Upload
chitownit
View
214
Download
0
Embed Size (px)
Citation preview
8/2/2019 CloudPlex Architecture
1/19
Scalable Virtual Desktop InfrastructureUsing Brocades CloudPlex Architecture
Technical Overview
This paper describes how Brocades CloudPlex architecture enables
large-scale deployment of virtual desktop infrastructure: tens of
thousands of desktops on a global scale. It identifies the challenges in
the data center, campus LAN and wide area networks that need to beconsidered and reviews how key elements of the CloudPlex architecture
including fabrics, open systems and global reach, effectively meet
these challenges.
8/2/2019 CloudPlex Architecture
2/19
NETWORK MANAGEMENT TECHNICAL BRIEF
Scalable Virtual Desktop Infrastructure Using Brocades CloudPlex Architecture 2 of 19
CONTENTS
The Importance of a Virtual Desktop..........................................................................................................................................................................................3Challenges of Large Scale VDI Deployment ............................................................................................................................................................................3
Impact on the Data Center..............................................................................................................................................3Impact on the Campus LAN ............................................................................................................................................4Impact on the Wide Area Network..................................................................................................................................5
Brocade CloudPlex Architecture...................................................................................................................................................................................................5CloudPlex is Fabric-Based...............................................................................................................................................6CloudPlex Is Open............................................................................................................................................................7
Virtual Compute Block .............................................................................................................................................8OpenStack ................................................................................................................................................................8OpenFlow..................................................................................................................................................................8
CloudPlex is Global ..........................................................................................................................................................8Applying the CloudPlex Architecture to Large-Scale VDI Deployment ...........................................................................................................................9
Brocade Virtual Cluster Switching ..................................................................................................................................9Brocade Virtual Compute Blocks ................................................................................................................................. 10
VCB Integration with VMware View..........................................................................................................................................................................................11Pre-tested, Factory Integrated Components for Fast Time to Service ...................................................................... 12Fabric-based Scale-out Architecture ........................................................................................................................... 13
Other Requirements for Large Scale VDI Deployments...................................................................................................................................................13Integration with Campus LAN....................................................................................................................................... 13Integration with WAN .................................................................................................................................................... 14Integration of Security Services...................................................................................................................................14Access Control and Transparent Support of IPv4 and IPv6 Devices......................................................................... 15Monitoring, Management and Traffic Analysis ...........................................................................................................15Scaling Out the VCB Solution for VMware View .......................................................................................................... 17
Testing VCB for Scalability and Supportability......................................................................................................................................................................18Summary...........................................................................................................................................................................................................................................19
8/2/2019 CloudPlex Architecture
3/19
NETWORK MANAGEMENT TECHNICAL BRIEF
Scalable Virtual Desktop Infrastructure Using Brocades CloudPlex Architecture 3 of 19
THE IMPORTANCE OF A VIRTUAL DESKTOP
Desktop computing is ubiquitous and represents a growing cost for IT. Updating operating systems and
applications has become very time consuming and costly while securing access to data has become more
complex. Virtual Desktop Infrastructure (VDI) offers a solution. VDI separates the desktop operating system
and application configuration from the physical device. Instead of managing individual desktop devices in a
distributed manner, the software stacks (operating system plus applications and configuration settings) are
hosted in the data center using a master catalog of pre-built and tested configurations. Users are assigned
to a particular standard configuration that supports their role. When they connect to the VDI environment,
applications run on virtual servers with screen updates pushed over the network (campus LAN or WAN) to
the users display. Users can use a less expensive device, such as thin or zero clients, to attach to the
network while accessing the familiar desktop environment and applications they have when using a
traditional desktop or laptop PC, or they can use their PC with images pushed to them upon login.
Hosting the desktop operating system and applications in the data center simplifies change control,
configuration management, disaster recovery and can lower power consumption since thin clients are more
power efficient than full functioned personal computers. Of course, VDI has to deliver a user experience that
is comparable to the one expected with a full function PC. From a user perspective, latency is a critical
metric of user experience. Clearly, VDI has attractive advantages.
But, VDI has to be built on top of an architecture that can scale, quickly migrate desktops and user databetween data centers when needed, while simplifying management and configuration. Hence, VDI relies on
a network architecture that cost-efficiently supports these requirements. These considerations are
especially relevant when scaling VDI to tens of thousands of users located anywhere in the world. In short, a
cloud computing architecture is ideal for VDI as it enables global client mobility as well as on-demand
scalability. Brocade has an architecture for cloud computing called CloudPlex that can be applied
successfully to large-scale VDI deployments. This paper discusses the CloudPlex architecture and then
shows how it has been applied to VDI solutions in conjunction with our partners.
CHALLENGES OF LARGE SCALE VDI DEPLOYMENT
Although VDI offers a solution to long-standing problems associated with cost-effective management of
desktop computing environments, it also creates network challenges, particularly when deployed on a
continental or global scale. To better understand the requirements, its helpful to break the network into
three segments: the datacenter, the campus/LAN and the WAN. Each is impacted by the shift in traffic
created by VDI solutions and in turn the limitations of each affect the overall network design.
Impact on the Data Center
Server virtualization affords a cost-effective way to host large numbers of VDI instances. Combined with
image management software to clone operating system and application configurations, a virtual machine
can be created with a standard desktop configuration. As a client initiates a connection, the session is
directed to an available virtual machine with an image specific to the user so they access their own
desktop, applications and storage. A pool of available VMs can quickly meet new demands, and VMs can be
removed from the pool and unnecessary physical servers can be powered down to minimize power and
cooling during periods of low demand.
Server virtualization has affected the data center in many ways. Most striking is the growing need to update
the network to meet the unique demands of virtual servers. For example, virtual machines are moved
across physical servers for various reasons including load balancing, power management, maintenance and
updates, etc. This is one of the attractive benefits of server virtualization as moving a VM does not cause
any disruption to the application running inside the virtual machine. However, networks were not designed
with this capability in mind. Networks assume applications are fixed to specific servers that in turn are
physically attached to the network and rarely change where they connect in the network. With virtual
machine mobility, this is no longer the case. Traffic loads change, static network policies tied to physical
8/2/2019 CloudPlex Architecture
4/19
NETWORK MANAGEMENT TECHNICAL BRIEF
Scalable Virtual Desktop Infrastructure Using Brocades CloudPlex Architecture 4 of 19
ports can move, and small layer 2 switching domains restrict virtual machine mobility, limiting its benefits.
The advantages of virtual machine mobility apply to large-scale VDI deployments as well.
As more applications take advantage of server virtualization, both the IP network and storage networks
need to provide more bandwidth to the server. With 10 or 20 applications running on a single server that
used to host only one, the network bandwidth grows considerably. And, as connections are used to share
both IP and storage traffic, logical isolation of traffic becomes important so issues with one type of trafficcant disrupt other types. This has driven higher bandwidth connections to servers and more bandwidth
between network switches and routers. Quality of Service for both IP and storage networks has become
much more common as it provides the tools required for logical traffic isolation on a shared network.
One other area that has changed is the traffic patterns in the data center network. In the past with many
remote clients accessing an application on a single server, most network traffic was north-south moving
between the access layer where the data center servers are through an aggregation layer and then routing
to the core to the campus LAN or WAN networks. Data center networks could have high oversubscription
ratios across these three tiers (access, aggregation, and core). But today, with new Web 2.0 applications,
server virtualization using live virtual machine migration and storage traffic running over the IP network,
there is a lot of east-west traffic that must efficiently move across the layer-2 LAN network. This is driving
changes in Ethernet that is the primary layer 2 technology. Problems include Spanning Tree protocol
limitations on scalability and resiliency, static network policies that cant keep up with virtual machinemigration and the complexity of configuration and management as more layers and devices are added at
layer 2.
Another important consideration is storage. Direct attach storage captive inside the server is insufficient.
For VDI, shared storage pools connected to a storage network are required as virtual machines host the VDI
environment and they require shared access to a common storage pool. Many storage features can be
effectively leveraged to simplify operations and reduce cost, including thin provisioning, de-duplication,
block level replication for cloning and disaster recovery, snapshot for on-line backup and duplication and
solid state disk for high performance. Brocade has a long history in the storage market as a pioneer of Fibre
Channel networking, the first scalable solution for shared storage. Today, Brocades fabric technology is
available and supported by all major storage vendors for every type of block access storage network
protocol including Fibre Channel, iSCSI and Fibre Channel over Ethernet (FCoE), as well as file accessed
storage using NFS and CIFS. The Virtual Compute Block architecture discussed later is flexible and able tosupport all block storage and file access protocols. A single VCB configuration can incorporate one or more
types of block storage and all storage vendor provided storage optimization features. Cost-effective
solutions of VCB modules can be easily deployed side-by-side, or specific storage network protocols and
storage arrays can be used in different environments to meet varying environmental, operational,
performance and cost requirements.
Security is of course an important requirement particularly in the network. Firewalls, load balancers,
intrusion detection and protection, virus detection are all critical elements of the network. With VDI, security
must now extend to desktop application traffic where previously that traffic never left the desktop or laptop
computer. Therefore, security services have to scale to support much higher traffic rates. Higher
performance and reliability are clearly important design requirements. Configuration of security policies
must be consistent and encryption services such as secure sockets layer (SSL) must be relied on to protect
information flowing between thin clients and the applications hosted in the data center.
Impact on the Campus LAN
With VDI, the traffic on the campus LAN will increase due to application traffic now flowing from the
thin/zero clients to the application hosted in a virtual machine in the data center. More bandwidth, low
latency and higher availability are essential to the VDI user experience. Users wont tolerate sluggish
response or lack of access to their personal applications and data. Redundancy of paths, ports and network
switches are therefore important in the design of the campus LAN. One other valuable capability is Power
over Ethernet (POE) support. With POE, thin/zero client devices that attach to the campus network receive
8/2/2019 CloudPlex Architecture
5/19
NETWORK MANAGEMENT TECHNICAL BRIEF
Scalable Virtual Desktop Infrastructure Using Brocades CloudPlex Architecture 5 of 19
the power they need from the same Ethernet connection used to attach to the network. POE is common for
Voice over IP (VoIP) environments to power telephone handsets and this same technology can be efficiently
used for thin/zero clients reducing facilities costs.
Impact on the Wide Area Network
For global companies, VDI can benefit from global load balancing and efficient migration of desktops, data
and licensing between data centers as users move. For example, employees may relocate to a new office or
be on temporary assignment overseas. Its important to support migration of their personal configuration
and data to a data center more suitably located so latency and user experience requirements are met. For
companies with multiple data centers in a given geography or who purchase hosting services for VDI, being
able to migrate user desktops and data efficiently over the WAN are also important. In a geography with
multiple data centers, global load balancing of VDI connections is an effective way to ensure uniform user
experience should WAN links become congested or outages occur. For some environments, improved
disaster recovery using stretched server clusters between regional data centers via MPLS/VPLS services,
are important design requirements. Stretched clusters may be advantageous for routine service and
maintenance of network equipment and servers so currently running VDI instances can be moved to an
adjacent data center whenever required.
The challenges of large scale VDI deployment are very similar to the challenges most enterprises are
already facing as they look for ways to reduce cost and improve agility with cloud computing. To assist
customers with strategic planning, Brocade developed a cloud architecture called CloudPlex. CloudPlex can
be directly applied to the challenges of large scale VDI Deployment.
BROCADE CLOUDPLEXTM ARCHITECTURE
Today most enterprise infrastructure looks like a combination of internal and external resources and for
most companies, largely location independent. Corporate data centers are placed across continents while
cloud service providers offering outsourced services, (e.g., SFDC, Google Mail and Google applications,
AWS, Ring Central) are being leveraged more and more. Consequently, this is the era of the virtual
enterprise. Today, enterprises are increasingly combining their own IT resources with outsourced services
and cloud computing delivering universal access to ever-more mobile users. Making businesses run on top
of this fully distributed infrastructure is challenging.
Figure 1. Brocades CloudPlex architecture for cloud computing
To address this transition, Brocade developed an architectural called CloudPlex. It is designed around three
pillars necessary to make the transition from dedicated, static infrastructure captive to a single application
8/2/2019 CloudPlex Architecture
6/19
NETWORK MANAGEMENT TECHNICAL BRIEF
Scalable Virtual Desktop Infrastructure Using Brocades CloudPlex Architecture 6 of 19
or user, to a world of virtual computing dynamically assembled from loosely coupled virtualized resources,
platforms and highly distributed application components.
CloudPlex is Fabric-Based
Fabric technologiesoriginally developed for FC SANs and now being brought to Ethernet-are the key to
radically simplifying the network, improving scale, and optimizing resource utilization with virtual machines.
Fabrics are a foundational element of highly virtualized and cloud networks. They take us back to what
networking was supposed to bea seamless entity for any to any communications. So what is driving the need?
It is really very simple. Networking is designed to support business applications. When the applications change,
the underlying network has to change. This is what is driving the evolution of the layer 2 network to fabrics
technology.
Historically, applications have been written as monolithic programsconnected to big compute nodes and
attached to appropriately sized network and storage elements. Scaling relied on replacement of the server with
a larger model. Applications were commonly deployed on dedicated servers limiting flexibility while hindering
maintenance and disaster recovery.
Virtualization has altered that model by introducing an abstraction layer between the application and the
underlying hardware. The application can move to whatever hardware platform has the best price/performance
characteristics. This has become a compelling model for hardware resource management in the data center.
Ethernet Fabrics
Compared to classic hierarchical Ethernet architectures, Ethernet fabrics provide higher levels of
performance, utilization, availability, and simplicity. They have the following characteristics at aminimum:
Flatter. Ethernet fabrics eliminate the need for Spanning Tree Protocol, while still being completely
interoperable with existing Ethernet networks
Flexible. Can be architected in any topology to best meet the needs of any variety of workloads.
Resilient. Multiple least cost paths are used for high performance and high reliability.
Elastic. Easily scales up and down at need.
More advanced Ethernet fabrics borrow further from Fibre Channel fabric constructs:
They are self-forming and function as a single logical entity, in which all switches automatically knowabout each other and all connected physical and logical devices.
Management can then be domain-based rather than device-based, and defined by policy rather thanrepetitive procedures.
These features, along with virtualization-specific enhancements, make it easier to explicitly addressthe challenges of VM automation within the network, thereby facilitating better IT automation.
Protocol convergence (eg Fibre Channel over Ethernet, or FCOE) may also be a feature, intended as ameans of better bridging LAN and SAN traffic.
8/2/2019 CloudPlex Architecture
7/19
NETWORK MANAGEMENT TECHNICAL BRIEF
Scalable Virtual Desktop Infrastructure Using Brocades CloudPlex Architecture 7 of 19
Another trend transforming application stacks is shown in Figure 2: applications are written in a much more
modular way where individual components use the network to communicate with each other reliably with low
latency. One example of this new model is having a web front-end, database tier and application tier all tied
together with a middleware layer over a SOA bus. For this new application stack, low latency, resiliency and high
availability are critical requirements of the network as a single component can support many applications so an
outage of a single component can have wide ranging, negative effects.
Figure 2. Application stacks are becoming collections of distributed modular components
Using this application architecture, some of the supporting elements like firewalls, intrusion detection and
prevention systems (IDS/IPS), are being implemented inside virtual machines. So the modern application
stack is becoming a collection of smaller components communicating with each other over a high speed,
low-latency, and resilient network. With virtualization, the components themselves may move from server to
server optimizing service levels and utilization, reducing power and cooling costs while simplifying
maintenance and disaster recovery.
The challenge is that the networks weve built over the past decade were not designed to efficiently support
this new application stack. The limitations inherent in existing network designs are getting in the way, sonetwork design has to change accordingly. One clear transition is industry recognition of the need for flatter,
lossless and low latency networks. One way to achieve this is with an Ethernet fabric architecture as a fabric
provides exactly the qualities needed to address the challenge.
With its fabric heritage, Brocade recognized early the advantages of bringing core fabric characteristics to
Ethernet, and released its Ethernet fabric technology, called Virtual Cluster Switching (VCS), in 2010. VCS is
discussed in more detail in the section titled, Brocade Virtual Cluster Switching.
CloudPlex Is Open
The second is leveraging open interfaces and standards. The CloudPlex architecture promotes the
combination of best of breed components, open routing, provisioning, and management interfaces. Open
systems for networking create healthy competition, speed innovation, and ultimately result in faster
customer adoption and better price efficiency. This has been true in computing and in applicationdevelopment, so clearly its applicable to networking as well.
8/2/2019 CloudPlex Architecture
8/19
NETWORK MANAGEMENT TECHNICAL BRIEF
Scalable Virtual Desktop Infrastructure Using Brocades CloudPlex Architecture 8 of 19
To enhance openness and interoperability, CloudPlex incorporates three components as shown in Figure 3.
Figure 3. CloudPlex is an open architecture
Virtual Compute Block
A Virtual Compute Block (VCB) is Brocades solution for facilitating the interconnection of Best-of-Breed
Components into building blocks for scaling virtualization. VCB is part of our partner-based development
initiative to design, test and pre-configure modular virtualization solutions. For example, we are working with
hypervisor vendors and our partners to integrate their offerings using our VCB solution.
OpenStackOne of the tenets of cloud computing is data center wide orchestration of virtualized resources with just-in-
time provisioning. In the past, network infrastructure provisioning and management frameworks were
specific to the hardware vendor. Multiple frameworks were needed, each having limited interoperability with
the other. Today, an organization called OpenStack.org was started to address this problem. OpenStack is
an interoperable set of management tools that make management of the network infrastructure
transparent avoiding lock-in of network devices with management functions. Therefore, OpenStack software
is being integrated into cloud computing architectures used by many companies.
OpenFlow
OpenFlow is the emerging standard for software-defined networking that could provide improved
optimization of network services in large-scale environments. The control plane becomes an open platform
using standard APIs so network services and optimized traffic policies can be integrated more quickly
across multiple vendors routers and switches. Service provides are adding cloud computing services to
their offerings and OpenFlow has drawn attention as an approach to solving a number of challenges in
large-scale multi-tenant service environments such as the public cloud. Brocade has joined the OpenFlow
community and is actively engaged in development of OpenFlow components and research projects.
CloudPlex is Global
One of the assumptions of the CloudPlex framework is that everything has to be considered in a global
context. VMs and data cant just move across a couple of servers and storage arrays; they have to be
capable of moving across the world. Users are becoming much more mobile. IT services arent monolithic
anymore and are distributed so efficient, secure and cost-effective data center-to-data center connectivity is
critical in a cloud computing architecture.
No matter how fast networks get, there is delay caused by the finite speed of light when you separate users,applications, and data over distance. Optimizing the user experience is essential and requires the ability to
move application execution and data closer to users whenever degraded user experience requires it.
Efficiently and securely moving application components and data between data centers is important not
only for disaster recovery but for cost-optimization by minimizing power and cooling surcharges and
optimizing software license charges.
8/2/2019 CloudPlex Architecture
9/19
NETWORK MANAGEMENT TECHNICAL BRIEF
Scalable Virtual Desktop Infrastructure Using Brocades CloudPlex Architecture 9 of 19
One other growing requirement of global access is the reality of limited availability of IP addresses
worldwide. Today, the current IP addresses, IPv4, are no longer available for allocation from IANA the
central clearinghouse for IP address allocation. A new and vastly larger set of addresses, IPv6, is available
and already being used in various industries, federal government agencies, and by Internet providers in
some countries. However, Internet devices using IPv4 cant directly connect to devices using IPv6 as the
IPv6 address structure is not backward compatible with IPv4. Solutions exist for Internet service providersand for enterprises and are integrated into the CloudPlex architecture.
APPLYING THE CLOUDPLEX ARCHITECTURE TO LARGE-SCALE VDI DEPLOYMENT
This section discusses how key elements of the CloudPlex architecture are being applied to the problem of
large-scale VDI deployments. Brocade has been actively working with partners to help our customers cost-
effectively scale VDI environments.
First, its important to understand two essential building blocks that are unique to Brocade. The first is
Brocades Virtual Cluster Switching (VCS) technology, which provides advanced Ethernet fabric capabilities.
The second, Virtual Compute Blocks (VCB), leverage fabrics to develop open, pre-configured, cost-efficient
solutions for scaling server virtualization in the data center. Virtual Compute Blocks rely on scale-out more
than scale-up to meet growth requirements. Brocades VCS technology with Ethernet fabrics is well suited
for this architecture while shared storage using SAN fabrics is a proven technology for scaling storage
resources.
Brocade Virtual Cluster Switching
Brocade VCS technology allows you to create efficient data center networks that just work. Ethernet fabric
architectures built on Brocade VCS technology share information across nodes and can be managed as a
single logical chassis, greatly simplifying management and reducing operational overhead. Brocade VCS
technology offers unmatched VM awareness and automation versus traditional architectures and
competitive fabric solutions and supports storage over a unified fabric when you are ready.
Figure 4. Brocade Virtual Cluster Switching with Ethernet Fabric
8/2/2019 CloudPlex Architecture
10/19
NETWORK MANAGEMENT TECHNICAL BRIEF
Scalable Virtual Desktop Infrastructure Using Brocades CloudPlex Architecture 10 of 19
Only Brocade VCS technology, backed by a heritage of proven fabric innovations, delivers IT agility and
assures reliability, with a cost-effective point of entry to allow you to transition gracefully to elastic, highly
automated, mission-critical networks in your virtualized data center.
VCS technology is embedded in the Brocade VDX Data Center Switch portfolio. Brocade VDX Data Center
Switches are available today to enable you to build Ethernet fabrics to support cloud-optimized networking
and greater enterprise agility.
Brocade Virtual Compute Blocks
Brocade introduced Virtual Compute Blocks as a way to simplify server virtualization deployments and
address many of the challenges facing customers who plan to extensive deploy it across their data centers.
A Virtual Compute Block (VCB), shown in Figure 5, is designed to take maximum advantage of Brocade
networking solutions (IP and storage networks) in an open way so all server and storage partners can plug
in to a standard networking architecture.
Figure 5. Virtual Compute Block Solution with VMware
The platform leverages the advantages of data and storage. A fabric is designed to address the stringent
scalability, availability, resiliency and manageability requirements of virtualization. It is architected to exploit
modularity for simpler management and much shorter time from purchase to deployment. Using the VCB
solution, Brocade works with storage and server partners to quickly construct, test and validate modular
compute blocks for server virtualization. These pre-built modules are designed to be orderable as single unit
ready for deployment, allowing customers to choose from several module configurations based on their
virtualization requirements.
A unique capability of the VCB solution is built-in network scalability. This means customers can easily
connect different VCB solutions together to quickly scale out their virtualization infrastructure. Key to thisscale-out capability is the inherent properties of fabrics: multipath, resilient, flexible, lossless, low latency
and scalable.
Brocades Virtual Compute Block solution is flexible. For instance, 1 GE or 10 GE ports for server access are
provided on any port in the switch. Storage support includes Fibre Channel, iSCSI, Fibre Channel over
Ethernet for block access and file-based access via CIFS and NAS.
8/2/2019 CloudPlex Architecture
11/19
NETWORK MANAGEMENT TECHNICAL BRIEF
Scalable Virtual Desktop Infrastructure Using Brocades CloudPlex Architecture 11 of 19
VCB INTEGRATION WITH VMWARE VIEW
Soon after introducing the VCB architecture VMware began working with Brocade to create server
virtualization solutions. They recognized the value of VCB flexibility, scalability and efficiency for customers
who need a proven solution for rapid virtualization scale-out. A reference architecture using VCB for server
virtualization is under development.
The VCB architecture can also be used to address the challenges of large scale VDI deployment. Pre-builtconfigurations are being developed that offer cost-effective solutions that can meet the VMware View
Reference Architecture supporting 5,000 seats in a single management Pod. The key to this flexibility is a
modular architecture combined with the scalability of the VCS Ethernet Fabric. This provides cost-effective
deployment from small to large so customers never buy more than they need. In particular, the VCB for VDI
solution is able to:
Enable performance and scalabilityas Brocade and VMware provide the price/performance, end-to-end VDI and network products to allow users to build VDI solutions that meet the performance
requirements of a user and scale to support wide-scale VDI deployment. VMware View optimizes the
provisioning and deployment of desktops using features like Integrated Application Assignment, Tiered
Storage, and Single Sign ON (SSO). Unlike classical, hierarchical Ethernet architectures, Brocade
Ethernet fabrics provide higher levels of performance, utilization, and availability. With this solution,
organizations are able to scale easily by utilizing plug-and-play architecture enabled by Brocade VCStechnology to add compute and storage capacities dynamically.Brocade converged network adapters(CNAs) are fully featured 10 GbE NICs that provide stateless networking offloads such as TCP
checksum and segmentation for improved performance and more efficient CPU usage. Brocade CNAs
support Virtual Machine Optimized Ports (VMOPs) to offload the hypervisor of essential virtual switching
tasks, such as incoming packet classification and sorting tasks, helping to reduce latency and improve
throughput while freeing CPU cycles. Brocade CNAs drive throughput of 500K IOPs per port. Other
advanced features in the CNA and Brocade VDX switches, such as stateless networking offloads and
active-active connection, provide even higher performance and throughput.
Provide security with powerful, validated functions from best-of-breed vendors enabled via VMwareView PCoIP security gateway, which allows secure connections to the desktops with stronger
authentication without VPN connections. The solution protects the virtual desktops from malware and
viruses. Brocade ADX Security Shields can be added to deliver wire-speed multi-gigabit-rate protection
from Denial of Service (DoS) and Distributed DoS (DDoS).
Ease migration as Brocade and VMware products are built on open standards and validated forinteroperability with leading server, storage, and network vendors. This allows customers to leverage
their existing infrastructure for VDI without resorting to rip and replace. In addition, Brocades support
for multiple protocols (such as TRILL, DCB, iSCSI, NAS, and FCoE) and pay as you grow modular
expansion allow users to expand and use new technology and products at their own pace and budget.
VMware View is fully compatible with vSphere, and View is tested and certified for all the major host
operating systems.
Drive lower TCO as the solution utilizes best-of-breed products built on the strengths of two companiesthat are market innovators. The solution utilizes a virtualization platform with VMware vSphere and
View in conjunction with the Brocade VDX 6720 family of data center switches and the best options
from leading compute and storage vendors. Organizations can choose the best options to realize the
greatest ROI at the lowest TCO.
8/2/2019 CloudPlex Architecture
12/19
NETWORK MANAGEMENT TECHNICAL BRIEF
Scalable Virtual Desktop Infrastructure Using Brocades CloudPlex Architecture 12 of 19
Pre-tested, Factory Integrated Components for Fast Time to Service
One of the prime goals for VCB solutions was to dramatically reduce the time to deployment. As shown in
Figure 6, one VCB design under development supports VMware View VDI. Joint testing and validation
among the partners ensures factory integration eliminates problems commonly encountered when trying to
build an equivalent solution on the data center floor.
Figure 6. Brocade VCB solution for VMware View
8/2/2019 CloudPlex Architecture
13/19
NETWORK MANAGEMENT TECHNICAL BRIEF
Scalable Virtual Desktop Infrastructure Using Brocades CloudPlex Architecture 13 of 19
Fabric-based Scale-out Architecture
As shown in Figure 7, the VCS Ethernet fabric enables a scale-out architecture that is simple to leverage.
Figure 7. Scaling Brocade VCB solution for VMware View
In this example using Dell Servers and iSCSI Storage, each VCB module consists of an integrated rack of
servers and storage optimized for a particular number of VDI seats based on the compute and storage
components used. Design considerations include number and type of CPU processor, memory, IO, storage
array ports, spindles and LUN placement, and network connectivity to servers and storage. In this example,
1,000 seat VCB modules are shown. With VCB solutions, different size modules can be designed to fit
within a rack optimized for the desired cost/performance metric. The modular architecture provides anextensible pool of compute, storage and Ethernet Fabric connectivity that simplifies scale-out by attaching
multiple modules together via the VCS Ethernet Fabric.
OTHER REQUIREMENTS FOR LARGE SCALE VDI DEPLOYMENTS
From the previous overview of the CloudPlex architecture, there are other network requirements that extend
beyond the design of a Virtual Compute Block optimized for VDI applications. These include integration with
the Campus LAN, integration with the WAN, security and how to transparently support traffic between IPv4
and IPv6 devices.
Integration with Campus LANUser access to their desktop commonly relies on a campus LAN network. The impact can be on both wired
and wireless connectivity and includes larger bandwidth, higher availability and resilience and converged
management of wired and wireless infrastructure. With thin clients, Power over Ethernet (POE and POE+)
maybe attractive so devices are powered from the same Ethernet port they use to access the data center
network. More mobile devices are being used to access information and data using laptops and pad
computing devices. Simplified management and configuration of wireless networks has driven new
approaches moving configuration and security to the wireless network controller and out of the access
points. This improves scalability, reduces configuration time and improves reliability. All of these are
important for VDI traffic over the campus LAN.
8/2/2019 CloudPlex Architecture
14/19
NETWORK MANAGEMENT TECHNICAL BRIEF
Scalable Virtual Desktop Infrastructure Using Brocades CloudPlex Architecture 14 of 19
Integration with WANFor large-scale VDI deployments across continental and global distances, the WAN is the path between the
user device and their desktop environment. Critical issues for integration include acceptable latency to
meet user experience requirements. In general, for users who live and work in within the same region as the
data center hosting their VDI seat, this isnt a problem. However, managing access control, security and
efficient load balancing of connections is important for the user experience. Application delivery control
(ADC) is an important part of the WAN design. With ADC, access can be efficiently secured using proven
protocols such as SSL connections that are terminated and managed by the ADC service rather than taxing
the physical servers hosting virtual machines and VDI seats. Also, the growth of IPv6 traffic can be
efficiently accommodated and bridged to existing IPv4 equipment using IP translation services hosted in
the ADC.
When users move to a new location, its necessary to migrate their desktop and virtual machine
configuration as well as move the application data to a data center within an acceptable distance. Moving
virtual machines in real time non-disruptively maybe viable where latency between data centers is low
(5 milliseconds or less) but is not possible over continental distances. In addition, moving the virtual
machine and its hosted desktop environment also requires moving user data or application access to that
data will be adversely affected by latency. Consequently, the WAN has to also support efficient migration of
the VDI environment including the virtual machine, all applications and their settings as well as the data.
MPLS and VPLS services are options for the live virtual machine migration within a geographic region while
efficient migration of user data could benefit from optimized storage migration protocols such as Fiber
Channel over IP (FCIP). Brocade provides 1 GE and 10 GE FCIP solutions as well as MPLS and VPLS
solutions over 1/10/40 and 100 GE links.
Integration of Security Services
The VCB is designed to provide flexible support for network security services. In the VMware VDI
solution, virus-scanning agents provided by Trend Micro run inside the virtual server. Typically, additional
network security services will be deployed as well. Figure 8 shows common security architectures providing
firewall, load balancing and intrusion detection and protection services. The Brocade ADX provides not only
server load balancing for optimizing traffic flow to firewall services, but high performance off-load for SSL
termination removing this resource intensive operation from servers hosting VDI sessions. As shown in Figure
12, the ADX can be used with a VCS Ethernet Fabric in a variety of topologies such as the 6 pack, Layer 3Lollipop and in the future, leveraging a new capability, dynamic service insertion, the layer 2/layer 3 Lollipop.
Figure 8. VCS technology supports flexible security architecture
8/2/2019 CloudPlex Architecture
15/19
NETWORK MANAGEMENT TECHNICAL BRIEF
Scalable Virtual Desktop Infrastructure Using Brocades CloudPlex Architecture 15 of 19
The roadmap for VCS technology includes dynamic service insertion and support for layer 3 routing within
the fabric. As shown in the right hand diagram of Figure 14, traffic is transparently rerouted within the VCS
Ethernet Fabric to provide the appropriate security services. This allows a flatter core/edge network
architecture instead of the classic three tier network. A flatter fabric network eliminates network devices
reducing capital cost, simplifying configuration and management to lower operating costs.
Access Control and Transparent Support of IPv4 and IPv6 DevicesThe growth of devices using the Internet is forcing migration to a new routing architecture, called IPv6, with
sufficient addresses to meet the demand. While IPv6 avoids address exhaustion, it does so without being
backward compatible with the previous address method, IPv4. But, traffic between IPv6 and IPv4 devices
needs to flow seamlessly. Therefore, a means to provide reliable and secure mapping of IPv6 addresses
used by newer user devices to older IPv4 addresses commonly used in the data center is necessary. This
requirement and likely will continue for some time to come.
Another important challenge is managing device access control to the desktop applications running in the
data center. Many more users will access many more applications from a variety of devices so scalable
performance of access control services becomes critical. Any access control function that gets
implemented between the user and an application has the potential to slow things down. To achieve high
performance, solutions that use hardware to accelerate access control while automatically sensing network
load and directing new user sessions to less utilized servers become very important in maintaining user
experience.
Today, Brocades ADX family of application delivery controllers have the required features for access control
of users from the campus LAN and WAN to applications in the data center and IPv6/IPv4 mapping, or
network address translation (NAT64) services as shown in Figure 9.
Figure 9. Using an application delivery controller for IPv6-IPv4 NAT
A primary requirement for application delivery controllers, such as Brocades ADX family, is getting remote
users securely connected to their applications with minimal latency. Since user experience is largely
measured by latency, fast access control and connection load balancing are needed. In addition, accesscontrol has to be resilient so upgrades and component failures do not disrupt traffic from user devices to
applications.
Monitoring, Management and Traffic Analysis
VDI places new and more stringent requirements on the end-to-end network inclusive of the data center,
campus LAN and WAN due to distributed access from a variety of clients to their desktop environment in
the data center. Careful planning for monitoring, management and traffic analysis is important to ensure
user experience, availability and resiliency, and fault isolation are built into the network infrastructure.
8/2/2019 CloudPlex Architecture
16/19
NETWORK MANAGEMENT TECHNICAL BRIEF
Scalable Virtual Desktop Infrastructure Using Brocades CloudPlex Architecture 16 of 19
Brocade fully supports an open management platform, sFlow, to provide these capabilities. sFlow is a
packet sampling technology that can be implemented in a broad range of networking devices such as layer
2 switches, layer 47 application controller switches, and core routers. A primary goal of sFlow is to provide
these services without degrading performance of network devices. This means sFlow can scale as link rates
increase as evidenced by its inclusion in Brocades MLXe Routers with industry-leading 100 GbE
connectivity.
As shown in Figure 10, sFlow separates traffic sampling from traffic analysis. Packet sampling logic is
embedded inside the data path of the network device while traffic analysis is processed on a separate
device, typically a server or server cluster. This architecture allows large scalability with real-time analysis.
Figure 10. sFlow architecture for Monitoring, Management and Traffic Analysis
For applications environments such as VDI that require high availability from client device to data center
server across the campus LAN and the WAN, scalable, real-time network monitoring ensures accurate
metrics so proactive actions can be taken to ensure user experience. Further, sFlow-based traffic analysis
improves planning and equipment utilization so potential network hot spots can be correlated with changes
in VDI workload anywhere in the network. VM migration can then help rebalance network traffic as required
and capacity planning can support network upgrades where essential for maintaining user experience.Finally, sFlow tools are available from a number of vendors since sFlow has open interfaces.
8/2/2019 CloudPlex Architecture
17/19
NETWORK MANAGEMENT TECHNICAL BRIEF
Scalable Virtual Desktop Infrastructure Using Brocades CloudPlex Architecture 17 of 19
Scaling Out the VCB Solution for VMware View
Figure 11 shows how the VCB for VDI can scale-out to a VMware View 5.000 seat Pod. VMware publishes a
reference architecture that has been tested up to this size. This is used as the framework for how to scale
up the VCB design.
Five modules are connected together forming a single management Pod based on the VMware View
Reference Architecture. Even larger modules could be constructed using more modules or modules can bedesigned with components tested to support more than 1,000 VDI seats per rack, but there is a natural
scale-out limit of 5,000 View seats per Pod in the VMware reference architectures so that defined the Pod
size. Storage options include iSCSI, Fibre Channel and Fibre Channel over Ethernet, each being suitable for
particular cost/performance and total module scale up requirements.
Figure 11. VCB solution for 5,000 seat VMware View Pod configuration
The VCS Ethernet Fabric connects multiple modules together forming a management Pod and directly
attaches a Pod to the network core for a flatter network. The core connections use Brocades multi-chassis
trunking (MCT) in the core routers with VCS vLAG connections in the Ethernet Fabric to provide resiliency
and high availability. Brocade VCS vLAG links leverage 10 GE connections on the VDX switches to eliminate
bottlenecks for traffic flowing to the core. And, vLAG links can connect to multiple VDX switches for
improved resiliency and availability. Optionally, an aggregation layer can be added between the VCS
Ethernet Fabric and the core if a traditional three tier architecture is desired.
Security services (intrusion detection/prevention, active directory services, etc.) can be integrated with each
Module. Adding a Brocade ADX application delivery controller at the core provides IPv6 translation services
for seamless integration of IPv6 and IPv4 traffic while providing load balancing for firewall services.
8/2/2019 CloudPlex Architecture
18/19
NETWORK MANAGEMENT TECHNICAL BRIEF
Scalable Virtual Desktop Infrastructure Using Brocades CloudPlex Architecture 18 of 19
Between VDX switches, Brocade ISL Trunks (B-ISLT) automatically form highly efficient layer-2 trunks as
soon as cables are connected between switches. The B-ISLT is highly efficient for east-west traffic using 10
GE links with up to eight links per trunk. Revolutionary frame stripping across the physical links deliver near
perfect load balancing with very low latency not available in traditional LAG solutions. Built-in ECMP services
in the Ethernet Fabric automatically optimize traffic flows utilizing all available shortest paths in the fabric
for load balancing with resiliency.
As shown in Figure 12, multiple 5.000 seat VMware View Pods can be used to construct very large-scale
configurations, into the tens of thousands of seats in a single location if necessary.
Figure 12. Scale-out of VMware View Pods to tens of thousands of seats
TESTING VCB FOR SCALABILITY AND SUPPORTABILITY
Brocade is actively engaged in test and validation of Virtual Compute Blocks specifically optimized for VDI
using VMware View. As with any large scale deployment of emerging technology, its important to validate
and test configurations to ensure required scalability, availability and operation models are well designed
and proven prior to deployment in production. Our VCB architecture is backed by our investment in partner
programs to test, validate and harden complete modular solution offerings, as well as integrated
management and post-sale support. But additional testing to confirm resiliency, disaster recovery, upgrade
and service methodology, etc. is also important. Brocade is prepared to support this level of development
with our partners for unique customer environments such as found at global systems integrators, service
providers and government agencies.
8/2/2019 CloudPlex Architecture
19/19
NETWORK MANAGEMENT TECHNICAL BRIEF
Scalable Virtual Desktop Infrastructure Using Brocades CloudPlex Architecture 19 of 19
SUMMARYThe virtual enterprise has arrived. The key technology driving the changes in computing infrastructure is
server virtualization. Two other trends amplify the value of virtualization: distributed component application
stacks developed for the web and the transition of IT operations into a service provider. This is the Cloud
computing model offering more flexibility to place data and applications anywhere in the network, anywhere
in the world. Brocades CloudPlex architecture directly addresses the transitions in computing and
application architecture with new network capabilities. We believe that fabrics, open systems and global
reach, the three pillars of the CloudPlex architecture, are fundamental principles defining computing and
networking in the 21st century.
Virtual desktop infrastructure is growing with implementations both in private data centers and the public
cloud. Key challenges include scaling the infrastructure, ensuring secure access, cost-effective mobility of
user desktops and data between data centers anywhere in the world and handling the growth of devices
using IPv6. VDI infrastructure is an excellent fit for the CloudPlex architecture as recognized by VMware and
other partners who are actively working with Brocade to deliver tested, preconfigured Virtual Compute
Blocks based on Brocades CloudPlex architecture.
2011 Brocade Communications Systems, Inc. All Rights Reserved. 07/11 GA-TB-393-00 R5
Brocade, the B-wing symbol, DCX, Fabric OS, and SAN Health are registered trademarks, and Brocade Assurance, Brocade NET Health,
Brocade One, CloudPlex, MLX, VCS, VDX, and When the Mission Is Critical, the Network Is Brocade are trademarks of Brocade
Communications Systems, Inc., in the United States and/or in other countries. Other brands, products, or service names mentioned are or
may be trademarks or service marks of their respective owners.
Notice: This document is for informational purposes only and does not set forth any warranty, expressed or implied, concerning any
equipment, equipment feature, or service offered or to be offered by Brocade. Brocade reserves the right to make changes to this
document at any time, without notice, and assumes no responsibility for its use. This informational document describes features that may
not be currently available. Contact a Brocade sales office for information on feature and product availability. Export of technical data
contained in this document may require an export license from the United States government.