2. Goals and Non-Goals
Goals of the Presentation:
Describe the factors that currently impact application delivery
Describe how factors such as virtualization and cloud computing
are dramatically impacting application delivery
Highlight Interop sessions that provide
greater detail
Non-Goals:
Read every bullet on every slide
2 .
4. The Goals of Application
Delivery
Ensure that the applications that an
organization utilizes:
Are cost effective
Have appropriate security protection
Are manageable
Exhibit acceptable performance
.
5. Factors That Make Application
Delivery Difficult Today
•Consolidation of IT resources
•Distribution of employees
•Deployment of protocols & applications:
Chatty; e.g., CIFS
Computationally intense; e.g., SSL*
Delay sensitive; e.g. VoIP
•The prevalence of hacking
*A Comparison of ADCs, Wed. 2:00 to 3:00
.
6. Factors That Make Application
Delivery Difficult Today
•Applications have different
characteristics
•Lack of visibility
•Stovepipes & MTTI
•Complexity n-tier
applications
.
7. Traditional Complex N-Tier IT
Environment
End Users Web Application
Servers Servers
End LAN WAN ADC Web Servers Application Database
Database
Users Servers
Servers Servers
ADC refers to an Application Delivery Controller
7 .
8. Application and Infrastructure
Complexity Increases The
•Probability of a performance problem
•Time to identify the root cause of
performance problems
•Probability of a security intrusion
•Difficulty of real-time tracking of routing and
traffic flow changes*
*Breakthrough Network Technologies, Wed. 11:30 to 12:30
.
10. Drivers of Application
Delivery 2.0
•Focus on SLAs
•Mobility
•Technology & Vendor
Convergence
•Security
•Virtualization
•Cloud Computing
.
11. Internal SLAs for
Applications
• SLAs for a handful of key applications
• Usually weak & difficult to manage
• Map the business critical applications to the relevant
IT components.
• Quantify how the infrastructure impacts the
applications.
• Employ predictive and proactive monitoring.
• Implement rapid root cause analysis
capabilities.
.
12. Drivers of Application
Delivery 2.0
•Focus on SLAs
•Mobility
•Technology & Vendor
Convergence
•Security
•Virtualization
•Cloud Computing
.
13. Mobility
•Natural extension of the movement to
decentralize employees.
•Expected to have 1 billion mobile
workers by 2011
•Many are running delay sensitive,
business applications
•One challenge: wireless packet loss
.
14. Maximum TCP Throughput on a
Single Session1
MSS: Maximum Segment Size
RTT: Round Trip Time
P: Packet Loss
! Goodput decreases as round trip time and packet loss increases !
1:The Macroscopic behavior of TCP congestion avoidance algorithms by Mathis, Semke,
Mahdavi and Ott in Computer Communication Review, 27(3), July 1997
.
15. Impact of Packet Loss on Goodput:
MSS = 1,420 bytes
4 0 .0
3 0 .0
Max Thruput (Mbps)
100m s
2 0 .0 50m s
10m s
1 0 .0
0 .0
0%
0%
0%
0%
0%
0%
0%
0%
0%
%
00
00
00
00
50
10
20
01
02
05
.0
2.
5.
0.
1.
0.
0.
0.
0.
0.
10
P a c k e t L o s s P r o b a b ility
.
16. Drivers of Application
Delivery 2.0
•Focus on SLAs
•Mobility
•Technology & Vendor
Convergence
•Security
•Virtualization
•Cloud Computing
.
17. Technology & Vendor
Convergence
•Avaya vs. Cisco and now Microsoft
•Fibre channel over Ethernet*
•Switching and Servers*
Pros: Potential for greater efficiency
Cons: Management, single vendor, embryonic
technology, organizational impact
*Why Networking Must Fundamentally Change (Tuesday,
2:45 to 5:00); Breakthrough Network Technologies
(Wednesday, 11:30 to 12:30)
.
18. Drivers of Application
Delivery 2.0
•Focus on SLAs
•Mobility
•Technology & Vendor
Convergence
•Security
•Virtualization
•Cloud Computing
.
19. Computer Crime: More Organized
and More Sophisticated
• In 2009 the top DDoS attack was 49 Gbps.
• Global damage from data loss exceeds $1
trillion.
• Credit card fraud is now a “cash cow” and
cyber criminals are now focusing on
intellectual property..
• Malware writers now have R&D departments
and test labs.
.
20. Computer Crime: More Organized
and More Sophisticated
• A black market has evolved:
Botnets are available for rent
Malware authors sell their code and provide
support.
• Session: Optimizing the Performance of
Cloud Computing
.
21. Drivers of Application
Delivery 2.0
•Focus on SLAs
•Mobility
•Technology & Vendor
Convergence
•Security
•Virtualization
•Cloud Computing
.
22. Virtualization Defined
• Virtualization typically involves a logical
abstraction of physical systems.
• Sometimes virtualization allows one of the
following:
A single physical system to be partitioned to appear as
multiple independent logical systems.
Multiple physical systems to appear as single logical
system
.
23. What is Being Virtualized
•Servers •I/O
•Storage •Switches
•Desktops •Routers
•Applications •Firewalls
•WANs •WOCs
•LANs •ADCs
•……. •…….
.
24. Virtual Appliances*
•A Virtual Appliance (VA) is based on network
appliance software, together with its operating
system.
•A VA often runs in a virtual machine (VM)
over the hypervisor in a virtualized server.
•A VA can include WOCs, ADCs, firewalls,
routers, switches and performance monitoring
solutions among others.
*Tuesday, 11:30 to 12:30, “The Emergence of Virtualized
Application Delivery Appliances”
.
25. Virtual Desktops
•A VM on a data center server hosts a complete user
desktop.
•The enterprise desktop is isolated from whatever else
is running on the PC.
•Client-side virtualization – applications are delivered
to the end system, often using a protocol such as
CIFS.
•Server-side virtualization – the application and the
data remain at the central side and are accessed using
protocols such as Microsoft’s Remote Desktop
Protocol (RDP), Citrix’s ICA, and/or Teradici’s
PCoIP.
.
26. The Challenges of
Virtual Desktops*
•An increased focus on the data center.
•Virtual desktop systems need to be tightly integrated with
policy management systems and user authorization.
•Delivering acceptable application performance to the
virtual desktop over the WAN.
•The inefficiencies associated with LAN-centric remote
display protocols, such as RDP, ICA and PCoIP.
*Thursday, 9:00 to 10:00, “What Virtualization Means to the
Branch Office”
.
27. Virtual Servers
Application Application
1 N
Guest OS 1 Guest OS N
…
Virtual Virtual
Machine 1 Machine N
VM Monitor/Hypervisor
Physical Machine
.
28. Layer 2 Support for VM
Migration*
•Source and destination servers have to be on the
same:
VM migration VLAN
VM management VLAN
Data VLAN.
•VMotion requires 622 Mbps/1 Gbps of
WAN/LAN bandwidth and no more than 5 ms of
roundtrip delay
* Why Networking Must Fundamentally Change
(Tuesday, 2:45 to 5:00); Breakthrough Network
Technologies (Wednesday, 11:30 to 12:30)
.
29. 5 ms is Not Much Time
•Speed of light in a vacuum: 186,000 mph
•Speed of light in copper/fiber: 120,000
mph
•In 5 ms, light travels 600 miles
•Hence, the data centers can be 300 miles
apart if……………
.
30. Layer 3 Support for VM
Migration
•If user traffic to the VM transits a Layer
3 network, then granular routes need to
be advertised by the destination data
center.
•The IP addresses of the default gateways
of the data subnets in the primary and
secondary data centers need to be
identical.
.
31. Layer 3 Support for VM
Migration
•If remote clients are accessing a VM that is
front ended by a load balancer, DNS has to
return the virtual IP address of the load
balancer where the VM is moved to.
•The configurations of the DHCP server,
DNS server, load balancer and virtual
server management systems must be
synchronized.
.
32. Dynamic Infrastructure
Management
•Where DNS, DHCP and IPAM share
a common database:
Automatically generate addresses for new VMs
Automatic allocation of subnets for new VLANs
Population of an IP address database with detailed
information about the current location and security
profiles of VMs
.
33. Restrictive Topologies
• Traditional L2/L3
Scale Up
protocols (spanning
Core L3
tree,..) pick only one
Switches path between any two
Low throughput
High latency
endpoints leading to
Edge L2
Switches
low and uneven link
utilizations
TOR L2
Switches Subnet
B
Server • VM live migration
Racks Subnet
A
from one VLAN/subnet
to another encounters
higher latency and
.
lower link throughput
34. Traditional Control
Plane
•Traditional L2/L3 networks integrate control
plane into hardware => lack of control over how
the data center network routes traffic
•Trend to move this control into the operator’s
hands via policy based routing
•Similar to what happened in the compute and
storage substrates, the network substrate may
eventually get commoditized and virtualized
.
35. Distributed Virtual
Switching (DVS)
•First generation of virtualized server came with a
vSwitch.
•It have an integrated data and control plane
integrated in software.
•With DVS the data and control planes are
separate.
•The data plane of multiple vSwitch can be
controlled by an external management system
that integrates the control plane.
.
36. Advantages of DVS
•Can have consistent networking feature set
and provisioning process from core to VM.
•Enables the network organization to
manage the vSwitches.
•Can provide visibility into inter-VM
traffic.
•Makes it easier to transfer QoS and switch
resident policies as part of VM migration.
.
37. Other Management Challenges
with Server Virtualization*
•VM sprawl
•The automatic creation and/or movement of a VM
requires ensuring the VM has the appropriate
security, storage access, and QoS configurations and
policies applied.
•Loss of insight into inter-VM traffic
•Perform management tasks such as discovery and
troubleshooting on a per VM basis.
*On Wednesday, the virtualization track focuses on
management
.
38. Virtual Data Center: Now The
ADC Each Server is on a VM
End Users Web Application
Servers Servers
End LAN WAN ADC Web Servers Application Database
Database
Users Servers
Servers Servers
38 .
39. Application Delivery 2.0
Troubleshooting
•The application sporadically exhibits
poor performance
•Because they have no inter-VM
visibility, it takes a while to realize that
the application server sporadically
performs badly.
•That, however, is not the root cause!!
.
40. Drivers of Application
Delivery 2.0
•Focus on SLAs
•Mobility
•Technology & Vendor
Convergence
•Security
•Virtualization
•Cloud Computing
.
41. So, what is cloud
computing?
Definition: Depends
upon who you talk to.
Goal: An order of
magnitude
improvement in the
cost-effective, elastic
provisioning of IT
services – which are
good enough.
.
42. Why Care About Cloud
Computing?
Geir Ramleth, CIO of Bechtel,
benchmarked his company:
The price that Amazon charges for storage is one
fortieth his internal cost
He estimated that YouTube spends between $10
and $15 per megabit/second of WAN bandwidth.
He spends $500.
.
43. Cloud: A Lot of Things
Old
•Time sharing
•Virtualized computers
•Out-tasking
•Renting applications
.
44. Cloud: A Few Things
New
•On demand provisioning of IT
resources
•Dynamic Movement of Virtual
Machines
•New implementation
models
.
45. Key Characteristics of a
Cloud Computing Solution
•Centralization of IT resources
•Virtualization of IT resources
• Automation of IT processes
• Simplification of IT services
• Increased reliance on the WAN/Internet
•Continued technology convergence
.
46. Silly Things That Get Said About
Cloud Computing
•Providing IT is like providing electricity
•A ‘pay as you go’ approach saves you money
•You know, it is like Salesforce.com
•You will always save a lot of money
•You no longer need to know how services
are provided
•It is a fundamentally new approach to IT
.
47. Classes of Cloud
Computing
Public
Software as a Service (SaaS)
Infrastructure as a Service (IaaS)
Platform as a Service (PaaS)
Private
Hybrid
.
48. Private Cloud Computing
•IT organizations using the same
techniques in their environment as do
cloud computing service providers.
•Some purists consider this to
be an oxymoron.
.
49. Hybrid Cloud Computing
•A variety of possible models:
Run an application internally and then rent excess
capacity during peak times.
Run some applications entirely internally and access some
others from one or more SaaS providers.
Implement the web tier of an application using a cloud
computing service provider and keep the application and
database tiers internal.
.
50. Challenges of Public
Cloud Computing
•Loss of control
•Sensitive data in the hands of 3rd parties
•Performance issues
•Management challenges
•Less customization
•Interoperability issues
.
51. Challenges of Private
Cloud Computing
•Investment in emerging technologies
•Significant management challenges
•Possible vendor consolidation
•Less customization
•May result in performance issues
.
52. Now Each Server is a VM in Different
Organizational Environments
End Users Web Application
Servers Servers
End LAN WAN ADC Web Servers Application Database
Database
Users Servers
Servers Servers
52 .
53. Managing The Virtualized
Hybrid Cloud*
•Enterprise manages the wired and wireless LANs & branch
office servers.
•The WAN is MPLS from one provider and Internet access
from multiple providers.
•Internet access is both wired and wireless.
•Third party hosts the web access tier in virtualized servers in
multiple data centers.
•Enterprise hosts the application and database servers in
virtualized servers in their primary data center.
*Wednesday, 3:15 to 4:15, “Optimizing the Performance of Cloud Computing”; Thursday,
10:15 to 11:15, “How to Manage in a Public Cloud Computing Environment”
.
55. Summary
•Ensuring acceptable application delivery is
challenging today.
•Virtualization and cloud will dramatically impact
application delivery.
Virtualization comes at a cost
The biggest risks associated with cloud accrue to those who do
nothing.
•IT organizations MUST prepare for the challenges &
solutions associated with Application Delivery 2.0.
.
56. Application Delivery
2.0: Planning
• Plan for virtualization holistically
• Identify what you will provide yourself and what
will be provided by a third party
• Perform due diligence on potential third parties
• Simplify the services and applications you provide
• Standardize the infrastructure
• Converge technologies where appropriate
.
57. Application Delivery 2.0:
Management
•Develop an overall management plan
•Manage over multiple technology domains
•Focus management tasks at the VM level
•Automate processes such as change and
configuration management
•Tightly integrate DNS, DHCP, IPAM
•Evaluate how service providers manage their
services end-to-end
.
58. Application Delivery 2.0:
Control
• Implement distributed security functionality
• Ensure that business managers do not bypass IT
• Guarantee that you can:
Control where your data is stored
Pass compliance audits
Get your data back whenever you want it
• Ensure that any third party provider will:
Keep your data safe from security intrusions
Have adequate disaster recovery capabilities
.
59. Application Delivery 2.0:
Acceleration & Optimization
•Resigned data center LAN – how will you support
virtual servers?
•Is the network “good enough”?
•Increased use of ADCs, WOCs – some of which
are virtualized
•Increased use of Application Delivery Services –
for performance and distributed security
•More distributed access to the Internet
.
60. References
The 2009 Application Delivery Handbook
http://webtorials.com/abstracts/2009-Application-Delivery-
Handbook.htm
A Guide to Understanding Cloud Computing
http://www.webtorials.com/content/2009/11/a-guide-for-
understanding-cloud-computing.html
Cloud Computing: A Guide to Risk Mitigation
http://www.webtorials.com/content/2009/12/cloud-computing-
a-reality-check-guide-to-risk-mitigation.html
The Challenges of Managing Virtualized Server Environments
http://www.ashtonmetzler.com/
.