© 2009 voltaire inc.1 fabric management in vm environment marina lipshteyn, voltaire

© 2009 Voltaire Inc. 1

Fabric Management in Fabric Management in VM environmentVM environment

Marina Lipshteyn, Voltaire


Existing approach is to have port profile manager

Port ProfileManager

ExternalSwitch

OS/Hypervisor Manager

IEEE 802.1x / EAPOL

RADIUS


Active Fabric Manager role

► Discovery• Discovery of virtual/physical switches, VEPA elements and their capabilities

• Discovery of physical and/or logical topology

► Policy/Configuration repository (eg. maintain port profile and states, endpoint authentication)

► Resource Management:• Distribute policy across resources to meet the requirements specified in high

level and drive security, QoS configurations in individual elements.

For example: if there is a rate limiter both in the NIC and on the switches, determine the appropriate place for configuration.

• Resource allocation and validation Resource management: eg. total number of ACLs supported by each device. Verification that the CIR traffic can be committed.

► Monitoring• Distributed monitoring of physical/virtual elements

• Notifications and reporting of various fabric events (eg. migration )


Example: VM migration

► VM migrates to a different physical machine.

► VM has a port profile which now is used to register at the new machine.

► ACLs should be configured at the new ingress point and should be removed from the old ingress point.

► However, the number of supported ACLs on the new ingress point now exceeds the limit (ACL compiler implementation dependent).

► The migration can not be done - invalid status must be propagated.

► Validation should be done by fabric manager.


Actors and Interactions

Server/VM Manager

Port/Fabric Manager

Service Automation & Orchestration, Admins

Set server/app policySet vep/fabric policy ,placement validationReporting & monitoring

Set/get (vm-nic) group policy, associations

switchesHypervisors

Discovery* (LLDP), State change requests

Storage, license, .. managers

Discovery* (LLDP/SNMP)push (switch) policyChange requestsMonitoring* (SNMP,..)

Deploy, migrate, ..

* Current MIBs and mechanisms are associated with physical interfaces, may need to be

extended

Push/get policy

State notifications, associations

Get policy,Notifications


VM is registered at the new location – current passive Fabric Manager

Server/VM Manager

Port/Fabric Manager


switches

Hypervisors

4

1

Register VM

Register VMwith the policy

6

2Get vm-nic side policy by profile id

3Configuration policy

Get switchconfiguration

5 associate

NO validation ofFabric resources is done.

8 Ack/ nack

7


VM is registered at the new location – active Fabric Manager with validation

Server/VM Manager

Port/Fabric Manager


switches

Hypervisors

1

Validate/placement filter of VM connectivity requirements

INVALID!

2


VM is registered at the new location – active Fabric Manager

Server/VM Manager

Port/Fabric Manager


switches

Hypervisors

23

Register VM

Register VMwith the policy

Validate VM connectivity requirements

1

VALID

Get vm-nic policy by profile id

5

Configuration policy

67 4

associate8

Push switch policy

9 Ack/nack


Vport admin status down – can be Fabric Manager action

Server/VM Manager

Port/Fabric Manager


switches

Hypervisors

2

1

Vport down

Vport down

Vport down3

Find the relevant elements


Mirroring of a Vport – active Fabric Manager role

Server/VM Manager

Port/Fabric Manager


switchesHypervisors

Mirror Vport1

2Configure mirrorring

Find the relevant elements


Conclusion

► Previous examples show why Fabric Manager can not be static repository but requires dynamic behavior.

► Define API to Fabric Manager that enables set/get/validate of the policy, topology and capability discovery, state/configuration propagation.

© 2009 voltaire inc.1 fabric management in vm environment marina lipshteyn, voltaire

Documents