VMworld 2013: NSX: Introducing the World to VMware NSX
-
Upload
vmworld -
Category
Technology
-
view
446 -
download
0
description
Transcript of VMworld 2013: NSX: Introducing the World to VMware NSX
![Page 1: VMworld 2013: NSX: Introducing the World to VMware NSX](https://reader034.fdocuments.net/reader034/viewer/2022042602/556bffcdd8b42a6d768b4fd5/html5/thumbnails/1.jpg)
NSX: Introducing the World to VMware NSX
Milin Desai, VMware
Sachin Thakkar, VMware
NET5847
#NET5847
![Page 2: VMworld 2013: NSX: Introducing the World to VMware NSX](https://reader034.fdocuments.net/reader034/viewer/2022042602/556bffcdd8b42a6d768b4fd5/html5/thumbnails/2.jpg)
2 2
Agenda
The Need for Network
Virtualization
VMware NSX Capabilities
VMware NSX Getting started
NSX
Operations
NSX Partner Ecosystem
Putting it all Together
![Page 3: VMworld 2013: NSX: Introducing the World to VMware NSX](https://reader034.fdocuments.net/reader034/viewer/2022042602/556bffcdd8b42a6d768b4fd5/html5/thumbnails/3.jpg)
3 3
The Need for Network
Virtualization
VMware NSX Capabilities
VMware NSX: Getting started
NSX
Operations
NSX Partner Ecosystem
Putting it all Together
![Page 4: VMworld 2013: NSX: Introducing the World to VMware NSX](https://reader034.fdocuments.net/reader034/viewer/2022042602/556bffcdd8b42a6d768b4fd5/html5/thumbnails/4.jpg)
4 4
Customers Want …
Resource
Pools Flexible
IPAM
Zero-trust Security
Micro-Segmentation
Self-Service IT
@ Scale
Elastic Compute
Zones
Extensions to
Public Cloud
![Page 5: VMworld 2013: NSX: Introducing the World to VMware NSX](https://reader034.fdocuments.net/reader034/viewer/2022042602/556bffcdd8b42a6d768b4fd5/html5/thumbnails/5.jpg)
5 5
What needs to happen…
Virtual Machine Data Center Network
Operational Model
Decouple from hardware
Create, Delete, Grow, Shrink
Transparent to application
Programmatic Monitoring
Extensible
Can we run Networks like VMs …
![Page 6: VMworld 2013: NSX: Introducing the World to VMware NSX](https://reader034.fdocuments.net/reader034/viewer/2022042602/556bffcdd8b42a6d768b4fd5/html5/thumbnails/6.jpg)
6 6
Introducing VMware NSX
Network Virtualization with NSX
L2 Switch L3 Router Firewall Load Balancer
Operational
model of a VM
Hardware
Software
![Page 7: VMworld 2013: NSX: Introducing the World to VMware NSX](https://reader034.fdocuments.net/reader034/viewer/2022042602/556bffcdd8b42a6d768b4fd5/html5/thumbnails/7.jpg)
7 7
The Need for Network
Virtualization
VMware NSX Capabilities
VMware NSX Getting Started
NSX Operations
NSX Partner Ecosystem
Putting it all Together
![Page 8: VMworld 2013: NSX: Introducing the World to VMware NSX](https://reader034.fdocuments.net/reader034/viewer/2022042602/556bffcdd8b42a6d768b4fd5/html5/thumbnails/8.jpg)
8 8
VMware NSX – Networking & Security Capabilities
Any Application (without modification)
Virtual Networks
VMware NSX
Network Virtualization
Platform
Any Network Hardware
Any Cloud Management Platform
Any Hypervisor
Logical Switching– Layer 2 over Layer 3,
decoupled from the physical network
Logical Routing– Routing between virtual
networks and physical without exiting the
software container
Logical Firewall – Distributed Firewall,
Kernel Integrated, High Performance
Logical Load Balancer – Application Load
Balancing in software
Logical VPN – Site-to-Site & Remote
Access VPN in software
NSX API – RESTful API for integration into
any Cloud Management Platform
Partner Eco-System
![Page 9: VMworld 2013: NSX: Introducing the World to VMware NSX](https://reader034.fdocuments.net/reader034/viewer/2022042602/556bffcdd8b42a6d768b4fd5/html5/thumbnails/9.jpg)
9 9
VMware NSX Components
Control Plane NSX Controller
Run-time state
• Decouples virtual networks
form physical topology
• Not in Data Path
• Highly Available
Data Plane
NSX Edge
VDS/OVS
Hypervisor Extension Modules
Firewall Distributed
Logical Router VXLAN
NSX vSwitch
• Highly Available VM form factor
• Data Plane for N-S traffic
• Routing and Advanced services
• Intelligent network edge
• Line Rate performance
Management
Plane
NSX Manager • Single point of configuration
• REST API and UI interface
• Highly Available
CMP Consumption
• Self Service Portal
• vCAC, vCD, Openstack,
Cloudstack, Custom Portals
![Page 10: VMworld 2013: NSX: Introducing the World to VMware NSX](https://reader034.fdocuments.net/reader034/viewer/2022042602/556bffcdd8b42a6d768b4fd5/html5/thumbnails/10.jpg)
10 10
The Need for Network
Virtualization
VMware NSX: Capabilities
VMware NSX: Getting Started
NSX
Operations
NSX Partner Ecosystem
Putting it all Together
![Page 11: VMworld 2013: NSX: Introducing the World to VMware NSX](https://reader034.fdocuments.net/reader034/viewer/2022042602/556bffcdd8b42a6d768b4fd5/html5/thumbnails/11.jpg)
11 11
Deploying Network Virtualization with VMware NSX
Compute
1
Leverage existing
Network Infrastructure Any Network Vendor
Any Network Topology
IP Packet Forwarding
Fabric
![Page 12: VMworld 2013: NSX: Introducing the World to VMware NSX](https://reader034.fdocuments.net/reader034/viewer/2022042602/556bffcdd8b42a6d768b4fd5/html5/thumbnails/12.jpg)
12 12
Deploying Network Virtualization with VMware NSX
Compute
1 2
Leverage existing
Network Infrastructure Deploy VMware NSX
NSX
Edge
NSX
Mgmt
Virtual Infrastructure
NSX Infrastructure
![Page 13: VMworld 2013: NSX: Introducing the World to VMware NSX](https://reader034.fdocuments.net/reader034/viewer/2022042602/556bffcdd8b42a6d768b4fd5/html5/thumbnails/13.jpg)
13 13
Demo Simplified one-click deployment:
• Rich integration with vSphere Web Client
• Highly available controller cluster
• Automated in-kernel logical networking / firewalling deployment
• Customizable networking configuration
• Static IP Pools
• Physical network multi-pathing
• Transport Zone - multiple control plane modes
HOL SDC-1303
![Page 14: VMworld 2013: NSX: Introducing the World to VMware NSX](https://reader034.fdocuments.net/reader034/viewer/2022042602/556bffcdd8b42a6d768b4fd5/html5/thumbnails/14.jpg)
15 15
Deploying Network Virtualization with VMware NSX
Compute
1 2
Leverage existing
Network Infrastructure
Deploy VMware NSX
NSX Mgmt & Edge Services
NSX
Edge
NSX
Mgmt
Virtual Infrastructure
NSX Infrastructure
3
Consumption of
Applications
CMP Portal
Self-Service
Programmatic
Virtual
Network Deployment
Logical Networks
+
![Page 15: VMworld 2013: NSX: Introducing the World to VMware NSX](https://reader034.fdocuments.net/reader034/viewer/2022042602/556bffcdd8b42a6d768b4fd5/html5/thumbnails/15.jpg)
16 16
NSX supports deployment of complex topologies
VCM
5477
Multiple
Networks
Flat
Network
APP
DATABASE
WEB
WEB APP DATABASE
Automation – Deploy full automation via vCAC, vCD, Openstack or any CMS
NET
5520
![Page 16: VMworld 2013: NSX: Introducing the World to VMware NSX](https://reader034.fdocuments.net/reader034/viewer/2022042602/556bffcdd8b42a6d768b4fd5/html5/thumbnails/16.jpg)
17 17
VMware NSX Logical Switching
• Per Application/Multi-tenant segmentation
• VM Mobility requires L2 everywhere
• Large L2 Physical Network Sprawl – STP Issues
• HW Memory (MAC, FIB) Table Limits
• Scalable Multi-tenancy across data center
• Enabling L2 over L3 Infrastructure
• Overlay Based with VXLAN, STT, GRE, etc,
• Logical Switches span across Physical Hosts
and Network Switches
Challenges Benefits
LOGICAL SWITCHING –Scale the Network 1000X
An
imate
d S
lide
VM
war
e N
SX
Logical Switch 1 Logical Switch 2 Logical Switch 3
NET
5266
![Page 17: VMworld 2013: NSX: Introducing the World to VMware NSX](https://reader034.fdocuments.net/reader034/viewer/2022042602/556bffcdd8b42a6d768b4fd5/html5/thumbnails/17.jpg)
18 18
Logical Switches NET
5266
![Page 18: VMworld 2013: NSX: Introducing the World to VMware NSX](https://reader034.fdocuments.net/reader034/viewer/2022042602/556bffcdd8b42a6d768b4fd5/html5/thumbnails/18.jpg)
19 19
Demo Feature rich L2:
• Dynamic Logical Switch Provisioning & Consumption
• Layer 2 bridge to connect physical networks or machines
• Advanced Layer 2 features (i.e. flow based marking / DSCP etc.)
HOL SDC-1303
HOL SDC-1319
![Page 19: VMworld 2013: NSX: Introducing the World to VMware NSX](https://reader034.fdocuments.net/reader034/viewer/2022042602/556bffcdd8b42a6d768b4fd5/html5/thumbnails/19.jpg)
21 21
VM to VM Routed Traffic Flow
VMware NSX Layer 3 Routing: Distributed, Feature-Rich
• Physical Infrastructure Scale
Challenges – Routing Scale
• VM Mobility is a challenge
• Multi-Tenant Routing Complexity
• Traffic hair-pins
• Distributed Routing in Hypervisor
• Dynamic, API based Configuration
• Full featured – OSPF, BGP, IS-IS
• Logical Router per Tenant
• Routing Peering with Physical Switch
Challenges Benefits
SCALABLE ROUTING – Simplifying Multi-tenancy
Controller Cluster
NSX Manager
L2
L2
Tenant A
Tenant B
L2
L2
L2 Tenant C
L2
L2
L2
An
imate
d S
lide
CMP
NET
5266
![Page 20: VMworld 2013: NSX: Introducing the World to VMware NSX](https://reader034.fdocuments.net/reader034/viewer/2022042602/556bffcdd8b42a6d768b4fd5/html5/thumbnails/20.jpg)
22 22
Virtual Network – A complete network in software NET
5266
![Page 21: VMworld 2013: NSX: Introducing the World to VMware NSX](https://reader034.fdocuments.net/reader034/viewer/2022042602/556bffcdd8b42a6d768b4fd5/html5/thumbnails/21.jpg)
23 23
Demo Advanced L3 in Software:
• Fully distributed logical routing for East-West connectivity.
• Dynamic routing protocols (OSPF / BGP / IS-IS)
HOL SDC-1303
![Page 22: VMworld 2013: NSX: Introducing the World to VMware NSX](https://reader034.fdocuments.net/reader034/viewer/2022042602/556bffcdd8b42a6d768b4fd5/html5/thumbnails/22.jpg)
24 24
NSX Logical Routing: Key Takeaways
One hop accelerated East-West traffic
Dynamic routing protocols configured in software
(OSPF / BGP / IS-IS)
Support multi-tier routing topologies
![Page 23: VMworld 2013: NSX: Introducing the World to VMware NSX](https://reader034.fdocuments.net/reader034/viewer/2022042602/556bffcdd8b42a6d768b4fd5/html5/thumbnails/23.jpg)
25 25
VMware NSX Firewall: High Performance, Scalable Security
• Centralized Firewall Model
• Static Configuration
• IP Address based Rules
• 40 Gbps per Appliance
• Lack of visibility with encapsulated traffic
• Distributed at Hypervisor Level
• Dynamic, API based Configuration
• VM Name, Identity-based Rules
• Line Rate 15+ Gbps per host
• Full Visibility to encapsulated traffic
Challenges Benefits
PERFORMANCE & SCALE – 1,000+ Hosts 30 Tbps of Firewall
PHYSICAL SECURITY MODEL NSX FIREWALL FOR SDDC
Firewall Mgmt
An
imate
d S
lide
VMware NSX
API
CMP
SEC
5893
![Page 24: VMworld 2013: NSX: Introducing the World to VMware NSX](https://reader034.fdocuments.net/reader034/viewer/2022042602/556bffcdd8b42a6d768b4fd5/html5/thumbnails/24.jpg)
26 26
Virtual Network – A complete network in software SEC
5893
![Page 25: VMworld 2013: NSX: Introducing the World to VMware NSX](https://reader034.fdocuments.net/reader034/viewer/2022042602/556bffcdd8b42a6d768b4fd5/html5/thumbnails/25.jpg)
28 28
VMware NSX Load Balancing
• Application Mobility
• Multi-tenancy
• Configuration complexity – manual
deployment model
• On-demand load balancer service
• Simplified deployment model for
applications – one-arm or inline
• Layer 7, SSL, …
Challenges Benefits
LOAD BALANCER – Per Tenant Application Availability Model
An
imate
d S
lide
L2
Tenant A
VM1 VM2
VM1 VM3 VM2
L2 L2
L3 Tenant B
NET
5270
![Page 26: VMworld 2013: NSX: Introducing the World to VMware NSX](https://reader034.fdocuments.net/reader034/viewer/2022042602/556bffcdd8b42a6d768b4fd5/html5/thumbnails/26.jpg)
30 30
The Need for Network
Virtualization
VMware NSX: Capabilities
VMware NSX: Getting Started
NSX Operations
NSX Partner Ecosystem
Putting it all Together
![Page 27: VMworld 2013: NSX: Introducing the World to VMware NSX](https://reader034.fdocuments.net/reader034/viewer/2022042602/556bffcdd8b42a6d768b4fd5/html5/thumbnails/27.jpg)
31 31
Network Virtualization - Operations
Highlights • Overall Logical network health/stats
• VM to VM connectivity
• Per VM flow visibility
• Traffic Analysis – Packet Capture
• Transport / Tunnel health
• Inventory & Fault Management
• Multi-level Logging, Event tracking and Auditing
• Physical network troubleshooting / visibility
• Upgrade Management
NET
5790
Aggregate Operational Views • Statistics collections
• Alarms & Health Monitoring
• Network Performance & Resource Utilization
• Manage & Monitor through infrastructure
management tools such as vCenter Operations
Manager
![Page 28: VMworld 2013: NSX: Introducing the World to VMware NSX](https://reader034.fdocuments.net/reader034/viewer/2022042602/556bffcdd8b42a6d768b4fd5/html5/thumbnails/28.jpg)
32 32
Demo An operationalized virtual networking platform:
• Flow Monitoring
• Server Activity Monitoring
• vCenter Operations Manager Integration
![Page 29: VMworld 2013: NSX: Introducing the World to VMware NSX](https://reader034.fdocuments.net/reader034/viewer/2022042602/556bffcdd8b42a6d768b4fd5/html5/thumbnails/29.jpg)
34 34
The Need for Network
Virtualization
VMware NSX: Capabilities
VMware NSX: Getting Started
NSX Operations
NSX Partner Ecosystem
Putting it all Together
![Page 30: VMworld 2013: NSX: Introducing the World to VMware NSX](https://reader034.fdocuments.net/reader034/viewer/2022042602/556bffcdd8b42a6d768b4fd5/html5/thumbnails/30.jpg)
35 35
NSX Extensibility: Partner Integration
NSX Controller
NSX API
Partner
Extensions Network Security Platform
Network Gateway Services
Application Delivery Services
Security Services
+
Cloud Mgmt Platforms
NET
5522
![Page 31: VMworld 2013: NSX: Introducing the World to VMware NSX](https://reader034.fdocuments.net/reader034/viewer/2022042602/556bffcdd8b42a6d768b4fd5/html5/thumbnails/31.jpg)
36 36
NSX Policy Based Management Framework
Network & security services can now be consumed more
efficiently in the Software-Defined Data Center.
Apply.
Apply and visualize
security policies for
workloads, in one place.
Automate.
Automate workflows
across different
services, without
custom integration.
Provision.
Provision and monitor
uptime of different
services, using one
method.
SEC
5749
![Page 32: VMworld 2013: NSX: Introducing the World to VMware NSX](https://reader034.fdocuments.net/reader034/viewer/2022042602/556bffcdd8b42a6d768b4fd5/html5/thumbnails/32.jpg)
37 37
NSX Service Composer – Canvas View SEC
5749
![Page 33: VMworld 2013: NSX: Introducing the World to VMware NSX](https://reader034.fdocuments.net/reader034/viewer/2022042602/556bffcdd8b42a6d768b4fd5/html5/thumbnails/33.jpg)
38 38
The Need for Network
Virtualization
VMware NSX: Capabilities
VMware NSX: Getting Started
NSX Operations
NSX Partner Ecosystem
Putting it all Together
![Page 34: VMworld 2013: NSX: Introducing the World to VMware NSX](https://reader034.fdocuments.net/reader034/viewer/2022042602/556bffcdd8b42a6d768b4fd5/html5/thumbnails/34.jpg)
39 39
VMware NSX – Deployment Use Cases
Self-Service IT
Dev X
Dev A
Test X
Acquisition A
DevOps Cloud
On-boarding M&A
Application specific networking
Flexible IP Address Mgmt
Simplified consumption
Key Capabilities
Examples
Data Center
Automation
Micro-segmentation of App
Simplifying Compute Silos
DMZ Deployments
Programmatic Consumption
Full featured stack
Visibility and ops
Key Capabilities
Examples
Public Clouds
XaaS Clouds
Vertical Clouds
Multi-tenant Deployment
Programmatic L2, L3, Security
Overlapping IP Addressing
Any Hypervisor, Any CMP
Key Capabilities
Examples
![Page 35: VMworld 2013: NSX: Introducing the World to VMware NSX](https://reader034.fdocuments.net/reader034/viewer/2022042602/556bffcdd8b42a6d768b4fd5/html5/thumbnails/35.jpg)
40 40
vSphere
X86 Hosts
KVM Xen Server Hyper-V
Line Rate
Bi-directional
Any-to-Any
Physical or
Virtual
Hardware
Software
Hardware
Software
Any Cloud Management Platform
VMware NSX API
Line Rate
Bidirectional
No
Tromboning
Line Rate
Bidirectional
Kernel Integrated
25,000 CPS
2.5 million
Sessions
15 gbps
100K CPS
1M Concurrent
FW, LB, VPN
The New Role of Software Networking
Distributed
Switching
Distributed
Routing
Distributed
Firewall
Edge
Services
VMware NSX Software (Network Hypervisor)
Virtual Networks
Existing Network Infrastructure
![Page 36: VMworld 2013: NSX: Introducing the World to VMware NSX](https://reader034.fdocuments.net/reader034/viewer/2022042602/556bffcdd8b42a6d768b4fd5/html5/thumbnails/36.jpg)
41 41
Imagine the Possibilities ..
Install
Network Fabric Spine, Cable Plant
Deploy Infrastructure Services
VMware NSX, CMP
![Page 37: VMworld 2013: NSX: Introducing the World to VMware NSX](https://reader034.fdocuments.net/reader034/viewer/2022042602/556bffcdd8b42a6d768b4fd5/html5/thumbnails/37.jpg)
42 42
Build a Flexible Infrastructure
Connect Rack Utilities
Network Uplinks, Power
Auto-provision Top of Rack Switches
Image is loaded, IP, L3 Fabric
Auto-Deploy Hypervisors
Drivers, NSX Components
![Page 38: VMworld 2013: NSX: Introducing the World to VMware NSX](https://reader034.fdocuments.net/reader034/viewer/2022042602/556bffcdd8b42a6d768b4fd5/html5/thumbnails/38.jpg)
43 43
Just “Rack N’ Roll”
Deploy Applications from CMP
VMs, Logical Networks and Security
Add Capacity on Demand
![Page 39: VMworld 2013: NSX: Introducing the World to VMware NSX](https://reader034.fdocuments.net/reader034/viewer/2022042602/556bffcdd8b42a6d768b4fd5/html5/thumbnails/39.jpg)
44 44
Related Sessions & Resources
Introductory Topics
• NET5184 – Designing your Data Center for Network Virtualization
• NET7388-S – Network Virtualization – Moving Beyond the Obvious
Advanced Topics
• NET5584 – Deploying Network Virtualization
• NET5716 – Advanced NSX Architecture
• NET5266 – Bringing Network Virtualization to VMware Environments with NSX
• NET5270 – Virtualized Network Services Model with NSX
NSX Hands-on Labs
• HOL-SDC-1303
• HOL-SDC-1319
Blogs - http://blogs.vmware.com/networkvirtualization/
Twitter: @VMwareNSX
![Page 40: VMworld 2013: NSX: Introducing the World to VMware NSX](https://reader034.fdocuments.net/reader034/viewer/2022042602/556bffcdd8b42a6d768b4fd5/html5/thumbnails/40.jpg)
THANK YOU
![Page 41: VMworld 2013: NSX: Introducing the World to VMware NSX](https://reader034.fdocuments.net/reader034/viewer/2022042602/556bffcdd8b42a6d768b4fd5/html5/thumbnails/41.jpg)
![Page 42: VMworld 2013: NSX: Introducing the World to VMware NSX](https://reader034.fdocuments.net/reader034/viewer/2022042602/556bffcdd8b42a6d768b4fd5/html5/thumbnails/42.jpg)
NSX: Introducing the World to VMware NSX
Milin Desai, VMware
Sachin Thakkar, VMware
NET5847
#NET5847