Compute network architecture
Acronis Cyber Infrastructure supports distributed virtual switching on the basis of Open vSwitch. The latter runs on every compute node and forwards network traffic between virtual machines on the same node, and between virtual machines and infrastructure networks. Distributed virtual switching provides centralized management and monitoring of virtual network configuration across all nodes in the compute cluster.
Distributed virtual routing used for virtual network connectivity enables placing virtual routers on compute nodes and routing VM traffic directly from hosting nodes. In the DNAT scenario, a floating IP is assigned directly to the VM’s network interface. If SNAT is used, then traffic is routed via management nodes.
Physical network connectivity
Physical networks are connected to infrastructure networks on Layer 2.
The physical representation of physical network connectivity can be shown as follows:
On the figure above:
- Five virtual machines are distributed across the compute cluster and connected to two untagged physical networks via two physical switches: VM1 and VM2 belong to one physical network, while VM3, VM4, and VM5 belong to the other one.
- For each compute network, the DHCP server runs on the management node.
- The compute nodes are connected to one physical switch via the eth0 network interfaces, and to the other physical switch via eth1, and reside in two separate L2 segments.
- The eth0 and eth1 network interfaces are connected to the infrastructure networks with the VM public traffic type.
- The physical router interconnects two physical networks created on top of the infrastructure ones and provides access to public networks, such as the Internet.
Logically, the physical networking scheme can be represented as follows:
Virtual network connectivity
VXLAN technology used for virtual networks allows creating logical L2 networks in L3 networks by encapsulating (tunneling) Ethernet frames over UDP packets.
The physical representation of virtual network connectivity can be shown as follows:
On the figure above:
- Three virtual machines are distributed across the compute cluster and connected to two virtual networks via two virtual switches: VM1 and VM2 belong to one virtual network, VM3 belongs to the other one.
- For each compute network, the DHCP server runs on the management node.
- The distributed virtual router connects the virtual networks and the untagged physical network created on top of the infrastructure one.
- The compute nodes are connected to the physical switch via the eth0 network interfaces and reside in one L2 segment.
- The eth0 network interfaces are connected to the infrastructure network with the VM private and VM public traffic types.
- The physical router provides access to public networks, such as the Internet.
Logically, the virtual networking scheme can be represented as follows: