Network Management in System Center 2012 SP1 - VMM

1,656
-1

Published on

More info on http://techdays.be.

0 Comments
0 Likes
Statistics
Notes
  • Be the first to comment

  • Be the first to like this

No Downloads
Views
Total Views
1,656
On Slideshare
0
From Embeds
0
Number of Embeds
0
Actions
Shares
0
Downloads
100
Comments
0
Likes
0
Embeds 0
No embeds

No notes for slide
  • In this session we will start with an empty network jack with connectivity to the outside world.We will setup a data center.This session will:Set expectations on what you will encounter as you embark on a setupProvide background knowledge on what is needed to accomplish thatFor the next 75 min we are all datacenter admins
  • http://technet.microsoft.com/en-us/library/hh831559.aspxhttp://technet.microsoft.com/en-us/library/hh831738http://technet.microsoft.com/en-us/library/hh831829.aspx
  • Why?Configuration for DC on a single objectComplianceAccess to hyper-v port settings3rd party extensionsUpdates get applied to all hostsWhy not?More setup up frontLimits live migration
  • Demo: Show default classifications and port profiles Create uplink port profile – set teaming modes Create virtual port profile Create LS Enable teaming Add port profiles Add switch to host
  • Now that hosts are setup what can you do with it?
  • Now that hosts are setup what can you do with it?
  • This slide is required. Do NOT delete. This should be the first slide after your Title Slide. This is an important year and we need to arm our attendees with the information they can use to Grow Share! Please ensure that your objectives are SMART (defined below) and that they will enable them to go in and win against the competition to grow share. If you have questions, please contact your Track PM for guidance. We have also posted guidance on writing good objectives, out on the Speaker Portal (https://www.mytechready.com).  This slide should introduce the session by identifying how this information helps the attendee, partners and customers be more successful. Why is this content important?This slide should call out what’s important about the session (sort of the why should we care, why is this important and how will it help our customers/partners be successful) as well as the key takeaways/objectives associated with the session. Call out what attendees will be able to execute on using the information gained in this session. What will they be able to walk away from this session and execute on with their customers.Good Objectives should be SMART (specific, measurable, achievable, realistic, time-bound). Focus on the key takeaways and why this information is important to the attendee, our partners and our customers.Each session has objectives defined and published on www.mytechready.com, please work with your Track PM to call these out here in the slide deck.If you have questions, please contact your Track PM. See slide 5 in this template for a complete list of Tracks and TPMs.
  • Network Management in System Center 2012 SP1 - VMM

    1. 1. Networking from scratch• How do I offer networking to my virtualization workloads?• How do I make my network resilient to failure?• How do I provide tenant self service?• How can I provide isolation?• How do I maintain consistency in large datacenters?
    2. 2. Steps to a successful deployment 1. Design your network 2. Build and configure hardware to support your design 3. Configure VMM to implement design:  Create logical concepts  Configure hosts  Configure tenants  Deploy workloads
    3. 3. Assumptions for this session Installed VMM server Basic VMM concepts Basic networking concepts  Teaming  Switch  Router/Gateway
    4. 4. Logical view of the network Tenants 1st question: how do I provide isolation? Admin “Internet” Corp Datacenter isolation – Windows Azure Katal NVGRE services separation of infrastructure Gateway on Windows VMM traffic for isolation and QOS server Tenant isolation – keeping Cluster/LM/Storage tenants from each other and Management Provider Network Other protect the infrastructure management servers Tenant 1 Network 1 Tenant 2 Network 1Tenant 2 VM 1 Compute Tenant 1 VM 1Tenant 2 VM 2 Tenant 1 VM 2
    5. 5. Isolation
    6. 6. The limitations of VLANs Limited capacity on each switch and port (4095 max) High maintenance Easy to make mistakes Limits broadcasts
    7. 7. Where should you use VLANsJ Infrastructure networksL Tenant networks are too dynamicThe solution for tenants is network virtualization
    8. 8. Software defined networking (SDN)Ability to create networks on the fly as neededAbility do define capabilities as needed
    9. 9. SP1 :Software Defined Networking Software Defined Networking (management, configuration, data)  Hyper-V Network Virtualization  Extensible Virtual Switch Network Policy/Offloads  SR-IOV  DHCP Guard  IPSec Task Offload  Bandwidth Control  Trunk Mode
    10. 10. Address spaces Logical network Address space defined by Example Corp Corp IT 172.30.0.0/16 Internet ICANN 65.55.57.0/24 Management Datacenter Admin 10.0.0.0/24 Provider Datacenter Admin 10.0.1.0/24 Cluster/Storage/etc… Datacenter Admin 10.0.2.0/24 Tenant N Tenant 192.168.1.0/24
    11. 11. Host configurationThree optionsNon-converged ConvergedOption1 Converged Option1+ Converged Option2
    12. 12. Host configuration… with teamingTwo ways to get there:Manual configuration in host properties Bare metal deployment• Already deployed hosts • Consistent deployment• Updating an existing configuration • Use host profile • Can re-deploy
    13. 13. Merging physical and logicalIn VMM
    14. 14. Creating logical switch• Automatic team creation • More up-front configuration• Configuration for DC on a single object • Limits live migration• Compliance• Access to hyper-v port settings• 3rd party extension management• Updates get applied to all hosts
    15. 15. Single root IO virtualization (SR-IOV)• Virtual switch bypass for high performance • You need bandwidth controls workloads • If your physical adapters don’t support it • Limited number of VMs that can use it per host
    16. 16. Tenant configurationUsing network virtualization for isolationNVGRE gateway gives tenants access to outside world• Private cloud: route to local networks• Hybrid cloud: create site to site tunnelETA: 2nd quarter 2013
    17. 17. VPN Gateway – “Hybrid Cloud”
    18. 18. Logical view of the network Tenants Admin “Internet” Corp Katal NVGRE Gateway VMM Cluster/LM/Storage Management Provider Network Other management servers Tenant 1 Network 1 Tenant 2 Network 1 Tenant 2 VM 1 Compute Tenant 1 VM 1 Tenant 2 VM 2 Tenant 1 VM 2
    19. 19. Tenant configuration - Portclassifications Container for port profile settings  For Hyper-V switch port settings and extension port profiles Reusable Exposed to tenants through cloud
    20. 20. Load Balancing Faces the tier instances Each instance gets one Dynamic IP Back end is usuall on a network with non- routable IPs
    21. 21. Logical view of the network Tenants Admin “Internet” Corp Katal NVGRE Gateway VMM Cluster/LM/Storage Management Provider Network Other management servers Tenant 1 Network 1 Tenant 2 Network 1 Tenant 2 VM 1 Compute Tenant 1 VM 1 Tenant 2 VM 2 Tenant 1 VM 2
    22. 22. Logical view of the network Tenants Admin “Internet” Load Balancer Corp Katal NVGRE Gateway VMM Load Balancer Cluster/LM/Storage Management Provider Network Other management servers Tenant 1 Network 1 Tenant 2 Network 1 Tenant 2 VM 1 Compute Tenant 1 VM 1 Tenant 2 VM 2 Tenant 1 VM 2
    23. 23. Using Virtual Switch Extensions Why?  Add functionality not native to Hyper-V switch  Able to tie virtual to physical network together Examples Cisco Nexus 1000v – Public Beta now available!!! InMon sflow NEC OpenFlow 5nine
    24. 24. Session Goals
    25. 25. Virtual Machine Manager 2012Scenarios“I want this VM to connect to the Corp network” Answer: Logical Networks“I want to create a template that I can deployanywhere” Answer: Logical Network Definitions“I want IP addresses assigned automatically” Answer: IP Pools“I want to scale out applications” Answer: Load Balancers
    26. 26. Network ManagementVMM 2012 LOGICAL NETWORKS ADDRESS POOLS LOAD BALANCERS Classify network for VMs to • Allocate a static IP • Apply settings for load access address to VMs from a balancer capability in preconfigured pool service deployment Map to network topology • Create IP pool as a • Control load balancer Allocate to hosts and clouds managed range of IP through vendor provider address assignments based on PowerShell • Create MAC address pool • Create virtual IP as a managed range of templates consisting of MAC address load balancer assignments configuration settings
    27. 27. Logical NetworkA logical abstraction for the type or class of network a VM connects to Internet VM to VM Data
    28. 28. Network objects Logical Logical Subnet- IP Pool Network 1-M network 1-M VLAN 1-M definition “StaticSrv” “10.0.0.0/24” “10.0.0.1- “Corp” “Building 42” “VLAN 5” 10.0.0.99” Host group Virtual network “Production” adapter Physical network adapter Virtual switch
    29. 29. Address Pools IP POOLS MAC POOLS VIRTUAL IP POOLS Assigned to VMs, vNICs, Assigned to VMs Assigned to service tiers hosts, and virtual IPs that use a load balancer (VIP’s) Specified use in VM template creation Reserved within IP Pools Specified use in VM template creation Checked out at VM Assigned to clouds creation—assigned Checked out at VM before VM boot Checked out at service creation—assigns static IP deployment in VM Returned on VM deletion Returned on service Returned on VM deletion deletion
    30. 30. Load Balancer Support AUTOMATION SUPPORTED VIRTUAL IP TEMPLATES BALANCERS Connect to load balancer F5 BIG-IP Specifies preconfigured through hardware properties for configuring provider Brocade ServerIron ADX a load balancer at service deployment Assign to clouds, host Citrix NetScaler groups, and logical Specifies load balancing Microsoft Network Load networks methods—round robin, Balancer least connections, fastest Configure load balancing response method and add virtual IP on service deployment
    31. 31. PowerShell - Creating a LogicalNetwork
    32. 32. PowerShell – IP Pools
    33. 33. PowerShell – IP Pool Queries
    34. 34. What’s new in Service Pack 1Networking Scenarios
    35. 35. ConnectivityVM Networks
    36. 36. VM NetworksNo IsolationPass-through to Logical NetworkMaximum of one per Logical network VM Network No Isolation “mgmt” Logical Logical Subnet- IP Pool Network network VLAN definition “StaticSrv” “10.0.0.0/24” “10.0.0.1- “Corp” “Building 42” “VLAN 5” 10.0.0.99”
    37. 37. Hyper-V Network Virtualization Blue VM Red VM Blue Network Red Network Virtualization Physical Physical Server NetworkServer Virtualization Hyper-V Network  Run multiple virtual servers Virtualization on a physical server  Run multiple virtual networks on a  Each VM has illusion it is running as a physical network physical server  Each virtual network has illusion it is running as a physical network
    38. 38. Virtualize Customer Addresses Provider Address Space (PA) Blue System Center Datacenter Network Corp Blue Virtualization Policy 10.0.0.5 10.0.0.7 Blue 10.0.0.5 192.168.4.11 192.168.4.11 192.168.4.22 10.0.0.7 192.168.4.22 Host 1 Host 2 Blue Blue 10.0.0.5 192.168.4.11 10.0.0.5 192.168.4.11 Red Red 10.0.0.7 192.168.4.22 Red 10.0.0.7 192.168.4.22 Corp Red Red 10.0.0.5 192.168.4.11 10.0.0.5 10.0.0.7 192.168.4.11 192.168.4.22 10.1.1.1 192.168.4.11 10.1.1.2 192.168.4.22 10.0.0.5 10.0.0.7 192.168.4.22 10.0.0.7 Blue1 Red1 Blue2 Red2 10.0.0.5 10.0.0.5 10.0.0.7 10.0.0.7 Customer Address Space (CA)
    39. 39. VM NetworksHyper-V Network VirtualizationDefault method is to encapsulate packets usingNVGREA VM Network defines a routing domain A routing domain can contain multipleVM Subnet VM virtual subnets IP Pool Network 192.168.0.0 (CA) Net. Virt. /16 192.168.0.2 “Finance” 192.168.0.9 9 Logical Logical Subnet- IP Pool Network network VLAN (PA) definition “10.0.0.0/24” “StaticSrv” “Corp” “Building 42” “VLAN 5” “10.0.0.1- 10.0.0.99”
    40. 40. VM NetworksHyper-V Network Virtualization GatewaysVMM will manage and configure gateways for NV Routing gateway VPN gateway
    41. 41. VM NetworksVLANOne VLAN per VM NetworkUses VLANs from Logical Network Definitions Introducing new Logical Network property for ―Not Connected‖ VM VM Subnet Network “99.0.0.0/24 VLAN ” “Finance” 44 Logical Logical Subnet- IP Pool Network network VLAN definition “StaticSrv” Not “99.0.0.0/24” “99.0.0.1- Connected “B42Tenants “VLAN 44” 99.0.0.99” “TenantVLANs ”
    42. 42. VM NetworksExternalIsolation is managed by switch extensionVM Networks are imported from extension manager IP Pool VM VM Subnet Network “StaticSrv” External “99.0.0.1- “Finance” 99.0.0.99” Logical Logical Network 1-M network definition Not Connected “B27Tenants “TenantNets” ”
    43. 43. VM Network Powershell
    44. 44. What’s new in Service Pack 1Networking Scenarios
    45. 45. CapabilityDefines how a network adapter is able to use its connection Quality of service Security MonitoringCapabilities are provided by Hyper-V Extensible Virtual Switch andextensions
    46. 46. Key Tenets for Hyper-V Extensible SwitchKey Tenets BenefitExtensible, not replaceable Added features don’t remove other featuresPluggable switch Extensions process all network traffic, including VM-to-VM1st class citizen of system Live Migration and offloads just work; Extensions work togetherOpen & public API model Large ecosystem of extensionsLogo certification and rich OS High quality extensionsframeworkUnified Tracing thru virtual switch Shorter down times
    47. 47. Extensions are Filters orWindows Filtering PlatformProvidersExtension state/configurationis unique to each instance ofan Extensible Switch on amachine
    48. 48. VMM Management of Switch CA1 CA2 CA1Extensions VM1 VM2 VMU Hardware 3rd Party components SCVMM Virtualization Root Partition VMM VMM Agent Server Vendor SCVMM Plugin Physical NIC Physical NIC Vendor network mgmt (SRIOV) (Non SRIOV) console Top of rack switch Policy database
    49. 49. Extension Manager IntegrationSupplies network objects and policy to VMM 3rd Party Extension Manager VMM Provider Virtual 1. Import: Switch Logical Networks Extension Policy IP Pools Manager database VM Networks (VSEM) Port Profiles Provider Interface
    50. 50. Host NICs Physical Multiple Windows Server 2012 hosts Uplink Uplink Uplink Uplink Uplink Uplink Uplink Uplink pNIC1 pNIC2 pNIC1 pNIC2 pNIC1 pNIC2 pNIC1 pNIC2 …on Host1 …on Host2 …on Host3 …etcVirtual Switch Instances Native Extension1 Native Extension1 Native Extension1 Native Extension1 Switch Switch Switch Switch Settings Extension2 Settings Extension2 Settings Extension2 Extension2 Settings Extension3 Extension3 Extension3 Extension3vNICs VM1 VM2 VM3 VM4 VM5 VM6 VM vNIC1 vNIC1 vNIC1 vNIC1 vNIC1 vNIC1 HostvNICs Host2 Host2 Host Host1 Host1 Host3 Host3 Host4 4 vNIC1 vNIC2 vNIC1 vNIC2 vNIC1 vNIC2 vNIC1 vNIC 2
    51. 51. VMM Switch InfrastructureHost NICs Physical Uplink Uplink Uplink Uplink Uplink Uplink Uplink Uplink pNIC1 pNIC2 pNIC1 pNIC2 pNIC1 pNIC2 pNIC1 pNIC2 Logical Switch Native Switch Extension1 Extension2 Extension3 SettingsvNICs Instances …on Host1 …on Host2 …on Host3 …on Host4 VS VM1 VM2 VM3 VM4 VM5 VM6 VM vNIC1 vNIC1 vNIC1 vNIC1 vNIC1 vNIC1 HostvNICs Host2 Host2 Host Host1 Host1 Host3 Host3 Host4 4 vNIC1 vNIC2 vNIC1 vNIC2 vNIC1 vNIC2 vNIC1 vNIC 2
    52. 52. Logical SwitchA single logical representation of the virtual switch instances whichexist in a group of hosts
    53. 53. Physical NICLogical switch 1-Mobjects Extension 1-M M - M Uplink Port Switch Extensions Uplink Port Profile M - M “Cisco Nexus 1000v” Profile Set Logical Switch “InMon sFlow” M-1 Native 1-M Uplink Port “B42Switch” Profile Self Service User Extension M - M Virtual Port 1-M Port 1-1 Virtual Port Classificati Profile Set Profile on “Fast DB” Native “Web” Virtual Port M-1 “Restricted” Profile 1-M 1-M Cloud vNIC
    54. 54. Physical NICLogical switch 1-Mobjects 1-M Uplink Port Profile Set Logical Switch M-1 Native 1-M Uplink Port “B42Switch” Profile 1-M Port 1-1 Virtual Port Classificati Profile Set on “Fast DB” Native “Web” Virtual Port M-1 “Restricted” Profile 1-M 1-M Cloud vNIC
    55. 55. Windows Server IP Address ManagementIntegration ScriptReports IP Pool utilization from VMM into IPAMCan run on demand or configure as a periodic taskIncluded in the “cd layout” of VMM scriptsIPAMIntegration.ps1
    56. 56. In Review: Session ObjectivesAnd Takeaways

    ×