SOFTWARE-DEFINED NETWORKING INTERFACE BETWEEN MULTIPLE PLATFORM MANAGERS
Embodiments relate to a software-defined networking (SDN) interface between multiple platform managers. An aspect is a computer-implemented method for receiving, at an SDN controller of a network, provisioning data from a first network provisioning application associated with a first platform manager of a first computing platform. Provisioning data are received at the SDN controller from a second network provisioning application associated with a second platform manager of a second computing platform. The SDN controller compares the provisioning data from the first network provisioning application to the provisioning data from the second network provisioning application to identify provisioning issues. The SDN controller determines a modified provisioning that resolves the provisioning issues. The SDN controller configures the network to comply with the modified provisioning. The modified provisioning is reported to the first and second network provisioning applications.
Latest IBM Patents:
The present invention relates generally to software-defined networking, and more specifically, to a software-defined networking interface between multiple platform managers.
Cloud computing distributes processing across multiple computing resources in a network. Cloud computing typically provides on-demand network access to a shared pool of configurable computing resources (e.g., networks, network bandwidth, servers, processing, memory, storage, applications, virtual machines, and services) that can be rapidly provisioned and released. The computing resources can include a variety of different computing platforms. Computing platforms include server-specific platform managers that locally control provisioning of computing and network resources. Each platform manager typically is customized for the particular hardware and software resources of the computing platform upon which it resides. Platform managers can define allocations for virtual machines, processing resources, memory, input/output flows, bandwidth requirements, and the like.
Platform managers for different computing platforms can include a number of similar functions but are not typically capable of being directly ported across computing platforms. Certain interfacing functions of the platform managers can conflict relative to other platform managers, making computing platform integration difficult particularly in a cloud computing environment.
SUMMARYAn aspect includes a computer-implemented method for a software-defined networking (SDN) interface between multiple platform managers is provided. The method includes receiving, at an SDN controller of a network, provisioning data from a first network provisioning application associated with a first platform manager of a first computing platform. Provisioning data are received at the SDN controller from a second network provisioning application associated with a second platform manager of a second computing platform. The SDN controller compares the provisioning data from the first network provisioning application to the provisioning data from the second network provisioning application to identify provisioning issues. The SDN controller determines a modified provisioning that resolves the provisioning issues. The SDN controller configures the network to comply with the modified provisioning. The modified provisioning is reported to the first and second network provisioning applications.
Another aspect includes a computer-implemented method for a network provisioning application in an SDN controlled network. The method includes providing, by a first network provisioning application associated with a first platform manager of a first computing platform, provisioning data to an SDN controller. A modified provisioning is received at the first computing platform from the SDN controller that resolves provisioning issues between the provisioning data of the first network provisioning application with provisioning data of a second network provisioning application associated with a second platform manager of a second computing platform. The first network provisioning application modifies a network policy of the first platform manager based on the modified provisioning. Resources of the first computing platform are allocated by the first platform manager according to the modified network policy.
A further aspect includes a system for an SDN interface between multiple platform managers. The system includes an SDN controller configured to interface with a first computing platform, a second computing platform, and a plurality of switches in a network. The first computing platform includes a first platform manager and a first network provisioning application, and the second computing platform includes a second platform manager and a second network provisioning application. The SDN controller includes processing circuitry configured to receive provisioning data from the first network provisioning application and the second network provisioning application. The SDN controller is further configured to compare the provisioning data from the first network provisioning application to the provisioning data from the second network provisioning application to identify provisioning issues. The SDN controller is also configured to determine a modified provisioning that resolves the provisioning issues and to configure the network to comply with the modified provisioning. The modified provisioning is reported to the first and second network provisioning applications.
The subject matter which is regarded as embodiments is particularly pointed out and distinctly claimed in the claims at the conclusion of the specification. The forgoing and other features, and advantages of the embodiments are apparent from the following detailed description taken in conjunction with the accompanying drawings in which:
Exemplary embodiments include coordination of network traffic at an application level between two or more separately controlled computing platforms in a software-defined networking (SDN) controlled network. A network provisioning application on a computing platform isolates network-related functionality from a platform manager running on each computing platform. Provisioning data defining network-related functionality is provided from the network provisioning application to a provisioning resolver program operating on an SDN controller which resolves provisioning issues such as duplication or conflicts. Examples include two computing platforms allocating traffic to the same network links or similarly competing for other network resources. The provisioning resolver may also detect and resolve provisioning requests that are incompatible with capabilities of the network (e.g., requesting more bandwidth than can be allocated). The SDN controller determines a modified provisioning, configures the network accordingly, and reports the modified provisioning back to the computing platforms. The computing platforms can then modify their respective network policies and allocate resources accordingly. This overrides the default network policies of the platform managers of the computing platforms to reduce conflicts and optimize performance. Exemplary uses of embodiments can include server mirroring, cross-platform data transfer, cross-platform end-to-end performance monitoring, data center management, and cloud computing.
Rather than requiring platform managers of different computing platform types (e.g., different hardware and operating systems configurations) to know provisioning preferences about each other, the SDN controller acts as a provisioning resolver for the platform managers. The SDN controller can provision and control application-aware network traffic flows in a network in which several applications are running on computing platforms at substantially the same time. The system provides visibility of network traffic flows to SDN control logic, which is a program executed in an SDN controller that allocates bandwidth and resources. The SDN controller can also establish priority on a per-application basis based on flow classification. Header information in network traffic can be used to classify flows based on source, destination, protocol, and other such information.
Turning now to
In exemplary embodiments, the servers 102, also referred as hosts or host systems, are high-speed processing devices (e.g., mainframe computers, desktop computers, laptop computers, hand-held devices, embedded computing devices, or the like) including at least one processing circuit (e.g., a computer processor/CPU) capable of reading and executing instructions, and handling interactions with various components of the system 100. One or more of the servers 102 may be storage system servers configured to access and store large amounts of data.
Multiple links 105 that can collectively form flows may be provided between the servers 102a-d and switches 106a-e. Each of the servers 102a-d can include a computing platform 120 including one or more of: a platform manager 122, a virtual machine 124, an operating system 126, a network provisioning application 128, and network policies 130. Each of the servers 102a-d can also include a plurality of computing resources 132, such as processing resources (e.g., CPUs) 134, memory 136, and network interfaces 138. The network interfaces 138 can include a number of channel adapters and buffers that may impact bandwidth, message sizing, and timing. For purposes of explanation,
Server 102a may be referred to as a first server 102a with a first computing platform 120a, a first platform manager 122a, a first virtual machine 124a, a first operating system 126a, a first network provisioning application 128a, and first network policies 130a. The first server 102a may include first computing resources 132a such as first processing resources 134a, first memory 136a, and first network interfaces 138a. Server 102b may be referred to as a second server 102b with a second computing platform 120b, a second platform manager 122b, a second virtual machine 124b, a second operating system 126b, a second network provisioning application 128b, and second network policies 130b. The second server 102b may include second computing resources 132b such as second processing resources 134b, second memory 136b, and second network interfaces 138b.
In an exemplary embodiment, the servers 102a and 102b are of different types, where the first and second platform managers 122a and 122b apply different and possibly conflicting network management policies 130a and 130b to provisioning resources of the network 101. For instance, the first network provisioning application 128a can access the first network policies 130a and determine network provisioning that complies with the first platform manager 122a, and separately, the second network provisioning application 128b can access the second network policies 130b and determine network provisioning that complies with the second platform manager 122b. The data provisioning associated with the first and second network policies 130a, 130b may conflict or include duplication, such as conflicting flows relative to the servers 102c, 102d or between the servers 102a and 102b. In exemplary embodiments, the network provisioning applications 128a, 128b provide their respective provisioning data to an SDN controller 112 to resolve provisioning issues. The SDN controller 112 returns modified provisioning to the first and second computing platforms 120a, 120b that resolves provisioning issues. The first and second network provisioning applications 128a, 128b can respectively modify the first and second network policies 130b based on the modified provisioning.
The SDN controller 112 is a central software-defined networking controller configured to make routing and data movement decisions within the network 101. The SDN controller 112 establishes secure links 103 to configure the switches 106 and communication properties of links 105 between the switches 106. For example, the SDN controller 112 can configure the switches 106 to control packet routing paths for data flows between the servers 102. The SDN controller 112 can also configure the switches 106 to define flows between the servers 102, virtual machines 124, operating systems 126, and network provisioning applications 128 running on the servers 102. One or more secure links 103 may also be defined between the SDN controller 112 and the servers 102.
The servers 102 and SDN controller 112 can include various computer/communication hardware and software technology known in the art, such as one or more processing units or circuits, volatile and non-volatile memory including removable media, power supplies, network interfaces, support circuitry, operating systems, and the like. Although the SDN controller 112 is depicted as a separate component, it will be understood that SDN controller functionality can alternatively be implemented in one or more of the servers 102.
The network 101 can include a combination of wireless, wired, and/or fiber optic links. The network 101 as depicted in
The secure link interface 204 connects the switch 106 to the SDN controller 112 via a secure link 103 of
The flow table 206 defines supported connection types associated with particular addresses, virtual local area networks or switch ports, for example. A flow may be defined as all network traffic that matches a particular header format, including use of wildcards. Each entry 211 in the flow table 206 can include one or more rules 212, actions 214, and statistics 216 associated with a particular flow. The rules 212 define each flow and can be determined by packet headers. The actions 214 define how packets are processed. The statistics 216 track information such as the size of each flow (e.g., number of bytes), the number of packets for each flow, and time since the last matching packet of the flow or connection time. Examples of actions include instructions for forwarding packets of a flow to one or more specific ports 210a-210n (e.g., unicast or multicast), encapsulating and forwarding packets of a flow to the SDN controller 112 of
The buffers 208a-208n provide temporary storage in queues for flows as network traffic is sent between the ports 210a-210n. In a lossless configuration, rather than dropping packets of network traffic when network congestion is present, the buffers 208a-208n temporarily store packets until the associated ports 210a-210n and links 105 of
In an exemplary embodiment, in terms of hardware architecture, as shown in
In an exemplary embodiment, a conventional keyboard 350 and mouse 355 or similar devices can be coupled to the input/output controller 335. Alternatively, input may be received via a touch-sensitive or motion sensitive interface (not depicted). The computer 301 can further include a display controller 325 coupled to a display 330.
The processing circuitry 305 is a hardware device for executing software, particularly software stored in storage 320, such as cache storage, or memory 310. The processing circuitry 305 can be any custom made or commercially available computer processor, a central processing unit (CPU), an auxiliary processor among several processors associated with the computer 301, a semiconductor-based microprocessor (in the form of a microchip or chip set), a macro-processor, or generally any device for executing instructions.
The memory 310 can include any one or combination of volatile memory elements (e.g., random access memory (RAM, such as DRAM, SRAM, SDRAM, etc.)) and nonvolatile memory elements (e.g., ROM, erasable programmable read only memory (EPROM), electronically erasable programmable read only memory (EEPROM), flash memory, programmable read only memory (PROM), tape, compact disc read only memory (CD-ROM), disk, hard disk drive, diskette, cartridge, cassette or the like, etc.). Moreover, the memory 310 may incorporate electronic, magnetic, optical, and/or other types of storage media. Accordingly, the memory 310 is an example of a tangible computer readable storage medium upon which instructions executable by the processing circuitry 305 may be embodied as a computer program product. The memory 310 can have a distributed architecture, where various components are situated remote from one another, but can be accessed by the processing circuitry 305.
The instructions in memory 310 may include one or more separate programs, each of which comprises an ordered listing of executable instructions for implementing logical functions. In the example of
In an exemplary embodiment, the computer 301 can further include a network interface 360 for coupling to the secure links 103 of the network 101 of
Upon detecting or receiving network traffic performance metrics from instances of the traffic monitor 220 of
At block 402, a first network provisioning application 128a associated with a first platform manager 122a of a first computing platform 120a provides provisioning data to an SDN controller 112. At block 404, a modified provisioning 314 is received at the first computing platform 120a from the SDN controller 112 that resolves provisioning issues between the provisioning data of the first network provisioning application 128a with provisioning data of a second network provisioning application 128b associated with a second platform manager 122b of a second computing platform 120b. At block 406, the first network provisioning application 128a modifies a network policy (e.g., one or more of the network policies 130a) of the first platform manager 122a based on the modified provisioning 314. At block 408, resources, such as computing resources 132a, of the first computing platform 120a are allocated by the first platform manager 122a according to the modified network policy in the network policies 130a. The process 400 can be performed in parallel at each of the computing platforms 120 to update their respective network policies 130.
The provisioning data can include one or more of: a provisioning for network layer-2 attributes, a provisioning for network layer-3 attributes, a provisioning for network security profiles, a provisioning for network traffic on specific links 105 to support redundancy, and a provisioning for network traffic on specific links 105 to support load balancing. The modified provisioning 314 may define a pooling and virtualization of network resources relative to at least the first and second computing platforms 120a and 120b.
At block 506, the SDN controller 112 compares the provisioning data from the first network provisioning application 128a to the provisioning data from the second network provisioning application 128b to identify provisioning issues. The provisioning issues can include allocating a same link 105 in the network 101 by both the first and second network provisioning applications 128a and 128b. As a further example, the provisioning issues may include allocating at least one network resource beyond a capability supported by the network 101, such as collectively provisioning more bandwidth than can be supported at a particular switch 106.
At block 508, the SDN controller 112 determines a modified provisioning 314 that resolves the provisioning issues. The modified provisioning 314 can include pooling and virtualization of network resources. Pooling of network resources can make unused bandwidth of one or more links 105 available for other flows to use. Virtualization can further partition physical resources to share bandwidth and buffers, for example.
At block 510, the SDN controller 112 configures the network 101 to comply with the modified provisioning 314. Configuring the network 101 can include updating a network topology 318, by the SDN controller 112, to align with the modified provisioning 314. Updates to the network topology 318 are translated into one or more flow tables 316. The one or more flow tables 316 are loaded into one or more associated switches 106 in the network 101. At block 512, the modified provisioning 314 is reported to the first and second network provisioning applications 128a and 128b.
The SDN controller 112 may also receive network traffic performance metrics (e.g., from traffic monitor 220) and determine whether network topology 318 updates are needed based on the network traffic performance metrics. The SDN controller 112 can update the modified provisioning 314 based on determining that updates to the network topology 318 are needed. Updates can include changing assignments of particular ports 210a-n and links 105 between the servers 102. The provisioning resolver 313 can identify one or more network provisioning applications 128 impacted by the update of the modified provisioning 314. The provisioning resolver 313 may report the update of the modified provisioning 314 to the one or more impacted network provisioning applications 128.
Technical effects and benefits include providing a software-defined networking interface between multiple platform managers. The SDN controller leverages its centralized role in creating and managing flows through the network to resolve provisioning conflicts and optimize provisioning of network resources between multiple platform managers in the network.
As will be appreciated by one of average skill in the art, aspects of embodiments may be embodied as a system, method or computer program product. Accordingly, aspects of embodiments may take the form of an entirely hardware embodiment, an entirely software embodiment (including firmware, resident software, micro-code, etc.) or an embodiment combining software and hardware aspects that may all generally be referred to herein as, for example, a “circuit,” “module” or “system.” Furthermore, aspects of embodiments may take the form of a computer program product embodied in one or more computer readable storage device(s) having computer readable program code embodied thereon.
One or more of the capabilities of embodiments can be implemented in software, firmware, hardware, or some combination thereof. Further, one or more of the capabilities can be emulated.
An embodiment may be a computer program product for enabling processor circuits to perform elements of the invention, the computer program product comprising a computer readable storage medium readable by a processing circuit and storing instructions for execution by the processing circuit for performing a method.
The computer readable storage medium (or media), being a tangible, non-transitory, storage medium having instructions recorded thereon for causing a processor circuit to perform a method. The “computer readable storage medium” being non-transitory at least because once the instructions are recorded on the medium, the recorded instructions can be subsequently read one or more times by the processor circuit at times that are independent of the time of recording. The “computer readable storage media” being non-transitory including devices that retain recorded information only while powered (volatile devices) and devices that retain recorded information independently of being powered (non-volatile devices). An example, non-exhaustive list of “non-transitory storage media” includes, but is not limited to, for example: a semi-conductor storage device comprising, for example, a memory array such as a RAM or a memory circuit such as latch having instructions recorded thereon; a mechanically encoded device such as punch-cards or raised structures in a groove having instructions recorded thereon; an optically readable device such as a CD or DVD having instructions recorded thereon; and a magnetic encoded device such as a magnetic tape or a magnetic disk having instructions recorded thereon.
A non-exhaustive list of examples of computer readable storage medium include the following: a portable computer diskette, a hard disk, a random access memory (RAM), a read-only memory (ROM), an erasable programmable read-only memory (EPROM or Flash memory), a portable compact disc read-only memory (CD-ROM). Program code can be distributed to respective computing/processing devices from an external computer or external storage device via a network, for example, the Internet, a local area network, wide area network and/or wireless network. The network may comprise copper transmission cables, optical transmission fibers, wireless transmission, routers, firewalls, switches, gateway computers and/or edge servers. A network adapter card or network interface card in each computing/processing device receives a program from the network and forwards the program for storage in a computer-readable storage device within the respective computing/processing device.
Computer program instructions for carrying out operations for aspects of embodiments may be for example assembler code, machine code, microcode or either source or object code written in any combination of one or more programming languages, including an object oriented programming language such as Java, Smalltalk, C++ or the like and conventional procedural programming languages, such as the “C” programming language or similar programming languages. The program code may execute entirely on the user's computer, partly on the user's computer, as a stand-alone software package, partly on the user's computer and partly on a remote computer or entirely on the remote computer or server. In the latter scenario, the remote computer may be connected to the user's computer through any type of network, including a local area network (LAN) or a wide area network (WAN), or the connection may be made to an external computer (for example, through the Internet using an Internet Service Provider).
Aspects of embodiments are described below with reference to flowchart illustrations and/or block diagrams of methods, apparatus (systems) and computer program products according to embodiments of the invention. It will be understood that each block of the flowchart illustrations and/or block diagrams, and combinations of blocks in the flowchart illustrations and/or block diagrams, can be implemented by computer program instructions.
These computer program instructions may be provided to a processor of a general purpose computer, special purpose computer, or other programmable data processing apparatus to produce a machine, such that the instructions, which execute via the processor of the computer or other programmable data processing apparatus, create means for implementing the functions/acts specified in the flowchart and/or block diagram block or blocks. These computer program instructions may also be stored in a computer readable storage medium that can direct a computer, other programmable data processing apparatus, or other devices to function in a particular.
The computer program instructions may also be loaded onto a computer, other programmable data processing apparatus, or other devices to cause a series of operational steps to be performed on the computer, other programmable apparatus or other devices to produce a computer implemented process such that the instructions which execute on the computer or other programmable apparatus provide processes for implementing the functions/acts specified in the flowchart and/or block diagram block or blocks.
The flowchart and block diagrams in the Figures illustrate the architecture, functionality, and operation of possible implementations of systems, methods and computer program products according to various embodiments. In this regard, each block in the flowchart or block diagrams may represent a module, segment, or portion of code, which comprises one or more executable instructions for implementing the specified logical function(s). It should also be noted that, in some alternative implementations, the functions noted in the block may occur out of the order noted in the figures. For example, two blocks shown in succession may, in fact, be executed substantially concurrently, or the blocks may sometimes be executed in the reverse order, depending upon the functionality involved. It will also be noted that each block of the block diagrams and/or flowchart illustration, and combinations of blocks in the block diagrams and/or flowchart illustration, can be implemented by special purpose hardware-based systems that perform the specified functions or acts, or combinations of special purpose hardware and computer instructions.
Claims
1.-11. (canceled)
12. A system for a software-defined networking (SDN) interface between multiple platform managers, the system comprising:
- an SDN controller configured to interface with a first computing platform, a second computing platform, and a plurality of switches in a network, the first computing platform comprising a first platform manager, a first network provisioning application, and a first network policy defined to accommodate a first computing resource allocation of the first platform manager, the second computing platform comprising a second platform manager, a second network provisioning application, a second network policy defined to accommodate a second computing resource allocation of the second platform manager, and the SDN controller comprising processing circuitry configured to perform a method comprising: receiving, at the SDN controller, provisioning data from the first network provisioning application based on the first network policy; receiving, at the SDN controller, provisioning data from the second network provisioning application based on the second network policy; comparing, by the SDN controller, the provisioning data from the first network provisioning application to the provisioning data from the second network provisioning application to identify provisioning issues; determining, by the SDN controller, a modified provisioning that resolves the provisioning issues; configuring the network, by the SDN controller, to comply with the modified provisioning; and reporting the modified provisioning to the first and second network provisioning applications to modify the first computing resource allocation according to a modification of the first network policy based on the modified provisioning and modify the second computing resource allocation according to a modification of the second network policy based on the modified provisioning.
13. The system of claim 12, wherein the provisioning issues include allocating a same link in the network by both the first and second network provisioning applications.
14. The system of claim 12, wherein the provisioning issues include allocating at least one network resource beyond a capability supported by the network.
15. The system of claim 12, wherein configuring the network further comprises:
- updating a network topology, by the SDN controller, to align with the modified provisioning;
- translating updates to the network topology into one or more flow tables; and
- loading the one or more flow tables into one or more associated switches in the network.
16. The system of claim 12, wherein the SDN controller is further configured to perform:
- receiving network traffic performance metrics at the SDN controller;
- determining, by the SDN controller, whether network topology updates are needed based on the network traffic performance metrics; and
- updating the modified provisioning, by the SDN controller, based on determining that updates to the network topology are needed.
17. The system of claim 16, wherein the SDN controller is further configured to perform:
- identifying one or more network provisioning applications impacted by the update of the modified provisioning; and
- reporting the update of the modified provisioning to the one or more impacted network provisioning applications.
18. The system of claim 12, wherein the modified provisioning comprises pooling and virtualization of network resources.
19. The system of claim 12, wherein the first computing platform is further configured to perform:
- providing the provisioning data to the SDN controller;
- receiving the modified provisioning from the SDN controller;
- modifying the first network policy of the first platform manager based on the modified provisioning; and
- performing a modification of the first computing resources allocation of the first computing platform by the first platform manager according to the modified network policy as one of a processing resource and memory allocation adjustment.
20. The system of claim 12, wherein the provisioning data from the first and second network provisioning applications comprises one or more of:
- a provisioning for network layer-2 attributes;
- a provisioning for network layer-3 attributes;
- a provisioning for network security profiles;
- a provisioning for network traffic on specific links to support redundancy; and
- a provisioning for network traffic on specific links to support load balancing.
21. The system of claim 16, wherein the SDN controller further comprises:
- a match action table comprising a plurality of time-based rules to shift data flow bandwidth between the first computing platform and the second computing platform based on expected shifts in peak operating demands, wherein the match action table is adjusted based on the network traffic performance metrics.
Type: Application
Filed: Dec 13, 2013
Publication Date: Jun 18, 2015
Patent Grant number: 9270612
Applicant: International Business Machines Corporation (Armonk, NY)
Inventors: Casimer M. DeCusatis (Poughkeepsie, NY), Rajaram B. Krishnamurthy (Wappingers Falls, NY)
Application Number: 14/105,247