+ +
Under the Hood: Network Virtualization with OpenStack Neutron and VMware
NSX
Dimitri Desmidt - NSX Senior Technical Product Manager ([email protected])
Gary Kotton – VMware Staff Engineer – OpenStack ([email protected])
2Slide 2
Agenda
‣ VMware on OpenStack
‣ Comprehensive Demo
‣ Q&A
3
VMware Philosophy on OpenStack
Customer Choice• VMware supports Customer choice.• Our support for OpenStack enables choice
OpenStack• An open framework for building clouds• Assembles a solution from underlying
Compute, Network, Storage components.• Can be managed and automated using
many solutions.
An Opportunity for VMware SDDC• VMware SDDC provides best-in-class
Compute, Network, Storage & management solutions for OpenStack.
• We view OpenStack as an opportunity for VMware SDDC portfolio.
Public CloudsPrivate Clouds
Hybrid CloudSeamlessly extend your data center to the public cloud
Virtual WorkspaceManage access to services, applications and data for any
device
The Foundation for IT: Software Defined Datacenter
Software-Defined Data CenterVirtualize the entire data center
Management and Automation
Storage and Availability
ComputeNetwork and
Security
4
VMware Technologies and OpenStack
Tenant-Side
Operator-Side
Benefits of OpenStack API & Ecosystem
Choice of best-in-class virtualization & management technologies
Horizon( Web Portal )
vSphere & vCenter
CLI Tools & Scripts(DevOps Automation)
vCACApplication Director
Nova(Compute)
Neutron(Network)
Cinder(Block Storage)
Glance(Image Store)
NSX vSANvCenter
(Image Catalog)
Cloud Operator Tools(vCenter, vCOPs, Log Insight etc.)
Third Party Operator tools(Puppet/Chef, scripts, nagios...)
OpenStack or 3rd Party Component
VMware Component
5Slide 5
Agenda
‣ VMware on OpenStack
‣ Comprehensive Demo
‣ Q&A
6
"OpenStack"(keystone/glance/
neutron/horizon/etc)
NSX-L2/L3GW Cluster
KVMESXi Cluster
Demo 1
• Demonstrate:• 2 Tiers-Architecture on a mix of ESXi and KVM hypervisors
.1
Management
NSX ControllerCluster
+ NSX Plugin
Any L2/L3 fabric(no VLAN per
tenant)
Physical View
7
"OpenStack"(keystone/glance/
neutron/horizon/etc)
NSX-L2/L3GW Cluster
KVMESXi Cluster
Demo 1
• Demonstrate:• 2 Tiers-Architecture on a mix of ESXi and KVM hypervisors
VM VM VM VM
20.20.20.0/24.1
LS-1A LS-1B
.1
Management
NSX ControllerCluster
+ NSX Plugin
Any L2/L3 fabric(no VLAN per
tenant)
VM VM VM VM
Physical View Logical View
LogicalSpace
8
Demo 1
• Demonstrate:• 2 Tiers-Architecture on a mix of ESXi and KVM hypervisors
• Neutron + NSX Plugin Pros:• Multi-tier architecture
Not available via "nova-network".
9
Demo 1
• Demonstrate:• 2 Tiers-Architecture on a mix of ESXi and KVM hypervisors
• Neutron + NSX Plugin Pros:• Multi-tier architecture• No change on the physical fabric
No pre-provisioning of VLAN on the fabric. Actually no VLAN used at all!
Not available via "nova-network".
VM VM VM VM VM VM VM VM VM
Hypervisor
Any L2/L3Fabric
Hypervisor1-IP@ Hypervisor2-IP@
[STT VM1-IP@ VM2-IP@]
VM VM
VM1-IP@ VM2-IP@
10
Demo 1
• Demonstrate:• 2 Tiers-Architecture on a mix of ESXi and KVM hypervisors
• Neutron + NSX Plugin Pros:• Multi-tier architecture• No change on the physical fabric• Distributed Routing
Hypervisor Hypervisor
x86 Server
DC Fabric
Neutron Router on Neutron Server
A world without NSX
WebApp DBWeb
Choke Point
11
Demo 1
• Demonstrate:• 2 Tiers-Architecture on a mix of ESXi and KVM hypervisors
• Neutron + NSX Plugin Pros:• Multi-tier architecture• No change on the physical fabric• Distributed Routing
Not available via "nova-network" nor "Neutron"
Hypervisor Hypervisor
x86 Server
DC Fabric
NSX "North/South" Router
A world with NSX
WebApp DBWeb
12
Demo 1
• Demonstrate:• 2 Tiers-Architecture on a mix of ESXi and KVM hypervisors
• Neutron + NSX Plugin Pros:• Multi-tier architecture• No change on the physical fabric• Distributed Routing• Very high scale
• In size of the cloud (thanks to the distribution "active/active" of the Control elements)Per NSX Domain: 60k VMs, 15k tenants, 1k hypervisors (and improved in each release)
• In throughput (thanks to the encapsulation off-loaded on the NIC)Per hypervisor: 20Gbps (with 2x10Gbps NIC bonding)Per NVP Gateway: 10Gbps++ (per NVP-GW and up to 10x NVP-GW are supported in a Cluster)
Not available via "nova-network" nor "Neutron".
13
Demo 2• Demonstrate:
"OpenStack"(keystone/glance/
neutron/horizon/etc)
NSX-L2/L3GW Cluster
KVMESXi Cluster
VM VM VM VM
20.20.20.0/24.1
LS-1A LS-1B
.1
Management
NSX ControllerCluster
+ NSX Plugin
Any L2/L3 fabric(no VLAN per
tenant)
VM VM VM
Physical View Logical View
LogicalSpace
• Management / Troubleshooting• Port Connection Tool• VMotion / DRS• TraceFlow• Port-Mirroring
VM
14
Demo 2• Demonstrate:
• Neutron + NSX Plugin Pros:• Production tools to manage and support an OpenStack in production
efficientlyNot available via "nova-network" nor "Neutron".
• Management / Troubleshooting• Port Connection Tool• VMotion• TraceFlow• Port-Mirroring
15
VLAN244
Demo 3
• Demonstrate:• L2 Physical-Logical
"OpenStack"(keystone/glance/
neutron/horizon/etc)
NSX-L2/L3GW Cluster
KVMESXi Cluster
VM VM VM VM
20.20.20.0/24.1
LS-1A LS-1B
.1
Management
NSX ControllerCluster
+ NSX Plugin
Any L2/L3 fabric(no VLAN per
tenant)
VM VM VM VM
Physical View Logical View
LogicalSpace
VLAN244
16
Demo 3
• Demonstrate:• L2 Physical-Logical
• Neutron + NSX Plugin Pros:• More Network Use Cases supported
Physical to Virtual
Remote customer on-boarding
Not available via "nova-network" nor "Neutron".
17
Demo 4• Demonstrate:
"OpenStack"(keystone/glance/
neutron/horizon/etc)
NSX-L2/L3GW Cluster
KVMESXi Cluster
VM VM VM VM
20.20.20.0/24.1
LS-1A LS-1B
.1
Management
NSX ControllerCluster
+ NSX Plugin
Any L2/L3 fabric(no VLAN per
tenant)
VM VM VM
Physical View Logical View
LogicalSpace
• HA• Failure of NVP elements
(Controller Node, NVP-GW Node)
• Failure of Hypervisor
VM
• Network and Security service• Load-Balancing• Firewalling• Static Routing
18
Demo 4• Demonstrate:
• Neutron + NSX Plugin Pros:• Rich network services
Not available via "nova-network" nor "Neutron".
• Build-in HA
• HA• Failure of NVP elements
(Controller Node, NVP-GW Node)
• Failure of Hypervisor
• Network and Security service• Load-Balancing• Firewalling• Static Routing
19Slide 19
Agenda
‣ Intro – VMware philosophy on OpenStack (5 minutes)
‣ What about a comprehensive demo (20 minutes)(instead of endless slides)
‣ Q&A (5 minutes)
20Slide 20
Select OpenStack & VMware NSX customers
Public Clouds Enterprise Private Clouds
21Slide 21
‣ Hands on lab available:
http://labs.hol.vmware.com/HOL/#lab/698
How to test? We are hiring!!!
Mario Linares [email protected]
Chad OConnell [email protected]
22Slide 22
Agenda
‣ VMware on OpenStack
‣ Comprehensive Demo
‣ Q&A