Devices such as computer systems, and also including routers, hubs, load balancers, firewalls, and the like, are commonly linked to each other in networks. These networks provide a number of benefits, such as increased productivity, flexibility and convenience, as well as resource sharing and allocation.
Networks are configured in different ways depending on implementation-specific details such as the hardware used and the physical location of the equipment, and also depending on the particular objectives of the network. For example, applications often use local area networks (LANs) to partition devices into tiers with each tier having a different purpose and/or security properties.
One common type of network configuration includes a number of “virtual” networks. Virtual networks provide numerous advantages, a primary advantage being that the devices (e.g., computer systems) associated with a particular virtual network do not need to all be in the same physical location, yet all can appear to be on the same LAN.
There are many technologies that can be used to implement virtual networks. One such technology includes the IEEE 802.1Q standard and Ethernet switching fabrics. The IEEE 802.1Q standard defines a virtual network infrastructure based on virtual local area networks (VLANs). VLANs allow a network manager to logically segment a physical local area network into several virtual local area networks. To devices attached to the physical network, these VLANs appear as separate LANs. Switches on the physical network implement protocols, such as the Generic Attribute Registration Protocol (GARP), that permit arbitrary ports on the switches to participate in one or more of the VLANs (e.g., VLAN1, VLAN2, etc.).
VLANs have been used to create virtual network environments in business enterprises (e.g., offices and data centers). A network infrastructure can be separated into a number of VLANs to simplify the management and cabling of groups of devices. For example, devices within a workgroup can appear to be on the same LAN even though they are physically distributed over a geographic area. Furthermore, a device on VLAN1 that is moved to a new location can be connected to a switch port in the new location that is enabled for VLAN1. From the perspective of the device, the device remains on the same LAN.
LANs are commonly used to organize an application's devices into multiple tiers, such as a Web tier that interfaces with the Internet, an application tier that interfaces with the Web tier, and a database tier that interfaces with the application tier. The communication path (or LAN) between each of these tiers can be implemented as a separate VLAN. A key requirement is that these LANs be secure and isolated. For instance, a Web server may only be permitted to access application servers but not database servers. Typically, to satisfy the requirement for security, separate physical networks are used. For example, the Web and application servers share a physical LAN but there is no LAN between Web and database servers. The absence of the LAN isolates devices in the Web tier from devices in the database tier. Implementations of VLANs by many networking vendors do not diminish this level of isolation.
Providing adequate resources to these applications is problematic. To meet demand during peak periods, and to be able to respond rapidly to unanticipated increases in demand, the networks are often provisioned with extra equipment. The extra equipment increases costs and very often is under-utilized.
In addition, current network designs assume that the applications deployed on them will remain relatively stable over the lifetime of the network, and that changes in network configuration will therefore be needed only infrequently. This makes the task of adding resources or reconfiguring a network more difficult and time-consuming, typically requiring that the network be rewired to accommodate any changes. Changes in configuration are also expensive and prone to error, and may require intimate knowledge of the network as well as a relatively high level of expertise. In addition, changes to the network configuration likely cannot be made quickly enough to respond to rapid changes in demand seen by the applications. To avoid these problems, network designers generally fall back to the costly alternative of over-provisioning the resources on the network.
Accordingly, what is needed is a method and/or system that can overcome the need for rewiring networks when resources are added to the networks or when the networks are reconfigured. What is also needed is a method and/or system that can satisfy the above need and that can quickly allocate resources where they may be needed by multi-tier applications or other networked applications. The present invention provides a novel solution to the above needs.