available management primitives

Start / Pause / Resume / Stop VM

Migrate VM (cold, live)

Add / Remove hardware to VM

6

VM VM

Gu

est

O

S

Gu

est

O

S

Real Machine

VM Monitor

A. Fischer, Network Virtualization in the Future Internet, Oslo, Oct. 2014

Advantages of System Virtualization

Reuse existing hardware instead of installing new devices

Consolidation of services

Reduces operational cost

Reduces energy consumption

New flexibility available

Use Virtual Machines as test environments

Use snapshots to return to a known configuration


Problems of System Virtualization

Rising complexity through additional layers

Management of resources needed

New security threats possible

“Virtual Machine Sprawl”

Ease of creation leads to high number of virtual machines

Increased administrative effort



Table of Contents




Applications



Problem description

Problem complexity

Strategies

Evaluation

Conclusions

Network Virtualization:Motivation

Today’s network layer is too inflexible

Slow adoption of new techniques (e.g. DiffServ/IntServ, IPv6)

Leads to makeshift solutions (e.g. Network Address Translation)

New services are restricted by current limitations

We need to overcome ossification of today’s Internet

Cater to new services

Dynamically adaptable

Use virtualization mechanisms to increase flexibility


Nodes

E.g., routers, firewalls, caches, ...

Qualitative properties

Active

Programmable

Quantitative properties CPU capacity (Number of

CPUs, clock rate)

Memory capacity (both RAM and disk)

...

Links

E.g., CAT-5 cable, wireless channel, ... (+ interfaces)

Qualitative properties

Passive

Non-programmable

Quantitative properties Bandwidth (uni- or

bidirectional)

Bit error rate

Delay

...


Network Virtualization:Terminology (1)


Physical resources

„Real“ hardware

„That, which is touchable and consumes power“

Virtual resources

„Simulated“ hardware

Characteristics: Demands for particular amount of resources

Substrate resources

Resources used to create virtual resources

Can be virtual themselves Recursion



Topology

A graph, representing the network

Consists of nodes and links

Can have particular characteristics (random, structured, ...)

Network

A weighted topology

Nodes and links are annotated with resources

Virtual network: Demands resources

Substrate network: Provides resources


14

Virtual Router

Virtual router in the context of system virtualization

OS with routing functionality

Encapsulated in a VM

Managed by a VMM

Virtualization advantages:

Router OSs sandboxed from each other

Different routing mechanisms on the same (real) machine

Ro

ute

r O

S

Real Machine

VMM

VM

Ro

ute

r O

S

Ro

ute

r O

S

VM VM

Virtual

Router


15

Virtual Link

Virtual link

Logical interconnection of two virtual routers

Appearing to them as a direct physical link

Properties can be set dynamically (e.g. bandwidth)

Can traverse more than one physical link (i.e., aggregation)

Virtual Link

Phys. Link

VMM

Real Machine

Ro

ute

r O

S

Real Machine

VMM

Ro

ute

r O

S

RM Phys. Link

Ro

ute

r O

S

Ro

ute

r O

S

VMVM VM VM


Creating a virtual network

Host A

Start VM1# qemu –enable kvm ... vm1.img

Create bridge, connect VM# brctl addbr virbr0

# brctl addif virbr0 vnet0

Create virtual link (tunnel)# ssh -o Tunnel=ethernet -f -w

0:0 HostB true

Connect SSH endpoint to bridge# brctl addif virbr0 tun0

Host B

Start VM2# qemu –enable kvm ... vm2.img

Create bridge, connect VM# brctl addbr virbr0

# brctl addif virbr0 vnet0

Wait for tunnel connection ...

Connect SSH endpoint to bridge# brctl addif virbr0 tun0


Virtual network instantiation

Coordination of physical resources

Discover network topology

Determine available resources

Start up virtual nodes

Determine physical resourcesto be used

Configure and start virtual nodes

Start virtual links

Connect virtual nodes

Configure virtual network interfaces


Management of virtual resources

Common interface necessary to create and modify virtual networks

Provide management primitives

Create / destroyvirtual nodes

Create / destroyvirtual links

Provide monitoringinformation

Enable dynamic creation and modification of networks

Requires sufficient performance



Performance:Creation of virtual networks

Virtual networks have to be created on the fly

Support dynamic establishment of communication channels

Dynamicity depends on time to reach fully operational state

Time may depend on resources already hosted

E.g., start new node

Create node: May need time to boot

Connect with other nodes: Set up networking, configure links

What are performance limits?

Minimum time for resource creation

Maximum number of virtual resources hosted

Performance:Modification of virtual networks

Node migration as part of network reconfiguration

React to upcoming network challenges

Redistribute physical resources

Step 1: Move virtual node

Requires bandwidth and time

Minimize effect on network

Step 2: Redirect network traffic

Avoid loss of packets

Minimize downtime


Virtual Machine Migration for Resilience

Migrate from unhealthy node to healthy node

Requires health monitoring

Requires failure prediction

Cold state

Disk image

Hardware configuration

Hot state

CPU state

RAM contents

21

Ho

t st

ate

Real Machine

Virtualisation Layer

Migration

Real Machine

Virtualisation Layer

Co

ld

stat

eVM

Ho

t st

ate

Co

ld

stat

eVM


Migration phases

Several distinct phases during migration

Needs significant lead time

Elaborate monitoring mechanisms

Depends on type of challenges


Application: Companies

Multiple logical networks on topof one physical network

Reflects workgroups orcompany processes

Historically differentnetworks

Ensure separationof concerns


Compartmentalization

Today: VLAN


Application: Cloud data centres


Virtual services are not isolated

Services can be highly interconnected

E.g. Load-balancer <-> Webserver(s) <-> Database(s)

Customer requirements have to be considered

Minimum bandwidth needed

Maximum delay accepted

Communication has influence on energy

Switch ports turned on/off

Routers active/inactive

Has to be reflected in data centremanagement

Within a single data centre

Across federated data centresImage source: Wikipedia

Application: Future Internet Testbeds

Motivation: Test new network protocols and architectures

Lots of different approaches

PlanetLab

1298 nodes, 621 sites

GENI

US extension of PlanetLab

G-Lab

German extension of PlanetLab

Vision: Seamless convergence towards a future Internet

In Europe: FIRE initiative: http://www.ict-fire.eu/


Image source: http://www.german-lab.de/

Future Internet Business model

Current cloud model

Infrastructure provider(e.g., Amazon EC²)

Service provider(e.g., Dropbox)

Future model

Virtual NetworkProvider assembles

Virtual NetworkOperator operates

Roles may be mixed



Table of Contents




Applications



Problem description

Problem complexity

Strategies

Evaluation

Conclusions


Virtual Network Embedding (VNE): Map virtual resources to substrate resources

Substrate networkprovides resources

Virtual networksconsume resources

Resources are node andlink properties

Node: E.g. CPU power

Link: E.g. bandwidth



Given a set of Virtual Network Requests (VNRs), what is the optimal way of instantiating them on a substrate network?

Problem: What is optimality?

Minimize usage of substrate resources?

Maximize number of accepted VNRs?


VNE: Problem complexity


Embedding is NP-hard for most applications

Nodes have CPU demands? Bin-packing

Virtual nodes areobjects

Substrate nodesare bins

Virtual links may not be split?Multi-commodity flow

Virtual links are commodities

NP-hard if unsplittable

Excursion: The P-NP Problem

Given a graph G with nodes N and links L: G = (N, L)

Is there a round-trip that visits every link exactly once?

Easy to decide („Euler-cycle“)

Graph has to be connected and every node‘s degree is even

Is there a round-trip that visits every node exactly once?

??? („Hamilton-cycle“)

... try all combinations. Drawback: Exponential runtime!



Given an airline network with cities interconnected by flights. Assume that there is a fixed price for each connection.

What is the cheapest trip from Oslo to Passau?

Reasonably easy to calculate („Dijkstra‘s algorithm“)

Successively compute cheapest paths to neighbouring cities until the destination is reached

What is the cheapest round-trip starting in Oslo and visiting every city at least once?

??? („Travelling-Salesman Problem“)

... try all combinations. Drawback: Exponential runtime!



Given a boolean formula with n variables:F = ( x1 && !x2 ) || ( x3 && x2 ) || ...

Is there a configuration for the variables such that the entire formula evaluates to „True“?

??? („SAT“, „satisfiability“)

Given a set of bins, each with a capacity ci and a set of objects, each with weight wj

Can all objects be put into the bins without overflowing one of them?

??? („Bin-packing“)



Similarities between those problems

All of them can be solved in exponential runtime(brute-force: try every combination)

Problems are closely related: If there were a polynomial solution for one of them, all other problems could be solved polynomially, as well!

However: a polynomial solution is known for none of them

Are we lost?

Luckily not: Heuristics!

Optimal solution may be infeasible, but near-to-optimal will often be enough „Find me a cheap round-trip (not necessarily the cheapest)“


P-NP in Virtual Network Embedding

Our problem here (just the node mapping):

Given a set of bins substrate nodes, each with a capacity ci and a set of objects virtual nodes, each with weight wj

Can all objects virtual nodes be put into the bins substrate nodes without overflowing one of them?

Just a reformulation of „Bin-packing“

We can use heuristics for that: Try to embed „a lot“ of virtual nodes (even if maximum is not reached)

Does not consider links, though


Strategies: Node and Link embedding

Two-stage embedding

First: Node embedding

E.g., first fit, best fit, ...

Then: Link embedding

E.g., shortest-path routing

Problem: Link embedding may be bad

Single-stage embedding

Coordinated node and link embedding

Takes link demands intoaccount

But: More complex


Strategies: Offline vs. online embedding

Offline embedding

All VNRs are known in advance

Can (in principle) calculate the overall optimal solution

Online embedding

VNRs may arrive randomly

VNRs have a specified life-time – will be deleted afterwards

Challenges

Requires fast embedding

Fragmentation may occur

Static vs. Dynamic embedding


Strategies: Static vs. dynamic embedding

Static embedding: Embedding does not change

Dynamic embedding: Embedding can be modified

Allows to make place for new VNRs

Requires migration functionality

What is the cost of migration here?


Large amount of approaches already existing

Algorithms can be classified in three dimensions

Centralized vs. distributed

Static vs. dynamic

Concise vs. redundant

Most approaches focus on performance

Nodes: Distribute CPU capacity

Actually, vector packing would be similar

Links: Distribute link bandwidth

But what about delay or failure rates?

Strategies: Different VNE algorithms in literature


Considering security issues

Virtual node to virtual node

Resource starvation: Excessive CPU usage

Can be used as Denial of Service attack

Sidechannel attacks

Virtual machine to virtual link

Eavesdrop on communication

Resource starvation: Excessive network traffic

Virtual machine to physical machine

Exploit vulnerabilities in virtualization solution

Threatens other virtual machines as well

How to reflect in embedding?


Considering energy efficiency

Improve energy efficiency of physical network

Maximize idle resources

Can then be switchedinto power savingmode

Difficulty: Hidden hops

Some embeddings maycause nodes to be activejust to forward data

Energy efficientembedding avoidssuch situations


VNE Evaluation with ALEVIN

Difficulty: Lots of parameters to control

Size and topology of networks

Distribution of resources

Many scenarios Lots of timespent during evaluation

Which metrics to evaluate?

Acceptance ratio: What is theratio of accepted VNRs?

Revenue / cost: What is theratio of realized virtual demands vs. spent substrate resources?

Running time: How much time did the algorithm take to embed a particular set of VNRs?


VNE Evaluation with ALEVIN


Create networks

Arbitrary topologies

Any size

Support various resources

Link and node

Beyond just CPU andbandwidth

Run VNE algorithms

Framework supports huge number of experiments

Lots of metrics to compare (common and more exotic)

Software available on: http://alevin.sf.net/

VNE Evaluation with ALEVIN: Energy efficiency

Modify existing VNE algorithm to takeenergy efficiency into account

Savings possible due to hidden hopavoidance

Avoid nodes powered only for virtual links

Original algorithmproduces lots ofhidden hops

High potential foroptimization

Parameters:

● SN with 100 nodes

● 5 VNs with 5-15 nodes each

● Substrate resources: 1-100

● Virtual resources: 1-50

● Power consumption: 100-500W


Conclusions

Network Virtualization is important concept for the Future Internet

Increase network flexibility and manageability

Provide separation of concerns

In some areas already in use today

Companies, Cloud Data Centres, Future Internet Testbeds

Virtual Network Embedding is the primary algorithmic problem for Network Virtualization

Lots of work already done

Lots of work still to do


References

Berl, A.; Fischer, A. & de Meer, H. “Using System Virtualization to Create Virtualized Networks”. Workshops der Wissenschaftlichen Konferenz Kommunikation in Verteilten Systemen (WowKiVS2009), EASST, 2009, 17

Berl, A.; Fischer, A. & de Meer, H. „Virtualisierung im Future Internet - Virtualisierungsmethoden und Anwendungen“. Informatik-Spektrum, 2010, 33, 186-194

Fischer, A.; Botero, J. F.; Duelli, M.; Schlosser, D.; Hesselbach, X. & De Meer, H. “ALEVIN - A Framework to Develop,

Compare, and Analyze Virtual Network Embedding Algorithms”. Electronic Communications of the EASST, Proc. of the Workshop on Challenges and Solutions for Network Virtualization (NV2011), EASST, 2011, 37, 1-12

Fischer, A.; Fessi, A.; Carle, G. & De Meer, H. “Wide-Area Virtual Machine Migration as Resilience Mechanism”. Proc. of the International Workshop on Network Resilience: From Research to Practice (WNR2011), IEEE, 2011

Clark, C.; Fraser, K.; Hand, S.; Hansen, J. G.; Jul, E.; Limpach, C.; Pratt, I. & Warfield, A. “Live migration of virtual mac hines”. Proceedings of the 2nd conference on Symposium on Networked Systems Design & Implementation - Volume 2, USENIX

Association, 2005, 273-286

Anderson, T.; Peterson, L.; Shenker, S. & Turner, J. “Overcoming the Internet Impasse through Virtualization”. Computer, IEEE Computer Society Press, 2005, 38, 34-41

Feamster, N.; Gao, L. & Rexford, J. “How to Lease the Internet in Your Spare Time”. ACM SIGCOMM Computer Communication Review, 2007, 37, 61-64

Wang, Y.; Keller, E.; Biskeborn, B.; van der Merwe, J. & Rexford, J. “Virtual routers on the move: live router migration as anetwork-management primitive”. SIGCOMM Comput. Commun. Rev., ACM, 2008, 38, 231-242

Chowdhury, N. M. K. & Boutaba, R. “A survey of network virtualization”. Computer Networks, 2010, 54, 862 - 876

Goldberg, R. P. “Survey of Virtual Machine Research”. Computer, 1974, 7, 34 - 45

Fischer, A.; Botero, J. F.; Beck, M. T.; De Meer, H. & Hesselbach, X. “Virtual Network Embedding: A Survey”. IEEE

Communications Surveys and Tutorials, 2013, 15, 1888-1906


Network Virtualization in the Future Internet - Forsiden · Logical interconnection of two virtual...

Documents

Transcript of Network Virtualization in the Future Internet - Forsiden · Logical interconnection of two virtual...