Last Update: Sep 04, 2024 | Published: Jun 08, 2015
Another day, another element of Microsoft Azure makes it way to Windows Server. The latest introduction into Windows Server 2016 is the Windows Server Network Controller, a feature of the next generation Microsoft cloud that will manage networks in a large Hyper-V deployment.
Network controller is a concept from the Azure fabric; it is a centrally located and programmable point of automation and orchestration for deploying, managing, configuring, and troubleshooting both the physical and virtual networks of a private r hosted cloud deployment.
Network Controller serves as a critical element of any cloud, so it’s been designed to be scalable and fault tolerant. There are two APIs, referred to as Northbound and Southbound:
You can manage the following pieces of physical and virtual networks in a cloud:
Let’s talk about some real tangible features and benefits that Network Controller will offer:
The Network Controller offers you a single point of management for all physical and virtual networks in the cloud. You can configure IP subnets, VLANs, Layer 2 and Layer 3 switches, and the physical NICs of your Hyper-V hosts.
Windows Server 2012 R2 allows you to deploy Port ACLs to implement 5-tuple firewall rules that are implemented by the virtual switch, but Port ACLs is not a centrally managed solution. The distributed firewall functionality of Network Controller is centrally managed, and it allows you to control both east-west and north-south traffic. Using the Northbound API, you can also manage edge firewall rules.
In other words, you can control:
You can automatically discover elements of the data center network and uncover how physical and virtual devices are interconnected and dependent upon each other. This information is used for network monitoring.
You can monitor physical and virtual networks using Network Controller. There are two kinds of monitoring:
A useful feature of network monitoring is impact analysis. Any issues in the physical network can be associated with virtual networks, thus the impact on tenants can be quickly determined. Network monitoring will integrate with SCOM, where historical data can be recorded and rolled up health can be displayed to operators.
We can see in Azure how the role of virtual appliances is growing. This should be expected in Azure-consistent clouds that are deployed on-premises by hosting companies. Network Controller allows you to create rules that force traffic to be redirected by virtual network appliances, where that traffic might be inspected, audited, filtered, and so on.
A software load balancer for scalable and fault tolerant services will be available in Windows Server 2016, where Network Controller will manage this functionality.
Network Controller will manage the deployment of virtual networks (VNETs), supporting both NVGRE (as used by WS2012 and WS2012 R2 Hyper-V Network Virtualization) and VXLAN (a creation of VMware, Arista Networks and Cisco that has other industry backers).
You can deploy, manage and reconfigure Hyper-V hosts and virtual machines that are used as a gateway cluster, bridging the gap between network virtualization, the physical network, and the Internet. The gateway connects a tenant in a VNET with the rest of the world. Functionality includes:
There’s little in the way of documentation on Network Controller, but what little there is indicates that Microsoft’s private and hosted cloud offering is maturing, drawing on Microsoft’s experience with Azure.