Container Networking Today

Guido AppenzellerChief Technology Strategy Officer, NSBU at VMware

Container networking today

2

Inte

rnal

App

Inte

rnal

App

Web

site

Web

site

Web

site

Web

site

Internet

Dat

abas

e

Port 80

Internalnetwork

Tech preview: Containers with VMware NSX

3

Web

site

Web

site

Web

site

Web

site

Internet Internalnetwork

Physical network infrastructure

Inte

rnal

App

Inte

rnal

App

Dat

abas

e

Dat

a ce

nter

HONEY POT

VULNERABILITYSCANNER

Micro-segmentation Alert Connection

to data center

NSX provides segmentation, visibility, and integration

Micro-segmentation Alert Connection

to data center

Benefits of NSX and containers

4

Micro-segmentation Alert Connection

to data center

• Micro-segmentation to establish clear boundaries

• Stop compromises at container or application level

• Central visibility into connectivity across the data center

• Per-flow tracking• Alerts for suspicious

behavior• Virtual taps at a per-

container level

• Integration with the rest of your IT infrastructure

• Monitoring, incident response, forensics

• Access to databases, backup, system updates

5

Docker Volume Driver for VMware vSphere and Virtual SAN

Photon Machine

Persistent vSphere Datastore(Virtual SAN, VMFS, NFS)

vSphere

Container Container Virtual MachinevSphere Volume

DrivervSphere Volume

Driver

Self-service, API-based delivers storage as code

Plug-and-play, persistent docker volumes

Proven storage servicesfrom HCI software leader

Simple

Programmable

Feature Rich

https://github.com/vmware/docker-volume-vsphere

Photon OS Photon OS

vSphere SDDCPhoton

Platform

vSphere Integrated Containers

Cloud-Native Infrastructure

IT Ops Team

Existing IT Environments Greenfield Cloud-Native

Line of Business(Developers, DevOps, etc.)

3rd-Party Clouds(AWS, Azure, GCE)

Cloud-Native Framework Management

Photon OS

PaaS: Cloud Foundry

Container Orchestration:

Kubernetes, Marathon, Swarm

Databases:EnterpriseDB,

MongoDB

Data Analytics: Hadoop, Spark

Middleware: Kafka, RabbitMQ

Cloud-Native Apps Overview

7

Container

vSphere Integrated ContainersHow It Works

Fast boot

Container

ContainerContainer

VirtualContainer Host

ImageCache

Traditional App

Guest OS

Traditional App

Guest OS

Pico VMs

@cloudnativeapps #vmwcna

8

Photon MachinePhotonOS

Photon MachinePhotonOS

Photon MachinePhotonOS

Photon Controller #1

Photon API

Photon Controller: Clustered design delivers massive scale and high-

availability.

Docker Swarm Docker Swarm

Combination of local and/or shared

ESX datastores.

Photon Controller #2

Photon Controller #3

Photon Machine: Combination of core ESX with PhotonOS

Create CF clusterCreate Kubernetes cluster

cf push cf scale kubectl create

kubectl get pods

Photon PlatformHow It Works

@cloudnativeapps#vmwcna

vmware.github.io

Thank You!

http://www.vmware.com/cloudnative

http://blogs.vmware.com/cloudnative