1 / 38

Under the Hood: Network Virtualization with OpenStack Neutron and VMware NSX

Under the Hood: Network Virtualization with OpenStack Neutron and VMware NSX. Somik Behera – NSX Product Manager Dimitri Desmidt - NSX Senior Technical Product Manager. Agenda. Intro – VMware philosophy on OpenStack (2 minutes) Why Neutron + NSX VMware Plugin (20minutes)

shayna
Download Presentation

Under the Hood: Network Virtualization with OpenStack Neutron and VMware NSX

An Image/Link below is provided (as is) to download presentation Download Policy: Content on the Website is provided to you AS IS for your information and personal use and may not be sold / licensed / shared on other websites without getting consent from its author. Content is provided to you AS IS for your information and personal use only. Download presentation by click this link. While downloading, if for some reason you are not able to download a presentation, the publisher may have deleted the file from their server. During download, if you can't get a presentation, the file might be deleted by the publisher.

E N D

Presentation Transcript

  1. Under the Hood: Network Virtualization with OpenStack Neutron and VMware NSX Somik Behera – NSX Product Manager Dimitri Desmidt - NSX Senior Technical Product Manager

  2. Agenda • Intro – VMware philosophy on OpenStack (2 minutes) • Why Neutron + NSX VMware Plugin (20minutes) • Demo of OpenStack + "vCenter/KVM" + "Neutron/NSX VMware Plugin" (10 minutes) • Q&A (10 minutes)

  3. Agenda • Intro – VMware philosophy on OpenStack (2 minutes) • Why Neutron + NSX VMware Plugin (20 minutes) • Demo of OpenStack + "vCenter/KVM" + "Neutron/NSX VMware Plugin" (10 minutes) • Q&A (10 minutes)

  4. VMware Philosophy on OpenStack The Foundation for IT: Software Defined Datacenter Virtual Workspace Manage access to services, applications and data for any device • OpenStack • An open framework for building clouds • Assembles a solution from underlying Compute, Network, Storage components. • Can be managed and automated using many solutions. Private Clouds Public Clouds Hybrid Cloud Seamlessly extend your data center to the public cloud Software-Defined Data Center Virtualize the entire data center Management and Automation Storage and Availability Network and Security Compute • Customer Choice • VMware supports Customer choice. • Our support for OpenStack enables choice • An Opportunity for VMware SDDC • VMware SDDC provides best-in-class Compute, Network, Storage & management solutions for OpenStack. • We view OpenStack as an opportunity for VMware SDDC portfolio.

  5. VMware Technologies and OpenStack Tenant-Side Horizon ( Web Portal ) CLI Tools & Scripts (DevOps Automation) vCAC Application Director Benefits of OpenStack API & Ecosystem Nova (Compute) Neutron (Network) Cinder (Block Storage) Glance (Image Store) Choice of best-in-class virtualization & management technologies vSphere & vCenter NSX vSAN vCenter (Image Catalog) OpenStack or 3rd Party Component VMware Component Cloud Operator Tools (vCenter, vCOPs, Log Insight etc.) Third Party Operator tools (Puppet/Chef, scripts, nagios...) Operator-Side

  6. Agenda • Intro – VMware philosophy on OpenStack (2 minutes) • Why Neutron + NSX VMware Plugin (20 minutes) • Demo of OpenStack + "vCenter/KVM" + "Neutron/NSX VMware Plugin" (10 minutes) • Q&A (10 minutes)

  7. OpenStack main projects Provides UI for other projects Dashboard (horizon) Provides network connectivity Network (Neutron) Stores Images as Objects Provides Images Provides Authentication and Service Catalog for other Projects Image repo (glance) Object Storage (Swift) Compute (nova) Provides volumes Block Storage (cinder) Identity (keystone)

  8. Why Neutron + NSX VMware Plugin • OpenStack Networking before Neutron • Why people use OpenStack with Neutron? • Why people use OpenStack with Neutron + NSX VMware Plugin?

  9. OpenStack Networking before Neutron • Nova offers "networking as a service" in OpenStack (nova-network) • Note: It was the only offer before Quantum (old Neutron project name) • Nova-network is still present today, and can be used instead of Neutron • Points to keep in mind: • Limited Network Topologies supported • Only Flat, • Flat DHCP • and VLAN DHCP

  10. OpenStack Networking before Neutron • Nova offers "networking as a service" in OpenStack (nova-network) • Note: It was the only offer before Quantum (old Neutron project name) • Nova-network is still present today, and can be used instead of Neutron • Points to keep in mind: • Limited Network Topologies supported • Only Flat, • Flat DHCP • and VLAN DHCP • No 3-tier Network topology supported

  11. OpenStack Networking before Neutron • Nova offers "networking as a service" in OpenStack (nova-network) • Note: It was the only offer before Quantum (old Neutron project name) • Nova-network is still present today, and can be used instead of Neutron • Points to keep in mind: • Limited Network Topologies supported • Limited Scale and Network Services supported • Scale • L2 (using VLAN), DHCP&DNS (using dnsmask), Security (using IPtables on hypervisors) • IP address management (using SQL DB table) • Limited Network Services • No self-tenant L3, no Load Balancer, no VPN.

  12. OpenStack Networking before Neutron • Nova offers "networking as a service" in OpenStack (nova-network) • Note: It was the only offer before Quantum (old Neutron project name) • Nova-network is still present today, and can be used instead of Neutron • Points to keep in mind: • Limited Network Topologies supported • Limited Network Services supported • No integration with 3rd party Network solutions • No ability to use 3rd parties to overcome the limitations of nova-network

  13. OpenStack Networking before Neutron • Nova offers "networking as a service" in OpenStack (nova-network) • Note: It was the only offer before Quantum (old Neutron project name) • Nova-network is still present today, and can be used instead of Neutron • Points to keep in mind: • Limited Network Topologies supported • Limited Network Services supported • No integration with 3rd party Network solutions • Complex/Limited HA and management/monitoring

  14. Why Neutron + NSX VMware Plugin • OpenStack Networking before Neutron • Why people use OpenStack with Neutron? • Why people use OpenStack with Neutron + NSX VMware Plugin?

  15. Why people use OpenStack with Neutron? • Neutron improves nova-network in multiple areas • Larger number of Network Topologies and services supported • L3: Self-Tenant provisioning • Security (ingress + egress rules support) • LBaSS • VPNaSS (coming)

  16. Why people use OpenStack with Neutron? • Neutron improves nova-network in multiple areas • Larger number of Network Topologies and services supported • L3: Self-Tenant provisioning • Security (ingress + egress rules support) • LBaSS • VPNaSS (coming) • Supports overlay • Remove the VLAN limitation (using overlay with GRE) VM1-IP@  VM2-IP@ VM VM VM VM VM VM VM VM VM VM VM Hypervisor1-IP@  Hypervisor2-IP@ [GRE VM1-IP@  VM2-IP@] Hypervisor Any L2/L3 Fabric

  17. Why people use OpenStack with Neutron? • Neutron improves over nova-network in multiple areas • Larger number of Network Topologies and services supported • L3: Self-Tenant provisioning • Security (ingress + egress rules support) • LBaSS • VPNaSS (coming) • Supports overlay • Remove the VLAN limitation (using overlay with GRE) • Open Solution • Open to 3rd party solution: • VMware NSX Plugin (Nicira Plugin) • LinuxBridge Plugin • OVS Plugin • Cisco UCS / Nexus 5000 Plugin • NEC Ryu Plugin • etc

  18. Why Neutron + NSX VMware Plugin • OpenStack Networking before Neutron • Why people use OpenStack with Neutron? • Why people use OpenStack with Neutron + NSX VMware Plugin?

  19. Why people use OpenStack withNeutron + NSX VMware Plugin? • NSX VMware Plugin improves Neutron in multiple areas • Scale • Very high scale (thanks to the distribution "active/active" of the Control elements) • Per NSX Domain: 60k VMs, 15k tenants, 1k hypervisors (and improved in each release) Active/ Active NSXControllerCluster VM VM VM VM VM VM VM VM VM Hypervisor Any L2/L3 Fabric

  20. Why people use OpenStack withNeutron + NSX VMware Plugin? • NSX VMware Plugin improves Neutron in multiple areas • Scale • Very high scale (thanks to the distribution "active/active" of the Control elements) • Today per NSX Domain: 60k VMs, 15k tenants, 1k hypervisors (and improved in each release) • Very high throughput(thanks to the encapsulation off-loaded on the NIC) • Per hypervisor: 20Gbps (with 2x10Gbps NIC bonding) NSXControllerCluster VM VM VM VM VM VM VM VM VM 20Gbps bi-directional Hypervisor Any L2/L3 Fabric

  21. Why people use OpenStack withNeutron + NSX VMware Plugin? • NSX VMware Plugin improves Neutron in multiple areas • Scale • Very high scale (thanks to the distribution "active/active" of the Control elements) • Today per NSX Domain: 60k VMs, 15k tenants, 1k hypervisors (and improved in each release) • Very high throughput(thanks to the distribution "active/active" of the NVP Network Elements) • Per NVP Gateway: 10Gbps++ NSX L2/L3Gateway NSX L2/L3Gateway NSX L2/L3Gateway Physical Layer Active/ Active NSXControllerCluster VM VM VM VM VM VM 10Gbps++ bi-directional per NVP-GW Hypervisor Any L2/L3 Fabric

  22. Why people use OpenStack withNeutron + NSX VMware Plugin? • NSX VMware Plugin improves Neutron in multiple areas • Scale • Very high scale (thanks to the distribution "active/active" of the Control elements) • Today per NSX Domain: 60k VMs, 15k tenants, 1k hypervisors (and improved in each release) • Very high throughput(thanks to the encapsulation off-loaded on the NIC) • Today per hypervisor: 20Gbps (with 2x10Gbps NIC bonding) • Optimized traffic(thanks to the distribution of L3 and Security) A world without NSX Hypervisor Hypervisor x86 Server DC Fabric Choke Point Neutron Router on Neutron Server

  23. Why people use OpenStack withNeutron + NSX VMware Plugin? • NSX VMware Plugin improves Neutron in multiple areas • Scale • Very high scale (thanks to the distribution "active/active" of the Control elements) • Today per NSX Domain: 60k VMs, 15k tenants, 1k hypervisors (and improved in each release) • Very high throughput(thanks to the encapsulation off-loaded on the NIC) • Today per hypervisor: 20Gbps (with 2x10Gbps NIC bonding) • Optimized traffic(thanks to the distribution of L3 and Security) A world with NSX Hypervisor Hypervisor x86 Server DC Fabric NSX "North/South" Router

  24. Why people use OpenStack withNeutron + NSX VMware Plugin? • NSX VMware Plugin improves Neutron in multiple areas • Scale (scale/throughput/optimization) • HA and management/monitoring • High-Availability of the Network Services is offered by design "for the management" Management Layer Active/ Active NSXControllerCluster VM VM VM VM VM VM VM VM VM Hypervisor Any L2/L3 Fabric

  25. Why people use OpenStack withNeutron + NSX VMware Plugin? • NSX VMware Plugin improves Neutron in multiple areas • Scale (scale/throughput/optimization) • HA and management/monitoring • High-Availability of the Network Services is offered by design "for the transport" with stateful failover for L3 and NAT NSX L2/L3Gateway NSX L2/L3Gateway NSX L2/L3Gateway Physical Layer Active/ Active NSXControllerCluster VM VM VM VM VM VM VM VM VM Hypervisor 802.1q Any L2/L3 Fabric

  26. Why people use OpenStack withNeutron + NSX VMware Plugin? • NSX VMware Plugin improves Neutron in multiple areas • Scale (scale/throughput/optimization) • HA and management/monitoring • High-Availability of the Network Services is offered by design on both management + transport • Management and Monitoring tools (statistics, port monitoring, port mirroring, connection tool, seamless upgrade, etc)

  27. Why people use OpenStack withNeutron + NSX VMware Plugin? 172.16.1.0/24 Default GW: 10.20.2.1 192.168.10.0/24 • NSX VMware Plugin improves Neutron in multiple areas • Scale (scale/throughput/optimization) • HA and management/monitoring • Advanced popular network services • L3 with static routing Default GW: 10.20.2.1 192.168.1.0/24 next-hop 10.20.2.2 Default GW: 10.20.2.1 192.168.1.0/24 next-hop 10.20.2.2 172.16.1.0/24 action blackhole .2 .1 10.20.2.0/24 Logical Networks .11 .12 LS-1A LS-2A LS-1B VM VM VM VM VM VM

  28. Why people use OpenStack withNeutron + NSX VMware Plugin? • NSX VMware Plugin improves Neutron in multiple areas • Scale (scale/throughput/optimization) • HA and management/monitoring • Advanced popular network services • L3 with static routing • L2 "logical-physical" NSX L2/L3Gateway NSX L2/L3Gateway NSX L2/L3Gateway Physical Layer NSXControllerCluster VM VM VM VM VM VM VM VM VM Hypervisor 802.1q Any L2/L3 Fabric

  29. Why people use OpenStack withNeutron + NSX VMware Plugin? • NSX VMware Plugin improves Neutron in multiple areas • Scale (scale/throughput/optimization) • HA and management/monitoring • Advanced popular network services • L3 with static routing • L2 "logical-physical" • ACL Security Groups applied here ACL applied here .1 10.20.2.0/24 Logical Networks .11 .12 VLAN 10 LS-1A LS-2A LS-1B VM VM VM VM VM VM

  30. Why people use OpenStack withNeutron + NSX VMware Plugin? Tenant A Tenant B TAVM1 TBVM1 TBVM2 TAVM2 Logical Switch A Logical Switch B • NSX VMware Plugin improves Neutron in multiple areas • Scale (scale/throughput/optimization) • HA and management/monitoring • Advanced popular network services • L3 with static routing • L2 "logical-physical" • ACL • QoS GOLD traffic VM VM VM VM VM VM VM VM VM VM VM Hypervisor DSCP marking for QoS on the physical fabric Any L2/L3 Fabric

  31. Why people use OpenStack withNeutron + NSX VMware Plugin? • NSX VMware Plugin improves Neutron in multiple areas • Scale (scale/throughput/optimization) • HA and management/monitoring • Advanced popular network services • L3 with static routing • L2 "logical-physical" • ACL • QoS • Optimization of Broadcast/Multicast traffic VM VM VM VM VM VM VM VM VM Hypervisor Any L2/L3 Fabric

  32. Agenda • Intro – VMware philosophy on OpenStack (2 minutes) • Why Neutron + NSX VMware Plugin (20 minutes) • Demo of OpenStack + "vCenter/KVM" + "Neutron/NSX VMware Plugin" (10 minutes) • Q&A (10 minutes)

  33. Demo1 • Demonstrate: • 2 Tiers-Architecture with "logical/physical" communication L3 and L2 • Mix of KVM and ESXi hypervisors

  34. Demo2 • Demonstrate: • VMotion • Port-Mirroring • Failure of NVP-L3-GW

  35. Demo3 • Demonstrate: • How to build a 2-tier architecture

  36. Agenda • Intro – VMware philosophy on OpenStack (2 minutes) • Why Neutron + NSX VMware Plugin (20 minutes) • Demo of OpenStack + "vCenter/KVM" + "Neutron/NSX VMware Plugin" (10 minutes) • Q&A (10 minutes)

  37. Recap: Why OpenStack on VMware NSX • VMware believes in enabling customer choice. • Nicira/VMware was among the founders of Neutron project. • VMware NSX with OpenStack is used by leading Enterprises & Service Providers. • VMware NSX with OpenStack is supported by many OpenStack ecosystem companies. NSX

  38. Select OpenStack & VMware NSX customers Public Clouds Enterprise Private Clouds

More Related