Virtualization on network hardware
We need more of this
During the last year of my college education, I fell in love with Open Solaris. That’s not something you hear everyday, but the guys at Sun were and still are smart people. If you’ve ever had the chance to play with Zones, ZFS, or even their handy admin commands, you’d agree. One of the smaller features at the time which was still fairly new, was the Crossbow project.
Crossbow combined with Zones and even Xen virtual machines, allowed you to create a “network in a box.” This is where I learned a lot about how basic layer 3 connectivity worked. It was easy to create virtual NICs and attach them to a virtual switch. These could then be attached to Zones or VMs which acted as routers between other networks. The commands were relatively easy to to use, and made sense.
I bring this up, because I recently read an article by Doug Hanks about Juniper’s new QFX5100.
Everywhere you look there’s virtualization. Hypervisors, NAS, and Containers. What about networking? Some people say VLANs. Others say MPLS. A topic of recent discussion is overlay technologies and VXLAN. But what if it went deeper than that? What would happen if you apply some of the server virtualization to networking? What would the result be?
Under the hood each networking switch has a control plane, which is basically full blown computer. It has a CPU, memory, and local storage. What would happen if the QFX5100 virtualized its control plane? Well, it did.
The QFX5100 natively boots into Linux and uses KVM as a hypervisor to create virtual machines. Junos, the network operating system, runs inside of a VM. At first glance, one might ask what’s the big deal? You just added to layers of abstraction between the switch and Junos. However with abstraction comes the ability to do more than what was previously possible.
This has me extremely excited. I’m a big fan of KVM and have been using it for years. It’s a bit more heavy handed than Solaris Zones, FreeBSD Jails, or Docker, but it’s a start. Being able to run VMs on your network hardware opens the doors for limitless capabilities.
Imagine a day when all hardware vendors had this functionality, and you were able to drop a lightweight Linux installation on your core routing device. You could run something like mcollective in there to execute NETCONF commands in parallel, or gather metrics directly with collectd and pipe them into graphite. Of course, this is assuming the network operating system running along side this VM provides access.
Virtualization If other vendors are doing something similar, I’d love to know about it. I’m hoping this becomes a standard practice soon.
