Under the Hood Network Virtualization with Open Stack

Agenda ‣ Intro – VMware philosophy on Open. Stack (2 minutes) ‣ Why Neutron

VMware Philosophy on Open. Stack The Foundation for IT: Software Defined Datacenter Virtual Workspace

VMware Technologies and Open. Stack Tenant-Side Horizon ( Web Portal ) Nova (Compute) v.

Open. Stack main projects Dashboard (horizon) Network (Neutron) Provides UI for other projects Provides

Why Neutron + NSX VMware Plugin ‣ Open. Stack Networking before Neutron ‣ Why

Open. Stack Networking before Neutron • Nova offers "networking as a service" in Open.

Why people use Open. Stack with Neutron? • Neutron improves nova-network in multiple areas

Why people use Open. Stack with Neutron? • Neutron improves over nova-network in multiple

Why people use Open. Stack with Neutron + NSX VMware Plugin? • NSX VMware

Demo 1 • Demonstrate: • 2 Tiers-Architecture with "logical/physical" communication L 3 and L

Demo 2 • Demonstrate: • VMotion • Port-Mirroring • Failure of NVP-L 3 -GW

Demo 3 • Demonstrate: • How to build a 2 -tier architecture Slide 35

Recap: Why Open. Stack on VMware NSX • VMware believes in enabling customer choice.

Select Open. Stack & VMware NSX customers Public Clouds Slide 38 Enterprise Private Clouds

Slides: 38

Download presentation

Under the Hood: Network Virtualization with Open. Stack Neutron and VMware NSX + + Somik Behera – NSX Product Manager Dimitri Desmidt - NSX Senior Technical Product Manager

Agenda ‣ Intro – VMware philosophy on Open. Stack (2 minutes) ‣ Why Neutron + NSX VMware Plugin (20 minutes) ‣ ‣ Slide 2 Demo of Open. Stack + "v. Center/KVM" + "Neutron/NSX VMware Plugin" (10 minutes) Q&A (10 minutes)

Agenda ‣ Intro – VMware philosophy on Open. Stack (2 minutes) ‣ Why Neutron + NSX VMware Plugin (20 minutes) ‣ ‣ Slide 3 Demo of Open. Stack + "v. Center/KVM" + "Neutron/NSX VMware Plugin" (10 minutes) Q&A (10 minutes)

VMware Philosophy on Open. Stack The Foundation for IT: Software Defined Datacenter Virtual Workspace Manage access to services, applications and data for any device Private Clouds • • • An open framework for building clouds Assembles a solution from underlying Compute, Network, Storage components. Can be managed and automated using many solutions. Public Clouds Hybrid Cloud Seamlessly extend your data center to the public cloud Software-Defined Data Center Customer Choice • • VMware supports Customer choice. Our support for Open. Stack enables choice Virtualize the entire data center Management and Automation Storage and Availability Compute Network and Security An Opportunity for VMware SDDC • • 4 VMware SDDC provides best-in-class Compute, Network, Storage & management solutions for Open. Stack. We view Open. Stack as an opportunity for VMware SDDC portfolio.

VMware Technologies and Open. Stack Tenant-Side Horizon ( Web Portal ) Nova (Compute) v. Sphere & v. Center CLI Tools & Scripts (Dev. Ops Automation) Neutron (Network) Cinder (Block Storage) NSX v. SAN Cloud Operator Tools (v. Center, v. COPs, Log Insight etc. ) Open. Stack or 3 rd Party Component VMware Component 5 v. CAC Application Director Glance (Image Store) v. Center (Image Catalog) Third Party Operator tools (Puppet/Chef, scripts, nagios. . . ) Operator-Side Benefits of Open. Stack API & Ecosystem Choice of best-inclass virtualization & management technologies

Agenda ‣ Intro – VMware philosophy on Open. Stack (2 minutes) ‣ Why Neutron + NSX VMware Plugin (20 minutes) ‣ ‣ Slide 6 Demo of Open. Stack + "v. Center/KVM" + "Neutron/NSX VMware Plugin" (10 minutes) Q&A (10 minutes)

Open. Stack main projects Dashboard (horizon) Network (Neutron) Provides UI for other projects Provides network connectivity Compute (nova) Provides Images Provides volumes Block Storage (cinder) Provides Authentication and Service Catalog for other Projects Identity (keystone) Slide 7 Image repo (glance) Stores Images as Object Storage (Swift)

Why Neutron + NSX VMware Plugin ‣ Open. Stack Networking before Neutron ‣ Why people use Open. Stack with Neutron? ‣ Slide 8 Why people use Open. Stack with Neutron + NSX VMware Plugin?

Open. Stack Networking before Neutron • Nova offers "networking as a service" in Open. Stack (nova-network) Note: It was the only offer before Quantum (old Neutron project name) § Nova-network is still present today, and can be used instead of Neutron § Points to keep in mind: § Limited Network Topologies supported § Limited Scale and Network Services supported § § Scale § L 2 (using VLAN), DHCP&DNS (using dnsmask), Security (using IPtables on hypervisors) § IP address management (using SQL DB table) Limited Network Services § Slide 11 No self-tenant L 3, no Load Balancer, no VPN.

Open. Stack Networking before Neutron • Nova offers "networking as a service" in Open. Stack (nova-network) Note: It was the only offer before Quantum (old Neutron project name) § Nova-network is still present today, and can be used instead of Neutron § Points to keep in mind: § Limited Network Topologies supported § Limited Network Services supported § No integration with 3 rd party Network solutions § Slide 12 No ability to use 3 rd parties to overcome the limitations of nova-network

Open. Stack Networking before Neutron • Nova offers "networking as a service" in Open. Stack (nova-network) Note: It was the only offer before Quantum (old Neutron project name) § Nova-network is still present today, and can be used instead of Neutron § Points to keep in mind: Slide 13 § Limited Network Topologies supported § Limited Network Services supported § No integration with 3 rd party Network solutions § Complex/Limited HA and management/monitoring

Why Neutron + NSX VMware Plugin ‣ Open. Stack Networking before Neutron ‣ Why people use Open. Stack with Neutron? ‣ Slide 14 Why people use Open. Stack with Neutron + NSX VMware Plugin?

Why people use Open. Stack with Neutron? • Neutron improves nova-network in multiple areas • Larger number of Network Topologies and services supported Slide 15 • L 3: Self-Tenant provisioning • Security (ingress + egress rules support) • LBa. SS • VPNa. SS (coming)

Why people use Open. Stack with Neutron? • Neutron improves nova-network in multiple areas • Larger number of Network Topologies and services supported • L 3: Self-Tenant provisioning • Security (ingress + egress rules support) • LBa. SS • VPNa. SS (coming) • Supports overlay • VM Remove the VLAN limitation (using overlay with GRE) VM Hypervisor Any L 2/L 3 Fabric Slide 16 VM VM Hypervisor 1 -IP@ Hypervisor 2 -IP@ [GRE VM 1 -IP@ VM 2 IP@] VM VM 1 -IP@ VM 2 -IP@ VM

Why people use Open. Stack with Neutron? • Neutron improves over nova-network in multiple areas • Larger number of Network Topologies and services supported • L 3: Self-Tenant provisioning • Security (ingress + egress rules support) • LBa. SS • VPNa. SS (coming) • Supports overlay • Remove the VLAN limitation (using overlay with GRE) • Open Solution • Slide 17 Open to 3 rd party solution: • VMware NSX Plugin (Nicira Plugin) • Linux. Bridge Plugin • OVS Plugin • Cisco UCS / Nexus 5000 Plugin • NEC Ryu Plugin • etc

Why Neutron + NSX VMware Plugin ‣ Open. Stack Networking before Neutron ‣ Why people use Open. Stack with Neutron? ‣ Slide 18 Why people use Open. Stack with Neutron + NSX VMware Plugin?

Why people use Open. Stack with Neutron + NSX VMware Plugin? • NSX VMware Plugin improves Neutron in multiple areas • Scale • Very high scale (thanks to the distribution "active/active" of the Control elements) Today per NSX Domain: 60 k VMs, 15 k tenants, 1 k hypervisors (and improved in each release) • Very high throughput (thanks to the encapsulation off-loaded on the NIC) Per hypervisor: 20 Gbps (with 2 x 10 Gbps NIC bonding) NSX Controller Cluster VM VM Hypervisor Any L 2/L 3 Fabric Slide 20 VM VM 20 Gbps bi-directional VM VM VM

Why people use Open. Stack with Neutron + NSX VMware Plugin? • NSX VMware Plugin improves Neutron in multiple areas • Scale • Very high scale (thanks to the distribution "active/active" of the Control elements) Today per NSX Domain: 60 k VMs, 15 k tenants, 1 k hypervisors (and improved in each release) • Very high throughput (thanks to the distribution "active/active" of the NVP Network Elements) Per NVP Gateway: 10 Gbps++ Physical Layer NSX Controller Cluster VM VM VM Hypervisor Slide 21 Any L 2/L 3 Fabric Active/ Active VM VM VM 10 Gbps++ bi-directional per NVP-GW NSX L 2/L 3 Gateway

Why people use Open. Stack with Neutron + NSX VMware Plugin? • NSX VMware Plugin improves Neutron in multiple areas • Scale • Very high scale (thanks to the distribution "active/active" of the Control elements) Today per NSX Domain: 60 k VMs, 15 k tenants, 1 k hypervisors (and improved in each release) • Very high throughput (thanks to the encapsulation off-loaded on the NIC) Today per hypervisor: 20 Gbps (with 2 x 10 Gbps NIC bonding) • Optimized traffic (thanks to the distribution of L 3 and Security) A world without NSX Hypervisor x 86 Server DC Fabric t in o P ke Cho Slide 22 Neutron Router on Neutron Server

Why people use Open. Stack with Neutron + NSX VMware Plugin? • NSX VMware Plugin improves Neutron in multiple areas • Scale • Very high scale (thanks to the distribution "active/active" of the Control elements) Today per NSX Domain: 60 k VMs, 15 k tenants, 1 k hypervisors (and improved in each release) • Very high throughput (thanks to the encapsulation off-loaded on the NIC) Today per hypervisor: 20 Gbps (with 2 x 10 Gbps NIC bonding) • Optimized traffic (thanks to the distribution of L 3 and Security) A world with NSX Hypervisor x 86 Server DC Fabric NSX "North/South" Router Slide 23

Why people use Open. Stack with Neutron + NSX VMware Plugin? • NSX VMware Plugin improves Neutron in multiple areas • Scale (scale/throughput/optimization) • HA and management/monitoring • High-Availability of the Network Services is offered by design "for the management" Management Layer NSX Controller Cluster Active/ Active VM VM VM Hypervisor Any L 2/L 3 Fabric Slide 24 VM VM VM

Why people use Open. Stack with Neutron + NSX VMware Plugin? • NSX VMware Plugin improves Neutron in multiple areas • Scale (scale/throughput/optimization) • HA and management/monitoring • High-Availability of the Network Services is offered by design "for the transport" with stateful failover for L 3 and NAT Physical Layer NSX Controller Cluster VM VM VM Hypervisor Slide 25 Any L 2/L 3 Fabric Active/ Active VM VM VM NSX L 2/L 3 Gateway 802. 1 q

Why people use Open. Stack with Neutron + NSX VMware Plugin? • NSX VMware Plugin improves Neutron in multiple areas • Scale (scale/throughput/optimization) • HA and management/monitoring Slide 26 • High-Availability of the Network Services is offered by design on both management + transport • Management and Monitoring tools (statistics, port monitoring, port mirroring, connection tool, seamless upgrade, etc)

Why people use Open. Stack with Neutron + NSX VMware Plugin? • NSX VMware Plugin improves Neutron in multiple areas • Scale (scale/throughput/optimization) • HA and management/monitoring • Advanced popular network services • L 3 with static routing 172. 16. 1. 0/24 192. 168. 10. 0/24 Default GW: 10. 20. 2. 1 192. 168. 1. 0/24 next-hop 10. 2. 2 Default GW: 10. 2. 1 192. 168. 1. 0/24 next-hop 10. 2. 2 172. 16. 1. 0/24 action blackhole . 2 Logical Networks . 11 . 12 LS-1 A VM Slide 27 10. 2. 0/24 LS-2 A LS-1 B VM VM VM

Why people use Open. Stack with Neutron + NSX VMware Plugin? • NSX VMware Plugin improves Neutron in multiple areas • Scale (scale/throughput/optimization) • HA and management/monitoring • Advanced popular network services • L 3 with static routing • L 2 "logical-physical" Physical Layer NSX Controller Cluster VM VM VM Hypervisor Slide 28 Any L 2/L 3 Fabric VM VM VM NSX L 2/L 3 Gateway 802. 1 q

Why people use Open. Stack with Neutron + NSX VMware Plugin? • NSX VMware Plugin improves Neutron in multiple areas • Scale (scale/throughput/optimization) • HA and management/monitoring • Advanced popular network services • L 3 with static routing • L 2 "logical-physical" • ACL Security Groups applied here. 1 ACL applied here Logical Networks . 11 VLAN 10 . 12 LS-1 A VM Slide 29 10. 2. 0/24 VM LS-2 A LS-1 B VM VM

Why people use Open. Stack with Neutron + NSX VMware Plugin? • NSX VMware Plugin improves Neutron in multiple areas • Scale (scale/throughput/optimization) • HA and management/monitoring • Advanced popular network services • L 3 with static routing • L 2 "logical-physical" • ACL • Qo. S Tenant A TA VM 1 VM VM Hypervisor Any L 2/L 3 Fabric Slide 30 VM Tenant B TA VM 2 Logical Switch A DSCP marking for Qo. S on the physical fabric TB VM 1 VM VM TB VM 2 VMLogical Switch VM B VM VM VM GOLD traffic VM

Why people use Open. Stack with Neutron + NSX VMware Plugin? • NSX VMware Plugin improves Neutron in multiple areas • Scale (scale/throughput/optimization) • HA and management/monitoring • Advanced popular network services • L 3 with static routing • L 2 "logical-physical" • ACL • Qo. S • Optimization of Broadcast/Multicast traffic VM VM VM Hypervisor Any L 2/L 3 Fabric Slide 31 VM VM VM

Agenda ‣ Intro – VMware philosophy on Open. Stack (2 minutes) ‣ Why Neutron + NSX VMware Plugin (20 minutes) ‣ ‣ Slide 32 Demo of Open. Stack + "v. Center/KVM" + "Neutron/NSX VMware Plugin" (10 minutes) Q&A (10 minutes)

Demo 1 • Demonstrate: • 2 Tiers-Architecture with "logical/physical" communication L 3 and L 2 • Mix of KVM and ESXi hypervisors Slide 33

Demo 2 • Demonstrate: • VMotion • Port-Mirroring • Failure of NVP-L 3 -GW Slide 34

Demo 3 • Demonstrate: • How to build a 2 -tier architecture Slide 35

Agenda ‣ Intro – VMware philosophy on Open. Stack (2 minutes) ‣ Why Neutron + NSX VMware Plugin (20 minutes) ‣ ‣ Slide 36 Demo of Open. Stack + "v. Center/KVM" + "Neutron/NSX VMware Plugin" (10 minutes) Q&A (10 minutes)

Recap: Why Open. Stack on VMware NSX • VMware believes in enabling customer choice. • Nicira/VMware was among the founders of Neutron project. • VMware NSX with Open. Stack is used by leading Enterprises & Service Providers. NSX Slide 37 • VMware NSX with Open. Stack is supported by many Open. Stack ecosystem companies.

Select Open. Stack & VMware NSX customers Public Clouds Slide 38 Enterprise Private Clouds