VMworld 2013: Deploying VMware NSX Network Virtualization
2 likes936 views
This document discusses deploying VMware NSX Network Virtualization. It covers: 1. The objectives are to learn about NSX deployments with multiple hypervisors, NSX components required, and packet flows in logical networks. 2. The NSX architecture includes features like logical switching, routing, firewall, load balancing and VPN. Key components are the NSX controller, vSwitch, logical switches and NSX gateway. 3. Deploying NSX involves building the physical infrastructure, preparing NSX including the controller and manager, and then consuming applications through the network API.
VMworld 2013: Deploying VMware NSX Network Virtualization
- 1. Deploying VMware NSX Network Virtualization Archish Dalal, VMware Nikhil Kelshikar, VMware NET5584 #NET5584
- 2. 2 Session Objectives Discuss VMware NSX Network Virtualization deployments in an environment with multiple hypervisors Learn about all the NSX components which are required for deployment Understand Simple packet flows in a logical network Observe the deployment workflows
- 3. 3 Recommended Sessions & Labs NET5716 – Advanced NSX Architecture NET5266 – Bringing Network Virtualization to VMware Environments with NSX NET5270 – Virtualized Network Services Model with NSX SEC5582 – Multi-site Deployments with VMware NSX You can actually test all the workflows in the lab HOL-SDC-1319
- 4. 4 Agenda Benefits of Network Virtualization VMware NSX Architecture • NSX Features • NSX System Components Deployment Steps for VMware NSX VMware NSX Capability and Workflows • Demo: Consuming a multi-tier App with VMware NSX • Demo: Logical to Physical Bridging • Demo: Operational Visibility Real-world Customer Use-Cases
- 5. 5 Agenda Benefits of Network Virtualization VMware NSX Architecture • NSX Features • NSX System Components Deployment Steps for VMware NSX VMware NSX Capability and Workflows • Demo: Consuming a multi-tier App with VMware NSX • Demo: Logical to Physical Bridging • Demo: Operational Visibility Real-world Customer Use-Cases
- 6. 6 What Is a Virtual Network? General Purpose Server Hardware Server Hypervisor Requirement: x86 Virtual Machine Virtual Machine Virtual Machine Application Application Application x86 Environment Decoupled Hardware Software General Purpose Networking Hardware Network Hypervisor Requirement: IP Transport Virtual Network Virtual Network Virtual Network Workload Workload Workload L2, L3, L4-7 Network Services
- 7. 7 VMware NSX – Network Virtualization VMware NSX Transforms the Operational Model of the Network Network provisioning time reduced from 7 days to 30 sec Reduce network provisioning time from days to seconds Cost Savings Reduce operational costs by 80% Increase compute asset utilization up to 90% Reduce hardware costs by 40-50% Operational Automation Simplified IP hardware Choice Any Hypervisor: vSphere, KVM, Xen, Hyper-V Any CMP: vCAC, OpenStack Any Network Hardware Partner Ecosystem Any hypervisor Any CMP with Partner
- 8. 8 VMware NSX – Networking & Security Capabilities Any Application (without modification) Virtual Networks VMware NSX Network Virtualization Platform Logical L2 Any Network Hardware Any Cloud Management Platform Logical Firewall Logical Load Balancer Logical L3 Logical VPN Any Hypervisor Logical Switching– Layer 2 over Layer 3, decoupled from the physical network Logical Routing– Routing between virtual networks without exiting the software container Logical Firewall – Distributed Firewall, Kernel Integrated, High Performance Logical Load Balancer – Application Load Balancing in software Logical VPN – Site-to-Site & Remote Access VPN in software NSX API – RESTful API for integration into any Cloud Management Platform Partner Eco-System
- 9. 9 Agenda Benefits of Network Virtualization VMware NSX Architecture • NSX Features • NSX System Components Deployment Steps for VMware NSX VMware NSX Capability and Workflows • Demo: Consuming a multi-tier App with VMware NSX • Demo: Logical to Physical Bridging • Demo: Operational Visibility Real-world Customer Use-Cases
- 10. 10 NSX System Architecture Components NSX Controller Cluster Advanced distributed state management system manages virtual networks and overlay transport tunnels NSX vSwitch Intelligence moves to the edge, in software, embedded in server hypervisor Logical Switches Hypervisor to hypervisor high performance, vendor independent, transport on any physical fabric architecture NSX Gateway Supports connection between logical and physical networks – VLANs, Routing Network API RESTful web services API opens programmatic interface to virtual network infrastructure Any Cloud Management Platform Overlay Transport NSX vSwitch NSX Controller NSX API NSX Gateway Any Network Hardware Any Hypervisor Partner Extensions NSX Manager
- 11. 11 VMware NSX Functional System Overview vSphere Hyper-V* XenServer KVM vSwitch vSwitch vSwitch vSwitch Hosts Data Plane Operations UI Logs/Stats CMP Consumption Tenant UI API Control Plane Run-time state Management Plane API API, config, etc. HA, scale-out Hardware Gateway NSX Manager NSX Controller
- 12. 12 The Network API REST APIs enable programmatic consumption of network resources Consume via any CMP Basic Network Functions – Create/Delete Network, Create / Delete Ports Advanced Functions – Security Profiles, L3, NAT, DHCP, QoS, Mirroring, etc. Self Service User Interface NVP API Virtual Networks Virtual Machines Virtual Storage Custom CMS Storage API Compute API Network API (Neutron) Image Mgmt Accounting & Billing Authorization Virtual Networks and Services Networking API REST API
- 13. 13 NSX Distributed Controller Cluster NSX Controller defines the overlay network state Scale-Out Deployment Model • High-Performance • High-Availability Programmatic Interface • RESTful Web Services API • CMS Integration • OpenStack, CloudStack, Home Grown Does Not sit in the data path Does not manage devices in the fabric
- 14. 14 NSX vSwitch Virtual Switch implemented within Hypervisor Supports Multiple Hypervisors • VMware ESXi – NSX vSwitch • Xen, KVM, etc. – OVS Implementation Tunnel Termination End-point • STT, VXLAN, GRE, IPSec support • Communicates with Controller to build state • Line rate performance Supports Switch Standard Functionality • sFlow • SPAN, RSPAN • Traffic Monitoring • LACP • QoS Marking (DSCP) • and more Hypervisor VM VM VM Logical Network State Transport Network State
- 15. 15 Logical Switches and Overlay Transport Logical Switches define an “Overlay” Network “Underlay” or physical network carries the traffic between hosts Robust Physical Network Infrastructure forms the communication fabric
- 16. 16 Logical Switches and Overlay Transport Robust Physical Network Infrastructure forms the communication fabric Logical Switches can use multiple protocols to build overlay VXLAN, STT, GRE, IPSec Logical Switches define an “Overlay” Network “Underlay” or physical network carries the traffic between hosts
- 17. 17 Logical Switches and Overlay Transport Logical Switches define an “Overlay” Network “Underlay” or physical network carries the traffic between hosts Robust Physical Network Infrastructure forms the communication fabric Logical Switches can use multiple protocols to build overlay VXLAN, STT, GRE, IPSec Multiple logical switches can be created Logical switches provide multi-tenancy
- 18. 18 Overlay Tunnels – How it Works NSX Controller Cluster establishes an overlay network L2 over L3 tunneling mechanism – VXLAN, STT, GRE Packets encapsulated with Logical Switch info PayloadIPL2PayloadIPL2 L2 IP Tunnel Protocol PayloadIPL2 L2 IP Tunnel Protocol PayloadIPL2 VM VMVM VM NSX vSwitch Physical Network ESXi
- 19. 19 Logical Switches – Life of a Packet vSphere Host XenServer Ubuntu/KVM Redhat/KVM vSwitch vSwitch vSwitch vSwitch VM VM VMVM VMVM VM Multiple Tunneling Protocols PayloadIPL2 L2 IP Tunnel Protocol PayloadIPL2 L2 IP Tunnel Protocol PayloadIPL2 PayloadIPL2 QoS Marking (DSCP) Ingress (ACL, QoS, FW) Egress (ACL, QoS, FW) Virtual Networks
- 20. 20 Connecting Physical and Virtual Worlds VM VM VM VM VM VM VM Virtual Network Virtual Network Hypervisor NSX Gateway VLAN VLAN Physical Virtual e.g. Hosted Servers e.g. Cloud Servers 1 1 2 2 3 4 3 4 Bare Metal, Physical Switch or Virtual Appliance
- 21. 21 Agenda Benefits of Network Virtualization VMware NSX Architecture • NSX Features • NSX System Components Deployment Steps for VMware NSX VMware NSX Capability and Workflows • Demo: Consuming a multi-tier App with VMware NSX • Demo: Logical to Physical Bridging • Demo: Operational Visibility Real-world Customer Use-Cases
- 22. 22 NSX Deployment: Build Physical Infrastructure Compute 1 Deploy Network Infrastructure Any Fabric Build a robust network infrastructure Follow vendor best practices around HA Fabric topology independence L2 Fabric or L3 Fabric Install Compute Hosts with Hypervisor of choice Host prep includes Virtual Switch Deployment Identify ToR switches and/or hosts which provide virtual to physical network connectivity
- 23. 23 NSX Deployment: Prepare VMware NSX 2 Deploy VMware NSX NSX Mgmt & Edge Services NSX GW NSX Mgmt Virtual Infrastructure NSX Infrastructure Deploy NSX Controller Install multiple copies for scale and HA Register vSwitches with NSX Controller Typically automated Deploy NSX Manager Prepare NSX Gateway or Physical ToR GW Service
- 24. 24 NSX Deployment: Consume Applications Connect CMP to NSX via REST API vCAC, vCD, OpenStack, CloudStack, etc. Create application profiles including VMs, Logical Networks, Firewall, etc. Deploy applications Tie logical to physical networks as necessary 3 Consumption of Applications CMP Self-Service Programmatic Virtual Network Deployment Logical Networks +
- 25. 25 Deploying Network Virtualization with VMware NSX Compute 1 Deploy Network Infrastructure Any Fabric 2 Prepare VMware NSX NSX Mgmt & Edge Services NSX Edge NSX Mgmt Virtual Infrastructure NSX Infrastructure 3 Consumption of Applications CMP Self-Service Programmatic Virtual Network Deployment Logical Networks +
- 26. 26 Agenda Benefits of Network Virtualization VMware NSX Architecture • NSX Features • NSX System Components Deployment Steps for VMware NSX VMware NSX Capability and Workflows • Demo: Consuming a multi-tier App with VMware NSX • Demo: Logical to Physical Bridging • Demo: Operational Visibility Real-world Customer Use-Cases
- 29. 29 IP Transport Network NSX Controller Cluster Northbound REST API Virtual Network How It Will Be Built IP B Data Plane Control Plane VM Cloud Management Platform ESX HV IP A Corpnet 10.36.x.x VM IP C NSX Edge GW Corpnet 10.36.x.x Existing DC Network(s) KVM HV 1 2 VM1 VM2 VM1 VM2 Tier 1 Network 192.168.100.0/24 Tier 2 1 2 VM VM
- 30. 30 Demo
- 32. 32 Agenda Benefits of Network Virtualization VMware NSX Architecture • NSX Features • NSX System Components Deployment Steps for VMware NSX VMware NSX Capability and Workflows • Demo: Consuming a multi-tier App with VMware NSX • Demo: Logical to Physical Bridging • Demo: Operational Visibility Real-world Customer Use-Cases
- 33. 33 VMware – Deployment Use Cases Self-Service IT Dev X Dev A Test X Acquisition A DevOps Cloud On-boarding M&A Multi-tenancy Flexible IP Address Mgmt Simplified consumption Key Capabilities Examples Data Center Automation Micro-segmentation of App Simplifying Compute Silos DMZ Deployments Scalable Firewall Capabilities Rich Network Services L2,L3 Programmatic Consumption Key Capabilities Examples Public Clouds XaaS Clouds Vertical Clouds Multi-tenant Deployment Security Capabilities Any Hypervisor, Any CMP Key Capabilities Examples
- 34. 34 Recommended Sessions & Labs NET5716 – Advanced NSX Architecture NET5266 – Bringing Network Virtualization to VMware Environments with NSX NET5270 – Virtualized Network Services Model with NSX SEC5582 – Multi-site Deployments with VMware NSX You can actually test all the workflows in the lab HOL-SDC-1319 Want more of the demo – Visit us at the booth to see NSX in action
- 35. 35 Other VMware Activities Related to This Session HOL: HOL-SDC-1319 VMware NSX for Multi-Hypervisor Environments Group Discussions: NET1002-GD NSX for Multi-Hypervisor Environments with Roberto Mari
- 36. THANK YOU
- 38. Deploying VMware NSX Network Virtualization Archish Dalal, VMware Nikhil Kelshikar, VMware NET5584 #NET5584