Network Virtualization in the Future Internet · Network Virtualization: Motivation Today’s...
Transcript of Network Virtualization in the Future Internet · Network Virtualization: Motivation Today’s...
Andreas Fischer, University of [email protected]
Network Virtualization in the Future Internet
Concepts, Applications, and Challenges
2A. Fischer, Network Virtualization in the Future Internet, Oslo, Oct. 2014
Table of Contents
Introduction to virtualization
Network virtualization
Terminology and Concepts
Applications
Instantiation and Management
Virtual Network Embedding
Problem description
Problem complexity
Strategies
Evaluation
Conclusions
Virtualization of Resources –Definition
virtual: adj.[via the technical term virtual memory, prob.: from the term virtual image
in optics]
1. Common alternative to logical; often used to refer to the artificial objects (like
addressable virtual memory larger than physical memory) simulated by a
computer system as a convenient way to manage access to shared resources.
2. Simulated; performing the functions of something that isn't really there. An
imaginative child's doll may be a virtual playmate. Oppose real.
Eric S. Raymond – Jargon File
http://www.catb.org/~esr/jargon/
Virtualization of Resources: Create virtual resources
To partition and/or aggregate real resources
To create resources with new qualities
3A. Fischer, Network Virtualization in the Future Internet, Oslo, Oct. 2014
Virtualization of Resources
Aggregation and splitting of resources
Combination of resources (clustering)
e.g., Grid computing
Splitting of resources (zoning, partitioning)
e.g., Server virtualization
4A. Fischer, Network Virtualization in the Future Internet, Oslo, Oct. 2014
Resources that can be virtualized
CPU
Partition CPU time into slices
Memory
Use swap mechanisms to create virtual memory address space
Hard drive
Span multiple physical disks
Use file as virtual hard drive
Network card
Create virtual network adapter
5A. Fischer, Network Virtualization in the Future Internet, Oslo, Oct. 2014
System Virtualization
Virtual Machine Monitor (VM Monitor)
Virtualizes host resources
Multiplexes Virtual Machines onto physical hardware
Virtual Machine (VM)
Provides virtual hardware to guest operating system
Exists in an isolated environment
Available management primitives
Start / Pause / Resume / Stop VM
Migrate VM (cold, live)
Add / Remove hardware to VM
6
VM VM
Gu
est
O
S
Gu
est
O
S
Real Machine
VM Monitor
A. Fischer, Network Virtualization in the Future Internet, Oslo, Oct. 2014
Advantages of System Virtualization
Reuse existing hardware instead of installing new devices
Consolidation of services
Reduces operational cost
Reduces energy consumption
New flexibility available
Use Virtual Machines as test environments
Use snapshots to return to a known configuration
7A. Fischer, Network Virtualization in the Future Internet, Oslo, Oct. 2014
Problems of System Virtualization
Rising complexity through additional layers
Management of resources needed
New security threats possible
“Virtual Machine Sprawl”
Ease of creation leads to high number of virtual machines
Increased administrative effort
8A. Fischer, Network Virtualization in the Future Internet, Oslo, Oct. 2014
9A. Fischer, Network Virtualization in the Future Internet, Oslo, Oct. 2014
Table of Contents
Introduction to virtualization
Network virtualization
Terminology and Concepts
Applications
Instantiation and Management
Virtual Network Embedding
Problem description
Problem complexity
Strategies
Evaluation
Conclusions
Network Virtualization:Motivation
Today’s network layer is too inflexible
Slow adoption of new techniques (e.g. DiffServ/IntServ, IPv6)
Leads to makeshift solutions (e.g. Network Address Translation)
New services are restricted by current limitations
We need to overcome ossification of today’s Internet
Cater to new services
Dynamically adaptable
Use virtualization mechanisms to increase flexibility
10A. Fischer, Network Virtualization in the Future Internet, Oslo, Oct. 2014
Nodes
E.g., routers, firewalls, caches, ...
Qualitative properties
Active
Programmable
Quantitative properties CPU capacity (Number of
CPUs, clock rate)
Memory capacity (both RAM and disk)
...
Links
E.g., CAT-5 cable, wireless channel, ... (+ interfaces)
Qualitative properties
Passive
Non-programmable
Quantitative properties Bandwidth (uni- or
bidirectional)
Bit error rate
Delay
...
11A. Fischer, Network Virtualization in the Future Internet, Oslo, Oct. 2014
Network Virtualization:Terminology (1)
Network Virtualization:Terminology (2)
Physical resources
„Real“ hardware
„That, which is touchable and consumes power“
Virtual resources
„Simulated“ hardware
Characteristics: Demands for particular amount of resources
Substrate resources
Resources used to create virtual resources
Can be virtual themselves Recursion
12A. Fischer, Network Virtualization in the Future Internet, Oslo, Oct. 2014
Network Virtualization:Terminology (3)
Topology
A graph, representing the network
Consists of nodes and links
Can have particular characteristics (random, structured, ...)
Network
A weighted topology
Nodes and links are annotated with resources
Virtual network: Demands resources
Substrate network: Provides resources
13A. Fischer, Network Virtualization in the Future Internet, Oslo, Oct. 2014
14
Virtual Router
Virtual router in the context of system virtualization
OS with routing functionality
Encapsulated in a VM
Managed by a VMM
Virtualization advantages:
Router OSs sandboxed from each other
Different routing mechanisms on the same (real) machine
Ro
ute
r O
S
Real Machine
VMM
VM
Ro
ute
r O
S
Ro
ute
r O
S
VM VM
Virtual
Router
A. Fischer, Network Virtualization in the Future Internet, Oslo, Oct. 2014
15
Virtual Link
Virtual link
Logical interconnection of two virtual routers
Appearing to them as a direct physical link
Properties can be set dynamically (e.g. bandwidth)
Can traverse more than one physical link (i.e., aggregation)
Virtual Link
Phys. Link
VMM
Real Machine
Ro
ute
r O
S
Real Machine
VMM
Ro
ute
r O
S
RM Phys. Link
Ro
ute
r O
S
Ro
ute
r O
S
VMVM VM VM
A. Fischer, Network Virtualization in the Future Internet, Oslo, Oct. 2014
Creating a virtual network
Host A
Start VM1# qemu –enable kvm ... vm1.img
Create bridge, connect VM# brctl addbr virbr0
# brctl addif virbr0 vnet0
Create virtual link (tunnel)# ssh -o Tunnel=ethernet -f -w
0:0 HostB true
Connect SSH endpoint to bridge# brctl addif virbr0 tun0
Host B
Start VM2# qemu –enable kvm ... vm2.img
Create bridge, connect VM# brctl addbr virbr0
# brctl addif virbr0 vnet0
Wait for tunnel connection ...
Connect SSH endpoint to bridge# brctl addif virbr0 tun0
16A. Fischer, Network Virtualization in the Future Internet, Oslo, Oct. 2014
Virtual network instantiation
Coordination of physical resources
Discover network topology
Determine available resources
Start up virtual nodes
Determine physical resourcesto be used
Configure and start virtual nodes
Start virtual links
Connect virtual nodes
Configure virtual network interfaces
17A. Fischer, Network Virtualization in the Future Internet, Oslo, Oct. 2014
Management of virtual resources
Common interface necessary to create and modify virtual networks
Provide management primitives
Create / destroyvirtual nodes
Create / destroyvirtual links
Provide monitoringinformation
Enable dynamic creation and modification of networks
Requires sufficient performance
18A. Fischer, Network Virtualization in the Future Internet, Oslo, Oct. 2014
19A. Fischer, Network Virtualization in the Future Internet, Oslo, Oct. 2014
Performance:Creation of virtual networks
Virtual networks have to be created on the fly
Support dynamic establishment of communication channels
Dynamicity depends on time to reach fully operational state
Time may depend on resources already hosted
E.g., start new node
Create node: May need time to boot
Connect with other nodes: Set up networking, configure links
What are performance limits?
Minimum time for resource creation
Maximum number of virtual resources hosted
Performance:Modification of virtual networks
Node migration as part of network reconfiguration
React to upcoming network challenges
Redistribute physical resources
Step 1: Move virtual node
Requires bandwidth and time
Minimize effect on network
Step 2: Redirect network traffic
Avoid loss of packets
Minimize downtime
20A. Fischer, Network Virtualization in the Future Internet, Oslo, Oct. 2014
Virtual Machine Migration for Resilience
Migrate from unhealthy node to healthy node
Requires health monitoring
Requires failure prediction
Cold state
Disk image
Hardware configuration
Hot state
CPU state
RAM contents
21
Ho
t st
ate
Real Machine
Virtualisation Layer
Migration
Real Machine
Virtualisation Layer
Co
ld
stat
eVM
Ho
t st
ate
Co
ld
stat
eVM
A. Fischer, Network Virtualization in the Future Internet, Oslo, Oct. 2014
Migration phases
Several distinct phases during migration
Needs significant lead time
Elaborate monitoring mechanisms
Depends on type of challenges
2222A. Fischer, Network Virtualization in the Future Internet, Oslo, Oct. 2014
Application: Companies
Multiple logical networks on topof one physical network
Reflects workgroups orcompany processes
Historically differentnetworks
Ensure separationof concerns
Network virtualization
Compartmentalization
Today: VLAN
23A. Fischer, Network Virtualization in the Future Internet, Oslo, Oct. 2014
Application: Cloud data centres
24A. Fischer, Network Virtualization in the Future Internet, Oslo, Oct. 2014
Virtual services are not isolated
Services can be highly interconnected
E.g. Load-balancer <-> Webserver(s) <-> Database(s)
Customer requirements have to be considered
Minimum bandwidth needed
Maximum delay accepted
Communication has influence on energy
Switch ports turned on/off
Routers active/inactive
Has to be reflected in data centremanagement
Within a single data centre
Across federated data centresImage source: Wikipedia
Application: Future Internet Testbeds
Motivation: Test new network protocols and architectures
Lots of different approaches
PlanetLab
1298 nodes, 621 sites
GENI
US extension of PlanetLab
G-Lab
German extension of PlanetLab
Vision: Seamless convergence towards a future Internet
In Europe: FIRE initiative: http://www.ict-fire.eu/
25A. Fischer, Network Virtualization in the Future Internet, Oslo, Oct. 2014
Image source: http://www.german-lab.de/
Future Internet Business model
Current cloud model
Infrastructure provider(e.g., Amazon EC²)
Service provider(e.g., Dropbox)
Future model
Virtual NetworkProvider assembles
Virtual NetworkOperator operates
Roles may be mixed
26A. Fischer, Network Virtualization in the Future Internet, Oslo, Oct. 2014
27A. Fischer, Network Virtualization in the Future Internet, Oslo, Oct. 2014
Table of Contents
Introduction to virtualization
Network virtualization
Terminology and Concepts
Applications
Instantiation and Management
Virtual Network Embedding
Problem description
Problem complexity
Strategies
Evaluation
Conclusions
Virtual Network Embedding
Virtual Network Embedding (VNE): Map virtual resources to substrate resources
Substrate networkprovides resources
Virtual networksconsume resources
Resources are node andlink properties
Node: E.g. CPU power
Link: E.g. bandwidth
28A. Fischer, Network Virtualization in the Future Internet, Oslo, Oct. 2014
Virtual Network Embedding
Given a set of Virtual Network Requests (VNRs), what is the optimal way of instantiating them on a substrate network?
Problem: What is optimality?
Minimize usage of substrate resources?
Maximize number of accepted VNRs?
29A. Fischer, Network Virtualization in the Future Internet, Oslo, Oct. 2014
VNE: Problem complexity
30A. Fischer, Network Virtualization in the Future Internet, Oslo, Oct. 2014
Embedding is NP-hard for most applications
Nodes have CPU demands? Bin-packing
Virtual nodes areobjects
Substrate nodesare bins
Virtual links may not be split?Multi-commodity flow
Virtual links are commodities
NP-hard if unsplittable
Excursion: The P-NP Problem
Given a graph G with nodes N and links L: G = (N, L)
Is there a round-trip that visits every link exactly once?
Easy to decide („Euler-cycle“)
Graph has to be connected and every node‘s degree is even
Is there a round-trip that visits every node exactly once?
??? („Hamilton-cycle“)
... try all combinations. Drawback: Exponential runtime!
31A. Fischer, Network Virtualization in the Future Internet, Oslo, Oct. 2014
Excursion: The P-NP Problem
Given an airline network with cities interconnected by flights. Assume that there is a fixed price for each connection.
What is the cheapest trip from Oslo to Passau?
Reasonably easy to calculate („Dijkstra‘s algorithm“)
Successively compute cheapest paths to neighbouring cities until the destination is reached
What is the cheapest round-trip starting in Oslo and visiting every city at least once?
??? („Travelling-Salesman Problem“)
... try all combinations. Drawback: Exponential runtime!
32A. Fischer, Network Virtualization in the Future Internet, Oslo, Oct. 2014
Excursion: The P-NP Problem
Given a boolean formula with n variables:F = ( x1 && !x2 ) || ( x3 && x2 ) || ...
Is there a configuration for the variables such that the entire formula evaluates to „True“?
??? („SAT“, „satisfiability“)
Given a set of bins, each with a capacity ci and a set of objects, each with weight wj
Can all objects be put into the bins without overflowing one of them?
??? („Bin-packing“)
33A. Fischer, Network Virtualization in the Future Internet, Oslo, Oct. 2014
Excursion: The P-NP Problem
Similarities between those problems
All of them can be solved in exponential runtime(brute-force: try every combination)
Problems are closely related: If there were a polynomial solution for one of them, all other problems could be solved polynomially, as well!
However: a polynomial solution is known for none of them
Are we lost?
Luckily not: Heuristics!
Optimal solution may be infeasible, but near-to-optimal will often be enough „Find me a cheap round-trip (not necessarily the cheapest)“
34A. Fischer, Network Virtualization in the Future Internet, Oslo, Oct. 2014
P-NP in Virtual Network Embedding
Our problem here (just the node mapping):
Given a set of bins substrate nodes, each with a capacity ci and a set of objects virtual nodes, each with weight wj
Can all objects virtual nodes be put into the bins substrate nodes without overflowing one of them?
Just a reformulation of „Bin-packing“
We can use heuristics for that: Try to embed „a lot“ of virtual nodes (even if maximum is not reached)
Does not consider links, though
35A. Fischer, Network Virtualization in the Future Internet, Oslo, Oct. 2014
Strategies: Node and Link embedding
Two-stage embedding
First: Node embedding
E.g., first fit, best fit, ...
Then: Link embedding
E.g., shortest-path routing
Problem: Link embedding may be bad
Single-stage embedding
Coordinated node and link embedding
Takes link demands intoaccount
But: More complex
36A. Fischer, Network Virtualization in the Future Internet, Oslo, Oct. 2014
Strategies: Offline vs. online embedding
Offline embedding
All VNRs are known in advance
Can (in principle) calculate the overall optimal solution
Online embedding
VNRs may arrive randomly
VNRs have a specified life-time – will be deleted afterwards
Challenges
Requires fast embedding
Fragmentation may occur
Static vs. Dynamic embedding
37A. Fischer, Network Virtualization in the Future Internet, Oslo, Oct. 2014
Strategies: Static vs. dynamic embedding
Static embedding: Embedding does not change
Dynamic embedding: Embedding can be modified
Allows to make place for new VNRs
Requires migration functionality
What is the cost of migration here?
38A. Fischer, Network Virtualization in the Future Internet, Oslo, Oct. 2014
Large amount of approaches already existing
Algorithms can be classified in three dimensions
Centralized vs. distributed
Static vs. dynamic
Concise vs. redundant
Most approaches focus on performance
Nodes: Distribute CPU capacity
Actually, vector packing would be similar
Links: Distribute link bandwidth
But what about delay or failure rates?
Strategies: Different VNE algorithms in literature
39A. Fischer, Network Virtualization in the Future Internet, Oslo, Oct. 2014
Considering security issues
Virtual node to virtual node
Resource starvation: Excessive CPU usage
Can be used as Denial of Service attack
Sidechannel attacks
Virtual machine to virtual link
Eavesdrop on communication
Resource starvation: Excessive network traffic
Virtual machine to physical machine
Exploit vulnerabilities in virtualization solution
Threatens other virtual machines as well
How to reflect in embedding?
40A. Fischer, Network Virtualization in the Future Internet, Oslo, Oct. 2014
Considering energy efficiency
Improve energy efficiency of physical network
Maximize idle resources
Can then be switchedinto power savingmode
Difficulty: Hidden hops
Some embeddings maycause nodes to be activejust to forward data
Energy efficientembedding avoidssuch situations
41A. Fischer, Network Virtualization in the Future Internet, Oslo, Oct. 2014
VNE Evaluation with ALEVIN
Difficulty: Lots of parameters to control
Size and topology of networks
Distribution of resources
Many scenarios Lots of timespent during evaluation
Which metrics to evaluate?
Acceptance ratio: What is theratio of accepted VNRs?
Revenue / cost: What is theratio of realized virtual demands vs. spent substrate resources?
Running time: How much time did the algorithm take to embed a particular set of VNRs?
42A. Fischer, Network Virtualization in the Future Internet, Oslo, Oct. 2014
VNE Evaluation with ALEVIN
43A. Fischer, Network Virtualization in the Future Internet, Oslo, Oct. 2014
Create networks
Arbitrary topologies
Any size
Support various resources
Link and node
Beyond just CPU andbandwidth
Run VNE algorithms
Framework supports huge number of experiments
Lots of metrics to compare (common and more exotic)
Software available on: http://alevin.sf.net/
VNE Evaluation with ALEVIN: Energy efficiency
Modify existing VNE algorithm to takeenergy efficiency into account
Savings possible due to hidden hopavoidance
Avoid nodes powered only for virtual links
Original algorithmproduces lots ofhidden hops
High potential foroptimization
Parameters:
● SN with 100 nodes
● 5 VNs with 5-15 nodes each
● Substrate resources: 1-100
● Virtual resources: 1-50
● Power consumption: 100-500W
44A. Fischer, Network Virtualization in the Future Internet, Oslo, Oct. 2014
Conclusions
Network Virtualization is important concept for the Future Internet
Increase network flexibility and manageability
Provide separation of concerns
In some areas already in use today
Companies, Cloud Data Centres, Future Internet Testbeds
Virtual Network Embedding is the primary algorithmic problem for Network Virtualization
Lots of work already done
Lots of work still to do
45A. Fischer, Network Virtualization in the Future Internet, Oslo, Oct. 2014
References
Berl, A.; Fischer, A. & de Meer, H. “Using System Virtualization to Create Virtualized Networks”. Workshops der Wissenschaftlichen Konferenz Kommunikation in Verteilten Systemen (WowKiVS2009), EASST, 2009, 17
Berl, A.; Fischer, A. & de Meer, H. „Virtualisierung im Future Internet - Virtualisierungsmethoden und Anwendungen“. Informatik-Spektrum, 2010, 33, 186-194
Fischer, A.; Botero, J. F.; Duelli, M.; Schlosser, D.; Hesselbach, X. & De Meer, H. “ALEVIN - A Framework to Develop,
Compare, and Analyze Virtual Network Embedding Algorithms”. Electronic Communications of the EASST, Proc. of the Workshop on Challenges and Solutions for Network Virtualization (NV2011), EASST, 2011, 37, 1-12
Fischer, A.; Fessi, A.; Carle, G. & De Meer, H. “Wide-Area Virtual Machine Migration as Resilience Mechanism”. Proc. of the International Workshop on Network Resilience: From Research to Practice (WNR2011), IEEE, 2011
Clark, C.; Fraser, K.; Hand, S.; Hansen, J. G.; Jul, E.; Limpach, C.; Pratt, I. & Warfield, A. “Live migration of virtual mac hines”. Proceedings of the 2nd conference on Symposium on Networked Systems Design & Implementation - Volume 2, USENIX
Association, 2005, 273-286
Anderson, T.; Peterson, L.; Shenker, S. & Turner, J. “Overcoming the Internet Impasse through Virtualization”. Computer, IEEE Computer Society Press, 2005, 38, 34-41
Feamster, N.; Gao, L. & Rexford, J. “How to Lease the Internet in Your Spare Time”. ACM SIGCOMM Computer Communication Review, 2007, 37, 61-64
Wang, Y.; Keller, E.; Biskeborn, B.; van der Merwe, J. & Rexford, J. “Virtual routers on the move: live router migration as anetwork-management primitive”. SIGCOMM Comput. Commun. Rev., ACM, 2008, 38, 231-242
Chowdhury, N. M. K. & Boutaba, R. “A survey of network virtualization”. Computer Networks, 2010, 54, 862 - 876
Goldberg, R. P. “Survey of Virtual Machine Research”. Computer, 1974, 7, 34 - 45
Fischer, A.; Botero, J. F.; Beck, M. T.; De Meer, H. & Hesselbach, X. “Virtual Network Embedding: A Survey”. IEEE
Communications Surveys and Tutorials, 2013, 15, 1888-1906
46A. Fischer, Network Virtualization in the Future Internet, Oslo, Oct. 2014
47A. Fischer, Network Virtualization in the Future Internet, Oslo, Oct. 2014