vmworld 2013: real-world deployment scenarios for vmware nsx
DESCRIPTION
VMworld 2013 Taruna Gandhi, VMware Jeremy Hanmer, DreamHost Funs Kessen, Schuberg Philis Learn more about VMworld and register at http://www.vmworld.com/index.jspa?src=socmed-vmworld-slideshareTRANSCRIPT
![Page 1: VMworld 2013: Real-world Deployment Scenarios for VMware NSX](https://reader033.vdocuments.us/reader033/viewer/2022060119/558e411e1a28ab794d8b457a/html5/thumbnails/1.jpg)
Real-world Deployment Scenarios for VMware NSX
Taruna Gandhi, VMware
Jeremy Hanmer, DreamHost
Funs Kessen, Schuberg Philis
NET5525
#NET5525
![Page 2: VMworld 2013: Real-world Deployment Scenarios for VMware NSX](https://reader033.vdocuments.us/reader033/viewer/2022060119/558e411e1a28ab794d8b457a/html5/thumbnails/2.jpg)
2
Agenda
VMware NSX Overview
Network Virtualization for Mission Critical Workloads
at Schuberg Philis
Network Virtualization in DreamCompute using
Commodity Hardware
Q&A
![Page 3: VMworld 2013: Real-world Deployment Scenarios for VMware NSX](https://reader033.vdocuments.us/reader033/viewer/2022060119/558e411e1a28ab794d8b457a/html5/thumbnails/3.jpg)
3
The Business Wants to Go FAST!
NSX is all about speed.
Hot, nasty, bad ass speed.
- Ricky Bobby
![Page 4: VMworld 2013: Real-world Deployment Scenarios for VMware NSX](https://reader033.vdocuments.us/reader033/viewer/2022060119/558e411e1a28ab794d8b457a/html5/thumbnails/4.jpg)
4
Provisioning Multi-tier Network Services Today
![Page 5: VMworld 2013: Real-world Deployment Scenarios for VMware NSX](https://reader033.vdocuments.us/reader033/viewer/2022060119/558e411e1a28ab794d8b457a/html5/thumbnails/5.jpg)
5
Provisioning Multi-tier Network Services Today
Compute
Network
DC Services
DB DB
App App
Web Web
Corpnet/Internet
Provisioning is slow
Placement is limited
Mobility is limited
Hardware dependent
Operationally intensive
![Page 6: VMworld 2013: Real-world Deployment Scenarios for VMware NSX](https://reader033.vdocuments.us/reader033/viewer/2022060119/558e411e1a28ab794d8b457a/html5/thumbnails/6.jpg)
6
Provisioning Network Virtualization with NSX
Programmatic provisioning
Place any workload anywhere
Move any workload anywhere
Decoupled from hardware
Operationally efficient
Compute
Network
DC Services
![Page 7: VMworld 2013: Real-world Deployment Scenarios for VMware NSX](https://reader033.vdocuments.us/reader033/viewer/2022060119/558e411e1a28ab794d8b457a/html5/thumbnails/7.jpg)
7
Provisioning Network Virtualization with NSX
Programmatic provisioning
Place any workload anywhere
Move any workload anywhere
Decoupled from hardware
Operationally efficient
Compute
Network
VMware NSX
DC Services
![Page 8: VMworld 2013: Real-world Deployment Scenarios for VMware NSX](https://reader033.vdocuments.us/reader033/viewer/2022060119/558e411e1a28ab794d8b457a/html5/thumbnails/8.jpg)
8
VMware NSX – Networking & Security Capabilities
Any Application (without modification)
Virtual Networks
VMware NSX Network Virtualization Platform
Logical L2
Any Network Hardware
Any Cloud Management Platform
Logical
Firewall
Logical
Load Balancer
Logical L3
Logical
VPN
Any Hypervisor
Logical Switching– Layer 2 over Layer 3,
decoupled from the physical network
Logical Routing– Routing between virtual
networks without exiting the software
container
Logical Firewall – Distributed Firewall,
Kernel Integrated, High Performance
Logical Load Balancer – Application Load
Balancing in software
Logical VPN – Site-to-Site & Remote
Access VPN in software
NSX API – RESTful API for integration into
any Cloud Management Platform
Partner Eco-System
![Page 9: VMworld 2013: Real-world Deployment Scenarios for VMware NSX](https://reader033.vdocuments.us/reader033/viewer/2022060119/558e411e1a28ab794d8b457a/html5/thumbnails/9.jpg)
9
VMware NSX – Networking & Security Capabilities
Rich Networking & Security Services Scalable Logical Switching
Physical to Virtual L2 Bridging
Dynamic L3 Routing: OSPF, BGP, IS-IS
Logical Services:
Firewall, Identity-based Firewall, Load-balancing,
VPN (IPSec, SSL, L2VPN)
Automation & Operations API Driven Integration
Service Composer for Security Workflows
Server Access Monitoring
Troubleshooting & Visibility
Partner Extensibility Physical ToR L2 Integration
Security Services – IDS / IPS, AV, Vulnerability
Mgmt
Network Services – Load Balancers, WAN
Optimization
Any Application (without modification)
Virtual Networks
VMware NSX Network Virtualization Platform
Logical L2
Any Network Hardware
Any Cloud Management Platform
Logical
Firewall
Logical
Load Balancer
Logical L3
Logical
VPN
Any Hypervisor
![Page 10: VMworld 2013: Real-world Deployment Scenarios for VMware NSX](https://reader033.vdocuments.us/reader033/viewer/2022060119/558e411e1a28ab794d8b457a/html5/thumbnails/10.jpg)
10
VMware NSX – Network Virtualization Benefits
VMware NSX Transforms the Operational Model of the Network
Network provisioning time reduced from 7 days to 30 sec
Reduce network provisioning time from
days to seconds
Cost Savings
Reduce operational costs by 80%
Increase compute asset utilization upto 90%
Reduce hardware costs by 40-50%
Operational Automation
Simplified IP hardware
Choice
Any Hypervisor: vSphere, KVM, Xen, HyperV
Any CMP: vCAC, Openstack
Any Network Hardware Partner Ecosystem
Any hypervisor
Any CMP with Partner
![Page 11: VMworld 2013: Real-world Deployment Scenarios for VMware NSX](https://reader033.vdocuments.us/reader033/viewer/2022060119/558e411e1a28ab794d8b457a/html5/thumbnails/11.jpg)
11
Results Speak Louder Than Slideware
![Page 12: VMworld 2013: Real-world Deployment Scenarios for VMware NSX](https://reader033.vdocuments.us/reader033/viewer/2022060119/558e411e1a28ab794d8b457a/html5/thumbnails/12.jpg)
![Page 14: VMworld 2013: Real-world Deployment Scenarios for VMware NSX](https://reader033.vdocuments.us/reader033/viewer/2022060119/558e411e1a28ab794d8b457a/html5/thumbnails/14.jpg)
![Page 15: VMworld 2013: Real-world Deployment Scenarios for VMware NSX](https://reader033.vdocuments.us/reader033/viewer/2022060119/558e411e1a28ab794d8b457a/html5/thumbnails/15.jpg)
–
–
![Page 16: VMworld 2013: Real-world Deployment Scenarios for VMware NSX](https://reader033.vdocuments.us/reader033/viewer/2022060119/558e411e1a28ab794d8b457a/html5/thumbnails/16.jpg)
![Page 17: VMworld 2013: Real-world Deployment Scenarios for VMware NSX](https://reader033.vdocuments.us/reader033/viewer/2022060119/558e411e1a28ab794d8b457a/html5/thumbnails/17.jpg)
![Page 18: VMworld 2013: Real-world Deployment Scenarios for VMware NSX](https://reader033.vdocuments.us/reader033/viewer/2022060119/558e411e1a28ab794d8b457a/html5/thumbnails/18.jpg)
![Page 19: VMworld 2013: Real-world Deployment Scenarios for VMware NSX](https://reader033.vdocuments.us/reader033/viewer/2022060119/558e411e1a28ab794d8b457a/html5/thumbnails/19.jpg)
![Page 20: VMworld 2013: Real-world Deployment Scenarios for VMware NSX](https://reader033.vdocuments.us/reader033/viewer/2022060119/558e411e1a28ab794d8b457a/html5/thumbnails/20.jpg)
![Page 21: VMworld 2013: Real-world Deployment Scenarios for VMware NSX](https://reader033.vdocuments.us/reader033/viewer/2022060119/558e411e1a28ab794d8b457a/html5/thumbnails/21.jpg)
![Page 22: VMworld 2013: Real-world Deployment Scenarios for VMware NSX](https://reader033.vdocuments.us/reader033/viewer/2022060119/558e411e1a28ab794d8b457a/html5/thumbnails/22.jpg)
![Page 23: VMworld 2013: Real-world Deployment Scenarios for VMware NSX](https://reader033.vdocuments.us/reader033/viewer/2022060119/558e411e1a28ab794d8b457a/html5/thumbnails/23.jpg)
![Page 24: VMworld 2013: Real-world Deployment Scenarios for VMware NSX](https://reader033.vdocuments.us/reader033/viewer/2022060119/558e411e1a28ab794d8b457a/html5/thumbnails/24.jpg)
–•••
–••
–––––
••
–
–––
![Page 25: VMworld 2013: Real-world Deployment Scenarios for VMware NSX](https://reader033.vdocuments.us/reader033/viewer/2022060119/558e411e1a28ab794d8b457a/html5/thumbnails/25.jpg)
![Page 26: VMworld 2013: Real-world Deployment Scenarios for VMware NSX](https://reader033.vdocuments.us/reader033/viewer/2022060119/558e411e1a28ab794d8b457a/html5/thumbnails/26.jpg)
Who Am I?
• Jeremy Hanmer (@fzylogic)
• 13 years of experience with DreamHost
• System Engineer -> Network Engineer ->...
• ... VP Security -> Cloud Architect
• Focusing on OpenStack and Network Virtualization
![Page 27: VMworld 2013: Real-world Deployment Scenarios for VMware NSX](https://reader033.vdocuments.us/reader033/viewer/2022060119/558e411e1a28ab794d8b457a/html5/thumbnails/27.jpg)
DreamCompute’s
Networking Requirements •
•
•
•
•
•
•
•
•
•
•
![Page 28: VMworld 2013: Real-world Deployment Scenarios for VMware NSX](https://reader033.vdocuments.us/reader033/viewer/2022060119/558e411e1a28ab794d8b457a/html5/thumbnails/28.jpg)
Why Virtualize?
• Customers deserve it
• Better Security (Isolate customers from one another)
• Live Migration (Zero-downtime maintenance!)
• Replicate their existing IP addressing schemes
• Easier administration
• Live Migration (Hypervisor maintenance becomes easy)
• Much easier to know what’s going on on the network
• Automating VLAN provisioning STINKS and doesn’t scale
• We’re now able to migrate workloads to avoid hot spots
![Page 29: VMworld 2013: Real-world Deployment Scenarios for VMware NSX](https://reader033.vdocuments.us/reader033/viewer/2022060119/558e411e1a28ab794d8b457a/html5/thumbnails/29.jpg)
Why VMware?
• Confident in their team
• Roadmap (It included IPv6! I’m told it’s getting close!)
• Easy integration of our own Layer 3 services
• Community presence in OpenStack is awesome
• Emphasis on ease of troubleshooting
• Super great support from the beginning
![Page 30: VMworld 2013: Real-world Deployment Scenarios for VMware NSX](https://reader033.vdocuments.us/reader033/viewer/2022060119/558e411e1a28ab794d8b457a/html5/thumbnails/30.jpg)
Why Cumulus? •
•
•
•
•
•
•
•
•
•
•
•
![Page 31: VMworld 2013: Real-world Deployment Scenarios for VMware NSX](https://reader033.vdocuments.us/reader033/viewer/2022060119/558e411e1a28ab794d8b457a/html5/thumbnails/31.jpg)
Physical Network Design • IPv6 Native
• Storage network is 100% IPv6
• Customers all receive a /64 of public IPv6 space
• Layer 2 domains terminate at the TOR
• OSPF v2/3 running on every switch
• 10G Ethernet to every server
• 40G Ethernet between spines
• Dedicated networks for storage (one frontend, one backend), NSX, and administration
• Simple!
• VRRP, QFabric, HSRP often cause more problems than they fix
• Debugging Layer 3 is easy. Debugging Layer 2 is not
![Page 32: VMworld 2013: Real-world Deployment Scenarios for VMware NSX](https://reader033.vdocuments.us/reader033/viewer/2022060119/558e411e1a28ab794d8b457a/html5/thumbnails/32.jpg)
Rack Architecture •
•
•
•
•
•
•
•
•
•
•
•
••
•
![Page 33: VMworld 2013: Real-world Deployment Scenarios for VMware NSX](https://reader033.vdocuments.us/reader033/viewer/2022060119/558e411e1a28ab794d8b457a/html5/thumbnails/33.jpg)
Virtualization Workflow
••••
AKA: Why this is all so awesome
![Page 34: VMworld 2013: Real-world Deployment Scenarios for VMware NSX](https://reader033.vdocuments.us/reader033/viewer/2022060119/558e411e1a28ab794d8b457a/html5/thumbnails/34.jpg)
The Future!
• Migrate to NSX’s L3 services
• Just waiting for IPv6 to ship with BGP support
• Get Chef running on the Cumulus gear
• Hasn’t been a priority because of the nearly identical configs
• Move to a full mesh architecture that wasn’t possible before
![Page 35: VMworld 2013: Real-world Deployment Scenarios for VMware NSX](https://reader033.vdocuments.us/reader033/viewer/2022060119/558e411e1a28ab794d8b457a/html5/thumbnails/35.jpg)
“Pics or It Didn’t Happen!”
![Page 36: VMworld 2013: Real-world Deployment Scenarios for VMware NSX](https://reader033.vdocuments.us/reader033/viewer/2022060119/558e411e1a28ab794d8b457a/html5/thumbnails/36.jpg)
36
Thoughts & Questions
•Fkessen
•
•
![Page 37: VMworld 2013: Real-world Deployment Scenarios for VMware NSX](https://reader033.vdocuments.us/reader033/viewer/2022060119/558e411e1a28ab794d8b457a/html5/thumbnails/37.jpg)
37
Other VMware Activities Related to This Session
HOL:
HOL-SDC-1303
VMware NSX Network Virtualization Platform
Group Discussions:
NET1001-GD
vCloud Networking and Security & NSX for VMware Environments with
Ray Budavari
NET5525
![Page 38: VMworld 2013: Real-world Deployment Scenarios for VMware NSX](https://reader033.vdocuments.us/reader033/viewer/2022060119/558e411e1a28ab794d8b457a/html5/thumbnails/38.jpg)
THANK YOU
![Page 39: VMworld 2013: Real-world Deployment Scenarios for VMware NSX](https://reader033.vdocuments.us/reader033/viewer/2022060119/558e411e1a28ab794d8b457a/html5/thumbnails/39.jpg)
![Page 40: VMworld 2013: Real-world Deployment Scenarios for VMware NSX](https://reader033.vdocuments.us/reader033/viewer/2022060119/558e411e1a28ab794d8b457a/html5/thumbnails/40.jpg)
Real-world Deployment Scenarios for VMware NSX
Taruna Gandhi, VMware
Jeremy Hanmer, DreamHost
Funs Kessen, Schuberg Philis
NET5525
#NET5525