© 2014 VMware Inc. All rights reserved.

Scott Lowe, VCDXEngineering Architect

3 April 2014

The Future of Cloud Networking is VMware NSX

CONFIDENTIAL

Before we begin

• Please get involved and ask questions—participation is highly encouraged

• Feel free participate via social media with pictures, videos, or other updates; use #VMUGDK, @DenmarkVMUG, or @MyVMUG

• Please silence your mobile devices for the benefit of all attendees

• This presentation will be available after the event

2

CONFIDENTIAL

Who is this guy?• VCDX #39• Six-time vExpert• Author, speaker, blogger• Works in the CTO office of the

Networking & Security Business Unit

•

3

CONFIDENTIAL 4

I know “cloud networking” sounds like...

CONFIDENTIAL

...but this is cloud washing!

5

Networking in the era of cloud computingWhy the term “cloud networking” isn’t just marketing-speak

CONFIDENTIAL

NIST definition of cloud computing

• Five “essential characteristics” of cloud computing:• On-demand self-service• Resource pooling• Rapid elasticity• Measured service• Broad network access

7

Taken from http://csrc.nist.gov/publications/nistpubs/800-145/SP800-145.pdf

8

What does this mean for networking in cloud environments?

9

What does this mean for cloud networking?

CONFIDENTIAL

Five essentials of cloud networking

To support cloud computing, networking must:1. Be fully automated & programmable for integration into CMPs

(on-demand self-service)2. Be abstracted from hardware in order to pool available capacity

(resource pooling)3. Support programmability and integration with orchestration/

provisioning solutions (rapid elasticity)4. Provide fine-grained visibility & accounting (measured service)5. Support any network topology & any network equipment (broad

network access)

10

Components of a cloud networking platformLooking at what is needed to build a platform to address the needs of cloud networking

CONFIDENTIAL

What’s in a cloud networking platform?

12

CONFIDENTIAL

What’s in a cloud networking platform?

12

CONFIDENTIAL

What’s in a cloud networking platform?

12

CONFIDENTIAL

What’s in a cloud networking platform?

12

CONFIDENTIAL

What’s in a cloud networking platform?

12

CONFIDENTIAL

What’s in a cloud networking platform?

12

CONFIDENTIAL

What’s in a cloud networking platform?

12

CONFIDENTIAL

L2

L3

Virtual Network

L2

What’s in a cloud networking platform?

12

CONFIDENTIAL

L2

L3

Virtual Network

L2

What’s in a cloud networking platform?

CMP

12

CONFIDENTIAL

What’s in a cloud networking platform?

• Virtual switch at the edge of the network• Centralized control over/knowledge of the logical network topology

• Decoupled control plane and data plane• Network isolation mechanism• Virtualized network services (L2, L3, load balancer, firewall)• Programmatic access for integration with CMP

13

Examining VMware NSXHow VMware NSX addresses the needs of cloud networking

CONFIDENTIAL

Peeling back the covers a bit

15

• Key components of VMware NSX:• Scale-out, highly-available controller cluster• Northbound RESTful API for CMP integration (vCAC,

OpenStack, CloudStack)• Virtual switch in the hypervisors at the edge (Open vSwitch

for KVM and Xen; NSX vSwitch for vSphere)• Tunneling protocol for data plane traffic (STT, GRE, VXLAN)• Virtualized and distributed network services (load balancing,

firewalling, VPN)• Physical switch integration (multi-hypervisor only)

CONFIDENTIAL

VMware NSX architectural overview

16

VLAN

L2

L3

Virtual Network

L2

NSX Gateway

Physical Network

vSphere Host vSphere Host KVM Xen Server

NSX vSwitch NSX vSwitch Open vSwitch Open vSwitch

Hardware

Software

Controller Cluster

VLAN

VTEP API HW Partner

VM VM “NSX API”

CMP

CONFIDENTIAL

VMware NSX management, control, and data planes

17

vCD/vCAC

vCenter Server NSX Manager

Management Plane

Control Plane

NSX Edge Distributed

Router Controller

Data Plane

NSX Edge Services Router

VXLAN DR DFW Security VXLAN DR DFW Security VXLAN DR DFW Security

vSphere API

REST API vSphere API

Control Plane Protocol

vSph

ere

AP

I

REST API

Control Plane Protocol

Mes

sage

Bus

CONFIDENTIAL 18

“It’s our network upgrade plan... Or we could virtualize

it.”

Questions & answers

Thank youScott Loweslowe@vmware.com@scott_lowe (Twitter)http://blog.scottlowe.org

Colossians 3:17 NIV