advanced enterprise networking in aws ec2 / google
DESCRIPTION
We know that in today’s public clouds, there is very limited access to layer 2. This makes networking in the cloud very different from the datacenter, where there is normally full L2 access. These slides from our webinar show you how you can re-create your data center networking in AWS EC2. 1. Multiple NICs and multiple private/public IPs per VM 2. Preserving your existing static IPs and DNS hostnames on EC2 3. Configuring multiple subnets, VLANs, IP broadcast and multicast on EC2 4. Virtual appliances such as Fortinet firewalls, F5 load balancers etc on AWS In the webcast we discuss real life examples to explain different high availability, performance and connectivity options and share a live demonstration of taking an existing VMware application with complex networking and creating a clone with identical networking in the public cloud. For the recording see: https://www.youtube.com/watch?v=7z0SODQ2wIATRANSCRIPT
Webinar
Advanced Enterprise Networking in AWS EC2 / Google
A Hands On Guide
Hadas Birin, Director Customer Success
2
Agenda
• Evolving to dev/test in the public cloud– Capabilities
• Enterprise Networking – Requirements– Networking in the public cloud
• Solution overview– Software Defined Networking
• Live Demo– Setting up a simple environment– Complex network with F5 Big IP, FortiGate firewall, VLANs, …
• Hands-on lab
www.ravellosystems.com
3
Dev/Test in the Public Cloud
Public cloud should serve as an extra capacity to Enterprise’s internal data center - Why?
1. Rent vs. buy model2. Design data centers to average capacity while maintaining business
agility
Sp1 Sp2 RC1
Sp1 Sp2 RC1
Product late to market and poor quality
Data center/private cloud capacity
Project X Demand
Reso
urce
sRe
sour
ces
• Scale on demand• Never run out of capacity• Repeatable deployments (clones) of complex multi-tier
production applications for:• Dev environments• Test environments• Upgrade testing• Continuous integration and delivery
Dev/Test in the Public Cloud
Requirements
5
Enterprise Networking
• Static IPs, Multiple subnets• Firewalls, routers, load balancers, network optimization and
security appliances• Full L2 support with broadcast/multicast• Full control of switch settings, including setting vlans, trunk
ports, promiscuous ports, mirror ports, etc.• Multiple NICs per VM• Multiple IPs per VM• Application components connect
via DNS / host names / private IPs
www.ravellosystems.com
6
Network configuration on AWS EC2 / Google cloud
www.ravellosystems.com
• Limited number of public IPs• Extremely limited availability of network appliances• No L2 support• No control of switch settings, including setting vlans,
trunk ports, promiscuous ports, mirror ports, etc.
• Single NIC per VM• No console access
VM
VMVM
VM
7www.ravellosystems.com
“Spinning up single VMs in the cloud is a breeze,
Connecting the dots takes us MONTHS… “
8
Solution Overview:
Agile dev/test environments with SDN on AWS EC2 / Google
www.ravellosystems.com
9
About Ravello Systems
• Founded in 2011 by creators of KVM
• Deep expertise in virtualization, cloud, storage & networking
• Delivering nested virtualization as a service
www.ravellosystems.com
Founding team track record
Used by:
10
Ravello: Encapsulates, Abstracts & Automates Multi-Tier App Environments
Encapsulates
www.ravellosystems.com
VM VM VM
Networking
Storage
Abstracts
Compute, network & storage on any cloud– private or public (AWS, Google, HP Cloud etc)
Automates
- Snapshots/clones- Templates- Network fencing- Developer self-service- Same VMs from private data center- Auto-provision & deploy on any cloud without modifying VM or networking
Multi-VM
11
Ravello’s SDN – Fenced Environments
www.ravellosystems.com
• Fully fenced network in each ‘capsule’• Allows for quick duplication of environments• No IP collisions, no scripting to change IPs
VM VM VM
Copy #1
10.0.0.1 20.0.0.1
VM VM VM
Copy #2
10.0.0.1 20.0.0.1
12
Ravello’s SDN – External Access
www.ravellosystems.com
• Expose selected ports and IPs for external access• DNS + public IPs attached to each cloned
environment (no limitation)
VM VM VM
Copy #1
10.0.0.1 20.0.0.1
NAT
13
Ravello’s SDN – Inside the Environment
www.ravellosystems.com
• Private static IPs, multiple subnets• Multiple NICs per VM• Console access• Full L2 support
– Broadcast / multicast
• Control of switch settings– VLANs– Trunk / access ports– Promiscuous and Mirror ports
• DNS service• DHCP service
14
Ravello’s SDN – Same Appliances
www.ravellosystems.com
• Upload existing network appliances from VMware• Firewalls, routers, network optimization appliances• Same configuration, same network topology
And many more…
15
Live Demo
www.ravellosystems.com
16
Demo Setup
www.ravellosystems.com
Service 1:VIP: 198.160.0.10
Service 2:VIP: 198.160.0.20
ext
mgmt
int
VLAN: 1050
VLAN: 1060
Each VM has 2 NICs:Mgmt: 10.50.*.*Prod: 20.50.*.*
Each VM has 2 NICs:Mgmt: 10.60.*.*Prod: 20.60.*.*
TrunkPort
FortiGate applianceUploaded to Ravello
F5 BIG-IP applianceUploaded to Ravello
17
Demo Setup – Easy Cloning
www.ravellosystems.com
ext
mgmt
int
VLAN: 1050
VLAN: 1060
Each VM has 2 NICs:Mgmt: 10.50.*.*Prod: 20.50.*.*Trunk
Port
Each VM has 2 NICs:Mgmt: 10.60.*.*Prod: 20.60.*.*
Service 1:VIP: 198.160.0.10
Service 2:VIP: 198.160.0.20
NAT
NAT
Cloned Environment
Cloned Environment
As many as the public cloud can take…
www.ravellosystems.com 18
Results With Ravello
• Replicating production environments to accurately test on production-like environments – same networking, same VMs
• Application blueprinting saves multi-tier app environment as a template
• Upgrade testing with versioning of environments • Easy re-creation of bugs/problems by snapshotting
entire multi-tier app • No capacity constraints – use any cloud on demand• Continuous integration on replicas of production using
Ravello APIs
• Your environment– Upload your VMs from private data center – Define your network topology
• We’re right there– It’s all free - we pay for your cloud VMs – Free technical assistance– Free training
Hands On Lab
Next step: 2 weeks Free Trial
First step:• Go to ravellosystems.com and login
– Not registered yet? Register and activate (free!)
• Create a “New Application”• Drag and drop a VM into the application• Double-click the VM and view the editing options on a VM