Upload
others
View
1
Download
0
Embed Size (px)
Citation preview
Introducing VMware NSX-T into Dell EMC VxBlock 1000 April 2020
H18186
White Paper
Abstract
This paper describes how Dell EMC VxBlock 1000 provides an ideal platform for a multi-cloud enabled software defined network architecture, and how the VxBlock 1000 NSX-T architecture will evolve to meet the needs of the multi-cloud landscape.
Dell Technologies Solutions
Copyright
2 Introducing VMware NSX-T into Dell EMC VxBlock 1000 White Paper
The information in this publication is provided as is. Dell Inc. makes no representations or warranties of any kind with respect to the information in this publication, and specifically disclaims implied warranties of merchantability or fitness for a particular purpose.
Use, copying, and distribution of any software described in this publication requires an applicable software license.
Copyright © 2020 Dell Inc. or its subsidiaries. All Rights Reserved. Dell Technologies, Dell, EMC, Dell EMC and other trademarks are trademarks of Dell Inc. or its subsidiaries. Intel, the Intel logo, the Intel Inside logo and Xeon are trademarks of Intel Corporation in the U.S. and/or other countries. Other trademarks may be trademarks of their respective owners. Published in the USA April 2020 White Paper H18186.
Dell Inc. believes the information in this document is accurate as of its publication date. The information is subject to change without notice.
Contents
3 Introducing VMware NSX-T into Dell EMC VxBlock 1000 White Paper
Contents
The shifting IT landscape ............................................................................................................. 4
VMware NSX-T on VxBlock 1000 overview .................................................................................. 5
The management, control, and data plane construct ................................................................. 7
Initial design for NSX-T on VxBlock 1000 .................................................................................. 11
VxBlock 1000 persistent architecture and NSX-T value ........................................................... 16
Meeting requirements ................................................................................................................. 17
Conclusion................................................................................................................................... 18
The shifting IT landscape
4 Introducing VMware NSX-T into Dell EMC VxBlock 1000 White Paper
The shifting IT landscape
IT organizations are increasingly subjected to escalating demands to deliver agile,
transformative, scalable, and secure applications and services to meet the needs of a
progressively global and adaptive business landscape. This change had its roots in the
previous decade and resulted in the mass acceptance of Converged Infrastructure (CI)
technology as a mechanism to scale the Data Center. The Dell EMC VxBlock platform is a
leading systems provider within the CI market.
The IT landscape is undergoing a significant shift in terms of how applications and
services are being defined, developed, and brought to market. In the digital transformation
era, organizations are increasingly looking for ways to drive competitive advantage by
adopting agile and cloud-centric application development methodologies. Speed to
market, agility, and constant innovation are dominant and recurring themes. This shifting
landscape is characterized by the following:
• Application Proliferation – Driven by pressure to release early and maximize
speed-to-market, line of business owners (LOBs) and application developers are
demanded to deliver applications in a more agile, faster, and more streamlined
fashion. This has led to increased release cadence, more widespread use of
heterogeneous tooling and open source software, and a drastic increase in
application volume.
• Emergence of the Public and Hybrid Cloud Model – The drive to innovate
quickly has led organizations to use public clouds, where there is a perceived ability
to scale up and down ‘on demand’ resources leveraging an ‘Infrastructure as a
Utility’ and a ‘Pay as you Use’ model. However, this hybrid cloud-centric approach
has resulted in IT challenges to maintain a common security, networking,
compliance, and operational footprint across the organization and across clouds, as
well as managing costs at scale.
• Platform Heterogeneity – The emergence of the public/hybrid cloud model and
multiple different locations where applications reside has resulted in the use of
diverse application platforms. Where traditionally applications resided in VMware
virtual machines, they now may reside on a container, KVM hypervisor, bare-metal
device, or EC2 instance. This non-uniformity creates obvious technical and
operational overhead and challenges.
• Application Heterogeneity – As the popularity of the hybrid cloud model has
increased so has the proliferation of applications that are non-uniform and behave
like both a cloud-native application and a traditional application. For instance, a
modern ‘app’ may have a cloud-native-based front-end, but may also rely on a
back-end database that resides on a traditional infrastructure.
Organizations face the two-fold challenge of how to manage the different processes
underpinning traditional applications while also developing co-existing processes and
procedures to cater to the vastly differing needs of the modern application. Aside from the
obvious benefits from a TCO perspective of a singular overarching network and security
system to manage this type of environment, organizations are mandated to do so, in order
to adhere to and comply with business and regulatory driven compliance, security, risk,
and financial goals. This represents the key challenge: How can this be achieved?
VMware NSX-T on VxBlock 1000 overview
5 Introducing VMware NSX-T into Dell EMC VxBlock 1000 White Paper
This document addresses how the NSX-T management, control and data planes leverage
the technical and operational capabilities of the Advanced Management Platform (AMP),
and the compute and network architecture of the VxBlock 1000, by exploring how they
meet the basic set of use cases. It also provides some insight into how the platform will
evolve to satisfy new and emerging use cases at scale. This evolution will further leverage
the management, automation, data availability, and data center architecture (Vscale)
capabilities of the VxBlock 1000. For additional information, see Architectural Overview of
NSX-T on VxBlock 1000 (to be published May, 2020).
This white paper is for IT professionals who are interested in understanding how a
VxBlock 1000 with a NSX-T architecture can help to provide a scalable, multi-cloud-
enabled, software-defined network architecture. The reader is expected to understand
basic SDN network terminology and how SDN networks work.
Dell Technologies and the author of this document welcome your feedback on the solution
and the solution documentation. Contact the Dell Technologies Solutions team by email or
provide your comments by completing our documentation survey.
Author: Martin Hayes
Contributors: Ignacio Borrero, Robert Percy, Reed Tucker
VMware NSX-T on VxBlock 1000 overview
The VxBlock 1000 is the de-facto standard in CI excellence and delivers proven high
scale performance within a fault tolerant and uniquely robust architecture. Moreover, the
VxBlock 1000 is purposefully designed to perpetually accept new platforms and
technologies and to avoid the technical debt associated with older generation and
monolithic IT platform choices. Built with a focus on High Value Traditional Applications
(HVTAs), the VxBlock 1000 is flexible and adaptable to meet the technical requirements
and challenges of the cloud enabled, multi-cloud, and cloud-native applications
architecture landscape.
VMware NSX-T, or VMware NSX Data Center, is a software-defined platform that is
engineered to deliver a virtualized Layer 2 through Layer 7 set of networking and security
services across heterogeneous endpoints, hypervisors, and clouds. Since its inception, it
has continually provided new functionality and a broad suite of services, on top of the core
set of services offered by NSX Data Center, including NSX Cloud, NSX Distributed
IDS/IPS, NSX Advanced Load Balancer, and VMware SD-WAN. For additional
information about these products, see the VMware Docs site (https://docs.vmware.com/).
In this paper, we will limit the scope of the discussion to the core set of services offered by
VMware NSX Data Center (NSX-T). While there is some overlap between the features
and functionality between NSX-T and the soon-to-be-retired NSX-V, they differ
significantly in terms of scale and their native ability to support cloud, cloud-native
(container), and application-centric use cases in an agnostic fashion.
NSX-T is designed to support multiple heterogenous endpoints, hypervisors, and clouds
by decoupling the direct dependency between the NSX-V management and control
Document
purpose
Audience
We value your
feedback
VMware NSX-T on VxBlock 1000 overview
6 Introducing VMware NSX-T into Dell EMC VxBlock 1000 White Paper
planes from VMware vSphere vCenter. This decoupling transformed NSX Data Center
from what was essentially a set of networking and security features strictly bound by and
limited to the core capabilities of vSphere, to a standalone, infinitely scalable Data Center,
Cloud, and Edge-capable, software-defined networking and security architecture.
To understand how NSX-T helps organizations achieve a scalable, robust, software
defined and extensible network and security architecture, let's examine the underlying
architectural components of the VxBlock 1000. The following design criteria are at the
heart of any enterprise-ready, software-defined architecture at scale:
• Architectural persistence
• Availability
• Manageability
• Performance
• Extensibility and interoperability
This paper will explore how the VxBlock 1000 architecture, combined with the VMware
NSX-T software that is configured on the platform, satisfy these design criteria, both at
initial launch and as the combined software and hardware platform evolve over time. To
address this challenge, let us first focus on describing and understanding both
architectures and how they combine.
Figure 1. Persistent Architecture at Scale
The management, control, and data plane construct
7 Introducing VMware NSX-T into Dell EMC VxBlock 1000 White Paper
To meet these requirements, the VxBlock 1000 offers unparalleled architectural
excellence that includes engineered and systematic performance, reliability and
redundancy at scale with no single point of failure. The platform has been purposefully
designed to meet the needs and requirements of new emerging cloud and software-
defined use cases. The implementation of VMware NSX-T is an example of how the
VxBlock 1000 accepts and incorporates new software-based offerings by leveraging its
native persistent architecture.
This white paper describes this integrated offering, and how VMware NSX-T and VxBlock
1000 together meet the requirements of an ‘enterprise ready’ software-defined
architecture at scale.
The management, control, and data plane construct
The three key elements that comprise NSX-T – Management Plane, Control Plane, and
Data Plane -- are deployed on the VxBlock 1000 platform and enable how it interacts with
the VxBlock 1000 persistent architecture described in the previous section.
A brief description of each component:
• Management Plane — provides a single API entry point to the system, persists
user configuration, handles user queries, and performs operational tasks on all
management, control, and data plane nodes in the system.
• Control Plane — computes all ephemeral runtime states based on configuration
from the management plane, disseminates topology information reported by the
data plane elements, and pushes stateless configuration to forwarding engines.
• Data Plane — performs stateless forwarding/transformation of packets based on
tables populated by the control plane. The data plane also reports topology
information to the control plane and maintains packet level statistics.
Deploying NSX-T on a VxBlock Management, Control, and Data Plane cluster consists of
configuring the NSX Manager Appliance in a cluster of three virtual machines. This
configuration offers availability, redundancy, and performance at scale. Clustering allows
the platform to process large-scale concurrent API requests using REST API calls. A web-
based UI entry point is also available for all user configurations.
Unlike NSX-V on VxBlock, there is no interdependence between the NSX-T Manager
Appliance cluster and an underlying compute manager, such as VMware vSphere
vCenter. This decoupling allows for the NSX-T Manager to interact with multiple compute
managers, including multiple instances of vCenter server, cloud-based managers, and
container instances by means of a Network Container Plugin (NCP). This engineered
flexibility addresses the principle drawback of previous architectures in which the NSX
Manager was tightly coupled with vCenter Server. The new architecture employs a
systematic approach to addressing the platform heterogeneity concerns outlined
previously.
Management
plane
The management, control, and data plane construct
8 Introducing VMware NSX-T into Dell EMC VxBlock 1000 White Paper
Figure 2. NSX-T – Platform Architecture
Starting with NSX-T release 2.4, the Manager and Controller functions are combined,
increasing operational efficiency and reducing the overall footprint and resource overhead
on the Advanced Management Platform (AMP). The AMP provides a consolidated
management infrastructure to manage multiple VxBlock Systems in a data center. The
AMP is comprised of servers, shared storage and uses network connectivity to provide a
scalable system management platform.
The management, control, and data plane construct
9 Introducing VMware NSX-T into Dell EMC VxBlock 1000 White Paper
Figure 3. VxBlock System 1000 AMP
The NSX-T Management and Central Control Plane Cluster has been sized and
engineered to be compatible with all currently available VxBlock system AMPs. Currently
this includes the AMP-3S and AMP Central offerings.
Each Manager appliance has three distinct roles: a Policy role, a Manager role, and a
Controller role. The first two roles are associated with the Management plane and the
latter with the Control plane.
NSX-T on VxBlock 1000 implements a fully distributed control plane architecture, divided
between the Central Control Plane (CCP) on the AMP Platform and the Local Control
Plane (LCP) resident on the Host Transport Nodes and Edge Transport Nodes. A
Transport Node is a device that is part of the data plane and prepared for NSX-T. It
participates in traffic forwarding. Examples of Transport Node devices are hosts operating
in the Compute cluster and the Edge cluster.
Control planes
The management, control, and data plane construct
10 Introducing VMware NSX-T into Dell EMC VxBlock 1000 White Paper
Figure 4. Distributed architecture
This distributed architecture is what allows NSX-T to scale across thousands of
heterogeneous endpoints, by considerably reducing the overhead on the CCP.
As described above, a Transport Node (TN) is a device prepared for NSX-T and
participates in traffic forwarding. In the context of the VxBlock 1000, this consists of the
following:
• All Cisco UCS B and C Series servers that are configured in compute clusters
• NSX-T Edge Nodes (virtualized form factor) that are running on Cisco C-Series
C220 M5 servers and are configured in the Edge Cluster as described below.
Traffic within the system is transported between Transport Nodes and devices attached to
the Transport Nodes (such as Virtual Machines) by means of an encapsulation overlay.
The overlay is a GENEVE tunnel built on the VxBlock physical network (Underlay).
(GENEVE, Generic Network Virtualization Encapsulation, is a flexible network
virtualization standard and encapsulation protocol.) Accessibility between devices
attached to the overlay is managed by the Central Control Plane (CCP) and the Local
Control Plane (LCP).
Transport nodes
NSX-T Edge
Cluster on
VxBlock 1000
Initial design for NSX-T on VxBlock 1000
11 Introducing VMware NSX-T into Dell EMC VxBlock 1000 White Paper
At some point:
1. Traffic will need to leave the system to reach devices/services external to NSX-T
on the VxBlock 1000.
2. Devices external to the VxBlock 1000, and not participating in the overlay, will
require ingress into the system.
3. Devices and endpoints must attach to centralized services that are contained
within a central location within the system, such as stateful in-line firewalling.
The NSX-T Edge cluster performs this process of tunnel encapsulation/de-encapsulation,
north-south ingress/egress, and provisioning of centralized services.
NSX-T on VxBlock 1000 offers a scalable and flexible yet prescriptive implementation of
the NSX-T Edge cluster. An initial small footprint of two physical servers offers
performance without being cost-prohibitive. The initial offering scales up to 16 servers, for
customers who wish to implement additional centralized services at the edge.
Figure 5. Scaling Edge Cluster
Edge Nodes
Edge Nodes are an NSX-T construct that are deployed on the physical servers. These
Edge Nodes can be deployed in a virtual (VM-based) or physical (baremetal-based) form
factor. For the initial VxBlock 1000 implementation of NSX-T, Dell EMC supports only
virtual Edge Nodes. This provides an initial benefit in terms of deployment flexibility and
serviceability. Future releases of NSX-T on VxBlock 1000 may integrate a bare-metal
form factor to facilitate high performance use cases.
Initial design for NSX-T on VxBlock 1000
The initial release of NSX-T on VxBlock 1000 enables customers to satisfy some of the
most basic and embryonic use cases immediately. Examples include:
• Software-defined Layer 2 Data-Center Scale using the GENEVE overlay
• Software-backed failure domain isolation
• NSX-T micro-segmentation
Initial design for NSX-T on VxBlock 1000
12 Introducing VMware NSX-T into Dell EMC VxBlock 1000 White Paper
• Ingestion by upper stack cloud management platforms for IaaS automation
The architecture allows customers to explore the full extent of the NSX-T offering while
retaining the assurance of a fully engineered platform at the back end. These features can
be broadly categorized as follows, together with some examples:
• Networking — GENEVE Overlay and Layer 2/3 DC Scale, Failure Domain
Isolation
• Security — Edge Firewall, Micro-segmentation, Service Insertion.
• Automation — API Network provision, integration with VxBlock Central,
consumption by IaaS platforms such as vRealize Automation
• Visibility — vRNI, vROps and NSX Intelligence
Figure 6. NSX-T features
So far we have identified some key use cases and provided a high-level overview of how
the NSX-T Management, Control, and Data Planes are designed. We have not yet
examined how the individual components knit together to deliver tangible business,
operational, and technical benefits. To illustrate this, the following diagram uses an
elevated view architecture to show how even a minimal single system — a single-site
NSX-T deployment on VxBlock — can provide tangible beneficial outcomes.
Initial design for NSX-T on VxBlock 1000
13 Introducing VMware NSX-T into Dell EMC VxBlock 1000 White Paper
Figure 7. Overlay, Underlay, and Control and Management Plane access architecture
This figure shows:
• How the NSX-T Management, Control, and Data Planes are integrated into the
VxBlock 1000 platform
• By what mechanism the planes are consumed
• Which initial Day 0 use cases are serviced
• How these use cases can be expanded upon as VxBlock 1000 and VMware NSX-T
evolve over time
Although Figure 7 goes into relative depth, some low-level detail is excluded for the sake of
conciseness and clarity. For a complete in-depth architectural review of NSX-T on VxBlock, see
Architectural Overview of NSX-T on VxBlock 1000 (to be published May, 2020).
NSX-T has vastly improved the mechanisms for configuring and consuming it, whether by
the traditional GUI method or by a direct REST API integration. This open interface has
allowed the platform to be consumed in an ‘Infrastructure as Code’ fashion by Terraform,
Ansible, Java and Python. It also allows for deeper integration with cloud and Life Cycle
Management platforms such as VMware vRealize Automation, Red Hat OpenShift,
VMware VCF SDDC Manager, and of course VxBlock Central.
The NSX-T Management and Control Plane configured on the VxBlock 1000 AMP will
expose the following methods of consumption:
• Enabling the ‘Infrastructure as Code’ use case
Consumption
and
configuration
Initial design for NSX-T on VxBlock 1000
14 Introducing VMware NSX-T into Dell EMC VxBlock 1000 White Paper
• The ‘on the fly’ network and the security commission and decommission
experience modern infrastructures and applications require
• The code-based integration between the software stacks of the modern data
center
AMP Central and AMP 3-S are engineered specifically to support NSX-T with a minimum
four-server footprint, scaling to 16 servers. Moreover, the AMP architecture will likely
evolve over time to add additional capability for intra-, inter-, and multi-site connectivity,
including multi-site management, control plane data availability, protection, and
federation. This allows for both the full integration with VMware Cloud Foundation, and the
positioning of the AMP together with NSX-T as the scalable platform of choice to meet
high availability/mission critical use cases and to function as a Cloud Management
Platform (CMP) within a Vscale construct.
The physical network underlay serves as the transport medium for the software-defined
network. Its design and architectural integrity are fundamental to the overall performance
of the SDN stack. A problem at this layer can have a disruptive impact on performance.
Thankfully, this is where the engineered excellence of the VxBlock 1000 comes into play.
Each subcomponent of the physical network layer is highly redundant and is engineered
for throughput, scale, and low latency. VxBlock components participating in the NSX-T
underlay include the following:
• Cisco Nexus 9336-FX2 TOR Switches, supporting 1/10/25/40/100 GB connectivity
and serve to physically connect to the external network.
• Cisco Gen 3 and Gen 4 series UCS Fabric Interconnects and IO Modules
supporting a mix of 1/10/25/40 GB connectivity at the compute network layer:
▪ UCS 6332-16P, UCS 2348UPQ, UCS 6454-U, UCS 2232PP
▪ UCS 2204/2208 and UCS 2304
• Cisco UCS C220 M5 Servers serving at the NSX-T Edge layer with Cisco VIC 1457
and Intel XXV710-DA2. The latter is a critical consideration in the underlay design
and provides hardware-based encapsulation/de-encapsulation and offloading from
the GENEVE NSX-T based overlay and the external network. This card also
supports the DPDK protocol.
• Cisco UCS B/C Series servers and supported VIC cards.
The Physical Underlay has been designed to scale. From the beginning, the modular
architecture of the VxBlock platform means that the customer is not assuming the
technical debt associated with a monolithic architecture. Given its ‘persistent architecture,’
as the platform evolves, new VxBlock 1000 components can be gracefully integrated into
the underlay. These may include physical servers but also network interface cards and
Virtual Interface Cards (VICs) that add new hardware offload and security features to the
underlay.
Underlay at scale – Vscale and the spine/leaf architecture
The Underlay performs three primary functions. All other use cases depend on a well-
designed and scalable underlay:
Control and
management
plane
architecture
Physical
underlay and
network
architecture
Initial design for NSX-T on VxBlock 1000
15 Introducing VMware NSX-T into Dell EMC VxBlock 1000 White Paper
• A physical transport for the Overlay – The GENEVE encapsulated network. A
mechanism in which tunnel endpoints can transport traffic to tunnel endpoints, that
is, in which the system can transport SDN traffic from one SDN Node to another.
• A transport mechanism that takes encapsulated traffic to a location on the network
where it can be de-encapsulated. This is known as the NSX-T Edge cluster. This
‘Edge’ is also the ‘ingress’ point for external traffic into the NSX-T SDN domain.
• Segregating the network into multiple distinct failure domains -- This was the
original and still the fundamental use case of an SDN system. Traditional networks
based on legacy distributed control plane protocols, such as Spanning-Tree and 3-
Tier network architectures (Core/Aggregation/Access), scaled very poorly in the
Data-Center and led to very large failure domains. An outage in a Data Center
network, designed with large failure domains, was usually very impactful, not well
contained, difficult to troubleshoot/resolve, and invariably negatively affected the
financial and business bottom line. Furthermore, it was non-agile and difficult to
change. Because of the potential risk, outages to facilitate additions, moves, and
changes had to be very carefully planned and, in some instances, required
executive oversight and approval.
Clearly this relationship between the technical system and business process did not
meet the requirements of the digital revolution in an era in which applications and
networks are required ‘on the fly’ for businesses to remain relevant, competitive,
and successful.
Figure 8. Scalable architecture
The VxBlock 1000 with NSX-T is designed specifically with scalability in mind. The figure
above shows how NSX-T, in combination with the Overlay, can scale in the Data Center
by minimizing the failure domain footprint -- in this instance -- per Fabric-Interconnect pair.
However, VxBlock 1000 in conjunction with Vscale can scale the NSX-T Data Plane
almost infinitely at the ToR layer.
VxBlock 1000 persistent architecture and NSX-T value
16 Introducing VMware NSX-T into Dell EMC VxBlock 1000 White Paper
It can scale in this way by introducing a network architecture based upon ‘Spine/Leaf’
versus the traditional 3-Tier Core/Aggregation/Access Architecture. The Spanning Tree
Protocol (STP) is eliminated as a Data Plane reachability protocol between failure
domains and replaced by Layer 3 protocols such as BGP, BGP-EVPN, and IS-IS. These
Layer 3 protocols are much more efficient for managing control and data plane
reachability information and eliminate the use of STP between failure domains. For a
deeper overview of the VxBlock architecture see Dell EMC VxBlock™ System 1000
Architecture Overview.
At this point you should begin to understand how the underlying physical architecture, in
tandem with the NSX-T software platform, allows you to begin to consume the basic
network, security and automation use cases. To unlock these use cases, note that both
the physical platform (Underlay) and the software layer on top (Overlay and NSX-T
Software features) play complementary and equally important roles. Some Day 0
examples include:
• Data Center Network at Scale and Failure Domain Isolation: NSX-T, VxBlock 1000
and Dell EMC Vscale.
• Multi-Layer Security and Micro-Segmentation: L2-L7 Security and Firewall services
delivered in-kernel and at the NSX-T Edge.
• Software Defined Automation and Orchestration: VxBlock Central and NSX-T
together offer the ability to systematically integrate via API with external Cloud
Management Platforms and systems such as VMware VCF, VxBlock Central,
VMware vRealize Automation and VMware vRealize Operations, and other third
party systems and tools. This allows for the provisioning of network and security
infrastructure ‘on the fly’, a key enabling technology that enables businesses to
deliver modern applications efficiently and in a rapid and scalable fashion.
• Software Defined Network Visibility, Telemetry, and Insight: VxBlock Central,
VxBlock AMP and NSX-T together help provide end to end analysis, and insight
into the underlay (the physical) and overlay (the virtual). The software defined
promise of scale, simplicity, and flexibility requires that we have a full understanding
at a point in time basis of the system’s underlying configuration, health, and
structure.
The above provides a brief overview of the benefits of consuming VMware NSX-T,
underpinned by a scalable physical and persistent engineered architecture. Both the
software defined network layer, delivered by VMware NSX-T, and the Converged
Infrastructure (CI) layer are of equal importance in delivering business outcomes and
realizing the base set of use cases.
The next section provides an overview of how both the hardware and software platform
will likely evolve over time to enhance and deepen the offering, to deliver even greater
system availability, manageability, performance and interoperability, and to meet the
demands of the hybrid cloud.
VxBlock 1000 persistent architecture and NSX-T value
The VxBlock 1000 systems’ design on the principle of architectural persistence is key to
understanding how the NSX-T on VxBlock 1000 offer may mature over time to add
Consuming
NSX-T and
implementing
the use cases
Meeting requirements
17 Introducing VMware NSX-T into Dell EMC VxBlock 1000 White Paper
increased engineered value out of the box and allow the flexibility for consuming a broad
and deeply flexible software-defined networking architecture.
Future evolutionary enhancements to the architecture will look to add technical
functionality. Some features will be prescriptively engineered into the platform directly,
whereas others may take the guise of solution guidance. The continually evolving
software-based flexibility of NSX-T allied to the persistent architecture of the VxBlock
platform has the potential to deliver upon both existing, emerging, and as-yet undefined
use cases.
Architectural Area
Feature/Functionality
Availability • Multi-Site Management/Control Plane
• Multi-Site Data Plane
• Management Plane Federation and Scale
• Continuous Availability and Disaster Recovery
Manageability and Insight
• Deeper integration with VxBlock Central
• Enhancements with vRNI, vROPS and NSX Intelligence
• Telemetry
Performance and Scale
• Data Plane enhancements (NIC and Compute Blade)
• Edge Cluster Scaling and Bare-Metal
• Multi-Tenancy and Traffic Isolation
• Vscale integration and Enhancements
Extensibility and Interoperability
• Extensibility and Interoperability
• Support for Brownfield Platforms
• Containers and vSphere 7.0
• CMP Integration VMware vCloud Foundation (VCF)
• Hybrid Cloud and Public Cloud Extension
Meeting requirements
Given the key challenges that modern IT organizations face, a non-siloed approach to
meet these requirements is mandatory to reduce TCO and minimize complexity. VMware
NSX-T, together with the persistent architecture of the VxBlock System 1000 platform, is
uniquely positioned to address both existing use cases and the emerging challenges of
the multi-cloud domain. In summary:
• The Challenge of Application Proliferation -- The increase in application volume,
reduced release cycles, and the use of open sourcing tooling and techniques
requires a networking and security system that is agile and responsive: one that
can spin networks up ‘on the fly’ and de-commission, return, and release unused
capacity on demand. Critically, this requires the ability to employ centrally managed
and homogeneous security policies across domains and systems. NSX-T offers the
ability to achieve this outcome.
Conclusion
18 Introducing VMware NSX-T into Dell EMC VxBlock 1000 White Paper
• The emergence of the Public and Hybrid Cloud Model -- Organizations are
increasingly adopting the hybrid cloud model. Workloads are increasingly mobile
between on-premises infrastructure and the public cloud. IT organizations are
experiencing financial and technical challenges in terms of security, networking,
compliance, and operational TCO. NSX-T has been designed with the challenges
of the multi-cloud in mind. Extending a uniform and homogeneous security and
network policy across private, public and hybrid clouds is a key strength and unique
selling point of NSX-T.
• The Use of Heterogeneous Platforms -- As businesses move towards the multi-
cloud, it follows that they begin to physically place workloads on differing platforms,
such as ESXi, KVM, Azure, and EC2. Although customers may have a limited
influence at this level, they still require a system that provides a uniform networking
and security policy across all endpoints and platforms. This is the key advantage
garnered from de-coupling NSX-T from the underlying compute manager – it is
endpoint agnostic.
• Application Heterogeneity -- Not only are companies increasingly using cloud
native technologies (containers, Kubernetes, PKS, and OpenShift) in parallel with
traditional platforms such as bare-metal and hypervisor based virtual machines
(KVM and ESXi), they are beginning to ‘mix’ and ‘interweave’ these platforms and
technologies at the application layer. This creates a unique security surface and
operational challenge. NSX-T addresses this challenge directly using an agnostic
endpoint approach and increasing support for cloud native and mixed architectures.
Conclusion
Modern IT and the businesses it supports are on an IT Transformation journey.
Depending on vertical and scale, some may be further along that path than others. It is
clear though that a pathway must be charted in order to achieve effective goals. The
VxBlock 1000 system with NSX-T provides the technical excellence and persistent
architecture necessary to underpin and chart a successful outcome.
This vision will continue to deliver increasing performance and scale, enhancements in
terms of multi-site availability, interoperability with cloud management and automation
systems such as VMware Cloud Foundation and vRealize Automation, enhanced
manageability via VxBlock Central (On premises and SaaS) and finally increasing and
tighter extensibility and integration with the cloud.
Conclusion
19 Introducing VMware NSX-T into Dell EMC VxBlock 1000 White Paper
Figure 9. VxBlock 1000 and NSX-T - an IT foundation for Cloud Enabled Modern Data
Centers
The coupling of platform excellence, functionality, and solution guidance enables
customers to deliver the software defined architectures that the Hybrid Cloud and Modern
Data Center demand. These architectures are deterministic and predictable for meeting
the needs of existing and emerging use cases, yet flexible enough to satisfy the
requirements of the rapidly evolving multi-cloud landscape and use cases not yet defined.