For a while I pondered the benefits of a vSwitch and enjoyed the notion of a distributed vSwitch. These items were extremely flexible for virtual networking in VMware’s hypervisor switching construct. The ability to create VLANs, port groups, PVLANs, automated deployment, and adapt to pretty interesting networking requirements in software was nifty. The let downs were there though. It seemed that VMware’s switching construct was missing something. Then the announcement that made sense came, albeit in a “I can do anything, anything better” way.
Fresh of the bat of the Nicira purchase, the virtualisation platform that was snapped up by VMware has bore fruit. Under the ever watchful eye of Brad Hedlund, VMware has produced a programmable, flow defined, networking construct.
The human friendly web-driven GUI allows for simple and easily deployed networking assets. Distributed cluster wide across multiple ESXi hosts, an engineer can engage in fast forwarding, feature rich, software networking virtualisation. Programmable API’s allow access into the NSX platform to provide harmonious integration with VMware and OpenStack.
he VMware NSX platform is launches with five cornerstones: Controller Cluster, Hypervisor vSwitches, Gateways, Ecosystem partners, and NSX Manager.
This virtualised x86 application takes northbound API requests and turns them into operations. The NSX controller cluster is logically centralised but physically distributed amongst cluster hosts. As an environment grows, the ability to extend the controller cluster is as simple as expanding the control cluster. The NSX controller has visibility of all network devices and guests deployed with NSX.
The control cluster takes control of the in built in kernel vSwitch already existing in each host. Intelligence in the networking software coupled with scalable flow programming switching opens many doors. By leveraging such technologies as VXLAN and STT, IP encapsulation can take place between hypervisors. This notion brings to networking what virtualisation brought to physical servers.
Gateways are what provides a path back into the physical world, or as VMware state, the edge of the software defined data centre. NSX Gateway nodes can be deployed in active/active HA pairs, and offer IP routing, MPLS, NAT, Firewall, VPN, and Load Balancing services. This allows many engineers to securely control northbound and southbound traffic at borders of NSX networks. I am picturing these gateways like a NSX distribution layer. It is also possible to create a Layer 2 gateway.
Well played VMware.
This part I need to read more on but from what I can gather this is about open source communication and creating a well-defined trust relationships within the network. Read more here.
NSX manager is the GUI that controls the network above. It is a dashboard that contains logs, network information, deployment status, and traffic information right at an engineers finger tips. This will be the heart of NSX deployments as it is rolled out. THe physical and virtual world will be easily mapped with diagrams and charts automatically generated. I like this automatic documentation! The system is also capable of automatic snapshots and system recovery; the same as a guest current has access to now.
This is the first real viewing of what Niciras acquisition by VMware has eventuated to. By first accounts I am impressed by some things such as programmability and the fluid deployment nature. I still worry that ESXi administrators won’t consult with networking staffs who provide their DC platform for their servers. Hopefully the NSX push will bring the silos together. At the moment, it feels like server, networks, and applications are being smooshed together like a terrine. Prepare for terrine takeover Q3, 2013.