A Hierarchical Control Plane Framework for Integrated SDN-SFC Management in Multi-tenant Cloud Datacenters
Cloud data centers represent one of the most complex and dynamic environments in terms of network management. The multitude of hosted applications in such centers share the same fabric and yet demand easy and fast service deployment and management of independent logical networks. Applications, often belonging to di erent tenants, have di erent needs in terms of performance, isolation, security, and tra c optimization based on which incoming and outgoing tra c is serviced. Traditionally, cloud service providers satisfy these requirements by means of purpose-built specialized hardware equipment providing network services called middleboxes. End-to-end delivery of services is realized by physically connecting the middleboxes in the required sequence called Service Function Chains (SFC), and steering tra c through them. However, the lack of extensibility and scalability of these closed systems hinders dynamic provisioning of services and leads to network ossi cation. With the emergence of Network Function Virtualization (NFV) where the service functions were implemented in software, and Software-De ned Networking (SDN) which enabled programmatic con guration of networks, the provisioning of di erentiated services was made easier. However, current SDN implementations have certain shortcomings with respect to SFC management. Most SDN control plane implementations handle the forwarding rule generation based on the L2/L3 layer's information. Also, SDN extensions for SFCs have exploited the central entity of control only to generate forwarding rules to stitch the service functions (SFs) to form SFCs. In cloud networks where application service requirements change dynamically, autonomous management of SFC is essential. This can be achieved only if the controller's view expands beyond the forwarding devices to include the SFs and SFCs. In the rst part of this work, we motivate the need for a central control plane that can handle SFC management along with packet forwarding. Current research mostly focuses on using the SDN controller solely to generate and install forwarding rules into the data plane to realize SFCs. SDN controllers deal with only the L2/L3 layers of the network stack. However, SFs often involve higher L4-L7 layer functionality. To e ectively manage the SFs through a centralized point of control, the controller must be able to understand the semantics of the higher layers. This means the controller must be aware of the functionality provided by the SFs and be capable of interpreting state information of SFs which involve the higher layer meta-data. This work highlights the need for a cooperative SDN-SFC control plane. We try to understand the challenges involved in realizing such a control plane by implementing an integrated controller based on POX which handles both tra c routing as well as SFC management. Among the challenges, the issue of controller scalability was visible. The impact of this integration on the scalability of the controller is captured by measuring the incoming tra c at the controller. The controller is evaluated over a simulated data center scale network. We present results showing an increase in load at the controller end. Also, results showing an increase in workload at the controller with an increase in the number of SFs in the network are presented. A workload characterization at the controller is experimentally derived to analyze the correlation of controller workload with the variability in SFC related components. In the second part of this work, we try to address the controller scalability issue by redesigning the controller. We propose a hierarchical integrated controller capable of absorbing the increased workload. The controller includes multiple instances of controllers arranged in a two-level hierarchy. The controller separates the control plane functionality across the two tiers and also across the controllers within the same tier such that only control messages required for building the network global view are handled by the higher tiers while those that handle tenant level information are managed by the lower layer instances. This framework organically supports multi-tenancy by providing the required tenant isolation through dedicated sub-controller instances. The controller also allows intelligent reuse of SFs and SFCs across tenants with consideration to the tenant isolation requirements. The hierarchical structure of the controller o ers the ability to adapt to expanding network sizes by absorbing the control state more e ciently at each tier. We evaluate our framework by comparing the load at the proposed controller, with that of centralized and distributed implementations of the integrated controller. We quantify and compare the packet loss metrics and the ow setup latencies of the di erent controllers by subjecting them to the same infrastructure and application deployment setup on a simulated network. Results show that the workload at each controller instance of the proposed controller is lower than its centralized and distributed counter-parts. Also, the percentage packet loss of the proposed controller is reduced by 20% and 10% in comparison to the centralized and distributed controllers. The observed ow setup latencies also indicate that the proposed hierarchical architecture performs better than the other two controller architectures in large multi-tenant networks. Finally, we characterize the workload at the proposed controller architecture and compare it with the characterization derived from the centralized controller.