Infrastructure Virtualization

Definition of Infrastructure Virtualization

A virtual infrastructure is a software-based IT infrastructure being hosted on another physical infrastructure and meant to be distributed as a service as in cloud computing’s Infrastructure as a Service (IaaS) delivery model. It provides organisations, particularly smaller ones, that cannot afford to build their own physical infrastructure, access to enterprise-grade technology such as servers and applications. The distribution is often done via the cloud, meaning over large networks such as the Internet.

Purpose of Infrastructure Virtualization

The main purpose of a virtual infrastructure is to bring enterprise-level technology to organisations that cannot afford the large capital required to pay for the hardware, software licenses, setup and continual maintenance of an actual data center infrastructure. The technology involves virtualization, which is the utilisation of physical server resources to host logical or virtual servers and networking hardware in order to optimise resources and drive costs down by hosting multiple virtual servers in a single host server. 

The idea is that no single server is actually taxed enough to the point that its resource limits are reached so it would be more prudent to make use of these resources by running multiple logical servers that, together, can make use of the actual capacity of the host. This lean approach allows for sharing and distributing resources, which, in turn, promotes flexibility, scalability and lower total cost of ownership.

An Abstraction for Virtual Machine (VM) management is a powerful mechanism for providing elastic services over Cloud Data Centers (DC)s. At the same time, the resulting network congestion has been repeatedly reported as the main bottleneck in DCs, even when the overall resource utilisation of the infrastructure remains low.

Virtual Switch (VSwitch)

It defines that a virtual switch (VSwitch) is a software application that allows communication between virtual machines. A VSwitch does more than just forward data packets, it intelligently directs the communication on a network by checking data packets before moving them to a destination. 

Virtual switches are usually embedded into installed software, but they may also be included in a server’s hardware as part of its firmware. A virtual switch is completely virtual and can connect to a network interface card (NIC). The VSwitch merges physical switches into a single logical switch. This helps to increase bandwidth and create an active mesh between server and switches.

A virtual switch is meant to provide a mechanism to reduce the complexity of network configuration. This is achieved by reducing the number of switches that need to be managed after taking the network size, data packets and architecture into account. Because a virtual switch is intelligent, it can also ensure the integrity of the virtual machine's profile, which includes network and security settings. This proves a big help to network administrators as moving virtual machines across physical hosts can be time-consuming and pose security risks.

A virtual switch has a few key advantages:

• Helps in easy deployment and migration of virtual servers
• Allows network administrators to manage virtual switch deployed through a hypervisor
• Compared to a physical switch, it's easy to roll out new functionality, which can be hardware or firmware related.

Distributed Virtual Switch

A virtual switch (vSwitch) carries VMs' traffic to the physical network and to other VMs. Distributed vSwitches, which are also known as VMware vDS, enable more features than standard vSwitches, sometimes called VMware vSS. A standard vSwitch works within one ESX/ESXi host only.

Most vSwitches include an integrated control and data plane. With DVS, the control and data planes are decoupled. This makes it easier to integrate the vSwitch’s control plane with the control planes of other switches and with the virtual server management system. 

The control and data planes of the embedded virtual switch are decoupled. This allows the data planes of multiple virtual switches to be controlled by an external centralized management system that implements the control plane functionality. Decoupling the data plane from the control plane makes it easier to tightly integrate the virtual switch control plane with the control planes of physical access and/or aggregation switches and/or the virtual server management system. 

Virtual Networking on Other Hypervisors 

Virtual networks can be provisioned using a cloud management platform (CMP) that requests virtual network and security services for corresponding workloads. The controller then distributes the necessary services to the corresponding virtual switches and logically attaches them to the appropriate workloads.

This allows different virtual networks to be associated with different workloads on the same hypervisor. It also makes it possible to create anything and everything you might need from basic virtual networks with as few as two nodes to advanced constructs used to deliver multi-tier applications.

The integration of all networking functions into the hypervisor is a big advantage of network virtualization. It allows the network, and all associated functions, to follow virtual machines as they move from one server to another. And since the network connections are all in software, there’s no need to reconfigure them. Your network becomes far more flexible, and can go anywhere in your data center that is virtualized.

Example of this type of hypervisor include VMware Fusion, Oracle Virtual Box, Oracle VM for x86, Solaris Zones, Parallels and VMware Workstation. In a Type 1 hypervisor (also called a bare metal hypervisor) is installed directly on physical host server hardware just like an operating system.

Networking Challenges in Server Virtualization Environments With server virtualization rapidly advancing into most data centers, the number of virtual switch ports naturally has surpassed the number of physical switch interfaces in these environments.

Cisco Nexus 1000V Series Switches provide a comprehensive and extensible architectural platform for virtual machine (VM) and cloud networking. The switches are designed to accelerate server virtualization and multitenant cloud deployments in a secure and operationally transparent manner.

Cisco Nexus 1000V: A Multi-Hypervisor Platform 

The Cisco Nexus 1000V uses a multi-hypervisor licensing approach, which allows you to migrate a license from one Cisco Nexus 1000V switch platform type to another. For example, you can migrate the license from a Cisco Nexus 1000V for VMware switch to a Cisco Nexus 1000V for Microsoft Hyper-V.

Virtual EXtensible LAN

Virtual Extensible LAN (VXLAN) is a network virtualization technology that attempts to address the scalability problems associated with large cloud computing deployments. It uses a VLAN-like encapsulation technique to encapsulate OSI layer 2 Ethernet frames within layer 4 UDP datagrams, using 4789 as the default IANA-assigned destination UDP port number. VXLAN endpoints, which terminate VXLAN tunnels and may be either virtual or physical switch ports, are known as VXLAN tunnel endpoints (VTEPs).

Standard best practices for VSM deployments should be followed. The VSM can be part of the same cluster in VMware vCenter for which it is providing Layer 2 networking functions. The VSM can also be hosted on the Cisco Nexus 1110 appliance that is running the VXLAN Gateway. In addition, the following configuration must be applied to the VSM:

● Verify that the VSM is configured in the Advanced mode by entering the svs switch edition advanced command to enable Advanced mode.

● Verify that LACP is configured by entering the feature lacp command on the VSM.

●Verify that the VXLAN feature is enabled on the VSM by entering the feature segmentation command to enable VXLANs on the VSM.

VXLAN Gateway

The current support for VXLAN extends to virtual switches that run in a hypervisor environment, and the only endpoints that can be on VXLANs are virtual machines. Physical servers and traditional service nodes will continue to be used on traditional VLAN interfaces. To connect workloads with some components on a VXLAN interface and others on a VLAN interface, or to apply hardware-based services to a VXLAN network, an interconnection mechanism is needed.

One way to interconnect VXLANs and traditional VLANs is through a virtual machine-based software router such as the Cisco ASA 1000V. The ASA 1000V is a Layer 3 gateway, and VXLAN traffic is routed through the Cisco ASA 1000V, which will have one interface on a VXLAN segment and another on a VLAN segment.

The VXLAN Gateway provides a way to connect a VXLAN segment to a VLAN segment at Layer 2. A logical instance of this gateway is a 2-port Layer 2 learning bridge that connects a particular VXLAN segment to an IEEE 802.1Q VLAN.

A VXLAN gateway is a solution that allows a virtual extensible LAN (VXLAN) to communicate with another network, particularly a virtual LAN (VLAN). In order for the traffic from a VXLAN to use services on physical devices in a distant network, the traffic must pass through a VXLAN.