The Nuage Networks™ Virtualized Services Platform (VSP) is a comprehensive solution that makes the network as readily consumable as the compute resources. It does this by providing the missing link to ensure rapid and efficient delivery of highly customizable application services, in and across multi-tenant data centers. The Nuage Networks VSP enables the deployment of massively scalable cloud-based services with the agility and performance demanded by highly dynamic application environments.
The Nuage Networks VSP is a Software-Defined Networking (SDN) solution that virtualizes any DC network infrastructure and automatically establishes connectivity between compute resources upon their creation. Leveraging programmable business logic and a powerful policy engine, the Nuage Networks VSP provides an open and highly responsive solution that scales to meet the stringent needs of massive multi-tenant DCs. The Nuage Networks VSP is a software solution that can be deployed over existing DC network fabrics.
Cloud deployment of complex applications requires more than simple L2 connectivity. To meet these needs, the Nuage Networks VSP deploys the full range of L2-L4 networking services on a per-tenant or per-application basis using overlay technologies. This ensures each application gets the services required, and is not forced into a basic L2 VLAN connectivity.
Nuage Networks VSP is now available to support Docker-based applications running on the Red Hat OpenShift PaaS solution to accelerate the provisioning of virtual networks between pods and traditional workloads, and to enable security policies across the entire cloud infrastructure. VSP allows for the automation of security appliances to include granular security and microsegmentation policies for container apps.
Nuage Networks VSP is a policy-based automation and virtual networking platform that is ideally suited for heterogeneous environments, unifying SDN policies across cloud platforms and server virtualization technologies. Nuage Networks can consolidate network and security policy requirements independent of the hypervisor or container format they are running, the infrastructure or the cloud management system.
VSP is integrated into the OpenShift application workflow, which triggers events in the Nuage Networks system; similar to the way a VM Orchestrator’s events trigger virtual network configurations between virtual machines. VSP provides a networking plug-in running on the OpenShift master, which connect the OpenShift platform to the two main VSP controller components: the Virtualized Services Controller (VSC) and the Virtualized Services Directory (VSD). VSC and VSD maintain the higher-level network and security policies and configure the relevant network devices and virtual switches to automate and provision the required overlay connectivity.
OpenShift relies on Kubernetes to launch container pods and configure the localhost networking between containers. VSP provides a network exec plug-in running on the OpenShift nodes (the Kubernetes Minions) that is invoked during pod lifecycle events, such as creation and destruction. The VSP plug-ins on the OpenShift nodes and the OpenShift master share the policy configurations and lifecycle events with the VSP controllers as well as the local VSP virtual switch (VRS), as needed.
Security Services in Nuage Networks VSP
While SDN has always delivered policy-based automation for network devices, applying the same techniques to multi-tenant cloud environments is a more urgent requirement because security policies (compared to network policies) are likely more complex, more application-specific, change more frequently, and encompass a wider range of devices from multiple vendors. As organizations evolve their data centers and applications to the cloud and containers, the security operations are likely to overwhelm even before network issues dictate an evolution to SDN.
In multi-tenant cloud environments, there is a requirement for “microsegmentation”, i.e., enforcing security policies at a very granular level, between individual workloads and applications. Nuage Networks VSP brings these sophisticated security policies to OpenShift-based environments. Policies can be enforced between Kubernetes pods, or between pods and VM or bare-metal workloads, in a consistent fashion, ensuring compliance objectives across all environments.