Tip

Network consolidation and virtualization solve management problems

Network consolidation can help a virtual infrastructure run more efficiently and cost-effectively. With consolidation, administrators can have fewer network peripherals

    Requires Free Membership to View

and ports to purchase and manage -- while boosting network and server performance. But network consolidation comes with potential downsides, such as security concerns.

The first of this two-part series on network design principles for virtualization focused on server virtualization hardware and storage protocols. Now, in part two, I discuss the pros and cons of network consolidation and virtualization.

Converged network adapters bring network consolidation

More network consolidation and virtualization resources
Benefits of server consolidation for energy efficiency

Green networking services guide

Server consolidation and virtualization project planning guide

 Converged network adapters (CNAs) are new to the virtualization landscape and provide I/O and network consolidation. A CNA stacks Ethernet and storage protocols into one adapter on the virtualization host, reducing the amount of equipment you need to purchase and manage.

One CNA, for example, can perform the duty of being an Ethernet interface (up to 10 GB) on which the iSCSI storage protocol and Fibre Channel over Ethernet (FCoE) connectivity can also be used. Architecturally, the CNA consolidates endpoint connectivity on a server and its associated switch infrastructure.

If a virtualization host uses a CNA for connecting to each Fibre Channel, Ethernet and iSCSI storage network, there would be one device installed either as a dual-port unit or two single-port units for redundancy. And there would be converged switches instead of separate storage switches for Fibre Channel and networking.

Network consolidation and virtualization product overview

Hewlett-Packard Co. and Cisco Systems Inc. have recently released products to help address I/O connectivity requirements for large virtualization installations. Cisco Systems Inc.'s Unified Computing System uses fabric interconnects and fabric extenders to the virtualization host to get around the centralized switching component requirement. Figure 1 shows the Cisco architecture:


Figure 1 (Click thumbnail for enlarged image.)

HP Flex Fabric consolidates Ethernet, Virtual Ethernet Port Aggregation, FCoE and Converged Enhanced Ethernet -- arguably a more attractive long-term offering, thanks to the popularity of HP ProLiant servers for virtualization hosts. When it comes to blade servers for virtualization hosts, role, HP VirtualConnect reduces connectivity requirements.

InfiniBand technologies are another option for network consolidation and virtualization. They use high-performing media to consolidate storage and networking and have been in the market longer than the above-mentioned products from Cisco and HP.

For VMware virtualization, administrators who want to minimize cabling to virtualization hosts or need to consolidate their switching infrastructure have several options. One key player is the Xsigo Systems Inc.'s I/O Director, which connects the VMware host via the InfiniBand interface and can provision numerous resources.

Xsigo I/O Director has 15 slots to provision up to 24 InfiniBand ports. Depending on the number of hosts and desired interfaces, it can consolidate I/O enough to reduce costs. For VMware installations, I/O Director also lets you manage the provisioning of VMware network interface controller (vmnic) and VMware host bus adapter (vmhba) resources from within the vSphere Client.

Network consolidation security concerns

For the virtualization purist, consolidating I/O through unified fabrics or CNAs is great, because it reduces device and cabling requirements and utilizes more of the provisioned infrastructure. This bang for the buck is nice, but when one media is responsible for transporting all the critical protocols, security issues come into play.

On several occasions, guests have discussed these concerns during the "Virtualization Security Round Table Podcast." These podcasts dissect what virtualized I/O really means from a security perspective. Fully separating security and management zones in both networking and storage is critical.

Despite these security concerns, the good news is that as you design a virtualized infrastructure, there are plenty of options. Generally speaking, you should consider these factors when selecting networking equipment for your virtualization environment:

  • Security requirements
  • Cost
  • Number of I/O points
  • Performance requirements
  • Manageability

Server manufacturers have done a favor for most virtualization administrators by installing four built-in interfaces. In many situations, these interfaces provide adequate networking for virtualization hosts.

About the author

 

Rick Vanover, VCP, MCITP, MCTS, MCSA, is an IT infrastructure manager for Alliance Data in Columbus, Ohio. He is an IT veteran specializing in virtualization, server hardware, operating system support and technology management. Email him at vanover-rick@usa.net.


This was first published in February 2010

There are Comments. Add yours.

 
TIP: Want to include a code block in your comment? Use <pre> or <code> tags around the desired text. Ex: <code>insert code</code>

REGISTER or login:

Forgot Password?
By submitting you agree to receive email from TechTarget and its partners. If you reside outside of the United States, you consent to having your personal data transferred to and processed in the United States. Privacy
Sort by: OldestNewest

Forgot Password?

No problem! Submit your e-mail address below. We'll send you an email containing your password.

Your password has been sent to:

Disclaimer: Our Tips Exchange is a forum for you to share technical advice and expertise with your peers and to learn from other enterprise IT professionals. TechTarget provides the infrastructure to facilitate this sharing of information. However, we cannot guarantee the accuracy or validity of the material submitted. You agree that your use of the Ask The Expert services and your reliance on any questions, answers, information or other materials received through this Web site is at your own risk.