Service-driven NFV Powered by FusionSphere
Rather than invest in dedicated routers, firewalls, or other special-purpose hardware, network operators can implement these functions with software running on standard NFV Infrastructure (NFVI). NFV leverages IT virtualization technologies to make various types of network devices comply with industry standards. With NFVI in place, operators can run any and all types of NFV-compatible, virtual IT functionality. The functions run on commodity servers and are connected by high-speed switches. Using this approach, network operators can set up a new Virtual Machine (VM) or an entire virtual data center simply by deploying software on the standard infrastructure.
Defined by the NFV standards group under the European Telecommunications Standards Institute (ETSI), a primary NFV advantage is its openness and use of standard hardware, software, and architecture. Because software is decoupled from hardware, network operators have the agility to quickly scale resources up or down. Complementary to Software-Defined Networking (SDN), NFV offers the ultimate versatility in using networking, computing, and storage resources.
Huawei is implementing NFVI using the company’s FusionSphere cloud OS. Huawei’s Virtualized Infrastructure Manager (VIM) is a key part of the NFV Management and Orchestration (MANO) domain that manages and schedules all NFVI resources; maps and links service networks with NFVI resources; and implements Operations Support System (OSS) services. FusionSphere is based on OpenStack, the open-source cloud-computing software platform.
The Ultimate Cloud
Conceived as a virtualization platform for telecom service providers, NFV capabilities are also useful for enterprises operating large networks, and especially those with multiple data centers. The underlying servers, switches, and storage devices can be deployed in data centers, on network nodes, or even as part of Customer Premises Equipment (CPE).
In contrast to conventional clouds, NFV systems must explicitly request and define the topology of CPU, memory, and I/O resources by number, proximity, and availability.
NFV advocates think of it as the ultimate cloud architecture.
Huawei uses the FusionSphere OS to provide a complete NFV management platform. The VIM consists of Huawei OpenStack enterprise edition and FusionManager cloud management system. The enterprise edition of OpenStack — with enhanced reliability, maintainability, and performance — accesses a hypervisor to manage virtual resources and provides standard OpenStack interfaces for third-party integration. FusionManager uses OpenStack northbound interfaces to provide portal functions and native OpenStack interfaces for advanced functions such as service catalogs, capacity management, and fault management.
The Huawei NFVI consists of three parts:
- FusionCompute uses the Linux, open-source Kernel-based Virtual Machine (KVM) to implement compute virtualization.
- FusionStorage virtualization is integrated seamlessly with Cinder, the OpenStack Block Storage service.
- FusionNetwork is an OpenStack-based network virtualization interface that seamlessly integrates with OpenStack’s Neutron network abstraction services.
FusionNetwork supports data plane forwarding to ensure that VM network performance reaches the Network Interface Controller (NIC) line rate. The system supports Virtual Extensible LAN (VxLAN) to increase the number of available Layer 2 networks in the system from 4,096 to 16 million.
Virtual Operating Environment
Versatility is a key aspect of the FusionSphere environment. The Elastic Virtual Switch (EVS) feature brings Virtual Local Area Networks (VLANs) and scalable network functions such as Dynamic Host Configuration Protocol (DHCP) quarantine, bandwidth limiting, and priority settings.
An EVS is deployed on a host to connect host NICs and VM NICs for transmitting data between internal and external networks. EVS port attributes include bandwidth QoS, Layer 2 security, and VLAN Identification.
FusionSphere VMs on the same subnet communicate directly, otherwise via a virtual router. The Huawei solution supports Network-as-a-Service (NaaS) VPN environment for connecting separate networks over a Distributed Virtual Router (DVR) — avoiding Layer 3 traffic detours across the data center — by offloading east-west traffic to the compute node.
FusionSphere also features the ability to perform in-service upgrades without interruption to VM services or networks, as follows:
- The unified upgrade framework enables access to OpenStack, host OS, and hypervisor simultaneously.
- One-click administration tools perform software uploads, VM migrations, system upgrades, confirmations, and rollbacks.
- VMs automatically live-migrated transparently to active services.
- Upgrade procedures include evaluation and confirmation steps to ensure sequential integrity.
FusionSphere leverages OpenStack versatility by centrally managing Application Programming Interface (API) resource pools. A cascaded OpenStack system is able to schedule support for up to 10,000 physical servers and 100,000 virtual machines.
Multiple Private Cloud Tenants
Support for multiple tenants is an expected public cloud capability, though may be useful for any large enterprise private cloud. Virtual Data Centers (VDCs) are a straightforward way for each organization in an enterprise to deliver the differentiated functionality.
The Huawei VDC service provides Data Center-as-a-Service (DCaaS) flexibility for public and private cloud tenants across multiple physical data centers. The VDC resource scheduler will select the most suitable user resources by (among others) geography and Service Level Agreement (SLA).
A VDC is a collection of shared computing, storage, and network resources that provide the following functions:
- NFV techniques are used to virtualize firewalls, load balancers, Layer 2 and layer 3 network devices, DHCP servers, and other VPN devices.
- VDCs make it practical to allocate and secure discrete and isolated compute, storage, and network resources by organization or client.
- Virtual resource allocation can be measured, managed, and traced based on their level of use.
- VDC technology simplifies IT systems by providing automated self-service for VM management and firewall configuration on a unified portal.
Each tenant owns their own private service catalog, global resource view, and independent service approval process. Tenants may also assign development, test, and production departments to different VDCs to guarantee resource isolation and faster on-line services.
FusionSphere resources can be allocated to multiple tenants for own unique public cloud deployments. Tenants can specify and manage their own on-demand resources from the available pool — an advantage for cloud service resellers able to shed VDC Operations and Maintenance (O&M) costs.
Designed for Reliability and Security
To meet telecom operator requirements for maximum uptime and data loss prevention, the FusionSphere NFV solution is designed with multiple levels of computing, storage, and network redundancy.
An OpenStack High Availability (HA) implementation uses active/active or active/standby modes for ensuring reliability. OpenStack ensures database and communications service reliability by providing continuing access to Representational State Transfer (RESTful) API services.
The FusionSphere feature-set employs multiple methods to achieve carrier-grade network and VM continuity.
If a VM is faulty, FusionSphere will first attempt to restart the VM on the local server. Should this fail, the VM will be automatically restarted on an available external server with free space. If a physical node has failed, FusionSphere will automatically restart all affected HA-enabled VMs on other space-available compute nodes. To help O&M personnel locate and rectify complex faults, FusionSphere provides black box, logging, and alarm reporting functions. FusionSphere allows for upgrades and other scheduled maintenance in ways that do not interrupt services.
Carrier-grade network communications reliability is achieved using a multi-plane system that separates management, storage, service, and Intelligent Platform Management Interface (IPMI) functions over discrete VLANs. The management plane transmits RESTful and Remote Procedure Call (RPC) messages between service nodes, and IPMI transmits server management messages.
For data loss prevention, FusionSphere makes multiple copies of program data, metadata, and service data, and ensures its reliability with automated error correction and restoration.
Furthermore, Huawei’s experience with virtualized cloud computing environments provides the basis for meeting specialized, multi-tenant NFVI security needs.
With hardware and software expertise in telecommunications, IP networking, servers, and storage systems, Huawei is the ideal NFVI provider.
Based on 20 years of experience in telecommunications software, Huawei’s Business Support Systems and Operating Support Systems (BSS/OSS) have been implemented at more than 400 carrier sites around the world. As an OpenStack Gold Member, and a top-20 OpenStack code contributor, Huawei is setting the stage for NFVI to represent the future of telecommunications and possibly all enterprise IT.