In a virtualized environment, hosts use virtual switches to join tenants in a network fabric local to a server. Uplink ports on the switch may be connected to other virtual fabrics or to a real LAN through the host's physical network card. Co-locating diverse tenants in a virtualization environment requires a significant degree of resource isolation. Tenants on one virtual machine should not be able to access CPU processes, stored data, or the network traffic of another. Virtualization products may address this issue by assuming either a) tenants largely belong to the same organization, and/or b) the number of unique tenants is a relatively small number. Additionally, techniques such as assigning each organization a unique virtual local area network (VLAN) ID may be used to insure that traffic belonging to each unique tenant is sufficiently isolated. Virtual switches automatically tag traffic from a particular tenant, transparently providing data isolation from other tenants.
Tenancies in a virtualized environment may require dynamic allocation, termination and/or modification (increasing or decreasing capacity) according to business requirements of the tenants. This can make network management a difficult and costly proposition as known virtual machine provisioning processes for given tasks may be resource intensive and require significant human involvement and configuration. In particular, it may difficult to optimize resource allocation to meet the different requirements of multiple tenants.
Accordingly, it would be desirable to provide a system that allows for the improved allocation of resources in a virtualized environment.