Delivering Secure, Clean Cloud Services with Big Cloud Fabric and Edgecore Networks
"Being able to take advantage of CapEx savings that result from foregoing yesteryear's legacy networking infrastructure is important. Equally important is agility. Smaller infrastructure teams often have to move nimbly, not being able to afford departments full of experts to get things going … Setting up [BCF] was nothing short of amazing. Once the cabling is done, it's literally 'write down MAC address, switch on, grab a cup of coffee and wait for the magic to happen'. In well under two hours, we had a hyperscale grade ultraperformant cloud fabric up and running. Zero-touch networking is a reality."
Christian Sarrasin, CEO, CleanSafeCloud
Objective
CleanSafeCloud is a privately held Swiss Company. The company name serves as a reminder of their focus to deliver one of the world's most secure and environmentally-friendly cloud service. Safety is delivered through their leading security triple-play:
• Jurisdiction: data is protected under the Swiss Federal Data Protection Act; recognized as one of the best data domiciles in the world.
• Physical: data is hosted in a data center located in a nuclear bomb blast and disaster- proof bunker, buried underneath a mountain in the heart of Switzerland.
• Logical: infrastructure is protected by advanced security appliances and systems.
Solution
When the CleanSafeCloud team began evaluating the various approaches to SDN, they were initially interested in white-box switching, particularly switches that ran on Linux-based networking software.
The cost savings inherent in the model were attractive and they favored any approach that would keep the threat of vendor lock-in at bay. In addition, they were looking for a solution that allowed them to quickly bring up their data center networking infrastructure and then manage it as simply as possible.
They considered Big Switch's Big Cloud Fabric (BCF), the industry's first Open Ethernet SDN data center fabric bringing hyperscale data center design principles to cloud environments. CleanSafeCloud also selected 10G and 40G Open Network switches from Edgecore Networks. With Big Switch, they were not only impressed with in the CapEx savings, but also the operational efficiencies achieved through a single pane of glass management. Big Switch ultimately won the deal—in part because of the BCF starter kit, which CleanSafeCloud used to build its initial production network.
The Big Cloud Fabric (BCF) Architecture - Software Defined Networking (SDN) fabric architecture refers to a separation of the network's data and control plane, followed by a centralization of the control plane functionality. In practice, the network's policy plane, management plane and much of control plane are externalized from the hardware device itself, using an SDN controller, with few on-device off-load functions for scale and resiliency. The network state is centralized but hierarchically implemented, instead of being fully distributed on a box-by-box basis across access and aggregation switches.
Controller-based designs, like BCF, not only bring agility via centralized programmability and automation, but they also streamline fabric designs (e.g. leaf-spine L2/L3 Clos).
Big Cloud Fabric also supports both physical and virtual (multi-hypervisor) workloads and choice of orchestration software, including full integration with OpenStack. BCF provides L2 switching, L3 routing and, L4-7 service insertion and chaining while ensuring high bisectional bandwidth. The scalable fabric is fully resilient with no single point of failure and supports head-less mode operations.
Big Cloud Fabric Starter Kits – made getting started easy. Starter kits include the switching hardware, software, support and (in some kits) cables. Deployment guides are available for use as a general L2/L3 data center fabric or as an integrated networking system for OpenStack cloud deployments. With Big Cloud Fabric’s Zero Touch Fabric technology and streamlined configuration, a fully functional leaf/spine network can be up and running in minutes.
The starter kit that CleanSafeCloud uses is designed for a production environment, not a lab. The specific kit included four leaf and two spine bare-metal switches from Edgecore Networks, redundant controllers, a three-year Big Cloud Fabric software license, three years of hardware/software support and 40 Gigabit Ethernet leaf-spine cables. The setup comprises two racks of gear, which translates into support for about 2,000 virtual machines on modern servers. Big Switch also sells a single-rack starter kit, geared more toward lab environments; that kit has less redundancy, and it has a one-year support contract and software license.
Results
Big Cloud Fabric provides the networking fabric for the CleanSafeCloud Object Storage offering, as part of their carefully engineered infrastructure. Big Cloud Fabric supports the solutions availability, security and dynamic scalability.
Big Cloud Fabric's key benefits for CleanSafeCloud include:
• Network/Security/Audit Workflow Integration - The Big Cloud Fabric controller exposes a series of REST APIs used to integrate with application template and audit systems, starting with OpenStack. By integrating network L2/L3/policy provisioning with OpenStack HEAT templates in Horizon GUI, the time to deploy new applications is reduced dramatically as security reviews are done once (on a template) rather than many times (on every application). Connectivity edit and audit functions allow for self-service modifications and rapid audit-friendly reporting, ensuring efficient reviews for complex applications that go beyond the basic templates.
• Bare Metal Switch Hardware Reduces CapEx Costs By Over 50% - By adding up hardware, software, maintenance and optics/ cables, a complete picture of the hard costs over three years shows that the savings are dramatic.
• Scale-out & Elastic Fabric - The Big Cloud Fabric's flexible, scale-out design allows startups like CleanSafeCloud to start at the size and scale that satisfies their immediate needs while future proofing their growth needs. By providing a choice of hardware and software solutions across the layers of the networking stack and pay-as-you-grow economics, starting small scale and growing the fabric gradually instead of locking into a fully integrated proprietary solution, provides a path to a modern data center network.
• DC-grade Resilience – Lastly, and important to the integrity of the CleanSafeCloud offering, BCF provides DC grade resiliency that allows the fabric to operate in the face of link or node failures as well as in the rare situation when the entire controller cluster is unavailable (headless mode). Swapping a switch (in case of HW failure or switch repurpose) is similar to changing a line card in modular chassis. After re-cabling and power up, switch boots up by downloading the right image, configuration and forwarding tables. Additionally, the BCF Controller coordinates and orchestrates entire fabric upgrade ensuring minimum fabric down time. These functionalities further enhance fabric resiliency and simplify operations.
Edgecore Networks, Leadership in Open Networking
Together with its technology and integration partners, Edgecore Networks delivers leading open networks solutions for cloud data center, telecommunications and enterprise customers.
• Edgecore is an Accton company, leveraging the network technology, development and manufacturing capabilities of Accton Technology, the leading network ODM.
• Edgecore supplies Facebook and other hyperscale cloud operators with open network switches that meet the most demanding performance, scale and reliability requirements.
• Edgecore is a leader in the OCP Networking Project, with a full set of open switches based on its OCP-accepted design contributions: a 10GbE TOR switch which was the first switch ever accepted by OCP, a cost-optimized 40GbE switch, and two 100GbE switches based on switch silicon from different vendors allowing network operators to increase capacity with infrastructures based on 25G and 100G.
• Edgecore has contributed to OCP new classes of open hardware platforms to extend open networking to additional use cases in the data center, and beyond to the service provider edge and the enterprise access network. Those platforms include the Open Modular Platform supporting up to 512-ports of 100GbE for data center spine and core network applications, high-buffer switches for data center interconnect and service provider edge applications, and the industry’sfirst open WiFi Access Points and PoE access switches to bring open networking to enterprise access networks.
• Edgecore switches support the broadest set of commercial and open source software choices in the industry, providing customers with alternatives to meet their specific requirements.
• Edgecore leads the industry in working with partners and industry groups to validate and make open networks deployable, for example as a charter member of UNH-IOL Open Networking Test Services Consortium which validates interoperability among open network switches, NOS, cables, optics, and NICs.
• Edgecore’s value added distributor, integrator, and reseller partners provide a full set of services and IT infrastructure to support the requirements of cloud service providers, big data companies, telecom operators, and enterprises.
Christian Sarrasin, CEO, CleanSafeCloud
Objective
CleanSafeCloud is a privately held Swiss Company. The company name serves as a reminder of their focus to deliver one of the world's most secure and environmentally-friendly cloud service. Safety is delivered through their leading security triple-play:
• Jurisdiction: data is protected under the Swiss Federal Data Protection Act; recognized as one of the best data domiciles in the world.
• Physical: data is hosted in a data center located in a nuclear bomb blast and disaster- proof bunker, buried underneath a mountain in the heart of Switzerland.
• Logical: infrastructure is protected by advanced security appliances and systems.
The environmental focus is achieved by careful selection of energy efficient hardware and real-time monitoring of the energy consumption of each individual piece of infrastructure; CleanSafeCloud also aims to utilize renewable energy sources as much as possible. Founded in 2014, the company is rapidly growing, young and enthusiastic with a wealth of expertise.
For their initial cloud based service offering, CleanSafeCloud is bringing to market an Object Storage solution based on a carefully engineered infrastructure. The underlying implementation ensures optimal availability and security of customers' data and affords dynamic scalability to accommodate growing capacity requirements whenever they arise. Access is provided through industry-standard Amazon S3 and OpenStack Swift APIs as well as a native API for use cases seeking peak performance in custom applications.
CleanSafeCloud is designing and building their cloud data center network based on a Software Defined Networking (SDN) fabric architecture. An SDN fabric solution was attractive because of its ease of initial setup and provisioning, native integration with OpenStack, ability to scale as the business expands and centralized management that eliminated box-by-box network management.
CleanSafeCloud needed to set up their initial network quickly, without a large team or extensive training and certification in the technology. They also needed a solution that enabled them to deliver the promise of availability, security and dynamic scalability to their customers.
Solution
When the CleanSafeCloud team began evaluating the various approaches to SDN, they were initially interested in white-box switching, particularly switches that ran on Linux-based networking software.
The cost savings inherent in the model were attractive and they favored any approach that would keep the threat of vendor lock-in at bay. In addition, they were looking for a solution that allowed them to quickly bring up their data center networking infrastructure and then manage it as simply as possible.
They considered Big Switch's Big Cloud Fabric (BCF), the industry's first Open Ethernet SDN data center fabric bringing hyperscale data center design principles to cloud environments. CleanSafeCloud also selected 10G and 40G Open Network switches from Edgecore Networks. With Big Switch, they were not only impressed with in the CapEx savings, but also the operational efficiencies achieved through a single pane of glass management. Big Switch ultimately won the deal—in part because of the BCF starter kit, which CleanSafeCloud used to build its initial production network.
The Big Cloud Fabric (BCF) Architecture - Software Defined Networking (SDN) fabric architecture refers to a separation of the network's data and control plane, followed by a centralization of the control plane functionality. In practice, the network's policy plane, management plane and much of control plane are externalized from the hardware device itself, using an SDN controller, with few on-device off-load functions for scale and resiliency. The network state is centralized but hierarchically implemented, instead of being fully distributed on a box-by-box basis across access and aggregation switches.
Controller-based designs, like BCF, not only bring agility via centralized programmability and automation, but they also streamline fabric designs (e.g. leaf-spine L2/L3 Clos).
Big Cloud Fabric also supports both physical and virtual (multi-hypervisor) workloads and choice of orchestration software, including full integration with OpenStack. BCF provides L2 switching, L3 routing and, L4-7 service insertion and chaining while ensuring high bisectional bandwidth. The scalable fabric is fully resilient with no single point of failure and supports head-less mode operations.
Big Cloud Fabric Starter Kits – made getting started easy. Starter kits include the switching hardware, software, support and (in some kits) cables. Deployment guides are available for use as a general L2/L3 data center fabric or as an integrated networking system for OpenStack cloud deployments. With Big Cloud Fabric’s Zero Touch Fabric technology and streamlined configuration, a fully functional leaf/spine network can be up and running in minutes.
The starter kit that CleanSafeCloud uses is designed for a production environment, not a lab. The specific kit included four leaf and two spine bare-metal switches from Edgecore Networks, redundant controllers, a three-year Big Cloud Fabric software license, three years of hardware/software support and 40 Gigabit Ethernet leaf-spine cables. The setup comprises two racks of gear, which translates into support for about 2,000 virtual machines on modern servers. Big Switch also sells a single-rack starter kit, geared more toward lab environments; that kit has less redundancy, and it has a one-year support contract and software license.
Results
Big Cloud Fabric provides the networking fabric for the CleanSafeCloud Object Storage offering, as part of their carefully engineered infrastructure. Big Cloud Fabric supports the solutions availability, security and dynamic scalability.
Big Cloud Fabric's key benefits for CleanSafeCloud include:
• Network/Security/Audit Workflow Integration - The Big Cloud Fabric controller exposes a series of REST APIs used to integrate with application template and audit systems, starting with OpenStack. By integrating network L2/L3/policy provisioning with OpenStack HEAT templates in Horizon GUI, the time to deploy new applications is reduced dramatically as security reviews are done once (on a template) rather than many times (on every application). Connectivity edit and audit functions allow for self-service modifications and rapid audit-friendly reporting, ensuring efficient reviews for complex applications that go beyond the basic templates.
• Bare Metal Switch Hardware Reduces CapEx Costs By Over 50% - By adding up hardware, software, maintenance and optics/ cables, a complete picture of the hard costs over three years shows that the savings are dramatic.
• Scale-out & Elastic Fabric - The Big Cloud Fabric's flexible, scale-out design allows startups like CleanSafeCloud to start at the size and scale that satisfies their immediate needs while future proofing their growth needs. By providing a choice of hardware and software solutions across the layers of the networking stack and pay-as-you-grow economics, starting small scale and growing the fabric gradually instead of locking into a fully integrated proprietary solution, provides a path to a modern data center network.
• DC-grade Resilience – Lastly, and important to the integrity of the CleanSafeCloud offering, BCF provides DC grade resiliency that allows the fabric to operate in the face of link or node failures as well as in the rare situation when the entire controller cluster is unavailable (headless mode). Swapping a switch (in case of HW failure or switch repurpose) is similar to changing a line card in modular chassis. After re-cabling and power up, switch boots up by downloading the right image, configuration and forwarding tables. Additionally, the BCF Controller coordinates and orchestrates entire fabric upgrade ensuring minimum fabric down time. These functionalities further enhance fabric resiliency and simplify operations.
Edgecore Networks, Leadership in Open Networking
Together with its technology and integration partners, Edgecore Networks delivers leading open networks solutions for cloud data center, telecommunications and enterprise customers.
• Edgecore is an Accton company, leveraging the network technology, development and manufacturing capabilities of Accton Technology, the leading network ODM.
• Edgecore supplies Facebook and other hyperscale cloud operators with open network switches that meet the most demanding performance, scale and reliability requirements.
• Edgecore is a leader in the OCP Networking Project, with a full set of open switches based on its OCP-accepted design contributions: a 10GbE TOR switch which was the first switch ever accepted by OCP, a cost-optimized 40GbE switch, and two 100GbE switches based on switch silicon from different vendors allowing network operators to increase capacity with infrastructures based on 25G and 100G.
• Edgecore has contributed to OCP new classes of open hardware platforms to extend open networking to additional use cases in the data center, and beyond to the service provider edge and the enterprise access network. Those platforms include the Open Modular Platform supporting up to 512-ports of 100GbE for data center spine and core network applications, high-buffer switches for data center interconnect and service provider edge applications, and the industry’sfirst open WiFi Access Points and PoE access switches to bring open networking to enterprise access networks.
• Edgecore switches support the broadest set of commercial and open source software choices in the industry, providing customers with alternatives to meet their specific requirements.
• Edgecore leads the industry in working with partners and industry groups to validate and make open networks deployable, for example as a charter member of UNH-IOL Open Networking Test Services Consortium which validates interoperability among open network switches, NOS, cables, optics, and NICs.
• Edgecore’s value added distributor, integrator, and reseller partners provide a full set of services and IT infrastructure to support the requirements of cloud service providers, big data companies, telecom operators, and enterprises.
Please click here, for more details on the CleanSafeCloud project, or visit the Big Switch website. http://www.bigswitch.com/sites/default/files/0673-15fa_bs_cleansafecloud_cs.pdf
"Big Switch Networks, Big Cloud Fabric, Big Monitoring Fabric, Big Mon Fabric, the Big Switch Networks logo, Switch Light OS, and Switch Light are trademarks or registered trademarks of Big Switch Networks, Inc. All other trademarks, service marks, registered marks, or registered service marks are the property of their respective owners."
"Big Switch Networks, Big Cloud Fabric, Big Monitoring Fabric, Big Mon Fabric, the Big Switch Networks logo, Switch Light OS, and Switch Light are trademarks or registered trademarks of Big Switch Networks, Inc. All other trademarks, service marks, registered marks, or registered service marks are the property of their respective owners."