logo

Generally speaking, virtualization can be described as the abstraction of physical resources. Managing virtualization typically means that these abstractions can be pooled, deployed, and re-used as needed. Data Center Virtualization extends the concept of virtual resources across physical platforms, so in addition to abstracting a single system like a hypervisor might do; data center virtualization takes this a step forward and virtualizes the external IO and management interfaces, creating an environment that has total flexibility. In order to achieve Data Center Virtualization, there is the concept of a “fabric.”  A fabric can be tightly coupled with the hardware — think Infiniband, or a cross-bar switch in a high-performance compute farm, or can be loosely coupled — think open Ethernet or Fiber Channel fabrics. These are sometimes called “captive” and “non-captive.” In a captive fabric, all of the resources — whether physical or virtual, that are connected to the fabric are managed consistently. The physical fabric can be of any ilk — IB, Ethernet, FC — but the key is that all resources are managed the same way.  In a non-captive fabric, there can be managed and unmanaged resources sharing the same fabric. Data Center Virtualization can work with both captive and non-captive fabrics, but the usability models are drastically different.  Enterprises considering virtualizing across platforms should look at these differences carefully. For example, when you deploy Data Center Virtualization with a captive fabric, all switch programming and IO connectivity is done behind the scenes. When a failure occurs and a server is moved from one hardware device to another, there is no explicit switch reprogramming that needs to be done.  Since all of the devices are managed within the fabric, the fabric management software handles all of the reconnections. In a non-captive fabric, when a server is moved from one hardware resource to another, it typically involves reprogramming of physical switches or a security model that is “open-zoned” where every server has access to every device.  Both of these strategies can be huge security issues.  When a non-captive fabric manager starts telneting into premise switches to reconfigure IO, it can cause problems with security policies as well as political problems when servers start reconfiguring network gear. Imagine a fabric that has both managed and non-managed servers attached, and has its IO mappings reprogrammed on the fly.  Let the finger pointing begin!  In the case of open-zoning, well, the security ramifications can be huge.  Finger pointing will seem pleasant compared to the potential liability in an open zoned environment. In a captive fabric, the fabric manager keeps a mapping of what servers can access which IO and manages the access and security in a way that is transparent to the physical devices.  It’s a much more secure and simple way to manage the Virtual Data Center. For enterprise customers, there is really only one approach to take — captive fabrics. It provides for secure, robust environment that can be supported in a way that enterprise data centers expect.