Behind a series of disruptive technological innovations such as cloud computing, artificial intelligence, and big data platforms, the value of software has never been pushed to the peak. "Software devours everything" is prevalent in the entire IT industry, a network that has been deposited for decades. Also not spared. Major standards organizations and academics are scrambling to develop network industry standards, trying to break the technical limitations and commercial barriers of traditional networks, using standard software to define functions, and using common hardware to carry software, ultimately bringing convenience and interoperability to users. A new generation of network solutions that are upgraded and upgraded with high levels of sustainability.
SDN emerged as the times require, decoupling the network control plane and the forwarding plane, replacing the original distributed control with a relatively centralized controller, and implementing "software definition" through an open programmable interface. This programmable network architecture feature provides more possibilities for the design, management, and use of network resources, making it easier to drive the transformation and development of the entire network.
Shanda Games has been promoting the development of the game industry by adopting advanced cloud computing technology to create a domestic first-class private cloud platform G Cloud 1.0. With the rapid changes in the game operating environment, in order to carry a complex business system and online game operation system, Shanda Games hopes to keep up with the industry technology development trend and reconstruct the entire game hybrid cloud network architecture.
In the process of designing the grand game G cloud 2.0 network, it is required to fully consider the versatility and ease of use of Shanda's game system architecture, and at the same time, it needs to customize the architecture for the particularity of the game industry, such as network delay, elastic expansion, security, etc. Design, so the new network architecture must focus on the following:
Standard and open: Whether it is a physical network or a virtualized network, it must adopt the relatively standard networking model and network protocol of the industry, taking into account the openness and interoperability, realize the modular design of the network, and provide a standardized model for the evolution of the platform in the future;
Flexible scalability: Overlay VxLAN technology needs to be introduced to replace the original VLAN to more flexibly support the cloud host's network requirements, including: hot migration, tenant isolation, multi-tenancy, etc.
High performance: For virtualized network overlays, the stringent requirements for network latency in game scenarios must be met. The VPC network needs to meet the high-throughput and low-latency network interworking requirements between the cloud hosts (virtual machines and physical machines) of the tenant;
High reliability: Regardless of the Underlay network or the SDN controller, it is necessary to fully consider the single point of failure and HA and other mechanisms to ensure the high reliability requirements of the entire network 7 x 24 hours;
Decoupling: Decoupling of the control and forwarding planes, as well as decoupling of virtualized networks and physical devices, in order to achieve flexible access and hot migration of cloud hosts;
Automation: Introduce SDN controllers to implement centralized management of tenant network VPCs, and support rapid deployment and flexible expansion of physical networks and virtualized networks.
Shanda Games introduces Sihua ExpressNET
SDN products create a new generation of hybrid cloud network architecture
After the full analysis and demonstration work of both parties, the company introduced the Shengke SDN white-label switch as the network bearer (while supporting Huawei and other data center switches), and Sihua Technology ExpressNET is the control plane. The solution does not rigidly adopt the pure OpenFlow method, but adopts the combination of the data center switch supporting VxLAN and the open API. The network device provides a flexible API for the SDN controller (ExpressNET) call of Sihua, Sihua The overall architecture of ExpressNET is shown below:
<Figure 1: Sihua ExpressNET overall architecture>
The overall network deployment architecture of Shanda Games G Cloud 2.0 is shown below:
<Figure 2: G Cloud 2.0 Network Deployment Architecture>
Sihua ExpressNET network platform provides the necessary physical and virtual network environment for cloud host and bare metal, including but not limited to: two or three layers of east-west access to VPC, north-south to public network access, virtual machine and physical machine access, cross-cloud cross IDC access, etc., while the VPC is used as a unit to securely isolate tenants and public network QoS restrictions. The entire network architecture mainly includes the following components and their functional characteristics:
1. Clos IP Fabric consists of programmable standard network hardware devices (such as Shengke E series, Huawei CloudEngine series, etc.): It undertakes the entire underlay network function and provides a solid network foundation for the upper layer virtualized network. At the same time, as the endpoint of VxLAN, it provides high-performance VTEP tunnel termination. The architecture is characterized by simple operation and maintenance, equivalent multipath, horizontal expansion and programmability, and has been widely accepted by Internet companies, data centers and traditional enterprise IT;
2. Sihua ExpressNET distributed controller located at each computing node and Neutron node: as the control plane of the virtualized network, which is especially important for Sihua ExpressNET, it provides functions such as Layer 2 and Layer 3 network, DHCP, NAT, QoS, ARP Proxy, etc. Each function is implemented by App Plugin and is easy to expand. The advantage of using a distributed controller is that it eliminates a single point of failure, guarantees performance, and takes into account the design concept of SDN, and decouples the control and forwarding planes;
3. Sihua ExpressNET switch controller located at the Neutron node: This controller is responsible for controlling the Underlay network device through vendor-defined RPC or standard NetConf protocol, thus opening up the control plane of the virtual and physical network, truly realizing the virtual and real network. Combination and linkage;
4. Open vSwitch (hereinafter referred to as OVS) at each compute node: provides an efficient network forwarding plane in the form of OpenFlow flow table, and supports Intel DPDK extension to meet future performance requirements;
5. VxLAN tunnel encapsulation technology is used to provide tenant VPC virtualized network: not only realizes the second/third layer network connection of virtual machine to virtual machine, but also realizes the second/third layer direct communication of virtual machine to bare metal in VPC, and G cloud 2.0 Direct connection to the IDC under the subscriber line, each VPC is safely isolated;
6. Considering the limitation of Host VxLAN performance, VxLAN Offloading technology is used to move VxLAN to/from the physical switch ToR, which not only improves network throughput, reduces network latency, but also reserves valuable host computing resources. Cloud host.
ExpressNET, redefining the network
At the beginning of the network design, it fully analyzed some defects and shortcomings of OpenStack's native Neutron network architecture. Based on the compatibility with Neutron ML2 Framework, it introduced the existing open source projects on the market and introduced Sihua ExpressNET to replace the original Neutron network solution. To make up for the shortcomings of the original program, mainly reflected in the following aspects:
1. ExpressNET implements distributed DHCP with OpenFlow flow table instead of centralized DHCP: OpenStack native model design will cause a lot of resource occupation and single point of failure risk on Neutron nodes, for example, there are 100 tenants, each with 100 subnets. , then maintain 100 x 100 = 10,000 DHCP processes on the Neutron node, consume a lot of CPU resources, and increase the difficulty of maintenance and troubleshooting.
<Illustration 3: OpenStack native centralized DHCP model>
Sihua ExpressNET solution uses OVS OpenFlow flow table to distribute DHCP function to each computing node, which not only avoids single point of failure, but also reduces the consumption of computing resources, simplifies system deployment and reduces the difficulty of operation and maintenance troubleshooting.
<Figure 4: Sihua Express NET Distributed DHCP Model>
2. The distributed vRouter and DNAT implemented by ExpressNET in the OpenFlow flow table mode replace the native Neutron vRouter model. OpenStack's native Neutron has two vRouter models: one is the centralized vRouter implementation of the earlier version. All Layer 3 traffic in this model passes through the virtual router at the Neutron node (implemented through the network Namespace), which not only increases the network single point. Faults, limited network throughput, and increased network latency, as shown in the following figure:
<Figure 5: OpenStack native centralized vRouter>
Then OpenStack proposed the concept of distributed vRouter or DVR. On the compute nodes, create multiple Namespaces for tenants and install corresponding routes as tenant localized vRouters. Although this solution solves some problems of centralized models to some extent, However, because it still uses the implementation of Namespace, it not only consumes a large amount of CPU resources of the computing node, but also the public IP address (for Floating IP Namespace), and does not reduce the network delay and troubleshooting difficulty, as shown in the following figure:
<Figure 6: OpenStack native distributed vRouter>
In the case of Shanda Games, Sihua ExpressNET has L2/L3 and DNAT App Plugin, which enables the local controllers at each compute node to provide control plane functions such as routing and address translation, and implement the forwarding plane function in combination with the OVS OpenFlow flow table. It not only effectively solves many problems brought by centralized routing, but also reduces complexity, improves network resiliency, frees up local computing resources, reduces waste of public network IP addresses, and reduces network latency, as shown in the following figure:
<Figure 7: Sihua ExpressNET implements distributed vRouter in OVS flow table mode>
3. ExpressNET supports multiple Elastic IP Pools: The native OpenStack cannot support multiple external network functions, which makes the platform unable to use multiple public IP network segments, which increases the difficulty of actual network deployment. As shown in the following figure, after applying for multiple public network segments, the virtual machine VM1 cannot apply for address segments other than the default public network segment Pool 1, such as EIP Pool 2 & Pool 3, due to OpenStack restrictions. Virtual machine a public network EIP):
<Figure 8: OpenStack native single external network limit>
Sihua ExpressNET removes this limitation and adds corresponding protection mechanisms, enabling the platform to associate any available public address segment with a distributed router, greatly reducing the need for an IDC network. As shown in the following figure, after the platform administrator creates additional extranets and network segments (External Network 2 & 3), tenants can randomly pick out a public IP from EIP Pool 1, 2 &3 in the console, and bind them. To its designated virtual or physical machine
<Figure 9: Sihua ExpressNET cancels restrictions and supports multiple public network segments>
4. ExpressNET extends OpenStack network function and supports VPC and offline IDC interconnection. In the case of Shanda Games, it is necessary to consider the interconnection between users' cloud resources and the original IDC. The typical application scenario is that each studio or technical department is in the original. The Legacy system in the platform has new services running on G Cloud 2.0, while the new and old systems require Layer 2 or Layer 3 network direct access without NAT. As shown in the following figure, Sihua ExpressNET solution utilizes the distributed virtual router and the underlying Underlay network equipment to realize the direct communication between the VPC on the cloud and the IDC under the cloud without NAT conversion. The virtual machine or physical machine on the cloud can directly access the grand game. The IP of the original Legacy system not only satisfies the user's original usage habits, but also reduces the complexity of the cloud, while ensuring the continuity and transparency of the network.
<Figure 10: Sihua ExpressNET realizes VPC and offline IDC interconnection>
5, ExpressNET supports VPC Peering across IDC: Although this demand is not very strong in the Shanda cloud platform, with the provision of multiple IDC services, some platform users hope to interoperate with VPCs scattered around IDC. It is also a VPC Peering network service launched by many public clouds such as AWS and Alibaba Cloud. The corresponding solution can be based on the previous AWS or Alibaba Cloud as the user VPC, deploying the corresponding software VPN gateway to achieve VPC interconnection, but the disadvantage is that the user participation is too high, the deployment scheme is complex, and performance is limited. With reference to the latest Alibaba Cloud and AWS VPC Peering high-speed interconnection solutions, relying on the original intranet resources of Shanda Games, Sihua ExpressNET creates a new static/dynamic routing protocol in the virtual router and combines with external network devices to create a High performance, highly scalable DCI (Data Center Interconnect) network. The network devices between the data centers implement the control plane by means of mature BGP-EVPN technology, and still use VxLAN as the forwarding plane to ensure the consistency of the entire design.
<Figure 11: Sihua ExpressNET implements VPC Peering across IDC>
After the introduction of Sihua Technology ExpressNET SDN solution, Shanda Games G Cloud 2.0 network platform SDN not only harvests data center, infrastructure, but services and functions including Shanda game scenarios, all under the general policy framework. Enable efficient, reliable, and secure operations for seamless mobility and seamless workload migration.
Yinghua, director of the Shanda Game Technology Platform Center, said, “At the beginning of the construction of G Cloud 2.0, we also analyzed and referenced many SDN technologies on the market, including the original Neutron. There are some defects and shortcomings, and considering that it is single. The risk of the manufacturer binding from software to hardware. Finally, we decided to choose Sihua ExpressNET as the network architecture of G Cloud 2.0, mainly focusing on the combination of SDN white card switch and open API. Each IDC can choose different manufacturers. The network equipment effectively reduces the dependence on a single hardware manufacturer. Together with Sihua's years of technology accumulation, it can provide customized SDN development services for Shanda Games, and is our long-term trusted partner."
Iphone Screen Protector,Tempered Glass,Privacy Tempered Glass,Hydrogel Screen
Shenzhen TUOLI Electronic Technology Co., Ltd. , https://www.szhydrogelprotector.com