How Software Defined Networking Is Changing App Development

Midokura is a global software innovator in network virtualization founded in 2010. The co-founders began their careers building distributed systems for the world’s preeminent e-commerce website: Amazon.com. Recognizing that companies around the world faced similar challenges and needed networking infrastructure not found in conventional networking, they applied their experience to build a secure, scalable, dynamic network virtualization solution for organizations worldwide. MidoNet is that solution, and Midokura continues our work to tackle network performance issues for all companies out there. 

 

We recently sat down with Dan Mihai Dumitriu, CEO of Midokura to chat about how developers can get a leg up using cloud app development, containerized apps, and other virtual network advantages.

 

Dumitriu: Network virtualization enables an organization to transform its existing core networking into a software defined networking (SDN) and NFV-based environment. This approach is seeing major adoption, as some organizations plan to transform as much as 40 percent of their global IP core network locations within this year.

 

For service providers providing public IaaS and/or PaaS, merging the NFV platform and cloud services just makes sense. They can create customizable and dynamic application marketplace infrastructure and expose network services (like IDS, FW, VPN, SD-WAN) to customers, giving them near real-time provisioning and more control over their service experience. 

 

Enterprises can bring their networking, cloud, hosting and IT services into an integrated offering that can be accessed through a portal and set of Application Programming Interfaces (APIs). This enables them to provide a one-stop shop for developers to access infrastructure resources - allowing them to innovate through software, faster. 

 

Dumitriu: Sometimes staging environments are used to “feature test” an application deployment, especially in microservices. Here, tests may be conducted on several versions of the same application containing new or modified functionality. A good practice is to isolate a given computer via network segmentation or subnetting to reduce pilot errors - these may include accidentally rolling out new or modified features prematurely. Site developers can use network segmentation to create an isolated enclave. Here, they can thoroughly test features in the staging environment and even “dark launch*” some features into production environments while avoiding the risk of a new feature bring down a production site.

 

*Dark launching is a technique of "wrapping" the code of new software features in a way that let you turn them on or off.

 

Dumitriu: A customer once told us they had thousands of rules on a hardware firewall. A rule change could potentially break one of their applications, but since the existing tools were not app-centric there was no way to predict the application that would break.

 

There are two main types of virtual networking: 1) network-centric and, 2) application-centric. Network-centric mostly deals with management of  network infrastructure, while application-center involves implementation of app-level policy. 

 

The ideal approach is one that provides the best of both worlds - or a combination of both a network and application-centric approach. Specifically the network virtualization solution would provide visibility into the overlay and underlay, along with application performance troubleshooting tools to show flow history. Being able to examine traffic flows across multiple dimensions (port-level, protocol-level, tenant-level) can help to determine symptoms that occur over a period of time.

 

Dumitriu: SDN’s value proposition - letting network operators provision tenant networks or making network changes in software - is becoming more and more understood by enterprises. Still, using SDN in the software development workflow isn’t generally the first or second thing developers think about. But it should.

 

When developers create an application on an SDN enabled platform, they can get real-time flow information directly from the SDN. They can also see how their application performs under light and heavy loads, gain insight into the application’s hotspots and add networking resources to ensure optimal application performance during heavy loads. This is similar to a continuous integration / continuous deployment, but it expands to account for the network as well.

 

Dumitriu: Given the popularity of containers and their rapid adoption by developers, we expect Container-as-a-service (CaaS) to dominate over PaaS. 

 

PaaS provides a cloud computing model for application delivery including hardware, software and development tools. Although PaaS can be a comprehensive platform, app developers are less likely to be sold on it. As developers generally want the freedom to choose their own stacks and tooling, PaaS often seems restrictive.

 

CaaS offers a middle ground in terms of flexibility between IaaS and PaaS. With CaaS, users can upload, organize, run, scale, manage and stop containers using a provider's API calls or web portal interface without predetermined choices of operating systems, Dev tools, programming languages, and infrastructure. Developers have the freedom to chose and interchange any application infrastructure component without incurring switching costs and technical debt.