Ethan Banks Not writing about IT.

Embrane: Software Defined Network Services, Now With Overlay

E

embrane-logoEmbrane is an SDN startup that’s in the business of software defined network services. Specifically, their heleos platform abstracts compute resources, and provides distributed virtual load balancers and firewalls, i.e. not merely virtualized appliances. Embrane has announced an overlay component to heleos called vTopologies for those customers who wish to deploy lightweight multi-tenancy, i.e not a full VXLAN implementation. Here’s an excerpt from my piece on Network Computing.

vTopologies allows Embrane customers to stitch together DVAs into a cohesive layer 3 environment that’s completely isolated from other vTopologies (like any overlay). DVAs are vTopology overlay tunnel endpoints, so there’s no dependency on a hardware or software switch to perform the encapsulation. ESM acts as the control plane for the mapping of endpoints, so that DVAs know where to send encapsulated traffic to.

Aside from the mechanics of what vTopologies are doing, it’s key to consider that vTopologies are managed by ESM — not by yet another tool. For a shop that invested in heleos already, Embrane is now giving them a way to deploy a total customer environment — complete with a secure, isolating overlay — through one piece of software.

Links

Embrane Heleos: Scale-Out Distributed Virtual Appliance (Ivan Pepelnjak)

Scaling Virtual Appliances with Embrane (Greg Ferro)

5 comments

  • Hi Ethan,

    That is just awesome. I wonder if I run Embrane overlay over VMware’s virtual network… We are now in the world of hierarchical overlays! Soon there will be a VXLAN VNID stack. This is what happens you start piling up software layers…

    Thoughts?

    David
    @DavidKlebanov

      • Hm… What if I have multiple instances of virtual Firewall on the same host and each instance belongs to a different tenant. Same on the other host. Now I want to isolate the path between them by interconnecting the virtual Firewalls belonging to the same tenant into the same vTopology? I also happen to employ hypervisor virtual network between the hosts… vTopologies give me virtual Firewall interconnect network over the hypervisor overlay network over the physical network.

        • I don’t have an opinion. I understand the Embrane solution at a high level, but have not deployed it. IIRC, you work for Cisco, but I imagine they’d still talk to you if you’d like someone to discuss it in more detail.

By Ethan Banks
Ethan Banks Not writing about IT.

You probably know Ethan Banks because he writes & podcasts about IT. This site is his, but covers other stuff.

Get the details on his about page.