A Hierarchical Control Plane Framework for Integrated SDN-SFC Management in Multi-tenant Cloud Datacenters
Abstract
Cloud data centers represent one of the most complex and dynamic environments in terms of
network management. The multitude of hosted applications in such centers share the same
fabric and yet demand easy and fast service deployment and management of independent logical
networks. Applications, often belonging to di erent tenants, have di erent needs in terms
of performance, isolation, security, and tra c optimization based on which incoming and outgoing
tra c is serviced. Traditionally, cloud service providers satisfy these requirements by
means of purpose-built specialized hardware equipment providing network services called middleboxes.
End-to-end delivery of services is realized by physically connecting the middleboxes
in the required sequence called Service Function Chains (SFC), and steering tra c through
them. However, the lack of extensibility and scalability of these closed systems hinders dynamic
provisioning of services and leads to network ossi cation. With the emergence of Network
Function Virtualization (NFV) where the service functions were implemented in software, and
Software-De ned Networking (SDN) which enabled programmatic con guration of networks,
the provisioning of di erentiated services was made easier.
However, current SDN implementations have certain shortcomings with respect to SFC
management. Most SDN control plane implementations handle the forwarding rule generation
based on the L2/L3 layer's information. Also, SDN extensions for SFCs have exploited the
central entity of control only to generate forwarding rules to stitch the service functions (SFs)
to form SFCs. In cloud networks where application service requirements change dynamically,
autonomous management of SFC is essential. This can be achieved only if the controller's view
expands beyond the forwarding devices to include the SFs and SFCs.
In the rst part of this work, we motivate the need for a central control plane that can
handle SFC management along with packet forwarding. Current research mostly focuses on
using the SDN controller solely to generate and install forwarding rules into the data plane to
realize SFCs. SDN controllers deal with only the L2/L3 layers of the network stack. However,
SFs often involve higher L4-L7 layer functionality. To e ectively manage the SFs through a
centralized point of control, the controller must be able to understand the semantics of the
higher layers. This means the controller must be aware of the functionality provided by the
SFs and be capable of interpreting state information of SFs which involve the higher layer
meta-data. This work highlights the need for a cooperative SDN-SFC control plane. We
try to understand the challenges involved in realizing such a control plane by implementing
an integrated controller based on POX which handles both tra c routing as well as SFC
management. Among the challenges, the issue of controller scalability was visible. The impact
of this integration on the scalability of the controller is captured by measuring the incoming
tra c at the controller. The controller is evaluated over a simulated data center scale network.
We present results showing an increase in load at the controller end. Also, results showing an
increase in workload at the controller with an increase in the number of SFs in the network are
presented. A workload characterization at the controller is experimentally derived to analyze
the correlation of controller workload with the variability in SFC related components.
In the second part of this work, we try to address the controller scalability issue by redesigning
the controller. We propose a hierarchical integrated controller capable of absorbing
the increased workload. The controller includes multiple instances of controllers arranged in
a two-level hierarchy. The controller separates the control plane functionality across the two
tiers and also across the controllers within the same tier such that only control messages required
for building the network global view are handled by the higher tiers while those that
handle tenant level information are managed by the lower layer instances. This framework organically
supports multi-tenancy by providing the required tenant isolation through dedicated
sub-controller instances. The controller also allows intelligent reuse of SFs and SFCs across
tenants with consideration to the tenant isolation requirements. The hierarchical structure of
the controller o ers the ability to adapt to expanding network sizes by absorbing the control
state more e ciently at each tier. We evaluate our framework by comparing the load at the
proposed controller, with that of centralized and distributed implementations of the integrated
controller. We quantify and compare the packet loss metrics and the
ow setup latencies of the
di erent controllers by subjecting them to the same infrastructure and application deployment
setup on a simulated network. Results show that the workload at each controller instance of
the proposed controller is lower than its centralized and distributed counter-parts. Also, the
percentage packet loss of the proposed controller is reduced by 20% and 10% in comparison
to the centralized and distributed controllers. The observed
ow setup latencies also indicate
that the proposed hierarchical architecture performs better than the other two controller architectures
in large multi-tenant networks. Finally, we characterize the workload at the proposed
controller architecture and compare it with the characterization derived from the centralized
controller.