As part of the Microsoft and Oracle partnership, direct connection between Azure and OCI is available in selected regions. As a result, a high-performance link between the two cloud infrastructures can be easily established, without the need for external providers. More information can be found on the following websites: https://aka.ms/OracleOnAzure or www.oracle.com/cloud/oci-azure.html.
On 1 April 2021, the availability of this functionality was announced for the next region – Germany West Central/Frankfurt. This is the third region in Europe where such a possibility exists, but the first within the current borders of the European Union where each cloud consists of three Availability Zones/Availability Domains.
With this architecture, it is possible to build fully redundant solutions based on the infrastructure of a single region. To further increase availability (needs of higher Disaster Recovery level) backups or replications can be routed to another location in Europe or another continent where Interconnect functionality is available.
Regardless of the region’s infrastructure, Access Points are indicated for the set-up of connections. According to documentation, these are Interxion (FRA11/Frankfurt) and Equinix (FR7/Frankfurt2) in the Germany West Central/Frankfurt region. Each of these can be independently used to establish a direct connection between Azure and OCI. It should also be recognised that regardless of the Access Point selected, the connection consists of two redundant links.
Looking at the available information (sources below), it is worth noting that the Access Points are located in different centres, implemented by different providers and situated in different parts of the city.
In order to ensure the highest performance of a solution based on a direct connection between Azure and OCI, a number of configuration options need to be considered. Their impact on network latency can be important in designing an optimal architecture. With these configuration challenges in mind, we focused on verifying communication when selecting different options such as Access Point, Availability Zone/Domain, Fast Path or Accelerated Networking option.
As part of the benchmarking of the infrastructure, a series of measurement sessions were carried out to examine the latency between virtual machines located in different Availability Zones/Domains using the connections provided by both Access Points.
The results allow for the selection of an appropriate solution when designing an architecture for specific requirements. Network layer level latency between VMs running in Azure and OCI was investigated.
For the purpose of benchmarking, architecture was set up for Azure and OCI in the Germany West Central/Frankfurt region, consisting of the following components respectively:
- Dedicated resource group
- Dedicated virtual network with GatewaySubnet one subnet for Virtual Machines
- Virtual Network Gateway of the UltraPerformance type that allow checking configurations with FastPath option enabled and disabled
- Express Route Circuit with 50Mbps, for both Access Points (Frankfurt/Frankfurt2)
- Three Virtual Machines azure-az1-vm1, azure-az2-vm1, azure-az3-vm1 type Standard D4s_v4 (4vCPU 16GB RAM) deployed respectively in Availability Zone 1, Zone 2 and Zone 3
- Network Security Group containing the relevant rules opening the tested network traffic
- Dedicated compartment
- Dedicated virtual cloud network with regional subnet for Virtual Machines
- Dynamic Routing Gateway assigned to the established network
- Internet Gateway for remote access to the Virtual Machines
- Relevant entries in the routing table
- Relevant rules in the Security List opening the tested network traffic
- Fast Connect 1Gb for communication with Azure
- Three Virtual Machines oci-ad1-vm1, oci-ad2-vm1, oci-ad3-vm1 of type VM.Standard.E3 equipped with 2 OCPUs (4vCPU) and 8GB RAM deployed respectively in Availability Domain 1, Domain 2, Domain 3
The Virtual Machines are running Oracle Enterprise Linux version 7.9.
Accelerated Networking is set for the network interfaces of VMs in Azure. Several tests were also conducted with the Accelerated Networking option disabled. The results were up to 10% worse so only the lower latency configuration was considered.
The configuration details are shown in the diagram below:
Analysis of network latency
Network latency was investigated with the basic system tool mtr in one- or two-hour sessions. Tests were carried out in several configurations by changing the connection parameters on the Azure side (FastPath) and by selecting a different Access Point (Frankfurt – Interxion/Frankfurt2 – Equinix). Network latency between the VMs of each Availability Zone/Domain was measured. Measurements were made in parallel for each VM, first for the Frankfurt connection and then for Frankfurt2. On the OCI side, a 1Gbps connection was selected, and on the Azure side, 50Mbps.
The data comprises the average (Avg), best (Best) and worst (Wrst) communication delays over the investigated period expressed in milliseconds.
For Frankfurt 2 – Equinix connection:
Comparison of measured latency values for both Access Points:
In-network latency tests were also carried out within a single cloud between Virtual Machines in different Availability Zones/Domains:
- Communication delays between different Availability Zones in Azure and different Availability Domains in OCI are similar and no configuration is clearly superior as seen in the WestEurope/Amsterdam region
- Enabling FastPath can reduce latency by up to 50%
- Accelerated Networking option had little effect on latency, reducing it by only several percent. Please note that this option is available on selected types of VMs (https://docs.microsoft.com/en-us/azure/virtual-network/create-vm-accelerated-networking-cli#supported-vm-instances
- Azure-OCI communication is at the level of communication between Availability Zones in Azure
The author of the analysis:
Cloud Solutions Architect
Oracle Department, Advatech