Abstract
With a growing number of infrastructure cloud services, there are many benefits to interconnecting several clouds. However, seamless cloud interoperability is highly desired but not yet easily attainable in the current cloud solutions market. In this paper we address the problem of network monitoring and analysis in a complex federated network environment. Federated cloud networks deal not only with heterogeneous cloud platforms (i.e. OpenStack, AWS, Azure), but also with different virtualization technologies. Moreover, federation of the networks adds complexity, because in addition to the physical infrastructure and virtual networks dimensions, there is a dimension of the federated overlay network spread across clouds. To allow monitoring and analysis of the complex heterogeneous environment, it is not enough to see separate clouds. The user should see full aggregated view of the federated network including cloud interconnect and the match between network segments in different clouds. Moreover, when different SDN controllers deployed in the federated cloud, usual approach of collecting, exposing each individual network metric is often not relevant. In order to analyze packets forwarding there is a need to know how all the network interfaces are linked together and how they are related. Our approach to the network monitoring in a federated cloud environment uses Skydive [1], which collects in a distributed fashion all the network information and stores all the modifications. This approach allows bringing a network topology view with all the interfaces and their links, as well as the ability to capture network ows at any point of time. In this paper we address the general federated cloud architecture presented in [2]. The solution shown in Figure 1 contains two main components: Network Federation Agent (NFA) responsible for control and management plane of the federated network solution, negotiation of network sharing with peer NFAs and configuring data plane - Federated Datapath (FDP). FDP is responsible for data plane representing federation tunnels endpoint for the local data and control plane entities, acting as \the gateway to the federation". NFA and FDP, deployed in each cloud, create federated network by connecting network segments from different clouds. The Skydive monitoring tool relies on a fully distributed architecture leveraging two components: the Agents, acting as distributed probes, and the Analyzers, collecting and aggregating data from Agents. The Agents make use of topology probes in order to fill their version of the federated cloud graph. The Agents also ensure that relations between resources collected by probes are correctly reported in the graph. While Agents keep the last version of the topology they use the pub/sub capability to forward all the modifications to Analyzers which keep the aggregated information. As shown in the Figure 1, the Skydive agents are deployed at each hypervisor in every cloud monitoring the traffic between hosted VMs. The analyzers are deployed at the NFAs at each cloud. For the completeness of view, it is crucial to monitor the Federation tunnel connecting the clouds. Skydive agents deployed at the ends of the tunnels come with a ow classifier, supporting different encapsulation types, addressing the most common network virtualization environments and supporting multiple levels of encapsulation.