Upload
vmworld
View
188
Download
5
Tags:
Embed Size (px)
DESCRIPTION
VMworld 2013 Archish Dalal, VMware Nikhil Kelshikar, VMware Learn more about VMworld and register at http://www.vmworld.com/index.jspa?src=socmed-vmworld-slideshare
Citation preview
Deploying VMware NSX Network Virtualization
Archish Dalal, VMware
Nikhil Kelshikar, VMware
NET5584
#NET5584
2
Session Objectives
Discuss VMware NSX Network Virtualization deployments
in an environment with multiple hypervisors
Learn about all the NSX components which are required
for deployment
Understand Simple packet flows in a logical network
Observe the deployment workflows
3
Recommended Sessions & Labs
NET5716 – Advanced NSX Architecture
NET5266 – Bringing Network Virtualization to VMware
Environments with NSX
NET5270 – Virtualized Network Services Model with NSX
SEC5582 – Multi-site Deployments with VMware NSX
You can actually test all the workflows in the lab HOL-SDC-1319
4
Agenda
Benefits of Network Virtualization
VMware NSX Architecture
• NSX Features
• NSX System Components
Deployment Steps for VMware NSX
VMware NSX Capability and Workflows
• Demo: Consuming a multi-tier App with VMware NSX
• Demo: Logical to Physical Bridging
• Demo: Operational Visibility
Real-world Customer Use-Cases
5
Agenda
Benefits of Network Virtualization
VMware NSX Architecture
• NSX Features
• NSX System Components
Deployment Steps for VMware NSX
VMware NSX Capability and Workflows
• Demo: Consuming a multi-tier App with VMware NSX
• Demo: Logical to Physical Bridging
• Demo: Operational Visibility
Real-world Customer Use-Cases
6
What Is a Virtual Network?
General Purpose Server Hardware
Server Hypervisor
Requirement: x86
Virtual
Machine
Virtual
Machine
Virtual
Machine
Application Application Application
x86 Environment
Decoupled
Hardware
Software
General Purpose Networking Hardware
Network Hypervisor
Requirement: IP Transport
Virtual
Network
Virtual
Network
Virtual
Network
Workload Workload Workload
L2, L3, L4-7 Network Services
7
VMware NSX – Network Virtualization
VMware NSX Transforms the Operational Model of the Network
Network provisioning time reduced from 7 days to 30 sec
Reduce network provisioning time from
days to seconds
Cost Savings
Reduce operational costs by 80%
Increase compute asset utilization up to 90%
Reduce hardware costs by 40-50%
Operational Automation
Simplified IP hardware
Choice
Any Hypervisor: vSphere, KVM, Xen, Hyper-V
Any CMP: vCAC, OpenStack
Any Network Hardware
Partner Ecosystem
Any hypervisor
Any CMP with Partner
8
VMware NSX – Networking & Security Capabilities
Any Application (without modification)
Virtual Networks
VMware NSX Network Virtualization Platform
Logical L2
Any Network Hardware
Any Cloud Management Platform
Logical
Firewall
Logical
Load Balancer
Logical L3
Logical
VPN
Any Hypervisor
Logical Switching– Layer 2 over Layer 3,
decoupled from the physical network
Logical Routing– Routing between virtual
networks without exiting the software
container
Logical Firewall – Distributed Firewall,
Kernel Integrated, High Performance
Logical Load Balancer – Application
Load Balancing in software
Logical VPN – Site-to-Site & Remote
Access VPN in software
NSX API – RESTful API for integration
into any Cloud Management Platform
Partner Eco-System
9
Agenda
Benefits of Network Virtualization
VMware NSX Architecture
• NSX Features
• NSX System Components
Deployment Steps for VMware NSX
VMware NSX Capability and Workflows
• Demo: Consuming a multi-tier App with VMware NSX
• Demo: Logical to Physical Bridging
• Demo: Operational Visibility
Real-world Customer Use-Cases
10
NSX System Architecture Components
NSX Controller Cluster Advanced distributed state management system
manages virtual networks and overlay transport
tunnels
NSX vSwitch Intelligence moves to the edge, in software,
embedded in server hypervisor
Logical Switches Hypervisor to hypervisor high performance, vendor
independent, transport on any physical fabric
architecture
NSX Gateway Supports connection between logical and physical
networks – VLANs, Routing
Network API RESTful web services API opens programmatic
interface to virtual network infrastructure
Any Cloud Management Platform
Overlay Transport
NSX vSwitch
NSX Controller
NSX API
NSX
Gateway
Any Network Hardware
Any Hypervisor
Partner Extensions
NSX Manager
11
VMware NSX Functional System Overview
vSphere Hyper-V* XenServer KVM
vSwitch vSwitch vSwitch vSwitch
Hosts
Data Plane
Operations
UI
Logs/Stats
CMP
Consumption
Tenant UI
API
Control Plane Run-time state
Management Plane API
API, config, etc.
HA, scale-out
Hardware
Gateway
NSX Manager
NSX Controller
12
The Network API
REST APIs enable programmatic consumption of network resources
Consume via any CMP
Basic Network Functions – Create/Delete Network, Create / Delete Ports
Advanced Functions – Security Profiles, L3, NAT, DHCP, QoS, Mirroring, etc.
Self Service User Interface
NVP API
Virtual
Networks
Virtual
Machines
Virtual
Storage
Custom CMS
Storage API Compute API Network API
(Neutron)
Image Mgmt Accounting & Billing Authorization
Virtual
Networks and
Services
Networking API
REST API
13
NSX Distributed Controller Cluster
NSX Controller defines the overlay
network state
Scale-Out Deployment Model
• High-Performance
• High-Availability
Programmatic Interface
• RESTful Web Services API
• CMS Integration
• OpenStack, CloudStack, Home Grown
Does Not sit in the data path
Does not manage devices in the fabric
14
NSX vSwitch
Virtual Switch implemented within Hypervisor
Supports Multiple Hypervisors
• VMware ESXi – NSX vSwitch
• Xen, KVM, etc. – OVS Implementation
Tunnel Termination End-point
• STT, VXLAN, GRE, IPSec support
• Communicates with Controller to build state
• Line rate performance
Supports Switch Standard Functionality
• sFlow
• SPAN, RSPAN
• Traffic Monitoring
• LACP
• QoS Marking (DSCP)
• and more
Hypervisor
VM VM VM
Logical
Network State
Transport
Network State
15
Logical Switches and Overlay Transport
Logical Switches define an
“Overlay” Network
“Underlay” or physical network
carries the traffic between hosts
Robust Physical Network
Infrastructure forms the
communication fabric
16
Logical Switches and Overlay Transport
Robust Physical Network
Infrastructure forms the
communication fabric
Logical Switches can use
multiple protocols to build
overlay VXLAN, STT, GRE, IPSec
Logical Switches define an
“Overlay” Network
“Underlay” or physical network
carries the traffic between hosts
17
Logical Switches and Overlay Transport
Logical Switches define an
“Overlay” Network
“Underlay” or physical network
carries the traffic between hosts
Robust Physical Network
Infrastructure forms the
communication fabric
Logical Switches can use
multiple protocols to build
overlay VXLAN, STT, GRE, IPSec
Multiple logical switches
can be created
Logical switches provide
multi-tenancy
18
Overlay Tunnels – How it Works
NSX Controller Cluster establishes an overlay network
L2 over L3 tunneling mechanism – VXLAN, STT, GRE
Packets encapsulated with Logical Switch info
Payload IP L2 Payload IP L2
L2 IP Tunnel
Protocol Payload IP L2 L2 IP Tunnel
Protocol Payload IP L2
VM VM VM VM
NSX vSwitch
Physical Network
ESXi
19
Logical Switches – Life of a Packet
vSphere Host XenServer Ubuntu/KVM Redhat/KVM
vSwitch vSwitch vSwitch vSwitch
VM VM VM VM VM VM VM
Multiple Tunneling Protocols
Payload IP L2
L2 IP Tunnel
Protocol Payload IP L2 L2 IP Tunnel
Protocol Payload IP L2
Payload IP L2
QoS Marking (DSCP)
Ingress
(ACL, QoS, FW)
Egress
(ACL, QoS, FW)
Virtual Networks
20
Connecting Physical and Virtual Worlds
VM VM VM VM VM VM VM
Virtual Network Virtual Network
Hypervisor
NSX Gateway
VLAN VLAN
Physical
Virtual
e.g. Hosted Servers
e.g. Cloud Servers
1
1 2
2 3 4
3 4
Bare Metal, Physical Switch
or Virtual Appliance
21
Agenda
Benefits of Network Virtualization
VMware NSX Architecture
• NSX Features
• NSX System Components
Deployment Steps for VMware NSX
VMware NSX Capability and Workflows
• Demo: Consuming a multi-tier App with VMware NSX
• Demo: Logical to Physical Bridging
• Demo: Operational Visibility
Real-world Customer Use-Cases
22
NSX Deployment: Build Physical Infrastructure
Compute
1
Deploy Network Infrastructure
Any Fabric
Build a robust network infrastructure
Follow vendor best practices around HA
Fabric topology independence
L2 Fabric or L3 Fabric
Install Compute Hosts with Hypervisor of choice
Host prep includes Virtual Switch Deployment
Identify ToR switches and/or hosts which provide
virtual to physical network connectivity
23
NSX Deployment: Prepare VMware NSX
2
Deploy VMware NSX
NSX Mgmt & Edge Services
NSX
GW
NSX
Mgmt
Virtual Infrastructure
NSX Infrastructure
Deploy NSX Controller
Install multiple copies for scale and HA
Register vSwitches with NSX Controller
Typically automated
Deploy NSX Manager
Prepare NSX Gateway or Physical ToR GW Service
24
NSX Deployment: Consume Applications
Connect CMP to NSX via REST API
vCAC, vCD, OpenStack, CloudStack, etc.
Create application profiles
including VMs, Logical Networks, Firewall, etc.
Deploy applications
Tie logical to physical networks as necessary
3
Consumption of
Applications
CMP
Self-Service
Programmatic Virtual
Network Deployment
Logical Networks
+
25
Deploying Network Virtualization with VMware NSX
Compute
1
Deploy Network Infrastructure
Any Fabric
2
Prepare VMware NSX
NSX Mgmt & Edge Services
NSX
Edge
NSX
Mgmt
Virtual Infrastructure
NSX Infrastructure
3
Consumption
of Applications CMP
Self-Service
Programmatic Virtual
Network Deployment
Logical Networks
+
26
Agenda
Benefits of Network Virtualization
VMware NSX Architecture
• NSX Features
• NSX System Components
Deployment Steps for VMware NSX
VMware NSX Capability and Workflows
• Demo: Consuming a multi-tier App with VMware NSX
• Demo: Logical to Physical Bridging
• Demo: Operational Visibility
Real-world Customer Use-Cases
27
Multi-tier Template Deployment
28
Physical/Logical View
29
IP
Transport Network
NSX
Controller Cluster
Northbound REST API
Virtual
Network
How It Will Be Built
IP B
Data Plane Control Plane
VM
Cloud Management
Platform
ESX HV
IP A
Corpnet
10.36.x.x
VM IP C
NSX Edge GW
Corpnet
10.36.x.x
Existing
DC
Network(s)
KVM HV
1 2
VM1
VM2
VM1
VM2 Tier 1
Network
192.168.100.0/24
Tier 2
1 2
VM
VM
30
Demo
31
vCOps Integration
32
Agenda
Benefits of Network Virtualization
VMware NSX Architecture
• NSX Features
• NSX System Components
Deployment Steps for VMware NSX
VMware NSX Capability and Workflows
• Demo: Consuming a multi-tier App with VMware NSX
• Demo: Logical to Physical Bridging
• Demo: Operational Visibility
Real-world Customer Use-Cases
33
VMware – Deployment Use Cases
Self-Service IT
Dev X
Dev A
Test X Acquisition
A
DevOps Cloud
On-boarding M&A
Multi-tenancy
Flexible IP Address Mgmt
Simplified consumption
Key Capabilities
Examples
Data Center
Automation
Micro-segmentation of App
Simplifying Compute Silos
DMZ Deployments
Scalable Firewall Capabilities
Rich Network Services L2,L3
Programmatic Consumption
Key Capabilities
Examples
Public Clouds
XaaS Clouds
Vertical Clouds
Multi-tenant Deployment
Security Capabilities
Any Hypervisor, Any CMP
Key Capabilities
Examples
34
Recommended Sessions & Labs
NET5716 – Advanced NSX Architecture
NET5266 – Bringing Network Virtualization to VMware
Environments with NSX
NET5270 – Virtualized Network Services Model with NSX
SEC5582 – Multi-site Deployments with VMware NSX
You can actually test all the workflows in the lab HOL-SDC-1319
Want more of the demo – Visit us at the booth to see NSX in action
35
Other VMware Activities Related to This Session
HOL:
HOL-SDC-1319
VMware NSX for Multi-Hypervisor Environments
Group Discussions:
NET1002-GD
NSX for Multi-Hypervisor Environments with Roberto Mari
THANK YOU
Deploying VMware NSX Network Virtualization
Archish Dalal, VMware
Nikhil Kelshikar, VMware
NET5584
#NET5584