Click here to close now.


Microservices Expo Authors: Don MacVittie, Liz McMillan, Ruxit Blog, Elizabeth White, Pat Romanski

Related Topics: SDN Journal, Java IoT, Microservices Expo, Containers Expo Blog, @CloudExpo, @BigDataExpo

SDN Journal: Blog Feed Post

Agility, SDN and Service Frameworks

It's that time in the SDN hype cycle where people are beginning to lay out a more solid vision of what it means to them

It's that time in the SDN hype cycle where people are beginning to lay out a more solid vision of what it means to them. Themes are beginning to emerge on the foundations laid by ONF that include the necessary separation of control and data (forwarding) planes, but some are still missing critical components - the ones that enable agility of the business, not just the network.

Juniper's Bob Muglia recently published a post called "Decoding SDN" that expounds upon Juniper's vision of SDN. It's a well written lengthy piece that's definitely worth a read if you not only want to understand Juniper's strategy but if you want to gain a bit more insight into how SDN is being approached.

One thing that jumped out at me was Bob's "Four Planes of Networking". Generally speaking it was an excellent distillation of the SDN concept. But something was missing, in my opinion. It did not adequately encapsulate the notion of how or where SDN enables one of its most important purported benefits: agility.

Let's review the basic definition of agility, shall we?


1.the power of moving quickly and easily; nimbleness: exercises demanding agility.

A fairly nebulous definition and Bob's description of the four planes of networking certainly can be construed to fulfill the requirements of agility. After all, merely separating control from data (forwarding) plane combined with a standardized management plane enables a fair amount of agility in the network, certainly more than what existed before the concept of SDN began disrupting the entire networking community.

But agility isn't just about being able to rapidly change forwarding tables, it's about being able to respond to operational and business conditions. It's about being able to implement new functionality, if necessary, that enables innovative business ideas to be realized in the network, which almost always must deliver that business idea to customers, employees, or partners.

What I found missing from Bob's discussion was programmability of the network, that is, not just the ability to programmatically modify configuration, but to programmatically modify the behavior (and thus the delivery mechanisms) of the network.

Bob's diagram and explanation (shortened for brevity):

The Four Planes of Networking

Inside every networking and security device – every switch, router, and firewall - you can separate the software into four layers or planes.  As we move to SDN, these planes need to be clearly understood and cleanly separated.  This is absolutely essential in order to build the next generation, highly scalable network.

The bottom plane, Forwarding, does the heavy lifting of sending the network packets on their way.

Control. If the Forwarding plane is the brawn of the network, Control is the brains.  The Control plane understands the network topology and makes the decisions on where the flow of network traffic should go.

Services. Sometimes network traffic requires more processing and for this, the Services plane does the job.  Not all networking devices have a Services plane – you won’t find this plane in a simple switch.  But for many routers and all firewalls, the Services plane does the deep thinking, performing the complex operations on networking data that cannot be accomplished by the Forwarding hardware.  Services are the place where firewalls stop the bad guys and parental controls are enforced.

Management. Like all computers, network devices need to be configured, or managed.  The Management plane provides the basic instructions of how the network device should interact with the rest of the network.

I hope Bob does not take it amiss if I modify and expand upon his network plane diagram.

First, I think management should not be portrayed as part of the network planes. It's not part of the network - not really - nor should it be. The separation of management from network plane as a matter of technical architecture and implementation is well-established as a best practice to ensure continued access to devices that have failed or are overwhelmed. I don't think Bob's intention was to imply the management plane was coupled to the network plane in such a manner, but diagrams using an east or west-bound management placement tend to disseminate the actual separation a bit better, so I've moved it off to the side and broadened it to ensure it covers not only control but services as well.

Which is the next layer I think needs some expansion.


One of the core premises of SDN is the ability to programmatically extend the functionality of the "network" through plug-ins, add-ons, or applications - whatever you want to call them, they're the same thing - I'm going to refer to them as services as I think Bob took the right approach with the service nomenclature. But rather than use the all encompassing "services" I think we should view that layer as a service framework, upon which new services can be deployed - whether through plug-ins or a direct programmatic interface or through a less coupled API. However it occurs, a set of base network services are available in the framework that can be extended. That's where additional value is added, where new network functionality is deployed, and what makes it possible to use the same network "equipment" to deploy a variety of functions. The same "equipment" should be distilled down to a common set of networking services but be able to support firewall services on one, application acceleration on another, and load balancing on yet another.

This concept draws from the idea of a platform in the development world. Developers do not write their own network stacks, or even application-transport (HTTP) stacks. They develop functionality atop a common framework that enables them to modify behavior such that a highly secure, banking application can be deployed on the same common platform as a completely open picture sharing application. The platform is deployed, managed, configured and operated in the same way but the applications, ah, the applications have very different profiles.

The same concept must be applied to the network and to SDN-enabled solutions. It's not enough to provide separation of control and forwarding to enable agility. To enable true agility requires the inclusion of a services platform capable of extending functionality without introducing additional operational overhead into the core "stack".

There's a lot more in Bob's discussion, including an interesting view of "SDN Chaining" which I will not get into here because this is long enough that your coffee is likely cold by now. Suffice it to say it's an interesting read and I find valuable nuggets in his discussion and think such posts are necessary to start really figuring out where this SDN thing is going to go.

More Stories By Lori MacVittie

Lori MacVittie is responsible for education and evangelism of application services available across F5’s entire product suite. Her role includes authorship of technical materials and participation in a number of community-based forums and industry standards organizations, among other efforts. MacVittie has extensive programming experience as an application architect, as well as network and systems development and administration expertise. Prior to joining F5, MacVittie was an award-winning Senior Technology Editor at Network Computing Magazine, where she conducted product research and evaluation focused on integration with application and network architectures, and authored articles on a variety of topics aimed at IT professionals. Her most recent area of focus included SOA-related products and architectures. She holds a B.S. in Information and Computing Science from the University of Wisconsin at Green Bay, and an M.S. in Computer Science from Nova Southeastern University.

@MicroservicesExpo Stories
Now, with more hardware! September 21, 2015, Don MacVittie, Sr. Solutions Architect. The “continuous” trend is continuing (get it..?), and we’ll soon reach the peek of the hype cycle, with continuous everything. At the pinnacle of the hype cycle, do not be surprised to see DDOS attacks re-branded as “continuous penetration testing!” and a fee … Read More Continuous Provisioning
SYS-CON Events announced today that Super Micro Computer, Inc., a global leader in high-performance, high-efficiency server, storage technology and green computing, will exhibit at the 17th International Cloud Expo®, which will take place on November 3–5, 2015, at the Santa Clara Convention Center in Santa Clara, CA. Supermicro (NASDAQ: SMCI), the leading innovator in high-performance, high-efficiency server technology is a premier provider of advanced server Building Block Solutions® for Data ...
As the world moves towards more DevOps and microservices, application deployment to the cloud ought to become a lot simpler. The microservices architecture, which is the basis of many new age distributed systems such as OpenStack, NetFlix and so on, is at the heart of Cloud Foundry - a complete developer-oriented Platform as a Service (PaaS) that is IaaS agnostic and supports vCloud, OpenStack and AWS. In his session at 17th Cloud Expo, Raghavan "Rags" Srinivas, an Architect/Developer Evangeli...
There’s no shortage of guides and blog posts available to provide you with best practices in architecting microservices. While all this information is helpful, what doesn’t seem to be available in such a great number are hands-on guidelines regarding how microservices can be scaled. Following a little research and sifting through lots of theoretical discussion, here is how load-balancing microservices is done in practice by the big players.
As operational failure becomes more acceptable to discuss within the software industry, the necessity for holding constructive, actionable postmortems increases. But most of what we know about postmortems from "pop culture" isn't actually relevant for the software systems we work on and within. In his session at DevOps Summit, J. Paul Reed will look at postmortem pitfalls, techniques, and tools you'll be able to take back to your own environment so they will be able to lay the foundations for h...
Containers are all the rage among developers and web companies, but they also represent two very substantial benefits to larger organizations. First, they have the potential to dramatically accelerate the application lifecycle from software builds and testing to deployment and upgrades. Second they represent the first truly hybrid-approach to consuming infrastructure, allowing organizations to run the same workloads on any cloud, virtual machine or physical server. Together, they represent a ver...
SYS-CON Events announced today the Containers & Microservices Bootcamp, being held November 3-4, 2015, in conjunction with 17th Cloud Expo, @ThingsExpo, and @DevOpsSummit at the Santa Clara Convention Center in Santa Clara, CA. This is your chance to get started with the latest technology in the industry. Combined with real-world scenarios and use cases, the Containers and Microservices Bootcamp, led by Janakiram MSV, a Microsoft Regional Director, will include presentations as well as hands-on...
All we need to do is have our teams self-organize, and behold! Emergent design and/or architecture springs up out of the nothingness! If only it were that easy, right? I follow in the footsteps of so many people who have long wondered at the meanings of such simple words, as though they were dogma from on high. Emerge? Self-organizing? Profound, to be sure. But what do we really make of this sentence?
Ten years ago, there may have been only a single application that talked directly to the database and spit out HTML; customer service, sales - most of the organizations I work with have been moving toward a design philosophy more like unix, where each application consists of a series of small tools stitched together. In web example above, that likely means a login service combines with webpages that call other services - like enter and update record. That allows the customer service team to writ...
Last month, my partners in crime – Carmen DeArdo from Nationwide, Lee Reid, my colleague from IBM and I wrote a 3-part series of blog posts on We titled our posts the Simple Math, Calculus and Art of DevOps. I would venture to say these are must-reads for any organization adopting DevOps. We examined all three ascpects – the Cultural, Automation and Process improvement side of DevOps. One of the key underlying themes of the three posts was the need for Cultural change – things like t...
There once was a time when testers operated on their own, in isolation. They’d huddle as a group around the harsh glow of dozens of CRT monitors, clicking through GUIs and recording results. Anxiously, they’d wait for the developers in the other room to fix the bugs they found, yet they’d frequently leave the office disappointed as issues were filed away as non-critical. These teams would rarely interact, save for those scarce moments when a coder would wander in needing to reproduce a particula...
In today's digital world, change is the one constant. Disruptive innovations like cloud, mobility, social media, and the Internet of Things have reshaped the market and set new standards in customer expectations. To remain competitive, businesses must tap the potential of emerging technologies and markets through the rapid release of new products and services. However, the rigid and siloed structures of traditional IT platforms and processes are slowing them down – resulting in lengthy delivery ...
It is with great pleasure that I am able to announce that Jesse Proudman, Blue Box CTO, has been appointed to the position of IBM Distinguished Engineer. Jesse is the first employee at Blue Box to receive this honor, and I’m quite confident there will be more to follow given the amazing talent at Blue Box with whom I have had the pleasure to collaborate. I’d like to provide an overview of what it means to become an IBM Distinguished Engineer.
Containers are changing the security landscape for software development and deployment. As with any security solutions, security approaches that work for developers, operations personnel and security professionals is a requirement. In his session at @DevOpsSummit, Kevin Gilpin, CTO and Co-Founder of Conjur, will discuss various security considerations for container-based infrastructure and related DevOps workflows.
IT data is typically silo'd by the various tools in place. Unifying all the log, metric and event data in one analytics platform stops finger pointing and provides the end-to-end correlation. Logs, metrics and custom event data can be joined to tell the holistic story of your software and operations. For example, users can correlate code deploys to system performance to application error codes.
Achim Weiss is Chief Executive Officer and co-founder of ProfitBricks. In 1995, he broke off his studies to co-found the web hosting company "Schlund+Partner." The company "Schlund+Partner" later became the 1&1 web hosting product line. From 1995 to 2008, he was the technical director for several important projects: the largest web hosting platform in the world, the second largest DSL platform, a video on-demand delivery network, the largest eMail backend in Europe, and a universal billing syste...
If you are new to Python, you might be confused about the different versions that are available. Although Python 3 is the latest generation of the language, many programmers still use Python 2.7, the final update to Python 2, which was released in 2010. There is currently no clear-cut answer to the question of which version of Python you should use; the decision depends on what you want to achieve. While Python 3 is clearly the future of the language, some programmers choose to remain with Py...
Between the compelling mockups and specs produced by analysts, and resulting applications built by developers, there exists a gulf where projects fail, costs spiral, and applications disappoint. Methodologies like Agile attempt to address this with intensified communication, with partial success but many limitations. In his session at DevOps Summit, Charles Kendrick, CTO and Chief Architect at Isomorphic Software, will present a revolutionary model enabled by new technologies. Learn how busine...
When I describe Continuous Delivery to people I generally spend a fair amount of time impressing on them that it is not about tools and technicalities. It is not even about the relationship between developers and operations or product owners and testers. Continuous Delivery is about minimizing the gap between having an idea and getting that idea, in the form of working software, into the hands of users and seeing what they make of it. This vital feedback loop is at the core of not just good deve...
Containers have changed the mind of IT in DevOps. They enable developers to work with dev, test, stage and production environments identically. Containers provide the right abstraction for microservices and many cloud platforms have integrated them into deployment pipelines. DevOps and containers together help companies achieve their business goals faster and more effectively. In his session at DevOps Summit, Ruslan Synytsky, CEO and Co-founder of Jelastic, will review the current landscape of...