In a cloud environment that provides computational resources for a plurality of tenants by using a plurality of information processing apparatuses that are connected via a network, when a failure occurs in the network, a tenant affected in communication is identified and informed.
FIG. 37 is a schematic diagram illustrating a method for identifying tenants in communication when a failure has occurred. In FIG. 37, a server1 and a server2 are information processing apparatuses and a switch1 to a switch4 are switches that relay packets. The server1 and the server2 are connected by a network that includes the switch1 to the switch4.
A VM1, a VM2, and a v switch1 are running in the server1, whereas a VM3, a VM4, and a v switch2 are running in the server2. Here, the VM1 to the VM4 are virtual machines to which the resources of the server are allocated to run, and the v switch1 and the v switch2 are virtual switches that are used when the virtual machines communicate with each other.
The server1 is connected to the switch1 via a port P2. The port P1 of the switch1 is connected to a port P2 of the switch3. A tenant A uses the VM1 and the VM3 and the VM1 communicates with the VM3 by using a logical network, virtual local area network (VLAN)1. A tenant B uses the VM2 and the VM4 and the VM2 communicates with the VM4 by using a logical network, VLAN2. The VLAN1 and the VLAN2 share the network resources, such as the switch1 to the switch4; however, communication between the tenants is not permitted.
The VM1 sends a packet to the VM3 via the switch1, the switch3, and the switch2, whereas the VM3 sends a packet to the VM1 via the switch2, the switch3, and the switch1. The address of the VM3 indicating the sending destination, the address of the VM1 indicating the sending source, and the VLAN1 number are attached to the packet that is sent to the VM3 by the VM1 by using the VLAN1. The address of the VM1 indicating the sending destination, the address of the VM3 indicating the sending source, and the VLAN1 number are attached to the packet that is sent to the VM1 by the VM3 by using the VLAN1. Note that, in FIG. 37, the address of the VM1 is simply represented by the “VM1”, the address of the VM3 is simply represented by the “VM3”, and the VLAN1 number is represented by the “VLAN1” in the packet.
If a failure has occurred in a link that connects the port P1 of the switch1 to the port P2 of the switch3, the management device that manages the servers and the switches refers to forwarding databases (FDBs) held by the corresponding nodes at both ends of the link. In FIG. 37, the switch1 and the switch3 are the nodes at both ends of the link in which the failure has occurred. The FDB is a database that is used to identify, from the address of the sending destination of the packet, a port of the output destination of a packet and the FDB stores therein, in an associated manner, the address and the VLAN number. The address is the address of a virtual machine that corresponds to the sending destination of a packet. The output destination indicates the ID of the port that outputs the packet.
By using the FDBs of the nodes at both ends, the management device identifies the virtual machine that uses the port connected to the link in which the failure has occurred and then identifies the tenant that uses the identified virtual machine as the tenant that is affected by the failure. Specifically, the management device identifies, from the FDB stored in the switch3, the VM1 that uses the P2 as the output destination and then identifies, from the FDB stored in the switch1, the VM3 that uses the P1 as the output destination. Then, by using information in which a virtual machine is associated with a tenant, the management device identifies, as the tenant affected by the failure, the tenant A that uses the VM1 and the VM3. Furthermore, the management device identifies, as a failure path, the communication path that is used by the VM1 and the VM3.
There is a conventional technology, related to a failure of a network, that establishes a tunneling that is a virtual direct communication circuit for a detour in order to secure communication between a device connected to a network that is disconnected due to the failure and another network. Furthermore, there is a technology that identifies, if a failure occurs in a physical network that includes therein a plurality of nodes that relay various kinds of data, a service providing device that provides various services and that is connected to the nodes, and user devices that use these services, the title of the service that is affected by the failure. Furthermore, there is a conventional technology that detects a failure occurring in an underlay network on the basis of a change in a tunnel traffic in an overlay network that is constructed on an underlay network.
Patent Document 1: Japanese Laid-open Patent Publication No. 2008-172636
Patent Document 2: Japanese Laid-open Patent Publication No. 2009-212984
Patent Document 3: Japanese Laid-open Patent Publication No. 2010-88031
However, with the conventional technology that identifies a virtual machine affected by a failure from an FDB and that identifies the affected tenant and the affected failure path, there is a problem in that the affected tenant and the failure path are not accurately identified. Specifically, if a virtual machine that has ended communication before a failure is registered in an FDB, a path in which the communication has ended is identified as a failure path. Furthermore, if a virtual machine that starts communication after the occurrence of a failure is registered in an FDB, a communication path that is not affected by the failure is identified as a failure path.