Simulating that clould

In the past i wrote quite often about a thing that i call systemic features, when features start to fit together seamlessly in order to create possibilities more than the sum of the features. One of the systemic features is the simulation of the cloud. I don’t talk about that thing that most people connect in mind with the word cloud (the grid with a credit card checkout ;) ), but the cloud-like icon in many architectural diagrams called “Network” or “Internet” that sits between the client and the application that often resembles the “a wonder happens here” box in many architectures. It’s not new: I talked about this mid November at the DOAG conference in Nuremberg. And i’ve playing around with this at customers an privately for a while now. Many customers have networks as large and as complex as the internet part of a smaller country perhaps 15 years ago. The interesting question is: How can you test your application for it’s resiliency against failures in this cloud shaped icon. How does your application react, when your network is doing its high availability magic. And interestingly Solaris 11 can help you here. The thoughts behind this are pretty simple.

• A router is a computer that runs an operating environment that is tailormade to do network stuff, but at the end it's a computer with a OS (yeah, i know, hardware offloading makes this a little bit more complex, but at the end it's that way)
• A zone is a virtual operating environment.
• Each zone can have it's own set of routes.
• Each zone can have it's own set of firewall rules.
• Each zone can have it's own set of processes.
• Routing protocols are not more than processes collecting information from the network and configuring the routing table.
• You can install a vast array of dynamic routing protocols on a zone.
• I can have up to 8192 zones (given enough memory)
• In Solaris 11 i can emulate switches (etherstubs)
• I can limit bandwidths in Solaris 11 out-of-the-box with crossbow

When i’m combining all this features i can set up a vast array of zones doing nothing else taking each incoming packet on a interface, routing it on a multitude of ways between each other, and send it out on a outgoing interface. Even when the system in your environment are placed in many separate networks of your network you can still use a system with many networking cards or something called server-on-a-stick (single high-bandwidth connection to a vlan-trunking capable switch and using the switch ports as a fan-out). So in order to emulate a complex corporate network, all i have to do is configuring a lot of etherstubs, configuring many vnics, replicate the physical bandwidths with the maxbw setting on the vnics, set up a lot of zones, perhaps translate the ACL of the routers into firewall rules for firewall functionality of Solaris, installting the routing daemons and configure it similar to the configuration of the routers (in regard of timeouts and so on). Now i can test, how my applications react, when the network starts to converge against a new topology because of the failures of some lines. I can test, to which topology my network will converge after an line outage (which is nothing more than a deny-all firewall rule). I can test the impact, when the network converges that way, that my traffic flows over a 2 MBit/s line instead of a 155 MBit/s line. For even more complex failure modes i can even use the htbx driver to introduce additional latencies, packet drop or packet reorderung as shown in this article. In essence you can emulate your complete internal network in a single box and with Zones and Crossbow in Solaris 11 it’s so low overhead (at the end it is still just one kernel) that you can really emulate the reality and not a simplyfied view, as you don’t have emulate via separate hardware or many independent operating system instances in virtual machines. At the end you could simply use a single Solaris system, put it between all your test systems and use this solaris system as a emulation device for your corporate network. It’s simulating the cloud-shaped icon in your architectural diagrams.