Google Details New Software-Defined Networking Stack
Google yesterday announced its new software-defined networking (SDN) technology powering its internal services is available to users of its Cloud Platform.
Code-named "Andromeda," the technology was described as an SDN-based substrate for the company's virtualization systems -- rather than an independent networking product -- in a blog post by Amin Vahdat, a distinguished engineer at Google. Cloud components such as firewalls, routing and forwarding rules will see better performance by using the Andromeda APIs, he said. Immediately, only customers in two Google Compute Engine zones will see faster performance in their network connections, but the latest network virtualization stack is expected to be rolled out worldwide in the coming months.
Google is already deeply invested in SDN technology, with executive Urs Hölzle having explained two years ago how the nascent technology had boosted performance of internal networks. He reportedly said at the time that he expected the company within two years to have SDN control over the external network via the OpenFlow protocol used to manage network components, basically communicating between the control and data planes.
Now, two years later, Vahdat said the company enjoys programmable access to the entire network stack, from low-level hardware to high-level software, which lets it orchestrate operations "across virtual machines, hypervisors, operating systems, network interface cards, top-of-rack switches, fabric switches, border routers, and even our network peering edge." Figure 1 shows the Andromeda architecture.
Earlier this month he described the details of Andromeda in a keynote presentation at the Open Network Summit. "We have a number of services that we already offer to customers, but we find that we can't predict them all, so having an API for NFV, network function virtualization, will present big opportunities," he said. He said many of the benefits of the cloud are enabled by network virtualization. "It's the network that ties all this together. You need a flexible, high-performance network virtualization infrastructure to deliver these benefits."
Vahdat expounded on this in yesterday's blog post. "Andromeda's goal is to expose the raw performance of the underlying network while simultaneously exposing [NFV]," he said. "We expose the same in-network processing that enables our internal services to scale while remaining extensible and isolated to end users. This functionality includes distributed denial of service (DDoS) protection, transparent service load balancing, access control lists and firewalls."
The programmable access to all network components lets Google engineers design end-to-end solutions that are secure and performant, Vahdat said, instead of having to deal only with available network insertion points, which could result in "compromised solutions."
David Ramel is an editor and writer for Converge360.