Physical Layer Network Isolation in Multi-tenant Clouds

Abstract

The isolation capabilities provided by conventional enterprise data center technology are inadequate for many clients of multi-tenant storage or compute clouds. To address this deficiency we propose a cloud architecture which relies on strategic deployment of physical layer network isolation. We show how improved client isolation can be realized with 'color gapping' using existing Coarse Wavelength Division Multiplexing technologies, and demonstrate how in some settings isolation can be visually verified by clients. To address the challenging problem of isolating multiple clients' Virtual Machines within a single physical server, we introduce a novel application of distributed bridging based on Virtual Ethernet Port Aggregators.