The storage, processing and the network use virtual machines associated with each of these domains that share the hardware resources. We can equally find three types of virtual machines on the same server. In order for the environment to be able to be executed without problems, we must add security, management and control virtual machines. Today, a company needs to have all five of these groups of virtual machines set up in order to constitute an operational information system. These five domains are shown in Figure 2.2.
Figure 2.1. The three basic principles. For a color version of the figure, see www.iste.co.uk/pujolle/software2.zip
Figure 2.2. The five domains necessary for the life of a company
The five domains described above can be put in place by way of virtual machines associated with each of the domains. The whole computing environment of a company can thus be concentrated in the Cloud in the form of virtual machines distributed in datacenters. This environment is illustrated in Figure 2.3 by datacenters containing the virtual machines necessary for the construction of the company’s computing system.
Figure 2.3. Virtualization of the five domains
In addition to this environment, there are applications that may be of two types: business applications and applications to control or orchestrate the environment itself. The search for new products has therefore turned towards autopilot systems, which are also referred to as orchestrators in the literature. The complete environment, which is vital to the functioning of a company, is shown in Figure 2.4, which shows the importance of the orchestrator in the general architecture of informational and operational systems.
Figure 2.4. The pilot program
2.2. The ONF architecture
In order for this new world of SDN to have a chance of being successful, it has to be standardized. This standardization was carried out by the ONF (Open Networking Foundation), which was set up under the auspices of large companies in the USA, following the proposal of this architecture by Stanford University and Nicira.
The architecture proposed by the ONF is shown in Figure 2.5. It comprises three layers. The bottom layer is an abstraction layer, which decouples the hardware from the software, and is responsible for data transport. This level describes the protocols and algorithms that enable IP packets to advance through the network to their destination. This is called the infrastructure plane. The second layer is the control plane. This plane contains the controllers providing control data to the data plane so that the data are channeled as effectively as possible. The ONF’s vision is to centralize control in order to facilitate the recovery of a great deal of information on all the clients. The centralized controller enables obtaining a sort of intelligence. The infrastructure to be managed is distributed between the controllers. Of course, we need to take account of the problems caused by a centralized environment, and therefore duplicate the decision elements.
Controllers carry out different functions, such as the provision of infrastructure or the distribution of loads on different network devices to optimize performances or reduce energy consumption. The controller is also in charge of the configuration of network equipment such as firewalls, authentication servers and, more generally, all servers necessary for the proper operation of the network. These different machines must be put in the most appropriate places in order to enhance the overall network functioning.
Finally, the uppermost layer, the application plane, is responsible for the applications needed by the clients and storage, computation, network, security and management applications. This layer introduces the programmability of the applications, and sends the controller all of the necessary information to allow the opening of the software networks meeting the needs of the applications. This layer also includes control, orchestration and management applications that are vital to the good functioning of the company’s computing system. The application plan must be able to channel the information required to open up the network that corresponds to the application towards the controller. Any new service can be introduced quickly, and will give rise to a specific network if it cannot be embedded on a pre-existing network.
The ONF architecture is shown in Figure 2.5, with its three layers: the application layer and programmability, the control layer with centralized intelligence, and abstraction at the infrastructure layer. We will come back to look at the interfaces between these layers, which are important for the compatibility of products from different vendors. The ONF has standardized the intermediary layer and the interfaces. Certain parts of the architecture are taken up by other standardization organizations so as to conform to the legal standards.
Figure 2.5. The ONF architecture
The ONF’s general architecture can actually be more detailed, as shown in Figure 2.6. Once again, we see the infrastructure layer, but it is expanded into two planes: the physical plane and the logical plane. The physical plane is in charge of all the hardware, and more generally, the physical infrastructure. The logical plane corresponds to the establishment of the software networks constructed on the basis of virtual machines, sharing the physical infrastructure in accordance with the rules deriving from the higher layers. This vision of the architecture enables us to clearly discern the hardware and the networks that exist in companies from the software, which is added to offer the necessary flexibility. This architecture requires datacenters ranging in size from very small to very large, depending on the size of the company and on the resources distribution to the periphery. Telecom operators have not missed this opportunity, and have entered into the market as Cloud providers. Companies such as Amazon and Google have gone directly for the goal, putting in place the infrastructure necessary to become major players in the world of telecommunications.
Figure 2.6. The SDN architecture
In the architecture shown in Figure 2.6, we see the control layer and the application layer with the northbound and southbound APIs (Application Programming Interfaces) between those layers, and the eastbound and westbound APIs with other controllers. The northbound interface facilitates communication between the application level and the controller. Its purpose is to describe the needs of the application and to pass along the commands to orchestrate the network. Later on, we will describe the current standards governing this interface. The southbound interface describes the signaling necessary between the control plane and the virtualization layer. With this aim in mind, the controller must be able to determine the elements that will make up the software network to set up. In the other direction, the current network resource consumption must be fed back so that the controller has as full a view as possible of the usage of the resources. The bandwidth necessary for the feeding back of these statistics may represent a few percent of the network’s capacity, but this is crucial for optimization which will improve performance by much more than a few percent.
In addition to the two interfaces described above, there are also the eastbound and westbound interfaces. The eastbound interface enables two controllers of the same type to communicate with one another and make decisions together. The westbound interface must