Power Virtual Server

 View Only

Embrace hybrid cloud with IBM Power Systems Virtual Server and Megaport’s Network platform

By Val Besong posted Fri April 01, 2022 02:59 PM

  

 

In this blog contributed by IIJ Global Solutions, we look at the verification results of connecting Megaport’s service with IBM Power Systems Virtual Server (hereinafter referred to as Power Virtual Server). Power Virtual Server is a secure and reliable cloud infrastructure that is being adopted widely both globally and within Japan, and Megaport’s service allows users to utilize Power Virtual Server. IIJ Global Solutions, within the IIJ Group, is developing an open and wide-ranging network / security service globally in a multi-cloud environment and has been providing connection services to various clouds using Megaport from early on.

The content of the article is the contributor's own views and does not necessarily represent IBM's position, strategy or opinion.

 
1. The arrival of the hybrid cloud era

What kind of IT infrastructure does your company use? We are sure many companies are starting to use the cloud. On the other hand, from the viewpoint of economic efficiency, service requirement level, legal compliance, etc., the server group operated on-premises will probably continue to exist. The cloud may also be used in combination with IaaS, PaaS, and SaaS from multiple cloud vendors.

In IT, "One fits all" is difficult, so it is inevitable to introduce the cloud or on-premises in the right place. In that case, the company has one or more private clouds on-premises or in the data center, while multiple public clouds are also used, that is, a hybrid multi-cloud environment.

  

2. Two perspectives to consider when building networks in the hybrid cloud era


In a heterogeneous hybrid cloud environment, how to build networking is an important point. Because networking is a key factor in determining the performance and security of the hybrid cloud as a whole.

Power Virtual Server, which is being adopted as a safe and secure cloud platform for corporate ERP systems and mission-critical business systems, is no exception. The customer's concern is how to connect this cloud system, which is at the core of enterprise applications and data pace, with SaaS and IaaS that support daily digital transformation, and users inside and outside the enterprise with high performance and stability i.e. extending to digital networking.

 

Now, let's look at networking from two perspectives.

 

1) Viewpoint 1: Cloud-to-cloud connection

Many companies use multiple clouds to build various business applications. There are various variations in the connection between clouds, such as a star-shaped connection centered on a certain cloud, a sequential connection on one line, or an N-to-N connection. The form is diversified depending on the design of the application.

Network performance, which was not a problem because the application handled few transactions when connecting at the beginning of operation, may become apparent as the amount of work increases. If you are using multiple clouds to process a single transaction, a bottleneck in any cloud will affect the completion of the transaction process itself.

In order to maintain proper cloud performance, it is necessary to manage both the performance of the cloud itself and the bandwidth and latency of the network between the clouds. In addition, when the network between clouds is disconnected, it is necessary to contact both cloud companies to investigate the cause.

 

2) Viewpoint 2: Cloud-Network connection on the user side

Some clouds connect directly to the user's network or to the user's device. Depending on the user, all the clouds may be directly connected to the user. Users are in control of their network. On the other hand, the network inside the cloud is managed by the cloud company. In the cloud era, stable connection between the cloud and your own network is extremely important.

 

 

3. Verification results by IIJ Global Solutions

 

1) Use of Power Virtual Server by Megaport service

 

Overview of Megaport service

Megaport Service is a NaaS (Network as a Service) provider that provides cloud connection and data center connection services. Currently, there are numerous Megaport affiliated data centers in the United States, Europe, and Southeast Asia, enabling direct connections from these data centers to major cloud service providers such as IBM Cloud.

 

Value for users of the Megaport service

The Megaport service provides the services needed to build a cloud-native corporate network infrastructure, such as simplifying complex enterprise network management, seamlessly connecting to cloud services, and virtualizing data centers. Furthermore, it is a service that brings the following benefits to users in terms of "delivery time," "price," "quality," and "number of affiliated data centers."

  • "Delivery time": Megaport service can be provided in the shortest possible day as long as the setting information is ready.
  • "Price": There is no minimum usage period (excluding some services) - you can use it only for the required period, and you can add lines or increase or decrease the bandwidth as needed. Therefore, the cost for the line can be minimized.
  • "Quality": Since the cloud environment can be built in a closed network, cloud services can be used with stable quality. In addition, wideband lines up to 10 Gbps are available.
  • "Number of affiliated data centers": Direct connection between more than 700 data centers and major cloud services around the world is possible.

As mentioned above, Megaport is attracting a lot of attention as a NaaS (Network as a Service) provider that provides high value to users who want to use hybrid or multi-cloud environments and users who have problems.

 

Megaport service component

To connect with Power Virtual Server, you can connect by combining the services provided by Megaport. Below are three basic services offered by Megaport.

 

(1) Megaport (Physical port)
The physical port is a physical Ethernet interface for connecting to the services of Megaport. It has a capacity of 1 Gbps, 10 Gbps, or 100 Gbps. There is a patch panel for connecting within the Megaport network in the Meet-Me-Room of the Megaport affiliated data center, so you can connect to the Megaport network by connecting an optical cable after contracting the physical port.

 

(2) MCR (Megaport Cloud Router)
A virtual router for Layer 3 connection that can be used within the Megaport network. It can be routed by BGP or Static, and functions such as Route Filter and NAT can also be used.

 

(3) VXC (Virtual Cross Connect)
A virtual Ethernet line that instantly connects services between physical ports, MCRs, and the cloud on a point-to-point basis. It is available with a bandwidth of 1 Mbps to 10 Gbps.

 

2) Connection verification configuration with Power Virtual Server by Megaport service


IIJ Global Solutions conducted verification using the above three patterns. The test with the cloud-user connection configuration was verified using the facility "@Tokyo Cloud Lab" where physical ports can be used.

 

(1) Multi-cloud connection: Configuration-1
By using MCR, IBM Cloud and AWS are connected by VXC. We are assuming a multi-cloud or hybrid cloud that can be linked between IBM Cloud and other clouds.

 

(2) Cloud-user connection (single) : Configuration-2
By using the physical port, the Megaport affiliated data center and Power Virtual Server are connected. It is assumed that Power Virtual Server will be utilized from the branch base of the customer WAN via the Megaport affiliated data center that will be the hub. If you are already using a Megaport affiliated data center, you can use Power Virtual TOKYServer via a closed network at a low cost.

 

An optical cable (LC-SC connector) is used to connect the L2 switch in the configuration diagram to the physical port. As a demarcation point of responsibility for the Megaport service, the user is responsible for connecting to the physical port, so the optical cable must be prepared by the user. (The customer WAN in @Tokyo assumes the Internet, but the customer WAN in the verification environment is a pseudo connection that does not actually use the Internet.)

 

(3) Cloud-user connection (redundant) : Configuration-3
The configuration was implemented under the same assumption as Configuration-2, but Configuration-3 has redundant routes from VXC to Power Virtual Server, and different physical ports on the Power Virtual Server. VXC is connected to. (Originally, SEIL / X4 in the Megaport affiliated data center should be made redundant from SEIL / X4 to the physical port, and VXC connection should be made using the physical port created on the physically different chassis. For this reason, there is only one physical port on the  @Tokyo side in this verification.)

 

3) Outline of construction procedure (coordination of various parameters by Case, etc.)

 To build the verification environment, you need to create and configure resources from the IBM Cloud portal and Megaport Portal. Also, the settings differ depending on the Megaport service (physical port or MCR) that is the connection source to the Power Virtual Server. Also, regarding the connection to the Megaport service, the order of the information received may be different because the case is opened on IBM Cloud so that the support staff of IBM Cloud can handle it individually. However, the information connections and settings sent to the IBM Cloud support team are unique, so the actions taken by the user do not change. When I built the verification environment with IIJ Global Solutions, I was able to request a connection to the Megaport service of Power Virtual Server using the flow shown below. The columns "Megaport Portal" and "IBM Cloud Portal" in the figure below are the contents implemented in each portal, and "Power IaaS Support" is the contents implemented by the IBM Cloud support team.

 

(1) Preparation
Before connecting the Megaport service and IBM Cloud, create the service (MCR or physical port) on the Megaport Portal, which is the connection source, and create and set the Power Virtual Server resource on the IBM Cloud portal.

 

(2) Create a Case (inquiry form)
After completing the preparation, open the Case on the IBM Cloud portal. As of January 2022, connecting to the Megaport service to the Power Virtual Server is not possible with operations on the IBM Cloud portal alone, so you will need to have the Power IaaS Support team configure it individually through Case. Inquiries to the Power IaaS Support team cannot be made in Japanese, so inquiries must be made in English.

 

(3) Create a VXC
If there is no problem with the information given in the VXC creation case, Power IaaS Support will send you the information required to create the VXC. Use this information to create a VXC in the Megaport Portal.

 

(4) Input VXC information into the Case
After creating VXC, state that it was created on IBM Cloud in Case and send it to Power IaaS Support. At this time, if you are using the MD5 authentication option of BGP, enter the set password in the Case as well. Route redundancy to Power Virtual Server is realized by routing by BGP. You can create an Act-Stn configuration by entering the VXC name you want to use as the main system.

The preferred VXC can be specified as follows:

-Communication from Megaport service to Power Virtual Server
Set Power IaaS Support to publicize the route with AS-path added to the Power Virtual Server router and specify the priority route. Also, if it is a carry-on router, it is possible to specify the priority route by weighting the received route using a route filter or the like.

-Communication from Power Virtual Server to Megaport service
Power IaaS Support sets a Local Preference for the Power Virtual Server router and specifies the preferred route.

 

(5) BGP settings

After receiving the completed VXC approval and BGP settings for the Power Virtual Server router from Power IaaS Support, set the BGP for the MCR or bring-in router. If it is a carry-on router, it is possible to set BGP at any time as soon as the ASN on the Power Virtual Server side is received, but in the case of using MCR as in Configuration-1 , it is set during the VXC approval period. I can't make any changes.

 

(6) Check the status

When the BGP setting on the user side is completed, the MCR or the carry-in router can receive the route information addressed to the Power Virtual Server by BGP. After confirming that the route can be received normally, close the case.

 

4) Verification details and results (basic connection function, availability verification by redundant configuration, etc.)

 

We have carried out the following confirmation and verification with three configurations.

 

Configuration-1
 -Basic Ping-level communication

 

The following is the communication test result from the virtual machine on AWS (Tokyo) to IBM (Osaka) on the Power Virtual Server via the MCR of the Megaport service. Considering that the average communication between East and Osaka is 8ms in a closed network, it is a reasonable response time.

 

Number of implementations

Number of failures

Failure rate (%)

Shortest time (ms)

Maximum time (ms)

Average time (ms)

1000

0

0

6

11 11

8

 

Configuration-2  
-Basic Ping-level communication

The following is the communication test result from the client PC in the data center assumed to be the customer base to the IBM i partition (Osaka) on the Power Virtual Server via Megaport. As with the virtual connection configuration in Configuration-1, a reasonable response time was shown as a result. However, since the network that is supposed to be the customer WAN does not go through the Internet, the response time should be slightly slower in the actual environment.

 

Number of implementations

Number of failures

Failure rate (%)

Shortest time (ms)

Maximum time (ms)

Average time (ms)

1000

0

0

8

25

Ten

 

-Remote connection to IBM i on Power Virtual Server using a 5250 terminal emulator and FTP communication

We installed the 5250 terminal emulator on a virtual machine on AWS and tested communication other than ping. Specifically, it is a test to see if the emulator can be used to remotely connect to IBM i on Power Virtual Server and get files by FTP. There are few configurations that actually use IBM i with an emulator from a virtual machine on the cloud, but here we confirm whether it is possible to perform other communications in addition to basic communication such as ping. After setting the emulator, when we made a remote connection, the sign-on screen was displayed and we were able to confirm that the remote connection was successful. Regarding FTP communication, it was confirmed that the savf file stored in IBM i was acquired without any problem by performing get by ftp command from the command prompt of the virtual machine on AWS.


 


Configuration-3

・ Remote connection to IBM i on Power Virtual Server using a 5250 terminal emulator and FTP communication * Includes redundancy test / communication when a failure occurs.

In Configuration-2, the emulator was installed on the client PC assuming the customer base, and the remote connection test and FTP communication test were conducted. As with Configuration-1, both communications were successful.

In the failure test, we reproduced the failure between @Tokyo and IBM Cloud by UP / DOWN the VLAN interface of the L2 switch of the customer base data center equipment and confirmed the switching between the main system and the secondary system route. As a result, the switch from the main system to the sub system was successful. There was a communication interruption at the ping level for less than 10 seconds, but the emulator session was not interrupted. In addition, switching from the secondary system to the main system was performed without any problem, and there was no communication interruption or emulator session interruption at the ping level.

If you use the emulator settings or the actual Internet environment, it is possible that the session will time out and you will need to reconnect with the emulator, but in conclusion, it was verified that it is possible to use Power Virtual Server with a redundant configuration by BGP for the failure between @Tokyo and IBM Cloud.


4. Contact IIJ Global Solutions

 

IIJ Global Solutions provides multi-cloud connection services including Power Virtual Server connection using Megaport's services introduced in this blog, and a wide range of network / security services for the hybrid cloud era. We are accumulating knowledge on Power Virtual Server network connections through the above-mentioned verification.

 

If you have any questions about various cloud connection networks by Megaport, etc., or advanced networks / security services such as SASE, CASB, SD-WAN, SD-LAN, EDR / XDR, please contact us by email.

 

Contact information

 

IIJ Global Solutions Co., Ltd.

 

Contact Us here

 

Click here for further details on IIJ Global Solutions services

0 comments
103 views

Permalink