Software defined networks include logical entities that provide various networking operations for computing elements, such as virtual machines and containers. The networking operations may include routing operations, switching operations, firewall operations, or some other networking operations. In implementing software defined networks, administrators associated with the software defined networks may define a topology configuration that indicates how the various computing elements and logical entities are coupled. This may include connecting virtual machines to logical switches, coupling the logical switches to logical routers, or defining some other network topology.
When the software defined networks are deployed in a computing environment, the administrators that defined the topology may be unable control where each of the logical entities are distributed on the hosts of the computing environment. For example, a single logical switch may be distributed across multiple hosts to provide the network functionality for virtual machines coupled to the logical switch. To determine the current deployment location for the logical entities, a control system may receive reports that indicate host locations for the various logical entities. The reports may then be used in conjunction with the configuration topology defined by the administrators to determine the host spans associated with each of the logical entities. These host spans may be used in determining where configuration modifications should be delivered in the computing environment. In an example, when a configuration modification request is generated for a logical router deployed in the computing system, the control system may identify the hosts in the span for the logical router and provide configuration modification data to the corresponding hosts.
However, as additional computing systems and logical entities are deployed in a computing environment, managing the host spans for each of the logical entities may become difficult and cumbersome. As a result, complications can arise when a modification is required for a logical entity that spans multiple hosts in the computing environment.
The technology disclosed herein provides enhancements for managing host span information for logical entities in software defined networks. In one implementation, a control system identifies a first graph which comprises nodes that represent one or more hosts and one or more logical entities of a software defined network and further comprises directional edges that indicate a topology of the nodes in the first graph. The control system further identifies one or more groups of strongly connected components in the first graph. Once identified, the control system generates a second graph based on the identified one or more groups, wherein the second graph comprises nodes that represent the one or more groups and any nodes of the first graph not included in the one or more groups, and wherein the second graph further comprises directional edges that a topology of the nodes in the second graph. After the second graph is generated, the control system may identify a host span for each of the nodes in the second graph based on the directional edges in the second graph.
Referring first to
In addition to the nodes in graph 100, graph 100 further includes directional edges that are used to represent dependencies in the network topology. These dependencies may comprise routing dependencies, such as logical switches providing configuration information to logical routers, and may further comprise execution dependencies, such as entity node 112 executing on host node 121. The directional edges may comprise single direction edges or may comprise bidirectional edges that demonstrate logical entities that are codependent in the software defined network structure.
Turning to
Once graph 101 is generated, host spans may be identified for each of the nodes that identify hosts relevant to configuration changes of logical entities represented by the nodes. To identify the span associated with each of the nodes, the control system may start at a host, such as host node 120, and traverse or follow the directional edges of the graph to propagate the span to the other nodes in graph 101. As an example, starting at host node 120, the span may be propagated upward following the directed edges to entity nodes 110-111, which correspond to span 150, and further propagated to group node 130, which corresponds to span 153. Additionally, starting at host node 121, the span may be propagated to entity node 112, which corresponds to span 151, and further propagated to group node 130 that corresponds to span 153. Moreover, host node 122 may be propagated to entity node 113 and entity node 116 that correspond to span 152, and further propagated to group node 130 that corresponds to span 153. When a configuration modification request is generated for a logical entity represented in graph 101, the control system may identify the node that represents the logical entity and forward a modification to the hosts in the span that correspond to the logical entity. Thus, if a configuration modification is generated for a logical entity that corresponds to entity node 114, the control system may identify group node 130 to support the request and forward a modification to the hosts associated with span 153.
As depicted, operation 200 includes identifying (201) a first graph, wherein the first graph comprises nodes that represent one or more hosts and one or more logical entities of a software defined network, and wherein the first graph further comprises directional edges that indicate a topology of the nodes in the first graph. In some implementations, an administrator or administrators associated with software defined networks may define a network configuration that indicates how virtual nodes, logical switches, logical routers, and other networking elements are arranged in a network. In addition to the information provided from the administrators creating the network, the control system may also obtain information about how each of the logical entities are deployed to the host computing systems in the computing environment. In some implementations, while the administrator may define how the various logical entities are communicatively coupled, the various entities may be deployed across multiple hosts in a computing environment. For example, a logical switch may be deployed across multiple hosts to support the required virtual machines in the computing environment. To obtain the deployment information, the hosts may provide reports that indicate the various logical entities executing on the host. Referring to graph 100 of
After identifying graph 100, operation 200 further identifies (202) one or more groups of strongly connected components in the first graph. To identify the strongly connected components, the control system may perform an algorithm capable of identifying groups of nodes where each node is capable of reaching all other nodes in the same group. For example, in graph 100 entity nodes 114, 115, 117, and 118 are each capable of communicating with the other nodes in the group. Once a group is identified, the operation may further generate (203) a second graph based on the identified one or more groups, wherein the second graph comprises nodes that represent the one or more groups and any nodes of the first graph not included in the one or more groups, and wherein the second graph further comprises directional edges that indicate a topology of the nodes in the second graph. In generating the second graph from the first graph, the control system may generate nodes that correspond to the group nodes identified from the first graph. Once the group nodes are added, any nodes of the first graph that were not part of the group nodes may be added to the graph, wherein the nodes may represent logical entities or hosts that do not belong to a strongly connected component group.
Referring to an example of graph 101 of
In some implementations, each of the nodes in the second graph may include or be associated with metadata that indicates the span for the node, the logical entity or entities associated with the node, information about the preceding nodes and succeeding nodes, host span information for the node, or some other information related to the logical entities.
Although demonstrated in the example of
In another example, rather than adding an edge, a modification may remove a connection between two logical entities in the network. When the connection is removed, the control system may determine whether the two entities correspond to a group node. If the two nodes are not part of a group node, then the control node may remove a directed edge in the graph and propagate the host spans using the remaining directed edges. If the two nodes are part of a group node, then the control node may determine if the connection would cause the group node to be separated into two or more other nodes. If not required, then no changes are required in the graph. However, if a separation is required, then the control node may separate the group node into two or more nodes and propagate the host spans using the directed edges.
In some implementations, the second graph may be updated based on status reports provided in association with the host systems of the computing environment. In particular, the host for the various logical entities may migrate as a function of time. Thus, while a logical entity may operate as part of a first host for a first period, the logical entity may operate as part of a second host for a second entity. To respond to the changes, the control system may update the graph based on the reports and update the host span for each of the nodes using the directional edges in the updated version of the second graph.
In some examples, by maintaining the second graph, the control system may conserve memory by consolidating nodes that would otherwise be included in the first graph. For example, the first graph would include three extra nodes that are not required by the second node. In particular, the second graph may consolidate entity nodes 114-115 and 117-118 into group node 130. Additionally, by limiting the quantity of nodes within the graph, processing resources may be conserved by the routing system when traversing the graph.
Referring first to
Turning to
Although this is one example of updating a group graph, it should be understood that other updates may be made to the graph. These updates may include adding nodes to represent logical entities, migrating logical entities between hosts, or some other similar operation.
As depicted, operation 400 includes identifying (401) a logical entity relationship modification in a software defined network. The modification may include adding or removing logical entities in the network, adding or removing relationships between the entities in the network, or some other modification to the network. Once a modification is identified, operation 400 further adds (402) a new edge in a graph, when required, between a first node and a second node of the graph, wherein the graph is capable of supporting group nodes. For example, an administrator may generate a modification to a software defined network that couples a first logical switch to a second logical switch. As a result, a new directional edge may be added to the graph that couples the corresponding logical entities in the graph. In some implementations, the modification to the network may not require the addition of one or more directional edges. For instance, if an edge is to be added between two logical entities that are already associated in a group node, then the second graph is not required to be updated.
Once an edge is added, operation 400 determines (403) whether the new edge creates a bidirectional edge between the first node and the second node. If the new edge does not create a bidirectional edge between the first node and the second node, then the control system may follow (404) the edges of the graph to propagate the span of the first node to its successor nodes. In contrast, if the new edge does create a bidirectional edge between the first node and the second node, then the control system may merge (405) the first node and the second node to generate a new group node.
After the new group node is generated, the control system may check (406) if the new group node has any bidirectional edge with any direct neighboring nodes. If the new group node does not have any bidirectional edges with neighboring nodes, then the control system follows (407) the edges to propagate the span of the new node to its successors. However, if the new group node does have bidirectional edges with neighboring nodes, the controller may merge (408) the new node with any direct neighbor nodes that have a bidirectional edge with the new node and follow (407) the edges in the graph to propagate the span of the new node to its successors.
As an example, using
Referring first to
Turning to
As described herein, graphs may be generated based on an administrator defined logical entity topology and reports obtained in association with nodes of a computing environment. In at least one example, a graph is generated that can include group nodes that are representative of logical entities with strongly connected components. In addition to the group nodes, the graph may include nodes representative of logical entities that do not share strongly connected components and hosts in the computing environment. Additionally, the graph may include edges that are used to represent a dependency topology for the various nodes in the graph.
Once an initial graph is generated for the software defined network, changes may be made to the configuration of the software defined network. These changes may include the removal of logical entities, the removal of connections or associations between logical entities, the migration of logical entities, or some other change to the configuration. In response to the modification, the control system may be required to update the graph to reflect the modification. In the example of operation 600, operation 600 may identify (601) a logical entity relationship change in the graph capable of supporting group nodes, wherein the change may comprise any of the aforementioned configuration changes.
In response to identifying the change, operation 600 may determine (602) whether the change corresponds to logical entities that share a group node. If the logical entities affected do not share a group node, then operation 600 may follow (603) the directed edges remaining in the graph to propagate the span of the first node to its successors. In contrast, if the logical entities affected by the change do share a group node, operation 600 will determine (604) whether the entities still share group node after the modification. In determining whether the logical entities continue to share a group node, the control system may determine whether the logical entities remain strongly connected components. If the nodes remain strongly connected, then the operation may do nothing (605) and stop any further actions with respect to the graph. However, if the entities no longer share a group node, the control system may update (606) the graph by splitting the group node and updating the edges between the nodes.
For example, if a configuration is changed between a first logical entity and a second logical entity that share a common group node. The modification may cause at least one of the logical entities to no longer be strongly connected with one or more other logical entities represented in the group. As a result, the group node may be split into two or more nodes, wherein the two or more nodes may comprise group nodes or may comprise individual entity nodes that represent a logical entity. Once a group node is split, operation 600 may follow (607) the directed edges in the graph to propagate the span to the nodes.
Communication interface 760 comprises components that communicate over communication links, such as network cards, ports, radio frequency (RF), processing circuitry and software, or some other communication devices. Communication interface 760 may be configured to communicate over metallic, wireless, or optical links. Communication interface 760 may be configured to use Time Division Multiplex (TDM), Internet Protocol (IP), Ethernet, optical networking, wireless protocols, communication signaling, or some other communication format—including combinations thereof. Communication interface 760 is an example of a physical network interface that can be configured to communicate with other computing systems to provide required operations for the processes executing on computing system 700. In some implementations, communication interface 760 may communicate with hosts of a computing environment to identify logical entities available on the various hosts.
Processing system 750 comprises microprocessor and other circuitry that retrieves and executes operating software from storage system 745. Storage system 745 may include volatile and nonvolatile, removable and non-removable media implemented in any method or technology for storage of information, such as computer readable instructions, data structures, program modules, or other data. Storage system 745 may be implemented as a single storage device but may also be implemented across multiple storage devices or sub-systems. Storage system 745 may comprise additional elements, such as a controller to read operating software from the storage systems. Examples of storage media include random access memory, read only memory, magnetic disks, optical disks, and flash memory, as well as any combination or variation thereof, or any other type of storage media. In some implementations, the storage media may be a non-transitory storage media. In some instances, at least a portion of the storage media may be transitory. It should be understood that in no case is the storage media a propagated signal.
Processing system 750 is typically mounted on a circuit board that may also hold the storage system. The operating software of storage system 745 comprises computer programs, firmware, or some other form of machine-readable program instructions. The operating software of storage system 745 comprises graph management operation 732. The operating software on storage system 745 may further include utilities, drivers, network interfaces, applications, or some other type of software. When read and executed by processing system 750 the operating software on storage system 745 directs computing system 700 to operate as described herein. Storage system 745 further stores group graph 721 and configuration information 722.
In at least one implementation, graph management operation 732 directs processing system 750 to identify a first graph for a computing environment, wherein the first graph comprises nodes that represent one or more hosts and one or more logical entities of a software defined network, and wherein the first graph further comprises directional edges that indicate a topology of the nodes. In some examples, the first graph may be generated based on a network configuration provided by one or more administrators, wherein the configuration may indicate relationships between the various logical entities, and may be further generated based on reports indicating the hosts on which the various logical entities reside. This information is represented in
Once the second graph is generated, the graph management operation 732 may identify a span of hosts for each of the nodes in the second graph based on the directional edges of the second graph. In at least one example, the second graph may be traversed starting at the nodes associated with the host computing system. For each logical entity that is encountered from a host, the host may be added to the span of that corresponding logical entity. After allocating the span to each of the logical entities, update requests may be generated to update or change a configuration associated with one of the logical entities. A configuration modification may include a firewall update, a routing update, or some other configuration modification. To determine the hosts associated with the modification, control system 700 may identify the node in the second graph that corresponds to the logical entity and the span associated with the node. The hosts identified with the span may then be provided with the required configuration update information to support the request for the network.
In some implementations, the topology for the software defined network may be dynamic based on the configuration provided by the administrators or based on migrations on the host computing systems. For example, while a virtual network interface may be located on a first host for a first period, the virtual network interface may be migrated to a second host for a second time period. In response to the migration, computing system 700 may identify the change and determine any required modifications to the structure of the second graph. These modifications may include adding, removing, or moving nodes in the graph, adding or removing directional edges in the graph, or providing some other operation with respect to the graph.
In some examples, when a modification is generated for the graph, computing system 700 may determine whether any new strongly connected components exist in the second graph. When the new components exist, the nodes that are strongly connected may be combined into a group node and the edges of the graph updated to reflect the newly formed group nodes. Additionally, when a change is made in the second graph, the spans may be propagated for each of the hosts to the various logical entity nodes and group nodes in the graph.
In other examples, rather than adding group nodes to the graph, computing system 700 may be used to update the second graph by splitting previously generated group nodes. For instance, a modification to a network may require the removal of a directed edge from a first logical entity to a second logical entity. Based on the removal of the directed edge, the second logical entity may no longer comprise a strongly connected component with the first logical entity. When this occurs, the group node may be split in the second graph and the directed edges may be updated to reflect the changes. Additionally, when a change is made in the second graph, the spans may be propagated for each of the hosts to the various logical entity nodes and group nodes in the graph.
In some implementations, by generating a graph with group nodes, computing system 700 may conserve memory by consolidating nodes that would otherwise be included in the original non-grouped graph. Additionally, by limiting the quantity of nodes in the graph, processing resources of computing system 700 may be conserved when traversing the graph.
The descriptions and figures included herein depict specific implementations of the claimed invention(s). For the purpose of teaching inventive principles, some conventional aspects have been simplified or omitted. In addition, some variations from these implementations may be appreciated that fall within the scope of the invention. It may also be appreciated that the features described above can be combined in various ways to form multiple implementations. As a result, the invention is not limited to the specific implementations described above, but only by the claims and their equivalents.