By: Kent Erickson >> Over the past year I’ve spent a lot of time talking to people about Network Function Virtualization, which is too long to type so everybody calls it NFV. It’s a complex subject, and most of the time I find myself a bit confused. So, I’ll share my confusion with you by attempting to explain it!
There’s a big speed problem with networking, and that’s waiting for pizza boxes. Every time you need a firewall, or a spam filter, or a load balancer, or a web accelerator, or any other network service you need to select, buy, place, configure, install, and maintain another pizza box filled with circuit boards. That kind of manual work is too complex to manage for more than a few boxes.And how many do you have? Dozens? Hundreds? Hundreds of thousands?
NFV attacks the too-many-pizza boxes directly, by running all those network services on standard servers. Spin up a VM and you’ve got a new firewall! Just like we did with Windows and Linux OSs, but now we’re doing it with IOS, Junos, Barracuda Linux, etc.
I Love to Put in Screws with My Hammer!
There are lots of potential uses for NFV technology:
Branch offices A single server can run a router, firewall, and spam filter, all from different vendors. New, cool firewall? It’s a whole lot easier to start a new VM than it is to ship 1,000 pizza boxes to a central facility, configure them, ship them to the branch offices, then manage a huge team of remote temps to get them working.
New applications The devops team wrote the application and now needs to get it running quickly. Don’t order a load balancer and firewall, just start a couple of containers. Need more security? Add another firewall between the web and application tier in just a few minutes.
Network service providers Pity those poor administrators who have to manage vast football fields full of pizza boxes. And if you pause to think about it just a minute, pity your poor checkbook that has to pay for unused, overused, and obsolete technologies that support your network. No wonder service delivery is so hard.
So why does that headline talk about putting in screws with hammers? Because there are other ways to attack all of these problems, but as with all new technologies the true believers have that wonderful new hammer, ready to attack any problem.
Acronyms, Get Your Fresh Hot Acronyms!
Every new technology has a set of new acronyms, so let’s list those common in NFV.
The chart below from sdxcentral.com is a great reference.
- VNF (Virtualized Network Function) is a router, a load balancer, a firewall, any network service that is running in a container or a virtual machine. It’s confusing, because it looks a lot like someone misspelled NFV, the acronym for the whole space
- NFVI (Network Function Virtualization Infrastructure) is the place where those VNFs run. It’s usually OpenStack virtualization running on a converged infrastructure like Cisco UCS.
- EMS (Element Management System) is a piece of software that controls VNFS from one vendor. You’ll have at least one EMS for each VNF vendor, but you shouldn’t have to use them too often because of the MANO.
- MANO (MANagement and Orchestration) Software that runs the overall environment – it sets up the NFVI, provisions new VNFs, sets up service chains,etc. Here’s a place where different vendors are competing – it’s a real MANO a MANO fight. Ha! They’re building their MANO from an orchestrator, VNF managers, and Virtualized Infrastructure Managers.
- Service Chain The network services and connections needed to support a single application or customer. An external-facing website would have a service chain of a firewall and a load balancer, for example.
Where Does Zenoss Fit?
Zenoss is helping customers building NFV solutions in three different ways.
We’ve supported VNFs from Cisco and Citrix for several years as standalone devices or within an ACI pod. Spin up an ASAv and Zenoss will monitor it.
Some customers add our software into the NFVI layer, helping provide a single point of assurance for the functioning of a converged infrastructure with OpenStack.
Some customers are adding us to their MANO implementation, so they can assure the tenants and service chains that are delivering network function.
NFV isn’t Finished.
NFV is a rapidly evolving set of technologies right now. If you remember Interop, where vendors were proving that their different TCP/IP solutions would actually work together, you know exactly where NFV is today. Light Reading has been running interoperability tests, finding out which NFVs can be controlled by which MANO and run in which NFVI. The results are pretty good, most things work, but still not everything.