Brief introduction:In the process of migrating the traditional data center business to the cloud, how to transform the network configuration based on different business scenarios and the roles of devices flexibly changing under the cloud based on the unified service capability of the network on the cloud, users and their business architecture will usually face many challenges. Ali cloud hybrid cloud network technology independent innovation team and the ali cloud network product research and development of “open web services platform” (hereinafter referred to as: ONSP) built on ali cloud flying goddess luo network system, realize the flying goddess luo and three networks of ecology to fully mix, thus optimizing the enterprise customer the experience of ecological services, to better help customers moving cloud cloud.
At present, worldwide, hybrid cloud has become the most desired form of enterprise cloud. According to Flexera’s “State of the Cloud Market in 2021” report, 92% of companies surveyed have adopted a multi-cloud strategy, with the proportion of companies adopting a hybrid cloud strategy rising from 58% to 82%. According to Gartner, the global cloud computing market penetration rate will increase year by year from 4.3% to 13.2% from 2015 to 2020, and will rise to 15.3% by 2021.
In the recently concluded 2021 Ali Cloud Summit, Ali Cloud Intelligence President Zhang Jianfeng proposed the development direction of Ali Cloud in 2021, namely: deepen the foundation, do thick middle platform, strengthen the ecology, and do a good job in service. Committed to providing tailor-made hybrid cloud solutions for government and enterprises, Ali Cloud Hybrid Cloud (Apsara Stack) provides integrated cloud platform services from the perspective of customers from the three dimensions of building cloud well, managing cloud well and making good use of cloud. Recently, I submitted a satisfactory answer to “strengthen the ecology” and “do a good job in service” for government and enterprise customers.
Aliyun Hybrid Cloud Launches “Open Network Service Platform” (ONSP)
The customer pain points
In the process of migrating the traditional data center business to the cloud, how to transform the network configuration based on different business scenarios and the roles of devices flexibly changing under the cloud based on the unified service capability of the network on the cloud? Users and their business architecture often face many challenges, such as application migration, data migration and many other scenarios. For example, in the process of cloud migration, users usually encounter: 1) the network service provided by IaaS on the cloud cannot meet the personalized needs of users in a short period of time. For example, in a traditional data center, the user business application architecture relies on a feature provided by a load balancing device. After the business is migrated to the cloud, users expect the in-cloud load balancing service to provide peer capabilities to reduce the workload of application architecture transformation and the resulting stability risks. 2) Users want to support third-party network services in the cloud due to heterogeneous deployment, usage habits, user technology stack and other reasons.
Facing the challenge
One way to solve this problem is to manually deploy a virtualized version of the corresponding network device. However, there are several problems in manual deployment: 1) the complexity of deployment requires users to have a deep cloud network foundation; 2) Lack of high reliability. Manual deployment of virtualization equipment in the fault detection, fault isolation and other aspects of the lack of necessary capacity support, can not support the use of production environment; 3) Challenges in deployment cost, management and operation under distributed deployment architecture. Under manual deployment model, virtual network equipment is usually deployed on the same VPC as the application, which not only increases the deployment cost, but also presents challenges for management and operation.
Ali cloud response plan
What is Open Web Services Platform? By ali cloud hybrid cloud network technology independent innovation team and the ali cloud network product research and development of “open web services platform” (hereinafter referred to as: ONSP) built on ali cloud flying goddess luo network system, realize the flying goddess luo and three networks of ecology to fully mix, thus optimizing the enterprise customer the experience of ecological services, to better help customers moving cloud cloud.
[Open Network Service Platform] is a network service based on tripartite virtual network devices. Through this platform, users can easily deploy virtual network devices of Ali Ecological partners on the cloud. At the same time, [Open Network Service Platform] supports the high availability deployment of virtual network equipment cluster. Supports users can continue to follow the traditional IDC management model to realize the centralized deployment of virtual network equipment, which reduces the deployment cost, simplifies the complexity of operation and management, and provides better experience for users.
ONSP core functionality
[Open Network Service Platform] Core components mainly include virtual network device management and network function virtualization arrangement. The architecture is shown in the figure below:
In terms of virtual network device management, the Open Network Services Platform (ONSP) provides virtual network device basic life cycle management in a standardized and modeled way, supporting such as virtual network device creation, destruction, expansion capacity, cluster initialization, etc. Follow ETSI MANO standards in information models and interactions with VNFM components, while building in common VNFM components to support a wide range of partner virtualized network devices. In the definition of VNF metadata, Tosca data modeling description language is used to explain, through the VNF abstraction and modeling, without the need to change the version of the case, can support different ecological partners of different types of virtual network equipment.
As for the Network function virtualization arrangement, ONSP has built-in Open Network Service Endpoint (ONSE) which is transparent to the user, through which the traffic is drained to the virtual Network device cluster. The user only needs to update the VPC routing table to point to this endpoint to complete the drainage process described above. The traffic flows into the virtual network device cluster in the form of original data packets, and then is rerouted to the target device after business processing on the virtual network device.
At the same time, ONSP realizes integration and integration with ecological partner choreography components through a set of common, open and interoperable northbound REST interfaces on the northbound interface, providing better service experience for users. In terms of reliability, ONSP supports multiple types of virtual network device cluster deployment models, such as primary/standby model, primary/host model, etc. ONSP supports real-time and periodic monitoring of cluster business unit health status, and customizes failover measures according to the business nature of the cluster, including isolation of failed business units or restart and recovery, etc. After isolating the failed business unit, the business traffic will not be sent to the unit until the user completes the repair of the failed business unit.
Product advantage
Through the “Open Network Service Platform”, users will be able to: 1) automatic deployment of ecological partner virtual network equipment in the cloud efficient automated deployment; In the process of business migration to the cloud, users can realize peer-to-peer migration of the original network configuration such as load balancing to the cloud environment through the Open Network Service Platform, without paying attention to the complex deployment logic and compatibility issues of virtual network equipment. 2) safe and reliable “open web services platform” support virtual network devices such as the main equipment, main cluster model, the cluster node failure fault isolation or restore automatically, combined with the platform to provide operational capabilities, can provide business continuity for users the planned change, also provides a graceful unplanned fault recovery experience. 3) Centralized Management Through the “Open Network Service Platform”, users can centrally deploy virtual network devices to provide network services for businesses distributed in multiple VPCs, avoiding the increase of deployment cost and operation and maintenance complexity caused by distributed deployment, while maintaining the original management boundary. On the “Open Network Service Platform”, virtual network devices of ecological partners can achieve non-invasive access on the premise of meeting the basic requirements of cloud-based network devices, which technically solves the access barriers of virtual network devices and provides more options for users. At the same time, the network service choreography system developed by ecological partners or customers can achieve deep integration with the platform through the open northbound REST interface of the platform, so as to provide integrated management, operation and maintenance experience while meeting more customized needs.
Ecological Partner
Currently, the ecological partner virtual network equipment certified by Open Network Service Platform is as follows:
【 Open Network Service Platform 】 Through standard and open technology, the determination to “strengthen the ecology” will continue to create the network service ecological environment, and more virtual network equipment certified by ecological partners will be launched successively.
Typical application scenarios
Case 1: Business relies on advanced load balancing
Figure 1 Business relies on advanced load balancing
In this case, the user has two requirements: first, the application architecture runs offline depending on a load balancing feature, and the user wants to keep the original application architecture when it is migrated to the cloud; Second, it is necessary to realize the sharing of users’ self-developed applications or services to multiple service users. Through the Open Network Service Platform, users centrally deploy the virtualization version of load balancing in the tripartite virtual device VPC, and provide load balancing services for multiple service users in the way of multiple instances. Multiple instances of load balancing can share or exclusive VLB network service cluster. Applications that migrate to the cloud do not need to be retrofitted for existing dependencies. In the absence of “Open Network Service Platform”, in order to achieve service sharing, service users and service providers usually need to communicate with each other through high-speed channels, which brings management complexity and increases security risks. Through the Open Network Service Platform, the VPC of the service provider and the VPC of the service user can realize the closure of the network.
Case 2: Border protection and NAT services
Figure 2 Border protection and NAT services
In this case, users can provide NAT services from VPC to IDC through centralized deployment of VFW network service cluster, and realize border security protection from VPC to VPC or VPC to IDC at the same time. Take the NAT demand from VPC to IDC as an example, because the user IDC usually precedes the private cloud construction, its address planning and so on have been a fait accompli that cannot be changed. In the context of the gradual migration of user services to the cloud, there will be a long-term demand for intercommunication between IDC and VPC in the cloud. Generally speaking, the address space between IDC and VPC in the cloud is opened through a special line, on the premise that the address space between IDC and VPC in the cloud is not in conflict. In order to solve the problem of address conflict between IDC and VPC in the cloud, VFW network service cluster can be deployed through the “Open Network Service Platform”, so as to realize the intercommunication between VPC in the cloud and IDC while maintaining the independence of the network address space.
Case 3: Tenant traffic mirroring and analysis
Figure 3 tenant traffic image and analysis
In this case, the user deployed the NPM virtual device of the ecological partner through the Open Network Service Platform to collect and analyze the ECS traffic of the customer’s business, realize the visualization of the ECS traffic on the tenant side, accelerate the network fault location, and improve the business availability. In this scenario, the Eco Partner’s NPM virtual appliance contains the controller node and the data node. The controller node adopts the main and standby deployment model. The cluster of data nodes is deployed in an ACTIVE/ACTIVE model, with the number of nodes deployed on demand. A single controller cluster can manage multiple clusters of data nodes.
How the future evolves
AliCloud Hybrid Cloud [Open Network Service Platform] will be officially launched in the near future as an important new product function of Enterprise Version V3.14.0. In the future, will open web services platform 】 【 last iteration on the openness and innovation, in support of a broader ecological at the same time, access to partners through open and interoperability north to REST interface with our partners or customers since the research of ecological network service system integration, and thus in terms of ease of use to provide users with better experience. At the same time, Ali Cloud Hybrid Cloud [Open Network Service Platform] will continue to build platform capabilities to support the centralized monitoring of the operation and maintenance status of virtual network equipment of ecological partners. In terms of reliability, the data surface technology will be further used to improve the fault sensing ability of virtual network equipment, and the perception will be linked with the business traffic scheduling to improve the effectiveness of fault isolation and recovery. In terms of business scenarios, it will support more flexible deployment patterns to meet the demands of richer business scenarios.
As the key businesses of users continue to go to the cloud, the development trend of cloud computing will be more and more open. Closed technologies cannot meet the diverse and different needs of users. Ali cloud hybrid cloud in thick middle deep foundation “do” and “do”, will insist on the basis of adhering to the “strengthen ecological”, “good service” concept, continuing through an open, standard interoperability build better web service that is both traditional and new field of ecology, the joint industry head manufacturers do service for the customer.
Aliyun Hybrid Cloud provides tailor-made hybrid cloud solutions for government and enterprises from the three dimensions of building cloud, managing cloud and making good use of cloud to provide integrated cloud platform services from the perspective of customers. More product information is available. Welcome to [Hybrid Cloud official website]
Copyright Notice:The content of this article is contributed by Aliyun real-name registered users, and the copyright belongs to the original author. Aliyun developer community does not own the copyright and does not bear the corresponding legal liability. For specific rules, please refer to User Service Agreement of Alibaba Cloud Developer Community and Guidance on Intellectual Property Protection of Alibaba Cloud Developer Community. If you find any suspected plagiarism in the community, fill in the infringement complaint form to report, once verified, the community will immediately delete the suspected infringing content.