There is a parable about six blind men that try to describe an elephant based on touch alone. One feels the tail and thinks the elephant is a rope. One feels the trunk and thinks it’s a tree branch. Another feels the leg and thinks it is a pillar. Eventually, the men realize they have to discuss what they have learned to get the bigger picture of what an elephant truly is. As you have likely guessed, there is a lot here that applies to SDN as well.
Point of View
Your experience with IT is going to dictate your view on SDN. If you are a DevOps person, you are going to see all the programmability aspects of SDN as important. If you are a network administrator, you are going to latch on to the automation and orchestration pieces as a way to alleviate the busy work of your day. If you are a person that likes to have a big picture of your network, you will gravitate to the controller-based aspects of protocols like OpenFlow and ACI.
However, if you concentrate on the parts of SDN that is most familiar, you will miss out on the bigger picture. Just as an elephant is more than just a trunk or a tail, SDN is more than the individual pieces. Programmable interfaces and orchestration hooks are means to an end. The goal is to take all the pieces and make them into something greater. That takes vision.
The Best Policy
I like what’s going on both with Cisco’s ACI and the OpenStack Congress project. They’ve moved past the individual parts of SDN and instead are working on creating a new framework to apply those parts. Who cares how orchestration works in a vacuum? Now, if that orchestration allows a switch to be auto-provisioned on boot, that’s something. APIs are a part of a bigger push to program networks. The APIs themselves aren’t the important part. It’s the interface that interacts with the API that’s crucial. Congress and ACI are that interface.
Policy is something we all understand. Think for a moment about quality of service (QoS). Most of the time engineers don’t know LLQ from CBWFQ or PQ. But if you describe what you want to do, you get it quickly. If you want a queue that guarantees a certain amount of bandwidth but has a cap you know which implementation you need to use. With policies, you don’t need to know even that. You can create the policy that says to reserve a certain amount of bandwidth but not to go past a hard limit. But you don’t need to know if that’s LLQ or some other form of queuing. You also don’t need to worry about implementing it on specific hardware or via a specific vendor.
Policies are agnostic. So long as the API has the right descriptors you can program a Cisco switch just as easily as a Juniper router. The policy will do all the work. You just have to figure out the policy. To tie it back to the elephant example, you find someone with the vision to recognize the individual pieces of the elephant and make them into something greater than a rope and pillar. You then realize that the elephant isn’t quite like what you were thinking, but instead has applications above and beyond what you could envision before you saw the whole picture.
As far as I’m concerned, vendors that are still carrying on about individual aspects of SDN are just trying to distract from a failure to have vision. VMware and Cisco know where that vision needs to be. That’s why policy is the coin of the realm. Congress is the entry point for the League of Non-Aligned Vendors. If you want to fight the bigger powers, you need to back the solution to your problems. If Congress could program Brocade, Arista, and HP switches effortlessly then many small-to-medium enterprise shops would rush to put those devices into production. That would force the superpowers to take a look at Congress and interface with it. That’s how you build a better elephant – by making sure all the pieces work together.
(Disclosure: I work on the NSX team at VMware.)
Hi Tom, good article. I agree that it will be beneficial for people and organizations to start thinking beyond just SDN (the mechanisms) and start focusing on practical usage of these sorts of tools. Thanks also for the mention of the OpenStack Congress project. I did want to take a moment and provide a bit of clarity regarding Congress, though. Congress is more than just infrastructure policy; Congress is actually intended to allow organizations to express business policy for their cloud computing environments in a cloud-agnostic fashion. It will work hand-in-hand with infrastructure policy tools like the Group Policy project in OpenStack Neutron (and similar efforts in other projects). This aspect of policy is something we’ll be exploring in future blog posts on Congress, its architecture, and its components.