Google SDN is growing up and is now scalable enough to power the Google Cloud Platform with network, storage and compute infrastructure on demand.
After blazing the trail in SDN with home-baked OpenFlow SDN switching and controllers in its internal data centers, Google is now using a combination of network functions virtualization (NFV) and SDN in the Google Cloud to let customers provision and control their own pools of compute and storage on distinct virtual networks.
At the Open Networking Summit 2014 last week, distinguished Google engineer Amin Vahdat revealed a network virtualization and SDN controller dubbed Andromeda, which uses a "logically centralized control plane with a peer-to-peer distributed data plane."
Amin VahdatGoogle distinguished engineer
Essentially Google places a centralized controller over a virtual network overlay that connects clustered compute and storage resources. The Andromeda virtualization platform enables a centralized view of all of these resources, as well as orchestrated provisioning. A customer could, for example, spin up a 1,000-port isolated virtual network with its own storage and compute resources, and ultimately its own performance characteristics.
"The real thing we offer is infrastructure. Yes, you can gain access to your own compute and storage, but the real challenge is gaining access to storage [along with] load-balancing mechanisms, denia-of-service protection and a variety of other services," Vahdat said. "These are services that you can't buy shrink-wrapped."
At the base of Google's cloud are stacks of compute associated with top-of-rack switching. On top of these physical machines, Google builds a virtual network overlay and switching fabric that connects virtual switches, soft NICs and cluster routers. In the middle of it all sit packet processors -- or middle boxes -- that can tag packets for quality of service (QoS) and other network features, essentially allowing customers to "create functionality on the fly," Vahdat said. On top of all of this lies the Andromeda virtualization platform that acts as the orchestration tool, providing full visibility and provisioning of resources.
With this infrastructure, Google provisions isolated virtual networks, each with its own set of IP addresses and performance characteristics. The IP address fronts a range of virtual machines, but the Andromeda platform can spin up and down VMs within each address.
Network services, such as load balancing, security and QoS get mapped into each virtual network depending on customer need. Over time, Google will use the packet processors to provide an open NFV application programming interface that lets customers build in their own network functions if needed, Vahdat said. Yet in most cases, customers will need the same kinds of generic network functions and services. "What we provide as load balancing [for example] will suit the needs of 95% of customers, but some will need heavy lifting."
Beyond customized network functions, Google is looking to use its orchestration and control platforms to strike exactly the right balance in storage, compute and network provisioning to support scalable virtual environments for customers. As part of this architecture, storage is disaggregated and treated as a building-level resource instead of a block-level resource, so that it can be flexibly provisioned from clusters along with virtual compute and network resources.
"You want to build your virtual compute infrastructure to balance compute memory, network bandwidth, and storage capacity and bandwidth," Vahdat said. "Physical infrastructure is built for general-purpose compute, but the balance point for one application is different than it is for another. In a virtual infrastructure, you can actually provision what you need where you need it."
AT&T takes on SDN and NFV for customized network services