This ESG Lab Review documents hands-on testing of the Arista Any Cloud platform based on Virtual Extensible Operating System Router (vEOS Router) and CloudVision, focusing on how Arista delivers the same EOS operational and management capabilities found in data center networks in a hybrid cloud network environment. This review will also show how Arista has extended the automation and orchestration capabilities to enable “Any” cloud management and integration based on its five A principles of availability, agility, automation, analytics, and Any Cloud.
In a recent ESG survey, 74% of respondents that are using or want to use both public cloud resources and on-premises equipment simultaneously to support their organization’s IT needs stated that it is very important or critical for their public cloud service providers to use the same cloud infrastructure technologies as those used in their organization’s internal private cloud, as seen in Figure 1.1 Additionally, organizations have noted performance, organizational complexity, and the lack of appropriate tools for enabling a hybrid cloud environment as among the challenges that they face when moving virtual resources and data between private and public cloud resources.2
IT professionals recognize that employing a hybrid cloud in the enterprise is no trivial task. Lacking common platforms for extensibility, common operational models, visibility across all workloads, and secure provisioning across public and private resources make multi-cloud integration difficult. To address these challenges, organizations must use a common software-defined architecture and management system to interconnect and orchestrate IT resources. The resulting hybrid cloud architecture must provide the requisite flexibility, agility, scalability, reliability, programmability, and performance, regardless of any workload.
The Any Cloud Platform: Arista vEOS Router and CloudVision for Hybrid Cloud
Recognizing the challenges to enable a hybrid cloud environment, Arista is leveraging its two existing software platforms to enable their vision of Universal Cloud Networking. These solutions allow customers to leverage the mature Arista data center architecture to integrate resources in the cloud or at branch locations under a common software architecture. The vEOS Router is a cloud- and hypervisor-agnostic virtual network device, allowing a customer to deploy it within an enterprise data center, a public cloud, or a remote office. Because Arista designed EOS from the ground up using the principles of the cloud, the vEOS Router enables customers to leverage the same EOS capabilities seamlessly across its IT infrastructure, regardless of where the vEOS Router is deployed. This virtual router provides the same consistent operations, workflow automation, and high availability as EOS across Arista’s switching and routing portfolio. vEOS customers can create a hybrid cloud environment using public cloud resources such as Amazon Web Services (AWS), Microsoft Azure, Google Cloud Platform, and Oracle Public Cloud, and leverage VMware ESXi, Microsoft Hyper-V, and Kernel-based Virtual Machine (KVM) hypervisors. Currently, vEOS supports almost all server size instances, specifically those that support single root I/O virtualization (SR-IOV). At the data center, organizations can deploy head-end tunnel termination using their choice of software on industry standard servers or hardware-based termination with Arista high-density data center switch platforms.
Arista has also extended the capabilities of CloudVision so that customers can manage all physical and virtual resources within their hybrid cloud environments. CloudVision enables multi-cloud provisioning, workflow automation, and workload orchestration across both public and private cloud resources. As with EOS for the enterprise private cloud, the cloud-agnostic platform offers the benefits of a single database for aggregating and accessing state and configuration of virtual resources installed in public clouds. CloudVision provides that single point of control to enable workload automation and orchestration, and state and topology monitoring and visibility.
Arista CloudVision provides a consolidated view of an organization’s cloud infrastructure and provides the foundation for automating integration of stateful next-generation firewalls, security monitoring tools, and application delivery controllers without dependency on proprietary packet headers or protocols using CloudVision Macro-Segmentation Service.
Customers who have already used CloudVision’s interface can now perform the same tasks and view the same device and network metrics with both physical and virtual network devices. To differentiate its solution from traditional hybrid cloud management solutions, Arista uses the same operational models regardless of whether you are managing devices within the data center, any private or public cloud, or a branch/remote office, essentially removing the need for disparate management platforms.
Because CloudVision enables both real-time and historic network state telemetry for all devices—physical and virtual—it enables IT professionals to view at both the device and network levels at any point in time from a single interface. No longer do organizations need to examine the entire network on a device-by-device basis or depend upon polling mechanisms that may not reveal network issues in a timely manner. IT professionals can leverage real-time data to better identify the root causes of network issues, thus reducing time to resolution. Additionally, Arista provides application programming interfaces (APIs) so that customers can develop custom analytics and visualizations leveraging the data CloudVision collects.
Current Arista customers employ the vEOS Router and CloudVision for many use cases, including:
- Enabling secure connectivity between private and public clouds in an enterprise hybrid cloud.
- Interconnecting virtual private clouds (VPCs)—i.e., multiple cloud service providers within and across regions or zones via transit VPCs.
- Leveraging a vendor-agnostic common platform for provisioning and management of network resources.
- Obtaining real-time streaming statistics with workstream analytics for sites, connections and infrastructure within the hybrid cloud.
Validating vEOS Router Throughput and Failover Performance
ESG Lab tested Arista’s vEOS Router to validate both performance and the ability to deliver virtually uninterrupted operations during a simulated unplanned outage between VPCs and using a transit VPC. Figure 3 shows the test configuration.
One vEOS router was deployed in one AWS availability zone, while one was deployed in an AWS transit center or transit zone. An availability zone (AZ) is an isolated group of data centers within a geographic region. Each region within AWS is also geographically isolated from one another and contains multiple AZs. An AWS customer can deploy multiple application instances across AZs to reduce application latency and protect against unplanned outages.
A transit zone (TZ) provides connections between AZs of different regions, as well as direct connections to the public Internet and AWS partners. the vEOS router in the AZ was connected to the vEOS router in the TZ. An Ubuntu server was connected to the vEOS router (10.2.118.11) in the AZ, and configured to simulate traffic from 62 different VPCs while a separate server was connected to the vEOS router (10.3.111.11) in the simulated data center.
ESG Lab first evaluated the results of a test to demonstrate the throughput that can be achieved with a vEOS router in AWS. Using iPerf, a network testing tool that can create TCP and UDP data streams and measure link throughput, a TCP traffic stream was originated between server 10.3.41.29 and server 10.2.41.22. In this test, the vEOS Transit Router terminated 62 tunnels simulating 62 edge routers with an MTU of 1394. This traffic would travel across the link connecting z1-vEOS1 and tz-vEOS1. Traffic would be generated for a period of 5 minutes. Figure 4 shows the results of the test.
The test revealed that traffic reached a steady state of 2.15Gb/sec from the edge router to the data center and 2.59 Gb/sec from the data center to the edge router, 4.74 Gb/sec in total.
Arista’s Any Cloud offering maintains that high availability is built into its solution, with the ability to directly call AWS APIs built into vEOS routers. ESG Lab tested this claim, observing a failover between two routers in an AZ to determine the packet loss if an unplanned outage occurred. Within the VPC depicted in Figure 5, each vEOS router is configured with routes to the servers in the AZ and to the servers in the TZ.
ESG Lab also observed how the traffic would be distributed with multiple workloads. Using iPerf, another traffic stream was generated from Server 10.3.41.44 and sent via the same link connecting z1-vEOS1 and tz-vEOS1. With both workload simulations running, each server consumed half of the 1.23 Gb/sec of total bandwidth, showing that the router will balance the total workload between servers.
Finally, ESG Lab used iPerf to generate a 1.23 Gb/sec TCP stream between server 10.3.41.29 and server 10.2.41.22 across router z1-vEOS1. Router z1-vEOS1 was then rebooted via the AWS EC2 management console. Traffic immediately failed over to router z2-vEOS1 while z1-vEOS1 rebooted. Figure 6 shows the second-by-second log of traffic received by server 10.2.41.29. The complete failover of traffic to Router z2-vEOS1 during the reboot of Router z1-vEOS1 took just a few seconds. It’s important to note that even while this disruption was minimal, Arista has since implemented Bidirectional Forwarding Detection (BFD) in vEOS. ESG Lab has confirmed that Arista has customers running vEOS in production that can fail over without any traffic disruption.
Why This Matters
As IT professionals embrace the use of hybrid clouds, recent ESG research reveals that they are concerned about maintaining overall network performance.3 IT professionals must be able to operate and manage virtual resources in places outside of the enterprise data center in the same way they are able to in their physical network devices.
ESG Lab validated that organizations can achieve a steady-state throughput of more than 4.7 Gb/sec between vEOS Routers deployed in an AWS cloud environment, which is sufficient to support most cloud applications and large-scale deployments. We also verified the vEOS Router’s ability to load-balance the traffic automatically across two routers. Finally, we saw that during a planned failover between vEOS Routers, there was minimal disruption before traffic resumed. While we observed minimal disruption in these tests, Arista has now implemented the BFD protocol and eliminated disruption during failovers, thus ensuring even higher network availability while maintaining overall high network performance.
Managing Physical and Virtual Network Resources
Traditional hybrid cloud solutions are often built from multiple disparate physical and virtual assets and lack a single point of management for orchestration and visibility. ESG Lab proceeded to evaluate how CloudVision provides a single point of management, while leveraging it to configure and manage the vEOS Router via its GUI. We also reviewed how streaming and telemetry data are viewed and used to address issues commonly faced in network management. Figure 6 shows the CloudVision interface.
ESG Lab first walked through the steps to add and configure a new vEOS Router to the existing network. Using the CloudVision GUI, we clicked on Network Provisioning in the upper left-hand corner to reveal the present network configuration (shown in Figure 7).
Adding a new vEOS Router involved the following steps. Screenshots in Figure 8 show the progression of steps:
- Click on Inventory from the home screen.
- Click on + in the upper right-hand corner.
- Type IP address in the Search box, then click Add.
Figure 9 shows that the device has been added, yet still needs to be configured. Configuring the device requires right-clicking on the new device and selecting Manage-Configlet.
The Configlet command allows a network administrator to configure multiple devices using a configuration of an existing network device. Rather than typing multiple instructions via command line interface (CLI), CloudVision reduces device configuration time by using an existing configuration (or Configlet) on an existing device and applying it to new devices via a few mouse clicks. Of course, to ensure that only authorized changes are applied, an administrator must approve adding or reconfiguring network devices.
ESG Lab also observed how to monitor network events, metrics, and devices from the CloudVision interface to verify the breadth and depth of analytics Arista offers to its customers. Unlike hybrid cloud solutions that offer traditional and disparate polling and out-of-band monitoring systems, CloudVision collects the state of each network element in real time, creating a holistic and current view of the hybrid cloud environment. This becomes more critical to customers as their hybrid clouds experience larger data volumes, requiring IT professionals to ensure availability and security at any given moment. As Figure 11 shows, CloudVision offers views of the hybrid cloud from the multiple perspectives of events, devices, and metrics. The Events view provides logs on events that occurred on all network devices. The Devices View provides historical and real-time data on system resources, hardware usage, and environmental conditions. The Metrics View allows a user to review cumulative counts from a device and interface perspective across devices, eliminating the need to call up individual counters via CLI.
These real-time and historical views within CloudVision integrate the state streaming and telemetry data so that IT professionals have a comprehensive view of both the device and the network. Users can manage both physical and virtual resources, regardless of location, via the CloudVision portal. Also, all views allow users to see the state of both the devices and the network in snapshot and live mode.
ESG Lab also viewed the capabilities of CloudTracer, a tool that provides real-time reachability monitoring between private and public clouds via telemetry tracers. Specifically, IT professionals can assure in real time that all points interconnected within the hybrid cloud environment—remote sites, VPCs within multiple cloud service providers, enterprise datacenters—are accessible. CloudTracer enables IT to trace connectivity issues quickly and identify root causes quickly, thus helping to decrease resolution time and increase availability. In Figure 12, we see a sample view from the CloudTracer GUI.
In CloudTracer, IT can view HTTP response time, jitter, latency and packet loss of connections between various devices or hosts in the hybrid cloud. ESG Lab viewed HTTP response time for connections between five availability zones and two vEOS Routers. CloudTracer will indicate if response time is severe enough to warrant further investigation via color coding. IT can also view HTTP response time in real time at the bottom of the screen to uncover any trends. CloudTracer also enables the user to view historical data, associated raw data and other metrics pertaining to a specific device or host, as displayed for veos-cs-2 in Figure 12.
Why This Matters
Organizations state that the use of a common platform for orchestrating and managing IT resources in a hybrid cloud environment is very important to them, according to ESG research.4 Not only does a common platform make it easier for them to manage the overall enterprise IT network, but it also reduces overall total cost of ownership (TCO). No longer do organizations need to invest in separate management platforms whether their IT resources lie in their enterprise data center, public cloud, or branch offices. This also leads to lower training costs, lower management costs, and greater IT operational efficiency in managing the network and troubleshooting issues, which all lead to an overall lower TCO.
ESG Lab validated that the CloudVision portal provides IT professionals a user-friendly interface that enables more efficient management of the hybrid cloud environment. Adding a new network device required only a few mouse clicks. We also saw how an Arista Configlet can be used to shorten the time for configuring a new network device. ESG Lab saw how the state streaming and telemetry data collected by CloudVision are integrated into comprehensive views of the network and its devices, both physical and virtual. We saw how CloudVision allows views in historical, current, and real-time modes to better facilitate monitoring and troubleshooting activities. Finally, ESG Lab verified that CloudTracer allows the user to monitor the health and availability of connections amongst the elements that make up the customer’s enterprise hybrid cloud.
The Bigger Truth
While organizations are embracing the use of hybrid clouds, they continue to be challenged by managing and orchestrating resources to extract the most value. Common technologies and platforms to build and manage a hybrid cloud environment can help organizations “do more with less.” IT simply does not have the time or resources to learn new technologies or invest in additional solutions for operating a hybrid cloud. A solution that integrates public and private cloud resources easily will enable IT organizations to provide the business with an agile, robust hybrid cloud environment.
Recognizing that need for simplicity in network resource integration and management, Arista offers the vEOS Router for extending the network beyond the enterprise data center and the additional capabilities of CloudVision to manage both private and public cloud resources through one portal. Both serve to ease customers into adopting hybrid clouds by employing Arista’s proven EOS platform, which employs a single code base, vendor-agnostic orchestration, real-time visibility and telemetry, and consistent programmability via APIs. For those who already use Arista in their enterprise data centers, this enables integration of new technologies using familiar tools and techniques. Arista’s robust, common platform makes implementation, orchestration, and management of hybrid cloud networks easy to achieve.
ESG Lab validated that the vEOS Router can achieve a steady-state throughput of 4.74 Gb/sec in an AWS cloud environment. We also verified the vEOS Router’s ability to load-balance traffic automatically across two routers. Failover, failback, and router boot time after a simulated outage were all fast and smooth, with minimal interruption to service. These results show that the vEOS Router can maintain high levels of network performance even when deployed in the public cloud.
ESG also reviewed the current capabilities of CloudVision to manage both physical and virtual resources. We saw that adding and configuring new virtual devices requires just a few clicks of the mouse as opposed to the effort of typing in multiple complex commands via CLI. We also saw how state streaming and telemetry data were integrated into comprehensive views from a network event, device, and metrics perspective. These views allow the user to gain a global understanding of the hybrid cloud environment, eliminating the need for coordinating disparate management systems.
Arista continues to address the challenges of implementing and managing a network environment, as the vEOS Router and extended capabilities of CloudVision allow organizations to fully realize the benefit of hybrid cloud networking. If your organization is looking to achieve faster time to value, greater operational efficiency, and ultimately a lower TCO from its hybrid cloud environment, it would be smart to take a close look at Arista’s vEOS platform and CloudVision.
1. Source: ESG Research Report, The Cloud Computing Spectrum, from Private to Hybrid, March 2016.↩
3. Source: ESG Research Report, The Cloud Computing Spectrum, from Private to Hybrid, March 2016.↩
4. Source: ESG Research Report, The Cloud Computing Spectrum, from Private to Hybrid, March 2016.↩