Successfully reported this slideshow.
We use your LinkedIn profile and activity data to personalize ads and to show you more relevant ads. You can change your ad preferences anytime.

Network Management in System Center 2012 SP1 - VMM

2,761 views

Published on

More info on http://techdays.be.

  • Be the first to comment

  • Be the first to like this

Network Management in System Center 2012 SP1 - VMM

  1. 1. Networking from scratch• How do I offer networking to my virtualization workloads?• How do I make my network resilient to failure?• How do I provide tenant self service?• How can I provide isolation?• How do I maintain consistency in large datacenters?
  2. 2. Steps to a successful deployment 1. Design your network 2. Build and configure hardware to support your design 3. Configure VMM to implement design:  Create logical concepts  Configure hosts  Configure tenants  Deploy workloads
  3. 3. Assumptions for this session Installed VMM server Basic VMM concepts Basic networking concepts  Teaming  Switch  Router/Gateway
  4. 4. Logical view of the network Tenants 1st question: how do I provide isolation? Admin “Internet” Corp Datacenter isolation – Windows Azure Katal NVGRE services separation of infrastructure Gateway on Windows VMM traffic for isolation and QOS server Tenant isolation – keeping Cluster/LM/Storage tenants from each other and Management Provider Network Other protect the infrastructure management servers Tenant 1 Network 1 Tenant 2 Network 1Tenant 2 VM 1 Compute Tenant 1 VM 1Tenant 2 VM 2 Tenant 1 VM 2
  5. 5. Isolation
  6. 6. The limitations of VLANs Limited capacity on each switch and port (4095 max) High maintenance Easy to make mistakes Limits broadcasts
  7. 7. Where should you use VLANsJ Infrastructure networksL Tenant networks are too dynamicThe solution for tenants is network virtualization
  8. 8. Software defined networking (SDN)Ability to create networks on the fly as neededAbility do define capabilities as needed
  9. 9. SP1 :Software Defined Networking Software Defined Networking (management, configuration, data)  Hyper-V Network Virtualization  Extensible Virtual Switch Network Policy/Offloads  SR-IOV  DHCP Guard  IPSec Task Offload  Bandwidth Control  Trunk Mode
  10. 10. Address spaces Logical network Address space defined by Example Corp Corp IT 172.30.0.0/16 Internet ICANN 65.55.57.0/24 Management Datacenter Admin 10.0.0.0/24 Provider Datacenter Admin 10.0.1.0/24 Cluster/Storage/etc… Datacenter Admin 10.0.2.0/24 Tenant N Tenant 192.168.1.0/24
  11. 11. Host configurationThree optionsNon-converged ConvergedOption1 Converged Option1+ Converged Option2
  12. 12. Host configuration… with teamingTwo ways to get there:Manual configuration in host properties Bare metal deployment• Already deployed hosts • Consistent deployment• Updating an existing configuration • Use host profile • Can re-deploy
  13. 13. Merging physical and logicalIn VMM
  14. 14. Creating logical switch• Automatic team creation • More up-front configuration• Configuration for DC on a single object • Limits live migration• Compliance• Access to hyper-v port settings• 3rd party extension management• Updates get applied to all hosts
  15. 15. Single root IO virtualization (SR-IOV)• Virtual switch bypass for high performance • You need bandwidth controls workloads • If your physical adapters don’t support it • Limited number of VMs that can use it per host
  16. 16. Tenant configurationUsing network virtualization for isolationNVGRE gateway gives tenants access to outside world• Private cloud: route to local networks• Hybrid cloud: create site to site tunnelETA: 2nd quarter 2013
  17. 17. VPN Gateway – “Hybrid Cloud”
  18. 18. Logical view of the network Tenants Admin “Internet” Corp Katal NVGRE Gateway VMM Cluster/LM/Storage Management Provider Network Other management servers Tenant 1 Network 1 Tenant 2 Network 1 Tenant 2 VM 1 Compute Tenant 1 VM 1 Tenant 2 VM 2 Tenant 1 VM 2
  19. 19. Tenant configuration - Portclassifications Container for port profile settings  For Hyper-V switch port settings and extension port profiles Reusable Exposed to tenants through cloud
  20. 20. Load Balancing Faces the tier instances Each instance gets one Dynamic IP Back end is usuall on a network with non- routable IPs
  21. 21. Logical view of the network Tenants Admin “Internet” Corp Katal NVGRE Gateway VMM Cluster/LM/Storage Management Provider Network Other management servers Tenant 1 Network 1 Tenant 2 Network 1 Tenant 2 VM 1 Compute Tenant 1 VM 1 Tenant 2 VM 2 Tenant 1 VM 2
  22. 22. Logical view of the network Tenants Admin “Internet” Load Balancer Corp Katal NVGRE Gateway VMM Load Balancer Cluster/LM/Storage Management Provider Network Other management servers Tenant 1 Network 1 Tenant 2 Network 1 Tenant 2 VM 1 Compute Tenant 1 VM 1 Tenant 2 VM 2 Tenant 1 VM 2
  23. 23. Using Virtual Switch Extensions Why?  Add functionality not native to Hyper-V switch  Able to tie virtual to physical network together Examples Cisco Nexus 1000v – Public Beta now available!!! InMon sflow NEC OpenFlow 5nine
  24. 24. Session Goals
  25. 25. Virtual Machine Manager 2012Scenarios“I want this VM to connect to the Corp network” Answer: Logical Networks“I want to create a template that I can deployanywhere” Answer: Logical Network Definitions“I want IP addresses assigned automatically” Answer: IP Pools“I want to scale out applications” Answer: Load Balancers
  26. 26. Network ManagementVMM 2012 LOGICAL NETWORKS ADDRESS POOLS LOAD BALANCERS Classify network for VMs to • Allocate a static IP • Apply settings for load access address to VMs from a balancer capability in preconfigured pool service deployment Map to network topology • Create IP pool as a • Control load balancer Allocate to hosts and clouds managed range of IP through vendor provider address assignments based on PowerShell • Create MAC address pool • Create virtual IP as a managed range of templates consisting of MAC address load balancer assignments configuration settings
  27. 27. Logical NetworkA logical abstraction for the type or class of network a VM connects to Internet VM to VM Data
  28. 28. Network objects Logical Logical Subnet- IP Pool Network 1-M network 1-M VLAN 1-M definition “StaticSrv” “10.0.0.0/24” “10.0.0.1- “Corp” “Building 42” “VLAN 5” 10.0.0.99” Host group Virtual network “Production” adapter Physical network adapter Virtual switch
  29. 29. Address Pools IP POOLS MAC POOLS VIRTUAL IP POOLS Assigned to VMs, vNICs, Assigned to VMs Assigned to service tiers hosts, and virtual IPs that use a load balancer (VIP’s) Specified use in VM template creation Reserved within IP Pools Specified use in VM template creation Checked out at VM Assigned to clouds creation—assigned Checked out at VM before VM boot Checked out at service creation—assigns static IP deployment in VM Returned on VM deletion Returned on service Returned on VM deletion deletion
  30. 30. Load Balancer Support AUTOMATION SUPPORTED VIRTUAL IP TEMPLATES BALANCERS Connect to load balancer F5 BIG-IP Specifies preconfigured through hardware properties for configuring provider Brocade ServerIron ADX a load balancer at service deployment Assign to clouds, host Citrix NetScaler groups, and logical Specifies load balancing Microsoft Network Load networks methods—round robin, Balancer least connections, fastest Configure load balancing response method and add virtual IP on service deployment
  31. 31. PowerShell - Creating a LogicalNetwork
  32. 32. PowerShell – IP Pools
  33. 33. PowerShell – IP Pool Queries
  34. 34. What’s new in Service Pack 1Networking Scenarios
  35. 35. ConnectivityVM Networks
  36. 36. VM NetworksNo IsolationPass-through to Logical NetworkMaximum of one per Logical network VM Network No Isolation “mgmt” Logical Logical Subnet- IP Pool Network network VLAN definition “StaticSrv” “10.0.0.0/24” “10.0.0.1- “Corp” “Building 42” “VLAN 5” 10.0.0.99”
  37. 37. Hyper-V Network Virtualization Blue VM Red VM Blue Network Red Network Virtualization Physical Physical Server NetworkServer Virtualization Hyper-V Network  Run multiple virtual servers Virtualization on a physical server  Run multiple virtual networks on a  Each VM has illusion it is running as a physical network physical server  Each virtual network has illusion it is running as a physical network
  38. 38. Virtualize Customer Addresses Provider Address Space (PA) Blue System Center Datacenter Network Corp Blue Virtualization Policy 10.0.0.5 10.0.0.7 Blue 10.0.0.5 192.168.4.11 192.168.4.11 192.168.4.22 10.0.0.7 192.168.4.22 Host 1 Host 2 Blue Blue 10.0.0.5 192.168.4.11 10.0.0.5 192.168.4.11 Red Red 10.0.0.7 192.168.4.22 Red 10.0.0.7 192.168.4.22 Corp Red Red 10.0.0.5 192.168.4.11 10.0.0.5 10.0.0.7 192.168.4.11 192.168.4.22 10.1.1.1 192.168.4.11 10.1.1.2 192.168.4.22 10.0.0.5 10.0.0.7 192.168.4.22 10.0.0.7 Blue1 Red1 Blue2 Red2 10.0.0.5 10.0.0.5 10.0.0.7 10.0.0.7 Customer Address Space (CA)
  39. 39. VM NetworksHyper-V Network VirtualizationDefault method is to encapsulate packets usingNVGREA VM Network defines a routing domain A routing domain can contain multipleVM Subnet VM virtual subnets IP Pool Network 192.168.0.0 (CA) Net. Virt. /16 192.168.0.2 “Finance” 192.168.0.9 9 Logical Logical Subnet- IP Pool Network network VLAN (PA) definition “10.0.0.0/24” “StaticSrv” “Corp” “Building 42” “VLAN 5” “10.0.0.1- 10.0.0.99”
  40. 40. VM NetworksHyper-V Network Virtualization GatewaysVMM will manage and configure gateways for NV Routing gateway VPN gateway
  41. 41. VM NetworksVLANOne VLAN per VM NetworkUses VLANs from Logical Network Definitions Introducing new Logical Network property for ―Not Connected‖ VM VM Subnet Network “99.0.0.0/24 VLAN ” “Finance” 44 Logical Logical Subnet- IP Pool Network network VLAN definition “StaticSrv” Not “99.0.0.0/24” “99.0.0.1- Connected “B42Tenants “VLAN 44” 99.0.0.99” “TenantVLANs ”
  42. 42. VM NetworksExternalIsolation is managed by switch extensionVM Networks are imported from extension manager IP Pool VM VM Subnet Network “StaticSrv” External “99.0.0.1- “Finance” 99.0.0.99” Logical Logical Network 1-M network definition Not Connected “B27Tenants “TenantNets” ”
  43. 43. VM Network Powershell
  44. 44. What’s new in Service Pack 1Networking Scenarios
  45. 45. CapabilityDefines how a network adapter is able to use its connection Quality of service Security MonitoringCapabilities are provided by Hyper-V Extensible Virtual Switch andextensions
  46. 46. Key Tenets for Hyper-V Extensible SwitchKey Tenets BenefitExtensible, not replaceable Added features don’t remove other featuresPluggable switch Extensions process all network traffic, including VM-to-VM1st class citizen of system Live Migration and offloads just work; Extensions work togetherOpen & public API model Large ecosystem of extensionsLogo certification and rich OS High quality extensionsframeworkUnified Tracing thru virtual switch Shorter down times
  47. 47. Extensions are Filters orWindows Filtering PlatformProvidersExtension state/configurationis unique to each instance ofan Extensible Switch on amachine
  48. 48. VMM Management of Switch CA1 CA2 CA1Extensions VM1 VM2 VMU Hardware 3rd Party components SCVMM Virtualization Root Partition VMM VMM Agent Server Vendor SCVMM Plugin Physical NIC Physical NIC Vendor network mgmt (SRIOV) (Non SRIOV) console Top of rack switch Policy database
  49. 49. Extension Manager IntegrationSupplies network objects and policy to VMM 3rd Party Extension Manager VMM Provider Virtual 1. Import: Switch Logical Networks Extension Policy IP Pools Manager database VM Networks (VSEM) Port Profiles Provider Interface
  50. 50. Host NICs Physical Multiple Windows Server 2012 hosts Uplink Uplink Uplink Uplink Uplink Uplink Uplink Uplink pNIC1 pNIC2 pNIC1 pNIC2 pNIC1 pNIC2 pNIC1 pNIC2 …on Host1 …on Host2 …on Host3 …etcVirtual Switch Instances Native Extension1 Native Extension1 Native Extension1 Native Extension1 Switch Switch Switch Switch Settings Extension2 Settings Extension2 Settings Extension2 Extension2 Settings Extension3 Extension3 Extension3 Extension3vNICs VM1 VM2 VM3 VM4 VM5 VM6 VM vNIC1 vNIC1 vNIC1 vNIC1 vNIC1 vNIC1 HostvNICs Host2 Host2 Host Host1 Host1 Host3 Host3 Host4 4 vNIC1 vNIC2 vNIC1 vNIC2 vNIC1 vNIC2 vNIC1 vNIC 2
  51. 51. VMM Switch InfrastructureHost NICs Physical Uplink Uplink Uplink Uplink Uplink Uplink Uplink Uplink pNIC1 pNIC2 pNIC1 pNIC2 pNIC1 pNIC2 pNIC1 pNIC2 Logical Switch Native Switch Extension1 Extension2 Extension3 SettingsvNICs Instances …on Host1 …on Host2 …on Host3 …on Host4 VS VM1 VM2 VM3 VM4 VM5 VM6 VM vNIC1 vNIC1 vNIC1 vNIC1 vNIC1 vNIC1 HostvNICs Host2 Host2 Host Host1 Host1 Host3 Host3 Host4 4 vNIC1 vNIC2 vNIC1 vNIC2 vNIC1 vNIC2 vNIC1 vNIC 2
  52. 52. Logical SwitchA single logical representation of the virtual switch instances whichexist in a group of hosts
  53. 53. Physical NICLogical switch 1-Mobjects Extension 1-M M - M Uplink Port Switch Extensions Uplink Port Profile M - M “Cisco Nexus 1000v” Profile Set Logical Switch “InMon sFlow” M-1 Native 1-M Uplink Port “B42Switch” Profile Self Service User Extension M - M Virtual Port 1-M Port 1-1 Virtual Port Classificati Profile Set Profile on “Fast DB” Native “Web” Virtual Port M-1 “Restricted” Profile 1-M 1-M Cloud vNIC
  54. 54. Physical NICLogical switch 1-Mobjects 1-M Uplink Port Profile Set Logical Switch M-1 Native 1-M Uplink Port “B42Switch” Profile 1-M Port 1-1 Virtual Port Classificati Profile Set on “Fast DB” Native “Web” Virtual Port M-1 “Restricted” Profile 1-M 1-M Cloud vNIC
  55. 55. Windows Server IP Address ManagementIntegration ScriptReports IP Pool utilization from VMM into IPAMCan run on demand or configure as a periodic taskIncluded in the “cd layout” of VMM scriptsIPAMIntegration.ps1
  56. 56. In Review: Session ObjectivesAnd Takeaways

×