Understanding Cloud Networks in One Article

​Enterprise digital transformation has promoted the development of cloud computing. According to statistics from the China Academy of Information and Communications Technology, my country's cloud computing market experienced explosive growth in 2020, with a growth rate of 56.6%. Enterprise cloud computing requires that cloud computing resource delivery methods be dynamic and on-demand. Cloud resources must have characteristics such as flexibility, local response, avoidance of single cloud vendor lock-in, and high reliability. This requires that the network connecting cloud resources must have rapid delivery capabilities and be able to flexibly adjust according to business needs.

Operators have launched cloud-network integration services such as cloud-based private networks, cloud-based dedicated lines, and SD-WAN, and strengthened the unified planning and construction of cloud-network infrastructure. In collaboration with the big network, connection scenarios such as public cloud, private cloud, and hybrid cloud have put forward higher requirements for cloud networks. Cloud networks must have cloud-network integration capabilities to meet new business requirements such as "one-stop acceptance, automatic activation, unified operation and maintenance, and self-service on-demand".

In cloud computing scenarios, cloud networks need to efficiently carry three types of traffic:

• East-West Traffic: Traffic between servers within a data center, enabling intercommunication, migration, and synchronization of storage data between virtual machines;
• Inter-data center traffic: traffic between different data centers;
• North-south traffic: Traffic between access points or data sources outside the data center and servers inside the data center.

Cloud computing network concept

Cloud network is based on virtualization technology, opens network capabilities, and provides "cloud-edge-end" interconnection services for enterprises in the process of cloud migration and cloud use. Cloud network is a cloud-centric, application- and tenant-oriented virtualized network infrastructure with on-demand, elastic, ubiquitous, and measurable features.

Cloud computing is a network service, a service network for enterprise tenants and applications. Compared with traditional networks, cloud networks are typically characterized by sharing, elasticity, self-service, and on-demand provision. To some extent, cloud networks are the product of the integration of CT and IT.

Cloud Network Architecture

Figure 1: Cloud network system

Corresponding to the traffic in the cloud scenario, the cloud network is generally divided into three parts: intra-data center network, inter-data center network, and data center access network.

1. Network within the data center

The network within the data center mainly carries east-west traffic within the same data center to meet the high-speed access needs of servers and other resources. It generally adopts a two-layer Spine-Leaf architecture based on the CLOS architecture.

The foundation of data center cloud network is the virtualization of network resources. Through the virtualization of network elements and network devices, resources can be fully and flexibly shared. At the same time, network virtualization opens up network capabilities, encapsulates various functions and resources into APIs and provides them to customers, so that customers can manage cloud, network, and terminal resources in a unified manner. In data center cloud networks, 4-7 layer protocol network elements are generally implemented using NFV technology. Cloud networks provide network functions to cloud tenants through software virtualization.

With the help of SDN, the data center cloud network separates the control plane from the forwarding plane, making the control layer more flexible and the data forwarding layer more standardized. Through centralized control, network administrators can write programs through the controller's API to achieve automated service deployment, greatly shortening the service deployment cycle and achieving dynamic adjustment on demand. The data center cloud network uses clustering to support expansion, combined with network virtualization, to provide each user with an elastic network, achieving unified network orchestration and control.

Cloud networks use technologies that optimize network addressing and improve network performance. Overlay technology is used for addressing. In terms of network performance, data forwarding capabilities are continuously improved by reconstructing the form of network equipment. The orchestration of cloud networks includes two aspects: (1) Virtualization of network functions: virtualizing network functions through standard servers. According to the business needs of cloud computing, the life cycle of NFV network elements is managed, and NFV resources are dynamically created, deleted, and expanded on demand. According to the traffic model of the business, the corresponding forwarding table entries or forwarding rules are issued to ensure the correct forwarding of business messages. (2) Virtualization of network services: The physical network is abstracted through Overlay technology, and multiple isolated virtual network services are divided and provided to tenants, allowing different tenants to independently manage their own network environment.

Figure 2: Data center cloud network functional architecture

The data center cloud network functional architecture consists of three layers, from bottom to top: the network element forwarding layer, the network element control layer, and the cloud management platform (see Figure 2).

The network element forwarding layer is the foundation of the data center cloud network and provides network data plane functions. The forwarding layer is based on a general-purpose CPU and completes the forwarding of network data packets through software programming; it achieves massive tenant isolation and reuse through tunnel technologies such as VxLAN or NVGRE.

The NE control layer provides the forwarding table entries of the NE forwarding layer and centrally processes the control planes of each NE. The NE control layer is independent of the NE forwarding plane. After generating the forwarding table entries, the control layer sends the forwarding table entries to the data plane.

The cloud management platform provides functions such as network element orchestration, authentication and billing, manages the configuration of different network elements of tenants and life cycle events such as startup and deletion, sends the configuration and events to the management and control layer, updates the forwarding table items of the corresponding network elements, and finally provides different network connection capabilities according to business needs.

2. Data Center Interconnect Network (DCI)

The network between data centers carries north-south traffic between different data centers, including networks between different data centers of the same cloud service provider and networks between data centers of different cloud service providers. The diversity of cloud computing services and the randomness of access require DCI to have the characteristics of service isolation and diverse access methods. There are usually three ways to interconnect DCI:

• One is front-end network interconnection, also known as network layer 3 interconnection, where different data centers are interconnected through the front-end network (egress);
• The second is Layer 2 interconnection, which builds a large Layer 2 interconnection network at the network access layer of servers in different data centers to meet the needs of server clusters or dynamic migration of virtual machines.
• The third type is back-end network interconnection, which uses SAN, DWDH, SDH and other technologies to achieve back-end storage network interconnection between data centers.

From the implementation level, DCI can be divided into backbone network and access network. The backbone network builds a dedicated forwarding plane, which is responsible for intelligent scheduling and fast forwarding of the entire network traffic. The access edge realizes classified access and service differentiation of different services. The cloud availability zone and network egress architecture are loosely coupled, and each develops in the optimal direction, forming an egress scheduling platform outside the cloud availability zone.

Interconnection between data centers needs to solve the interconnection between multiple clouds and multiple heterogeneous environments. MPLS VPN and SD-WAN are key technologies for multi-cloud interconnection. MPLS VPN is isolated from the Internet link and has the characteristics of strong security and high link quality; SD-WAN manages the multi-cloud Internet network through a controller, optimizes the quality of the underlying links, and can achieve low-cost, low-latency, and high-availability cross-cloud information transmission.

DCI is usually built by cloud service providers themselves or by professional exchange center manufacturers. Since 2000, national Internet exchange centers and multiple regional exchange centers have been established in Beijing, Shanghai, Guangzhou and other places; in 2015, exchange centers based on Internet companies began to appear. Since 2020, new Internet exchange centers have emerged and become the network foundation for the innovative development of my country's Internet. New Internet exchange centers have realized indiscriminate access to various networks, making information, data, and resource interaction more convenient.

3. Data center access network

Data center access networks connect cloud resources and users, mostly using SDWAN technology. By deploying CPE devices or vCPE software that support SDN centralized management and control at access points such as branch offices, resources can be flexibly allocated and self-service cloud resource access can be achieved. SDWAN binds multiple network lines according to the priority of the business, thereby reducing the overall networking cost while meeting business needs. At the same time, the SDWAN programmable API can be used to achieve automated deployment and control the network usage time and usage method.

Industry Development

According to relevant research data from the China Academy of Information and Communications Technology, the market size of cloud network services represented by cloud dedicated lines, cloud networking, and SDWAN in my country reached 27.9 billion yuan in 2020. my country's cloud network industry is mainly composed of telecom operators, cloud service providers, and cloud connection service providers.

• Telecom operators have commercialized network capabilities. With the advancement of 5G construction, telecom operators have a huge advantage in edge cloud nodes, and can form cloud + network coverage from core, bearer, and access, providing users with multi-level and diversified cloud network services.
• Cloud service providers adapt cloud services to the network environment. Cloud service providers build an open and cooperative ecosystem with cloud as the core. Cloud connection service providers assist public cloud service providers in improving their network capabilities.
• Cloud connection service providers open up network connections between multiple public clouds, forming a partnership model in which network resources and public cloud resources complement each other.

Cloud Network Development Trends

With the development of technology and driven by the market, general computing has evolved from virtual machines to containers and function computing, and computing power has shifted from general computing to dedicated computing, requiring cloud networks to be able to carry computing tasks with high performance requirements. Lossless networks and low-latency networks have gradually become the foundation of cloud network technology.

The market demand for edge computing is growing rapidly, and cloud-edge collaboration and distributed cloud have become new forms. The cloud-edge collaboration network includes access-side, edge-side, and center-side networks, and involves multiple virtualized software functional components of data center access networks, inter-data center networks, and intra-data center networks.

As the optimal model set for building cloud-based services, cloud native requires cloud networks to support cloud native business needs and meet the interoperability, security, and load balancing requirements of network endpoints and services of cloud native services. Cloud native networks provide hierarchical services through service mesh + container network interface CNI (Container Network Interface). CNI implements the calling methods when creating and deleting containers, and ServiceMash encapsulates the 4-7 layer network protocols. With the support of cloud native networks, cloud native applications only need to focus on higher-level requirements such as service status, current limiting, and circuit breaker monitoring, and no longer need to pay attention to specific IP addresses and routing policies.

The next generation of cloud computing will be distributed cloud (Gartner predicts). Distributed cloud requires the network to have edge and distributed characteristics. In the future, cloud networks must be able to achieve business, cloud, and edge integration, and realize the integration and collaboration of cloud, edge, and cloud network. Cloud networks will gradually expand from central clouds or regional clouds to end-to-end networks. Large cloud exchange centers will form a new form of cloud-network collaboration, realizing multi-cloud resource access and multiple network interconnection between different regions, different cloud service providers, and different operators.

summary

Cloud networks unify cloud network resources and service capabilities, gradually break through the physical boundaries of cloud networks, and evolve towards a technical architecture that integrates network, computing, and storage. Computing power networks will become the next stage of cloud network evolution. ​