Cloud networking, or networking for the cloud, is evolving as an essential ask for the IT organization as cloud adoption is gaining speed. From hosting few applications to the entire data center being hosted on public clouds, it is important to have the necessary infrastructure ready for adoption.
There are diverse ways of connecting to the cloud, including creation of tunnels between the on-premise and on-cloud virtual networking components, creation of IPSEC tunnel between the on-premise network component and public network component, peering with cloud exchange partners or data center interconnect. All these methods help in creation of tunnels between the on-premise and cloud instances.
With enterprises embracing the cloud journey, IT teams need to plan and execute the configurations that arise in setting up secure tunnels between the various clouds and on-premise data centers. This includes managing the address space, as extending connectivity between on-premise and cloud not only means creation of a tunnel, but also subsequent operations and maintenance of the same. Another important task is to ensure and enable smooth movement of workloads between the on-premise data center and cloud without changing the IP address schema of the virtual machine post migration.
This point-of-view paper discusses the various trends, approaches and benefits that cloud networking solutions offer.
Current approach
Hosting applications in the cloud has become a relatively simple task, as most of the components required in comparison to the on-premise data center are available with a few clicks and so are the networking components. Steps include browsing to the region and providing relevant information about the VPN tunnel on the remote side and the cloud provider will generate a configuration file that can be used in the remote device.
The above steps make it sound easy, however, the network teams have a tough task cut out for them, and struggle to set up tunnels between the on-premise network components and on cloud components like VPC (Virtual Private Cloud) tunnels, etc., for extending reachability between the private and public clouds. Although all the configurations are available with a few clicks, the network team still needs to have the right set of skills to configure the tunnel parameters on public cloud portals and corresponding configurations on the device on-premises.
Security also plays a key role in the cloud adoption journey, and workloads available in the cloud should be secured and should offer more than what the cloud providers like AWS, Google or Microsoft Azure provide. Network segmentation is a major challenge when traditional networking is employed as the IT team needs to track the subnets and security groups associated with a VPC and when a new VPC is required, it either needs to be used or tweaked as per the requirement.
Management simplicity and unified access across different cloud setups is another major ask. Enterprises prefer a simpler approach for configuring networking requirements between the clouds rather than logging into multiple cloud portals and managing complex configurations using different approaches.
The traditional way for adopting a cloud strategy involves a lot of manual intervention and planning, and any change/new requirement will trigger a whole lot of changes in the configurations, which are mostly manual and highly prone to manual errors, both typographical and duplicate in nature.
Though, there are types of connectivity that include VPC Tunnel used in AWS & GCP, VNET (Virtual Network) Tunnel—Azure, AWS Direct Connect and Standard IPSEC tunnel.
Figure 1: Challenges with traditional networking approach for cloud migrations
Innovative approach and success factors—cloud networking, software defined way—Aviatrix
Aviatrix solution helps in mitigating all the challenges called out in the previous section by a great deal, by providing a single pane of glass for all networking configurations, including establishing tunnels, ensuring their upkeep by providing redundancy and most importantly simplifying the operations involved around networking configurations.
This solution is based on installation of Aviatrix virtual components like gateways and controllers in respective clouds and the licensing is based on the number of tunnels deployed between clouds.
The solution provides a seamless migration strategy for workloads between on-premise and public clouds. The solution provides a seamless migration experience for workloads between on-premise and public clouds by automating network related configurations without manual intervention of IT staff. However, it continues to leverage the tools used for migration of workloads like VMotion, etc.
Figure 2: Comparison between traditional migration and Aviatrix IPMotion
The Aviatrix solution provides the following
Below diagram depicts the typical architecture of the solution.
Figure 3: Typical architecture of Aviatrix cloud networking solution
Figure 4: Standard steps for implementation & maintenance
Lalit Kameshwar
Practice Manager, Cloud & Infrastructure Services, Wipro Limited.
Lalit has 12 years of experience in the field of information technology, networking infrastructure architecting, and technical delivery. He specializes in the field of software defined, traditional and Cloud networking areas and is currently part of the software defined networking practice globally within Wipro’s Cloud & Infrastructure Services. He leads a team of SDN solution architects, cloud and OpenStack networking professionals, to shape the future of the SDN business for Wipro in global geographies. He holds multiple industry leading certifications, which include Juniper networking professional and VMware Professional certifications. He can be reached at lalith.kameshwar@wipro.com