Downloaded 126 times
Uploaded byChef Software, Inc.
SDN, Network Virtualization and the Software Defined Data Center – Brad Hedlund
The document presented by Brad Hedlund at ChefConf 2013 discusses VMware NSX and its integration with network virtualization, highlighting its components like logical switches, routers, and distributed stateful ACLs. It emphasizes the automation of network services and the transition from manual, error-prone networking to efficient, automated workflows using tools like Chef and OpenStack. The presentation also addresses the performance improvements in app provisioning at PayPal enabled by NSX technology.
More Related Content
Similar to SDN, Network Virtualization and the Software Defined Data Center – Brad Hedlund
![[OpenStack Day in Korea 2015] Track 3-6 - Archiectural Overview of the Open S...](https://cdn.slidesharecdn.com/ss_thumbnails/36-150213070342-conversion-gate02-thumbnail.jpg?width=640&height=640&fit=bounds)
SDN, Network Virtualization and the Software Defined Data Center – Brad Hedlund
- 1. Network Virtualization Brad Hedlund Brad Hedlund -‐ #ChefConf 2013
- 2. What is VMware NSX? Brad Hedlund -‐ #ChefConf 2013 Nicira NVP VMware vCNS NSX Scale-‐out Controller Next gen vSwitch Logical switches Logical routers Distributed statefull ACL ü Edge Firewall ü Load Balancing ü VPN ü GSLB ü App Firewall L2-‐L4 L4-‐L7 Full L2-‐L7 Network Virtualiza<on ü Any Hypervisor ü Any Cloud ü Any Network ü Common API Late 2013 Build your own cloud Shrink wrapped cloud
- 3. Networking *is* stuckin the Past Compute • APIs • Automa<on (Chef) • Mobility • Distributed • Templates & Cookbooks Networking • CLIs • Human + Keyboard • Rigid • Choke points • Manual & Error prone Brad Hedlund -‐ #ChefConf 2013
- 4. Network Virtualization Brad Hedlund -‐ #ChefConf 2013 Hardware SoQware Logical Switches VIRTUALIZATION LAYER Logical Routers 2001 2012 x86 Machine NIC CPU HD RAM Network VLANs VRF ACL NAT Security (Firewall) Virtual Network vCPU vRAM vNIC image Virtual Machine AUTOMATE REPRODUCE DECOUPLE
- 5. LAN segment LAN segment Network Services for Apps Brad Hedlund -‐ #ChefConf 2013 WEB WEB World Router NAT Firewall Load Balancer Firewall APP APP My App GSLB North-‐South Security East-‐West Security App Load Balancing MulT-‐site Load Balancing Shared Physical Appliance BYO Virtual Appliance Full L2-‐L7 Network Virtualiza< RouTng & NAT L2 segments Monitoring
- 6. Compute Service Nodes OVS NVP Manager Controller Controller NVP Controller Fabric Hypervisor Hypervisor Hypervisor L3 Gateway L2 Gateway L3 Gate OVS OVS OVS OVS OVS OVS L2 Gate OVS Service Nodes OVS Quantum Web App DB Switch 2 Switch 3 Router APP APP DB DB y QoS Monitoring NAT irtual Network NVP Components & Architecture NVP API World Physical Edge Brad Hedlund -‐ #ChefConf 2013 World Non-‐virtual hosts / RemoVirtual Edge NVP Plug-‐in
- 7. pervisor br0 Linux IP stack 192.168.10.1 WEB WEB APP APP Top of Rack Switch(s) (bond) Config/State DB ovsdb-‐server ovs-‐vswitchd eth0 MGMT Controller Controller NVP Controller eth1 eth2 kernel user TCP 6633 OpenFlow TCP 6632 OVSDB STT/GRE Tunnels br-‐int Brad Hedlund -‐ #ChefConf 2013
- 8. NVP Controller NVP Controller NVP Controller NVP Controller NVP Controller VP Controller scale out Node5 Node4 WebService API Persistent Storage Logical Network Transport Network Node1 Node2 Node3 Controller Cluster Number of NVP Controller in Cluster 3 4 5 7 Majority Number 2 3 3 4 Number of devices that can taken be offline 1 1 2 3 l nodes AcTve orkload sliced and shared ajority rule o split brain ve SoQware Upgrades
- 9. Logical Network (NVP 3.1) br-‐int Logical Switch 2 Logical Switch 1 br-‐int br-‐int Service Node Service Node Hypervisors OpTonal: BUM forwarding offload L3 Gateway L3 Gateway North-‐South L3 L Rout WEB WEB WEB APP APP APP NVP Controller witch L Switch L Router HV1 HV2 HV3 Web App Allow: Egress TCP 80, 443 from ANY Allow: Egress TCP 6000, 9000 from WEB_Servers curity oups World STT/GRE Tunnels Distributed Logical Router 1 East-‐W OpTonal: Source BUM forwarding Brad Hedlund -‐ #ChefConf 2013 NVP Controller NVP Controller
- 10. Chef + NVP+ OpenStack Chef deploys OpenStack nodes Chef deploys OVS on Hypervisors Chef installs NVP Plug-‐in Chef configures NVP Plug-‐in Chef/Script configures NVP Appliances Chef/Script loads NVP snapshot / configures virtual network Brad Hedlund -‐ #ChefConf 2013 From Baremetal to full OpenStack cloud in Minutes At any defined state
- 11. Hypervisors HV1 HV2 DEMO: NVP Snapshots Brad Hedlund -‐ #ChefConf 2013 VM1 VM3 VM2 VM4 192.168.1.2 192.168.1.3 192.168.2.2 192.168.2.3 Logical Switch 2 Logical Switch 1 Distributed Logical Router
- 12. Confidential p provisioning atPayPal: From days to minutes with NSX App Provisioning at PayPal Today Demand 0 to 14 days 0 to 4 days 0 to 21 days 0 to 10 days App Provisioning with NSX From manual, multi-step, no predictable SLA IT… To fast, automated, predictable deployments enabled by NSX Demand 0 to 14 days 0 to 4 days 0 days 0 to 7 days
- 13. Thank You! Have a great evening!! Brad Hedlund -‐ #ChefConf 2013