At the GNTC Cloud Summit on November 15, Mr. Zong Zhigang, a senior network technology expert at Alibaba Cloud, first shared the keynote speech Apsara Luoshen - the high-performance network engine that powers Alibaba Cloud. Apsara Luoshen is the core of Alibaba Cloud's virtual network system. It provides extensive Alibaba Cloud network products, and serves as the network infrastructure of all Alibaba Cloud products. Apsara Luoshen also powers the business of Alibaba Group and Ant Financial. This sub-forum deeply explores the key technical capabilities and the future application directions of the Apsara Luoshen system.
A part of Mr. Zongzhigang's thrilling speech is presented as follows:
Alibaba Cloud subsystems are named after Chinese mythological deities, such as Luoshen, Fuxi, Pangu, and Nuwa.
In Chinese mythology, Luoshen is the deity of rivers. Rivers have been a very important transportation means for ancient people. Nowadays, networks are as important to our life and work communication as rivers to our transportation in ancient times. Therefore, we named Alibaba Cloud Network as Apsara Luoshen at the time of its foundation.
So far, Apsara Luoshen is now managing an enormous infrastructure network system for Alibaba Cloud, which covers 19 regions, has a total outbound bandwidth of 20 Tbit/s, and runs more than 200 BGP lines. These numbers are still increasing. Alibaba Cloud provides the most extensive network products in the industry, which are divided into four product lines based on where they are deployed:
Alibaba Cloud's network architecture is an assembly of the above network products, and Apsara Luoshen represents Alibaba Cloud networks on the cloud.
To better understand the logic of this architecture, let's take a look at the general steps of enterprise cloudization and the changes in their IT systems, to see the network requirements of enterprise cloudization. Enterprise cloudization is divided into four stages:
As can be seen from the evolution history of Alibaba Cloud's system architecture, at the beginning, the business application and data was collectively deployed to a single machine. Then, the application and data was deployed in a hierarchical and multilayer hierarchical manner. After that, we had distributed clusters and then the extensive microservice transformation. Throughout this process, we can see that the flexibility between applications, and between applications and data has been constantly increasing.
After the completion of enterprise cloudization, networks are "visible" to services on the cloud. Therefore, networks must first provide various gateway-type services, and then provide the elastic scalability, security, reliability, and highly effective O&M capability as needed by services provided by the enterprise.
Moreover, Alibaba Cloud believes that in the future, the infrastructure will be no longer visible to enterprises on the cloud. Enterprises do not need to see underlying services such as computing, storage, and networks. All they need is to select frontend and middleware services from the cloud-based ecosystem, and then slightly adjust these services to build their own systems. The ultimate goal of Apsara Luoshen's is to make networks invisible to end users.
The time at which Alibaba Cloud launched new network products is basically consistent with the pace of enterprise cloudization. At the beginning, we only provided single-instance products such as AVS and SLB. After cloudization of basic instances, we launched Express Connect, private lines, and SAG to connect cloud-based and on-premises systems. With the refining of the resource granularity and the expansion of the distribution scope, Alibaba Cloud launched Global Acceleration and CEN. With the evolution of enterprise architecture on the cloud, Alibaba Cloud Network will constantly launch diversified network products for different business systems to meet customer needs.
Next, let's introduce the key technologies of the Apsara Luoshen system. Three features: flexible, reliable, and smart.
The flexibility of Apsara Luoshen is reflected by two significant numbers. The first is that Apsara Luoshen supports elastic scaling of the forwarding bandwidth from one Mbit/s to one Tbit/s within one second. The second is the capacity scalability - up to 100,000 ECC instances within a single network are supported.
The outstanding elastic scaling capability of Alibaba Cloud is mainly attributable to the following two reasons:
Last year, the average time of fault of all Alibaba Cloud network instances (excluding vSwitch networks) was 50 milliseconds, which is a very short period of time.
When it comes to reliability, the most fundamental requirement is to implement cross-data-center multi-active deployment.
Each key node of Apsara Luoshen consists of controllers and various gateways. Each data center is deployed with one or multiple clusters. Different nodes and data centers back up each other. When one node is down, Luoshen enables failover within the same cluster. When the number of faulty nodes within a single cluster exceeds the threshold, Luoshen enables failover between different clusters within the same data center or across different data centers. This avoids network unavailability due to the fault of a single node or a single cluster. This is actually an implementation of cross-data-center multi-active deployment.
Next, let me introduce you LuoShen's quick fault detection and flow coloring system.
This system conducts coloring and matchmaking on specific flows. It works on Alibaba Cloud virtual networks and physical networks. During the operation of a device, the system conducts image sampling and adds timestamps to specific services and to flows with specific colors for real-time data analysis. The system quickly detects faults of specific flows through real-time data analysis. For example, upon detection of packet loss, it instantly notifies the network administrator to recover the fault. This is basically the same as the conventional IT logic, but the Apsara Luoshen system mainly works from a customers' business perspective.
In fact, smartness and reliability are closely related to each other, because smart monitoring, smart O&M, and smart fault recovery can effectively reduce the time of a fault.
Speaking of smartness, we have to introduce Alibaba Cloud's big data-based smart O&M platform, which is called Apsara QiTian inside Alibaba Cloud. Apsara QiTian collects various user information (such as the flow data and statistical data) through the data plane and control plane. JStorm, a data collection tool is then used to classify the data into basic data, monitoring data, and diagnostic data. Afterwards, it conducts matchmaking and computation on such data according to certain rules before outputting the analysis results to the alarm interface, APIs, and the robot. It also isolates and recovers certain faults.
Here are some scenarios of Apsara QiTian:
Now, let's take a look at the application of Apsara Luoshen. As of now, the network of Alibaba Cloud is enormous. There are millions of network devices and tens of millions of network instances running on its virtual network sources. It also monitors more than one thousand network metrics, and supports big data analysis. Events like the Double Eleven Global Shopping Festival have the impose the greatest pressure on the network. The data for this year's Double Eleven Global Shopping Festival is not fully available yet. According to the currently available data, the peak transaction volume exceeded 325,000, and the bandwidth of a single SLB instance exceeded 160 Gbit/s. Now, all Alibaba Cloud services are running on the Apsara Luoshen system, which has already become an important service in the VPC network.
Finally, let's summarize the mission of Apsara Luoshen. So far, Apsara Luoshen has undergone three generations. The first generation is the classic network, which was mainly used to solve the problem of connectivity. The second generation launched the VPC network for security isolation. We are currently using the third generation Apsara Luoshen, which provides solutions to connect to the cloud, and offers the same capabilities as conventional enterprise networks. Alibaba Cloud defines the final stage as Networkless. In this stage, the networks are invisible to end users. As indicated by its name—Apsara Luoshen, it is a deity that you cannot see, but it exists everywhere.
AlibabaCloud_Network - December 19, 2018
Alibaba Clouder - April 23, 2020
AlibabaCloud_Network - September 19, 2018
AlibabaCloud_Network - November 12, 2018
andy.zh - November 7, 2019
AlibabaCloud_Network - December 3, 2019
A dedicated network connection between different cloud environmentsLearn More
VPN Gateway is an Internet-based service that establishes a connection between a VPC and your on-premise data center.Learn More
Connect your business globally with our stable network anytime anywhere.Learn More
An end-to-end software-defined network solution for multinational enterprises.Learn More
More Posts by AlibabaCloud_Network