Ruslan Grumble - Fotolia
Sometimes you'd rather order à la carte. You want to download one song, not the whole album. You only need one light bulb, not a pack of four. You want to eat one piece of chocolate, not a whole box. Choices like these usually come at a premium, but you get exactly what you want.
Other times, however, you may not be sure what items you need, how many are required or how they fit together.
Most network engineers interested in software-defined networking (SDN) but not yet SDN savants find themselves in the latter category. They're excited about the prospect of network programmability, but very few have the expertise, staff or budget to successfully design, test and launch a full-scale SDN deployment.
"SDN is a passion of mine, but I don't see my employer getting into that area anytime soon," says Aaron Paxson, global network manager at SVP Worldwide, a sewing machine manufacturer based in LaVergne, Tenn. "It's mostly due to the budget. None of my switches are OpenFlow-capable, so if you're talking about SDN from an OpenFlow perspective, it would basically take a rip and replace."
Concerns like Paxson's haven't gone unnoticed by vendors, and they are responding with kind of a prix-fixe alternative to the do-it-yourself model of SDN -- a bundle-discount, no-assembly-required package of products known as an SDN starter kit. Pica8 was the first to launch one in December 2013, which led to an avalanche of similar announcements last year from Big Switch Networks, Cisco, Dell, NEC, Plexxi and Tallac Networks. The kits range significantly in terms of cost, size and the variety of deployment options, depending on what they'll be used for. In general, however, they consist of a small number of switches and SDN controllers with pre-integrated software, a short-term software license and a professional support contract.
The goal is straightforward: Convince enterprises they don't need to be Google or Facebook to afford and find a use for SDN.
"There are some enterprises that look at their networks and say, ‘We do need to change, but we want to limit how fast we change and how much we change,'" says Brad Casemore, a research director at IDC.
"Cost is definitely a major consideration, but I also think it's about making [SDN] less frightening," Casemore adds. "One way to do that is to let people play with the technology and begin to find out what they can do with it. They see fewer risks and more opportunities."
Removing the guesswork from SDN
Christian Sarrasin is the founder and CEO of Clean Safe Cloud, a cloud provider in Switzerland, although the company hasn't yet gone to market with its service. Sarrasin and his chief technology officer (CTO) are in the process of designing and building a data center network based on SDN for their cloud offering -- housed in a nuclear-blast-proof, ex-Swiss Army bunker.
When they began evaluating the various approaches to SDN, the two entrepreneurs were initially interested in white-box switching, particularly switches that ran on Linux-based networking software from Cumulus Networks. The cost savings inherent in the white-box model were attractive, and Sarrasin says he liked any approach that would keep the threat of vendor lock-in at bay.
Christian SarrasinCEO, Clean Safe Cloud
But they also considered Big Switch, with a particular interest in how the vendor bridged physical and virtual switching. Big Switch ultimately won the deal -- not only due to its architecture but also because the vendor's starter kit, which Clean Safe Cloud is using to build its network, takes the guesswork out of what Sarrasin and his team need in order to implement SDN.
"Yes, we could do it ourselves [with white-box switches], but we don't really want to run that risk, and we don't think that would be money wisely placed," Sarrasin says. "We're going to have pretty stringent SLAs, and we need to have a good vendor standing behind us from a support perspective."
Clean Safe Cloud is using Big Switch's higher-end starter kit, which has a list price of $99,000 and is designed for a production environment, not a test. The kit comes with four leaf and two spine bare-metal switches from Edge-Core Networks, redundant controllers, a three-year Big Cloud Fabric software license, three years of hardware/software support and 40 Gigabit Ethernet leaf-spine cables. The setup comprises two racks of gear, which translate into support for about 2,000 virtual machines on modern servers, according to Prashant Gandhi, Big Switch's vice president of product management.
Big Switch also sells a single-rack, $39,000 starter kit geared more toward lab environments, due to the lack of redundancy and its one-year support contract and software license, Gandhi says. The licenses included in either kit have no limitations in terms of features, according to Big Switch, and all of the gear is modular, meaning it could be used in or repurposed for a larger deployment.
To say that no two SDN starter kits are the same would be an understatement. At the low end is NEC's $3,000 ProgrammableFlow Starter Pack, announced last October, which provides licensing for up to five switches on its ProgrammableFlow controllers and is targeted to lab environments and small-scale deployments. At the other end is Cisco's collection of four Application Centric Infrastructure (ACI) starter kits, announced last July, which range from $250,000 to $350,000 and consist of various packages of Nexus switches, ACI software licenses, Application Policy Infrastructure Controller (APIC) clusters and 40-gigabit optical cables.
Darien Hirotsu is an SDN consultant at SDN Essentials in Newark, Del., which provides SDN-related training, consulting and managed services. He uses Pica8's OpenFlow-based Open SDN starter kit for the company's internal lab as well as for training sessions with clients. The kit, listed at $8,895 and intended for lab environments, contains only software -- specifically, a CD-ROM loaded with Ryu, an open source SDN controller, plus an OpenFlow-based network tap application and Wireshark. The kit also requires the separate purchase of a Pica8 white-box switch, which runs the vendor's PicOS software.
The value of starter kits like Pica8's is their ability to let network engineers get hands-on experience with SDN technology in a preconfigured, pre-tested platform, Hirotsu says.
"For us, what's appealing about the Pica8 SDN starter kit, in particular, is it's a little bit of everything -- meaning if you want to dive into some Python code and understand how the guts of Ryu work, you have the option to do that," he says. "On the flip side, if you're more of a networking-centric person and want to learn OpenFlow and touch white-box switching, you can do that as well."
Cracking the enterprise SDN market
For enterprises looking to make a gradual transition to SDN, starter kits can help lay the groundwork, says IDC's Casemore.
"Workloads are shifting to greater virtualization -- maybe even to containers over time -- so you're looking at how you need to automate your network, build a flatter topology and make it programmable," he says. "You realize you've got to make changes to your network, but you realize you can't make them overnight. Many organizations are looking at [how they can begin] spinning up new workloads on this new infrastructure, so a starter kit can provide a foundation for that."
Paxson, the global network manager at SVP Worldwide, acknowledges that most SDN products still have big hurdles to overcome -- primarily, the questionable level of support for multi-vendor networks. But by lowering other barriers to entry, such as cost and complexity, starter kits may be just what SDN needs to get a foothold in the enterprise, he adds.
"You have an industry that hasn't changed in a very, very long time. Maybe the only things that changed are the protocols, management and some speeds, but SDN changes all of that. So you really have to have something that's put together and proven to work," Paxson says. "I think [the starter kit] is a great business model to get SDN into an industry that hasn't changed for 30 years."
They're starter kits, not learning kits
For networking pros just looking to toy around with SDN, however, starter kits are far from the most economical option. Even the cheapest kits cost thousands of dollars, and they are aimed at enterprises taking their first real steps into SDN. In other words, most starter kits are too expensive to be learning kits.
Free emulators like Mininet allow network engineers to experiment with OpenFlow networks on a virtual machine without the need for any switches or controller hardware. Some vendors like Big Switch provide free loaner gear to prospective customers for a few months. Other vendors, including Pica8 and Brocade, are offering free, scaled-down versions of their operating systems for testing on bare-metal switches.
"I've done the vast majority of my OpenFlow and SDN testing in pure virtual labs because, frankly, it's very easy to set up a Mininet lab and play with OpenFlow and OpenFlow controllers. And that's really all you need to understand the basics and core concepts of SDN," says Brandon Mangold, a principal architect at United Airlines working on developing a next-generation data center architecture based on SDN.
Brandon Mangoldprincipal architect, United Airlines
Mangold is in the process of testing products from Nuage Networks, Cisco's ACI product suite and VMware's NSX platform. He is not using any commercial starter kits, and he is skeptical of their worth.
"The starter kits are valuable for people who don't want to DIY, but at this stage, even if you buy one of these starter kits, you're still doing a lot of do-it-yourself," Mangold says. "I think the value in these starter kits is more for the vendors and them trying to get customers sold on their solutions."
SDN Essentials' Hirotsu also acknowledges that while starter kits eliminate the need to start from scratch, they are far from foolproof and still require specific skills and a familiarity with SDN.
"Any starter kit involves an investment in time and in growing your expertise. For example, if you're a network engineer and you haven't had to touch a lot of open source software, you may not be familiar with how to update the open source code," Hirotsu says. "I think it's a good place to start [if you have] the full range of skills that are involved. But if you want to be an SDN engineer, one of the things that needs to happen is you need to acquire skills that take you out of your comfort zone."
As with any technology, United's Mangold contends, some of the most important lessons are revealed during traditional vendor bake-offs. The limitations Mangold says he encountered in the SDN products he's testing are too vendor-specific to uncover in an emulation tool, and they're significant enough that he wouldn't find it acceptable to discover them after making an investment in the actual equipment, whether it comes in a starter kit or traditional purchase.
Although a nondisclosure agreement prohibits him from getting too specific, Mangold says his biggest concerns with software-centric platforms like NSX and Nuage are that they don't work best in anything but a single-hypervisor, fully virtualized data center, and he has found "significant scale issues." As for ACI, he has found Cisco's rapid-fire software updates for the various products aren't keeping up with each other, making it difficult to achieve feature alignment across the whole ACI suite.
"We are disappointed with all of the solutions. Reality doesn't meet the marketing hype," Mangold says. "Frankly, for any modern organization -- enterprise, specifically -- with a mix of requirements, none of the solutions that we're looking at are quite where they're supposed to be. But we kind of expected that. We're still early in the testing phases to validate what direction we want to focus on, and we kind of knew all of the solutions were still going to be a work in progress."
Starter kits don't have all the answers, acknowledges IDC's Casemore, who emphasizes that the success of any SDN deployment depends on current and future technology needs, as well as the level of expertise among IT staff.
"This is potentially one step in a much longer journey," Casemore says. "Enterprises need to look at various starter kit options and figure out which is appropriate for the sorts of workloads they want to run and intend to run -- in other words, what they've got now and what they plan to deploy -- and evaluate them within that prism."
Starter kits hint at vendor strengths
SDN starter kits come in all shapes and sizes, ranging in cost from a couple thousand to over a quarter-million dollars. But that's not the only factor that separates them from each other.
Several starter kits are marketed for specific use cases. Big Switch Networks pitches its two starter kits as the foundation for building private clouds. Pica8's starter kit focuses on a network tap application. Plexxi offers three distinct starter kits for agile data centers, distributed clouds and big data analytics.
"You can learn a lot about where [these vendors] expect or hope to make inroads," says Brad Casemore, a research director at IDC.
"They definitely see that they have a value proposition for those use cases, and they're putting together really bite-sized ways of adopting the technology."
That said, network engineers who get comfortable enough with SDN don't need to be limited by the specific applications headlining some starter kits, says Darien Hirotsu, an SDN consultant at SDN Essentials. Hirotsu uses the OpenFlow-based controller Ryu and the network tap application in Pica8's Open SDN starter kit for training sessions with clients and for the company's internal operations.
"The cool thing is once you have that environment working, you can start consuming other applications within Ryu," he says. "The tap [application] is a good start in that it makes you see things like REST APIs and how they'll be translated by a controller into OpenFlow. Likewise, you can start to get involved in an OpenFlow switch and see how flow-table rules are changed and manipulated. Once that's working and you can see it operate within Ryu, you can check out new applications and do other things, such as upgrading the controller itself or playing with new code."
- Software-Defined Networking Could Make Network-as-a-Service a Reality –SearchSecurity.com
- The New Network: Software-Defined Networking Gets Real –SearchSecurity.com
- Software-Defined Networks and the New Network Hypervisor –SearchSecurity.com
- Essential Guide to Software Defined Networks –ComputerWeekly.com