the second wave of virtualisation
DESCRIPTION
This session examines the second wave of the virtualisation tsunami to hit the shores of the data centre: that of network and application infrastructure. It looks at the architectural implications of Application Delivery Controller virtualisation in the data centre with a view to maintaining appropriate levels of reliability and scalability.TRANSCRIPT
The Second Wave of Virtualisation
Owen ColeTechnical Director
F5 UK, Ireland and Sub Saharan Africa
2
Opposing forces
• We are being pushed to deliver uptime,
responsiveness and compliance.
• …but budgetary strains are prompting consolidation
Vs.
3
Physical Thing
Virtualisation... What's that then??
Virtu
al Thin
g 1
Virtu
al Thin
g 2
Virtu
al Thin
g 3
Virtu
al Thin
g N
Virtual Thing
Ph
ysical Thin
g 1
Ph
ysical Thin
g N
Ph
ysical Thin
g 2
Ph
ysical Thin
g 3
Virtualisation
Two general „techniques‟
4
Physical OS Virtualization
• One machine running multiple OS instances
• Windows 2003 running virtual Linux and Vista
• Example: VMware, MS HyperV, Xen
5
Application Server Virtualization
• Multiple services appearing as one
• Reverse proxy architectures
Network
L4/L7Application
Switch
Web FarmClients
6
Network Virtualization
• One physical network, multiple virtual networks
• One switch in the DC with overlapping IP blocks
• VLANs
• Multi-routing tables– VRTs
• NAT
• Trunking
7
Storage Virtualization
• Block: Disassociating storage drive from physical
drive (iSCSI)
• File: Virtual File Location
8
Service Virtualization
• Virtual Kitchen Sink
• Dynamic Provisioning & Flexible Infrastructures
• Data Center Consolidation
Network
L2/L3Switch
L4/L7Application
Switch
TMM 1
TMM 2
TMM 3
TMM 4
switch switch
9
Application Delivery Architectures
The Complexity of Real World Application Delivery
10
Application
Applications focus on
business logic and
functionality
Traditional networks
are focused on
connectivity
Network Administrator Application Developer
- New security hole
- High cost to scale
- Slow performance
?
Problem: Infrastructures Aren’t Adaptable
11
?
Application
Network Administrator Application Developer
More
Bandwidth
Multiple Point Solutions
Add more infrastructure?
Faster and centralised fix, applications are offloaded
Costly, complex and hard to manage
Hire an army of developers?
Expensive (code, manage, maintain)
Consumes server cycles
Often not possible
How Do You Fix the Problem?
12
Advanced ADC Strategy
Secure, Fast, Available, Flexible
13
Individual Silo Approach
Regional Data Center
Benefits
Individual LTM / Service
• True “Airgap”
Architecture
• Direct BU Access
• Controlled deployments
6 -10 pairs of LTM’s
per regional datacenter
LDAPRadius DNS Provisioning TFTP, SNMP VOIP, VM, IMS Network DVR
Core Switching
Individual LTM / Service
• Application-specific hardware sizing
• Each pod can be managed separately.
Current Solution:
Different hardware models can be purchased for
different applications specific to their traffic
patterns.
Adv. ADC Adv. ADC Adv. ADC Adv. ADC Adv. ADC Adv. ADC
Individual Service Pods
14
Shared Architrecture
Dallas Data Center
Benefits
Individual LTM / Service
• Lower TCO
• Savings on maintenance
1-2 Pairs of Scalable LTM’s
Per regional datacenter
LDAPRadius DNS Provisioning TFTP, SNMP VOIP, VM, IMS
ADC
Network DVR
ADC
Core Switching
Ease of Scalability
ADC scalable architecture
• Network attack protection
• Scale through application traffic spikes
• Shared High Level Security architecture
NO PROBLEM!
Add a blade to your current infrastructure with
no additional management
15
Hybrid Architrecture
Dallas Data Center
Benefits
Individual LTM / Service
• Lower Capex
• Uses Stock Hardware
• Integrates with Dynamic
provisioning strategy
1-2 Pairs of Scalable LTM’s
Per regional datacenter
Plus
Virtual ADCs On Demand
LDAPRadius DNS Provisioning TFTP, SNMP VOIP, VM, IMS
ADC
Network DVR
ADC
Ease of Scalability
ADC scalable architecture
• Network attack protection from Core ADC
• Individual specific protection per application
• Shared High Level Security architecture
• On-Demand provisioning of ADC resources as
required
• Fully integrates with your Green Power strategy
vADCvADC vADC vADC vADC vADC
16
The Cloud......
That's Virtualisation right???
17
Self-Managing Datacenters
Server Consolidation
Test and Development CapacityOn Demand
Enterprise Computing Clouds On and Off Premise
Separate Consolidate Aggregate Automate Liberate
Virtualization to Cloud Maturity Model
Private Public
Enterprise Objective: An IT Services On-Demand Platform
You Are
Here
OrHere
OrHere
OrHere
18
Traditional Model is Inflexible
Users
Resources
Physical Virtual Multi-Site DCs
Private Public
Cloud
19
What’s Needed
Users
Resources
Physical Virtual Multi-Site DCs
Private Public
Cloud
Dynamic Services Model:Reusable services that understand context and can provide control
regardless of application, virtualization, user, device, platform or location
20
The Dynamic Control Plane Architecture
Users
Resources
Physical Virtual Multi-Site DCs
Private Public
Cloud
Availability
•Scale
•HA / DR
•Bursting
•Load-Balancing
Optimization
•Network
•Application
•Storage
•Offload
Security
•Network
•Application
•Data
•Access
Management
• Integration
• Visibility
• Orchestration
Ap
plic
atio
n a
nd
Dat
a D
eliv
ery
Net
wo
rk
21
Q. Dynamic control plane benefits?
• Cost savings from this strategy?
• How does context awareness improve our
Application Deliver or Security strategy?
22
Virtualisation Summary
• Support virtualized environments at whatever
level suits you
– From Server to Service
• Integrate and accelerate VMware and Microsoft • Dynamic Provisioning for ADCS and Application Architectures
• Secure virtual environments
– At the network layer
• DoS protection, Secure VLANs, Packet Filtering
– At the application layer
• Multi-protocol Application Firewall
23