Network Overview

Compute Network Isolation

Ethernet Network:

Each tenant is assigned a unique VXLAN ID.
Each tenant's compute VXLAN ID is mapped to the corresponding tenant's converged VXLAN ID, ensuring seamless integration with the converged network.

InfiniBand Network:

Each tenant is assigned a unique Partition Key (PKEY) to enforce network isolation.
The tenant's PKEY is mapped to a corresponding tenant-specific converged VLAN ID, enabling interoperability between InfiniBand and Ethernet segments.

Converged Network & Isolation

The Converged Network integrates multiple traffic types, including:

Storage Traffic: Facilitates high-performance access to storage backends such as VAST, DDN, WEKA, or any other storage solution.
In-band Management: Used for managing compute and storage resources within the infrastructure.
External Connectivity: Enables communication with external networks and cloud providers.

For Converged Network Isolation:

Similar to compute network isolation, per-tenant VXLANs are leveraged.

This approach provides multi-tenancy, security, and seamless integration between different network types while maintaining high performance and scalability.

Tenant Network Configuration

The tenant networks provide multi-tenancy, security, and seamless integration between different network types while maintaining high performance and scalability. When a Tenant allocates a resource (Bare metal, Virtual Machine or a Kubernetes cluster), they are isolated across all these networks.

Compute Network Isolation​

Converged Network & Isolation​

Tenant Network Configuration​

Compute Network Isolation

Converged Network & Isolation

Tenant Network Configuration