IT directors understand that private cloud datacenters give organizations full control over their workloads. However, adding new workloads, or scaling capacity for existing workflows, can trigger a costly CAPEX event and take considerable time. Conversely, virtual public cloud implementations can be more granular, while offering the promise of near limitless expandability, on demand, on a pay-for-use basis. For these and other reasons like easy adaptability, quick time to deployment, and ready access to the global customer base, cloud-based applications have become a competitive necessity for organizations.
At the same time, expanding into the public cloud presents accountability, cost and compliance challenges to organizations. Business policies governing network security, monitoring and service reliability must be consistent regardless of where workloads reside. Accountability cannot be compromised at the expense of the benefits of the public cloud. And of course, the CIO’s office cannot be confronted with duplicate costs of parallel management systems, let alone procedures for monitoring, security, compliance and remediation.
The challenge for IT organizations is to exploit the benefits of both the private and public cloud without conceding control and accountability.
- Harness legacy and “crown jewel” workloads of the private cloud.
- Link current workflows to and support new forms of dynamic workloads provisioned in the public cloud.
- Provide an architecture that delivers global/seamless connectivity along with reliability, security, and uniform management and telemetry needed to maintain SLAs.
In essence, private, public or any form of hybrid clouds cannot be silos to either their users or administrators. IT must deliver a unified architecture where workloads are uniformly supported regardless of any cloud. This is a logical progression for IT staff: to own complete accountability not only for customers’ places in the network, but extend it to the places in the cloud too. This is Arista’s vision as Universal Cloud Networking (UCN) extends beyond the datacenter.
EOS: The Foundation for Reliability, Monitoring and Extensibility
The vEOS router uses the same field-proven EOS used in Arista’s switching family. The vEOS router’s modular EOS is designed to simplify fault detection, isolation, patching and extensibility. Modular software architectures are easier to maintain than spaghetti code “globs”. Feature errors don’t impact other system functions. Targeted patches can be installed using RPM-based tools to minimize service disruption. Proof of the reliability of EOS is evident in the tens of thousands of systems deployed among the world’s largest datacenters.
Extensibility that Facilitates Any Cloud Provisioning and Monitoring
The open Linux architecture of EOS also supports easy installation of software extensions to add functionality and monitoring to the VM. Linux telemetry tools, some available as RPMs, can be installed without modification to add functionality and value. This simplifies standardized monitoring across the datacenter, WAN and cloud. Cloud tools, such as Amazon’s Cloudwatch and Lambda, can also be seamlessly integrated so providers can offer additional support and monitoring. Administrators can also leverage the vEOS router’s open architecture to support customized provisioning or change management tools. vEOS router supports a variety of customization options through its rich, open EOS API and SDK. Administrators can use Linuxfriendly change management tools to template-ize configuration, management and maintenance of machine instances. There are numerous options of commercial, community maintained, or home-built provisioning tools that work with the vEOS router.
Breaking Down IT Silos of the Any Cloud with CloudVision
Using a common EOS to connect both places in the network (PIN) and places in the cloud (PIC) provides an architectural advantage to uniform monitoring of the Any Cloud in the form of CloudVision: an integrated platform with menu-based change management, provisioning and powerful telemetry. CloudVision’s embedded Hadoop database fulfills two primary tasks:
- Maintaining a database of system configuration revisions and software releases for all EOS platforms: physical and virtual.
- Collecting real time telemetry from EOS systems for customizable visualization and trend analysis.
Commonality of the EOS used to connect any cloud, combined with provisioning/change management automation, greatly simplifies integration of the Any Cloud and eliminates errors to streamline hybrid cloud or branch office deployments.
Cloud Tracer is a new feature in EOS that has specific applicability when operating a common private and public cloud network. An enhancement to the real-time telemetry available on all EOS platforms, Cloud Tracer monitors performance, throughput and latency of its WAN links. With Cloud Tracer, administrators can track accessibility and responsiveness of branch offices, hybrid cloud workloads or other critical places in the cloud in real-time, reporting alarms with historical data to help engineers quickly correlate problem events to possible solutions.
vEOS Router Streamline Connecting the Any Cloud
The full complement of EOS routing services is available in the virtual router, so prior experience with EOS sharply reduces the learning curve for deploying vEOS router into new hybrid clouds or branch sites. Commonality also ensures error free interoperability with existing environments. Routing services for V4/V6 IP using BGP, OSPF and IS-IS ensure compatibility and stability. Intrinsic high availability (HA) and active/active load sharing services like ECMP provide increased performance and reliability alongside predictable interoperability.
Figure 1: Common EOS Image Reduces TCO in the Hybrid Cloud
vEOS Router Feature Rich Versatility Connects and Safeguards Tenants in Any Cloud
Arista’s vEOS router supports multi-tenant routing, security and tunneling services needed for effective border routing to remote offices or the virtual private cloud. Support of IPV4/6, multicast, multiple VRFs and multi-network aggregation means tenants can efficiently run a variety of applications across a common infrastructure, improving accessibility and productivity of diverse workloads.
EOS provides mechanisms to both simplify and secure connectivity to the virtual private cloud. IP and SSL VPN services encrypt data to tenant workloads. GRE and IP-IP tunneling features help administrators simplify complex topologies so more diverse applications can run unmodified in the cloud. Stateful firewall services deliver necessary network security at the perimeter. Linux-based Network Feature Virtualization (NFV) services can be employed on this open platform using standard traffic routing functions. The vEOS router is a versatile tool for connecting tenants in the cloud while ensuring traffic is secured.
Mastering the Any Cloud
IT administrators cannot underestimate the future impact of the cloud. A retrospective assessment of cloud native applications, be they CRM, ERP or many other forms of SaaS, offers conclusive evidence. Therefore, as we look ahead to the Any Cloud of 2020, it’s safe to assume enterprise WAN architectures will be dramatically disrupted. To an enterprise customer, the public cloud will become a seamless extension of the datacenter and branches. Applications will sprawl across multiple clouds and regional sites with ubiquitous Ethernet and IP connectivity. To those grounded in the Ethernet world, this will be a natural evolution to the WAN, linking places in the cloud as seamlessly as you would places in the LAN.
However, managing this evolution will be more challenging, since administration of siloed WANs has been one of the most expensive and rigid aspects of running the enterprise network. As more workloads migrate to the Any Cloud, administrators will have to streamline cloud administration to control staffing and costs, or they risk being overwhelmed by each new management overlay for each new cloud. A holistic, uniform approach to hybrid WAN management becomes a vital necessity.
Similarly, the classical hub and spoke model, based on north-south client/server WAN traffic, must be fundamentally overhauled. Remote offices supporting multiple tenants can’t hairpin their traffic through hubs to access cloud-based workloads. Likewise, management of remote tenants must be streamlined, made uniform and automated to increase reliability, ensure security and reduce costs. New schemes utilizing routing and IPSec will improve connectivity and security while reducing costs. Finally, the simplicity of deploying these new services will make the transition a “no-brainer” for IT.
Arista Any Cloud: Seamlessly Connecting Places in the Cloud
With the Universal Cloud Network, the WAN is no longer a separate or multiple entities. It is a unified extension of the Data Center/LAN, leveraging the same management and monitoring, vastly simplifying IT operations and allowing NetOps teams to orchestrate and automate WAN and LAN functions synchronously. This unified network enables any-to-any connectivity, along with the security and manageability of a uniform enterprise network.
Figure 2: Example of vEOS router hybrid cloud deployment using Amazon AWS
vEOS Router Any Cloud Use Cases
vEOS router extends existing datacenter workloads to Any Cloud with consistent capabilities, connectivity and manageability:
- Dedicated hybrid cloud or virtual NET per application or service - simplifies workload isolation design by disaggregating secure tunnels from other shared services and applications
- Dynamic Provisioning and Tunnel Management - provides dynamic routing and VPN tunnels via CloudVision
- High Availability - integrates HA support with multiple Availability Zones for the most robust network infrastructure
- Telemetry and Analytics - Real-time streaming statistics with workstream analytics for sites, connections and infrastructure in all regions/zones
Figure 3: Consistent and Comprehensive Monitoring and Control Across the Any Cloud
The 21st Century IT Director
Arista’s Universal Cloud Network provides necessary platforms for business critical Any Cloud deployments. The transformation from legacy hub-spoke connectivity for Places in the Network to a competitive business model enabling connectivity for Places in the Any Cloud is a mandate for the 21st century IT Director. Not only does it deliver significant cost and administrative savings but it’s also competitively disruptive. UCN enables new applications and workflows for both internal and external customers in the branch or home office. It is changing the face of the next generation enterprise. In this new software driven paradigm, Arista vEOS router is a key innovation underpinning the convergence of global LANs and WANs.
Copyright © 2017 Arista Networks, Inc. All rights reserved. CloudVision, and EOS are registered trademarks and Arista Networks is a trademark of Arista Networks, Inc. All other company names are trademarks of their respective holders. Information in this document is subject to change without notice. Certain features may not yet be available. Arista Networks, Inc. assumes no responsibility for any errors that may appear in this document. Sep 20, 2017 · 02-0075-01