Network Virtualization with VMware NSX Dominates VMworld 2013

VMworld 2013 in San Francisco

VMworld 2013 in San Francisco


I’ve been meaning to write this blog for some time now as VMworld 2013 ended in San Francisco in late August. However, as VMworld just eneded in Barcelona, Spain last week, I guess it’s still not too late. I have to say out of all the tech events/conferences I attend, VMworld 2013 is definitely one of the most informative and beneficial. With an agenda filled with back-to-back speaker sessions, hands-on-labs, discussions on the solutions exchange expo floor, networking opportunities, and informal after-hour events, VMworld has catapulted to a must-go-to event for those in the high tech industry of networking, systems, and Enterprise/Datacenter infrastructure.

VMworld 2013 in San Francisco was from Sunday, August 25, 2013 to Thursday, August 29, 2013, although the main days were from Monday – Thursday. I was pleased in the diversity of options available to learn about technology – not only virtualization, but also networking, security, storage, adapters, etc. thanks to the large partner/3rd party vendor support and turnout. For example, there was a speaker session titled “VMware NSX with Next-Generation Security by Palo Alto Networks” jointly presented by a product manager from VMware and Palo Alto Networks that was both informative in regards to network virtualization and network security.

Of course my favorite part of the entire event was winning an iPad Mini at a after-hour VMware launch party for the “VMware SDDC Architects” LinkedIn group.
After winning iPad Mini at VMworld 2013 launch party for "VMware SDDC Architects" LinkedIn group

After winning iPad Mini at VMworld 2013 launch party for "VMware SDDC Architects" LinkedIn group



As expected, network virtualization with NSX dominated the show with VMware Virtual SAN coming in a close second. However, there were still other areas of focus as well such as new features/improvements to vSphere and underlying technologies such as VDS (virtual distributed switch) and vMotion, design and architecture best practices, security, management, and other VMware products such as VMware Horizon Suite, Mirage, ThinApp, vCloud Suite, Fusion, and Workstation. Additionally, there was much participation from partners/3rd party vendors such as Arista, Brocade, Cisco, Dell, HP, IBM, Palo Alto Networks, NetApp, EMC, F5 Networks, Puppet Labs, Symantec Corporation, etc. Further, there were several presentations where VMware customers spoke about their experience and deployments using VMware technologies; some of these customers were Metro Health, PayPal, Rackspace, UnitedHealth Group, University of Colorado Boulder, etc.

I could write a book about all the technologies discussed at VMworld, but to keep things short I’ll just briefly discuss NSX. VMware advertises NSX as a network virtualization platform that delivers the operational model of a VM for the network to provide benefits such as flexibility, quick network provisioning, cost savings, and better overall view and management of the virtual and physical networks. Network virtualization accomplishes this by decoupling the network from the underlying vendor-specific hardware – basically this is done through what is called a network overlay where the logical network overlays the physical network devices that simply provide backbone IP connectivity. Dedicated controllers are used as the brains of the network and tunneling protocols such as VXLAN and STT are used as the logical pathways that create the virtual network on top of the physical underpinnings. Below is an example visualization of a network overlay on top of a physical infrastructure.
Network Overlay via VXLAN

Network Overlay via VXLAN


As many of you probably remember, VMware acquired Nicira in 2012 for $1.26 billion for its network virtualization technology, NVP (network virualiztion platform). Now the VMware NSX platform is composed of the acquired Nicira NVP technology and VMware’s vCloud Network and Security (vCNS) technology. Below is a visualization of where NSX fits into the picture in the grand scheme of things.
VMware NSX Network Virtualization Platform

VMware NSX Network Virtualization Platform


Interestingly enough and probably a smart move is the fact that NSX will work with any hypervisor, not just VMware’s ESXi. NSX utilizes programmable virtual switches on the hypervisors deployed in the environment. If used within a pure vSphere environment, NSX relies on the vSphere Distributed Switch (VDS) and a Userworld (UW) Agent to communicate with NSX controllers. If used in a multivendor hypervisor environment, the NSX switch replaces the standard vSwitch and VDS switch. If KVM is the underlying hypervisor then Open vSwtch (multilayer virtual switch licensed under the open source Apache 2.0 license) is used. VMware NSX will have support for VMware ESXi, KVM, Xen, and Microsoft Hyper-V. Additionally, VMware also seems to be allowing for flexibility in terms of cloud management software – either VMware’s vCloud Automation Center can be used or another non-VMware cloud management system such as OpenStack or CloudStack. Seems this approach will allow for VMware NSX to get the broadest exposure, support, and utilization which is critical at such an early stage of the product. The components of the NSX platform are outlined below:


Consumption:

Cloud Management Systems – vCloud Automation Center, OpenStack, CloudStack, Custom Portal


Management Plane:

NSX Manager – Centralized configuration, REST API and UI interface, Highly Available


Control Plane:

NSX Controller – Decouples virtual networks from underlying physical network, Not in data path, Highly Available


Data Plane:

NSX Edge – Highly available VM form factor, can bridge virtual and physical networks (VXLAN Termination End Point (VTEP) is available in certain vendor switches like Arista 7150S or Dell S6000 for increased performance), Data plane for North-South traffic, Routing and advanced services


NSX vSwitch – Intelligent network edge, Line-rate performance


The VMware NSX Network Virtualization Platform will allow for the following within the logical network infrastructure:

Logical Switching – decoupling of logical networks over physical: layer 2 over layer 3 decoupled


Logical Routing – routing between physical and virtual networks without exiting the software container


Logical Firewall – high performance, kernel-integrated distributed firewall


Logical Load Balancer – application load balancing in software


Logical VPN – site-to-site and remote access VPN in software


NSX API – RESTful API for integration into any cloud management software


Partner Ecosystem – Ability for partners/3rd party vendors to offer virtual appliances/services for L4 – L7 services (ex: Palo Alto Networks, Symantec Corporation, etc.)


Network virtualization with NSX is definitely an interesting area to keep your eyes on and checkout if the opportunity arises. VMworld 2013 gave me the opportunity to dig a little deeper and get my hands on some of the NSX labs. That’s it for this post, but I’ll plan to follow-up with more detailed articles in the near future!

Twitt

Tags: , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , ,

Leave a Reply

*


+ 9 = fourteen