SlideShare a Scribd company logo

VMware NSX - Lessons Learned from real project

David Pasek
David Pasek

End to End QoS solution for Vmware vSphere with NSX on top of Cisco UCS

Technology
1 of 12
Download to read offline
©  2014  VMware  Inc.  All  rights  reserved. NSX  Architecture  Design   Lessons  Learned  from  real  project David  Pasek Infrastructure  Architect VCDX  #200 End  to  End  QoS Solution  for  VMware  vSphere   with  NSX  on  top  of  CISCO  UCS
Agenda 1 Project  Overview 2 NSX  Conceptual  &  Logical  Design 3 Deep  Dive  in  to  Network  QoS – Design  Decision  Point 4 Q  &  A CONFIDENTIAL 2
• Private  Cloud  – EMC  FEHC-­CA  with  custom  enhancements • vSphere  VM  as  a  Service • Hyper-­V  VM  as  a  Service • Physical  Server  as  a  Service • Backup  as  a  Service • Storage  as  a  Service • Environment  /  Facilities • Two  datacenters  in  metro  distance  (<5  ms) • Remote  Offices  (Technical  Rooms)  in  MPLS  distance • Products  and  Technologies • CMP:  vRealizeAutomation,  vRealize Orchestrator,   vRealize Business • Infrastructure  Virtualization:  VMware  vSphere,  Hyper-­V,  NSX-­v • Servers:  Cisco  UCS • Networking:  Cisco  Nexus • Storage:  EMC  VIPR,  EMC  VPLEX,  EMC  VNX,  VMware  VSAN • Backup:  EMC  Avamar,  EMC  Networker,  EMC  DataDomain • Security:  NSX  +  PaloAlto Networks Project  Overview
Overall  Project  High  Level  Concept Datacenter A Datacenter B vSphere Resource Pool - GOLD TIER VMware vSphere Metro Cluster Stretched across two datacenters Storage Stretched across two datacenters (VPLEX) Technical Room Resource Pool - TR TIER (vSphere + VSAN) Remote Location Existing Core Network Cloud Consumers Cloud Administrators vRealize Automation vRealize Business Std. + Adv. IT Finance vRealize Automation vCenter Orchestrator vRealize LogInsight vRealize Operations Manager vSphere Resource Pool - SILVER TIER Cluster in single datacenter Storage in single datacenter (different storage tiers) vSphere Resource Pool - SILVER TIER Cluster in single datacenter Storage in single datacenter (different storage tiers) Cloud Management Infrastructure Cluster VMware vSphere Metro Cluster Stretched across two datacenters Storage Stretched across two datacenters (VPLEX) Cloud Management Software Stack Cloud Management Platform, vSphere Management, NSX Management workloads Hyper-V Resource Pool Cluster in single datacenter Storage in single datacenter Hyper-V Resource Pool Cluster in single datacenter Storage in single datacenter Physical Servers Resource Pool Server in single datacenter Storage in single datacenter Physical Servers Resource Pool Server in single datacenter Storage in single datacenter
NSX-­v  Conceptual  Architecture Datacenter A (CDP-A) Datacenter B (CDP-B) CORE NETWORK (dynamic routing protocol has to be implemented) PaloAlto FW Physical Appliance PaloAlto FW Physical Appliance NSX Edge GW NSX Edge GW NSX Edge GW NSX Edge GW VIRTUALNETWORKOVERLAY PHYSICAL NETWORK UNDERLAY ESXi Host ESXi HostESXi Host ESXi Host GOLD vSphere Cluster - STRETCHED ESXi HostESXi Host ESXi Host SILVER vSphere Cluster LOCAL ESXi Host ESXi HostESXi Host ESXi Host LOGICAL SWITCH (VXLAN SEGMENT) vNIC vPaloAlto L7 FW vPaloAlto L7 FW vPaloAlto L7 FW vPaloAlto L7 FW vPaloAlto L7 FW vPaloAlto L7 FW vPaloAlto L7 FW vPaloAlto L7 FW LOGICAL SWITCH (VXLAN SEGMENT) NSX FW NSX FW NSX FW NSX FW NSX FW NSX FW NSX FW NSX FW NSX DLR Distributed Logical Router East-West Routing in DCs Traffic Steering NSX DISTRIBUTED LOGICAL FIREWALL NSX DISTRIBUTED LOGICAL FIREWALL L3 Fabric ECMP + Dynamic Routing between PAN, NSX Edge GWs and NSX DLRs PaloAlto Panorama Centralized Security Management VMware NSX Manager Centralized Virtual Network Management NSX Edge L2 VPN NSX Edge L2 VPN NSX Edge L2 VPN Highly Available TR VPN Termination NSX Edge Services GWs Highly Available North South Routing NSX Edge GW L2 VPN LOGICAL SWITCH (VXLAN SEGMENT) Technical Room (TR) L2 VPN TUNNEL (TR<—>DC) FEHC Management vSphere Cluster - STRETCHED ESXi Host ESXi Host SILVER vSphere Cluster - LOCAL LOGICAL SWITCH (VLAN SEGMENT) ESXi HostESXi Host ESXi Host SILVER vSphere Cluster LOCAL LOGICAL SWITCH (VXLAN SEGMENT) NSX DISTRIBUTED LOGICAL FIREWALL
NSX-­v  Security  Concept vRA Business Group: HR Logical Network Micro Security Zone Technical Service - SAP [NSX Security Group of all VMs having tag MSZ-SAP] Micro Security Zone Technical Service - A [NSX Security Group of all VMs having tag MSZ-A] vRA Business Group: FINANCE Logical Network Micro Security Zone Technical Service - B [NSX Security Group of all VMs having tag MSZ-B] NSX Distributed Logical Router MSZ-SAP MSZ-SAP MSZ-SAP MSZ-SAP MSZ-SAP MSZ-A MSZ-A MSZ-B MSZ-B MSZ-B Default NSX Security Policy NAME SOURCE DESTINATION SERVICE ACTION Default Any Any Any Block SECURITY TAGS Security tags for technical services: MSZ-<Technical-Service-from-CMDB> For example: MSZ-SAP, MSZ-A, MSZ-B Security tags for applications: APP-<gkpke.APP-SEC-TAG[x]> For example: APP-MSSQL, APP-IIS, APP-EXCHANGE APP-MSSQL APP-MSSQL NSX SECURITY GROUPS We have NSX Security Group for each Technical Service. This security group forms Micro Security Zone for particular Technical Service. For example: MSZ-SAP, MSZ-A, MSZ-B All VMs tagged with the Security Group name will belong to this security group. NSX Security Policy for Micro Security Zones NAME SOURCE DESTINATION SERVICE ACTION Inside MSZ-A MSZ-A MSZ-A Any Allow Inside MSZ-B MSZ-B MSZ-B Any Allow Inside MSZ-SAP MSZ-SAP MSZ-SAP Any Allow Other NSX Security Groups and Policies Other NSX security groups and polices can be created based on applications tags and other metadata available for NSX. Physical or Hyper-V Server belonging in to Micro Security Zone
End  to  End  Network  QoS -­ Design  Decision  Point • Requirements • End  to  end  network  QoS is  required  to  achieve  guarantees  for  particular  network  traffics.    These   traffics  are   • FCoE Storage • vSphere  Management • vSphere  vMotion • VM  production • VM  guest  OS  agent  based  backup  <==  this  is  the  most  complex  requirement  in  context  of  QoS • Constraints • CISCO  Nexus  7k • VMware  NSX-­v • CISCO  UCS  servers  B200  M4  with  virtual  interface  card  VIC1340  (2x10Gb  ports  -­ each  port   connected  to  different  fabric  interconnect) • Cloud  Automation  (vRA,  vRO)
End  to  End  Network  QoS – Option  1  of  3 UCS Blade Server B200 M4 NIC-A1 - 10Gb NIC port vHBA0 FCoE CoS 3 40% Mark as CoS 3 vNIC0 Mgmt VLAN 100 CoS 1 10% Mark CoS 1 vNIC2 vMotion VLAN 101 CoS 2 10% Mark CoS 2 vNIC4 VM Traffic VLAN 102 CoS 0 20% Mark CoS 0 NIC-B1 - 10Gb NIC port vHBA1 FCoE CoS 3 40% Mark as CoS 3 vNIC1 Mgmt VLAN 100 CoS 1 10% Mark CoS 1 vNIC3 vMotion VLAN 101 CoS 2 10% Mark CoS 2 vNIC5 VM Traffic VLAN 102 CoS 0 20% Mark CoS 0 UCS Fabric Interconnect A (EHM) UCS Fabric Interconnect B (EHM) vFC vEth vEth vEth vFC vEth vEth vEth CISCOUCS CISCO Nexus 7k CISCO Nexus 7k Eth Eth Eth EthFc Fc SAN A SAN B vPC Domain vPCvPC vNIC7 Backup VLAN 103 CoS 4 20% Mark CoS 4 vNIC6 Backup VLAN 103 CoS 4 20% Mark CoS 4 VMwarevSphere-ESXi vmkernel Mgmt (Native VLAN) vmkernel vMotion (Native VLAN) vmkernel VTEP VMware Distributed vSwitch DVS portgroup (Native VLAN) VTEP DVS portgroup (native VLAN) Backup vEth vEth VMwareNSX NSX Logical Switch (VXLAN) logical segment - Business Group VM vNIC Production VM vNIC Backup UCS uplink & N7K downlink QoS Settings CoS 0: 50% (VM Traffic) CoS 1: 10% (Mgmt) CoS 2: 10% (vMotion) CoS 4: 30% (Backup) vmnic0 vmnic2 vmnic4 vmnic6 vmnic1 vmnic3 vmnic5 vmnic7 VMware Standard vSwitch VMware Standard vSwitch VMware Distributed vSwitch Cisco VIC 1340 (4x10Gb port) DVS portgroup Virtual Wire - Business Group 1 CISCO UCS QoS Polices Bandwidth Management & QoS Marking UCS QoS Policy UP (Uplinks): CoS 0: 50% (VM Traffic) CoS 1: 10% (Mgmt) CoS 2: 10% (vMotion) CoS 4: 30% (Backup) UCS QoS Policy 1 (vNIC): CoS 0: 20% (VM Traffic) CoS 1: 10% (Mgmt) CoS 2: 10% (vMotion) CoS 3: 40% (FCoE) CoS 4: 20% (Backup) UCS all vNIC Templates: Host Control: None
End  to  End  Network  QoS – Option  2  of  3 UCS Blade Server B200 M4 10Gb NIC port (NIC-A1) vHBA0 FCoE CoS 3 40% Mark as CoS 3 10Gb NIC port (NIC-B1) vHBA1 FCoE CoS 3 40% Mark as CoS 3 UCS Fabric Interconnect A (EHM) UCS Fabric Interconnect B (EHM) vFC vEth vEth vEth vFC vEth vEth vEth CISCOUCS CISCO Nexus 7k CISCO Nexus 7k Eth Eth Eth EthFc Fc SAN A SAN B vPC Domain vPCvPC VMwarevSphere-ESXi vmkernel Mgmt vmkernel vMotion vmkernel VTEP DVS portgroup VLAN 102, Mark as CoS 0 VTEP DVS portgroup VLAN 103, Mark as COS 4 Backup vEth vEth VMwareNSX NSX Logical Switch (VXLAN) logical segment - Business Group VM vNIC Production VM vNIC Backup UCS uplink & N7K downlink QoS Settings CoS 0: 40% (VM Traffic) CoS 1: 10% (Mgmt) CoS 2: 10% (vMotion) CoS 4: 40% (Backup) vmnic0 vmnic1 VMware Distributed vSwitch (DVS) DVS portgroup VLAN 100, Mark as CoS 1 Mgmt DVS portgroup VLAN 101, Mark as CoS 2 vMotion Cisco VIC 1340 (4x10Gb port) DVS portgroup Virtual Wire - Business Group 1 DVS per PortGroup Marking CoS 0: System: VM Traffic CoS 1: System: Mgmt CoS 2: System: vMotion CoS 4: User-def: Backup vmnic2 vmnic3 CISCO UCS QoS Polices Bandwidth Management & QoS Marking UCS QoS Policy UP (Uplinks): CoS 0: 40% (VM Traffic) CoS 1: 10% (Mgmt) CoS 2: 10% (vMotion) CoS 4: 40% (Backup) UCS QoS Policy 1 (vNIC 0,1): CoS 0: 20% (VM Traffic) CoS 1: 10% (Mgmt) CoS 2: 10% (vMotion) CoS 3: 40% (FCoE) CoS 4: 20% (Backup) UCS all vNIC Templates: Host Control: None vNIC0 trunk CoS0 20% CoS1 10% CoS2 10% CoS4 20% vNIC1 trunk CoS0 20% CoS1 10% CoS2 10% CoS4 20%
End  to  End  Network  QoS – Option  3  of  3 UCS Blade Server B200 M4 10Gb NIC port (NIC-A1) vHBA0 CoS 3 40% FCoE Mark as CoS 3 10Gb NIC port (NIC-B1) vHBA1 CoS 3 40% FCoE Mark as CoS 3 UCS Fabric Interconnect A (EHM) UCS Fabric Interconnect B (EHM) vFC vEth vEth vEth vFC vEth vEth vEth CISCOUCS CISCO Nexus 7k CISCO Nexus 7k Eth Eth Eth EthFc Fc SAN A SAN B vPC Domain vPCvPC VMwarevSphere-ESXi vmkernel Mgmt vmkernel vMotion vmkernel VTEP DVS portgroup VLAN 102 VTEP vEth vEth VMwareNSX NSX Logical Switch (VXLAN) logical segment - Business Group VM vNIC Production & Backup UCS uplink & N7K downlink QoS Settings CoS 0: 40% (VM Traffic) CoS 1: 10% (Mgmt) CoS 2: 10% (vMotion) CoS 4: 40% (Backup) vmnic0 vmnic1 VMware Distributed vSwitch (DVS) DVS portgroup VLAN 100, Mark as CoS 1 Mgmt DVS portgroup VLAN 101, Mark as CoS 2 vMotion Cisco VIC 1340 (4x10Gb port) DVS portgroup Virtual Wire - Business Group 1 if DST IP = Backup Server mark as CoS 4 else CoS 0 DVS per PortGroup Marking CoS 0: System: VM Traffic CoS 1: System: Mgmt CoS 2: System: vMotion CoS 4: User-def: Backup vmnic2 vmnic3 CISCO UCS QoS Polices Bandwidth Management & QoS Marking UCS QoS Policy UP (Uplinks): CoS 0: 40% (VM Traffic) CoS 1: 10% (Mgmt) CoS 2: 10% (vMotion) CoS 4: 40% (Backup) UCS QoS Policy 1 (vNIC 0,1): CoS 0: 20% (VM Traffic) CoS 1: 10% (Mgmt) CoS 2: 10% (vMotion) CoS 3: 40% (FCoE) CoS 4: 20% (Backup) UCS all vNIC Templates: Host Control: None vNIC0 trunk CoS0 20% CoS1 10% CoS2 10% CoS4 20% vNIC1 trunk CoS0 20% CoS1 10% CoS2 10% CoS4 20%
End  to  End  Network  QoS – Final  Decision • Decision • Option  3  – QoS (802.1p)  marking  in  VDS  and  end-­2-­end  bandwidth  management  in  UCS • Justification • Decision  is  fully  compliant  with  End  to  end  network  QoS requirement • VXLAN  protocol  is  designed  to  keep  L2  CoS tags  by  copying  inner  Ethernet  header  into  outer   Ethernet  header    =>  virtual  overlay  CoS tag  is  kept  even  in  physical  network  underlay  and  it  can  be   leveraged  in  Cisco  UCS  bandwidth  management  (aka  DCB  ETS  -­ Enhanced  Transmission   Selection)  to  guarantee  bandwidth  for  particular  CoS traffics.   • Single  vNIC in  VM  has  positive  impact  on • NSX  Security  Policies • Simple  In-­guest  OS  routing  (default  gateway  only)  without  need  for  additional  static  routes • vRealize Automation  Custom  Integrations  are  simpler  (single  hostname,  simpler  integration   with  IPAM,  etc.) • Impact • DVS  QoS Policy  (conditional  802.1p  marking)  has  to  be  configured  manually  for  each  DVS   portgroup used  as  NSX  virtual  wire  (aka  VXLAN)  – can  be  automated  by  custom  integration   (SOLUTION  IMPROVEMENT) • Detail  Test  Plan  has  to  be  prepared  to  validate  correct  QoS behavior  (RISK  MITIGATION)
Questions  and  Answers Blog  post  with  additional  details: http://blog.igics.com/2015/12/end-­to-­end-­qos-­solution-­for-­vmware.html Twitter:  @david_pasek Blog:  http://blog.igics.com

Recommended

VSAN – Architettura e Design
VSAN – Architettura e DesignVSAN – Architettura e Design
VSAN – Architettura e DesignVMUG IT
 
Big Data Redis Mongodb Dynamodb Sharding
Big Data Redis Mongodb Dynamodb ShardingBig Data Redis Mongodb Dynamodb Sharding
Big Data Redis Mongodb Dynamodb ShardingAraf Karsh Hamid
 
Designing Multi-tenant Data Centers Using EVPN
Designing Multi-tenant Data Centers Using EVPNDesigning Multi-tenant Data Centers Using EVPN
Designing Multi-tenant Data Centers Using EVPNAnas
 
[OpenStack] 공개 소프트웨어 오픈스택 입문 & 파헤치기
[OpenStack] 공개 소프트웨어 오픈스택 입문 & 파헤치기[OpenStack] 공개 소프트웨어 오픈스택 입문 & 파헤치기
[OpenStack] 공개 소프트웨어 오픈스택 입문 & 파헤치기Ian Choi
 
VMware NSX + Cumulus Networks: Software Defined Networking
VMware NSX + Cumulus Networks: Software Defined NetworkingVMware NSX + Cumulus Networks: Software Defined Networking
VMware NSX + Cumulus Networks: Software Defined NetworkingCumulus Networks
 
클라우드 환경을 위한 네트워크 가상화와 NSX(기초편)
클라우드 환경을 위한 네트워크 가상화와 NSX(기초편)클라우드 환경을 위한 네트워크 가상화와 NSX(기초편)
클라우드 환경을 위한 네트워크 가상화와 NSX(기초편)Laehyoung Kim
 
오픈스택 기반 클라우드 서비스 구축 방안 및 사례
오픈스택 기반 클라우드 서비스 구축 방안 및 사례오픈스택 기반 클라우드 서비스 구축 방안 및 사례
오픈스택 기반 클라우드 서비스 구축 방안 및 사례SONG INSEOB
 
AWS Fargate on EKS 실전 사용하기
AWS Fargate on EKS 실전 사용하기AWS Fargate on EKS 실전 사용하기
AWS Fargate on EKS 실전 사용하기AWSKRUG - AWS한국사용자모임
 

Recommended

VSAN – Architettura e Design
VSAN – Architettura e DesignVSAN – Architettura e Design
VSAN – Architettura e DesignVMUG IT
 
Big Data Redis Mongodb Dynamodb Sharding
Big Data Redis Mongodb Dynamodb ShardingBig Data Redis Mongodb Dynamodb Sharding
Big Data Redis Mongodb Dynamodb ShardingAraf Karsh Hamid
 
Designing Multi-tenant Data Centers Using EVPN
Designing Multi-tenant Data Centers Using EVPNDesigning Multi-tenant Data Centers Using EVPN
Designing Multi-tenant Data Centers Using EVPNAnas
 
[OpenStack] 공개 소프트웨어 오픈스택 입문 & 파헤치기
[OpenStack] 공개 소프트웨어 오픈스택 입문 & 파헤치기[OpenStack] 공개 소프트웨어 오픈스택 입문 & 파헤치기
[OpenStack] 공개 소프트웨어 오픈스택 입문 & 파헤치기Ian Choi
 
VMware NSX + Cumulus Networks: Software Defined Networking
VMware NSX + Cumulus Networks: Software Defined NetworkingVMware NSX + Cumulus Networks: Software Defined Networking
VMware NSX + Cumulus Networks: Software Defined NetworkingCumulus Networks
 
클라우드 환경을 위한 네트워크 가상화와 NSX(기초편)
클라우드 환경을 위한 네트워크 가상화와 NSX(기초편)클라우드 환경을 위한 네트워크 가상화와 NSX(기초편)
클라우드 환경을 위한 네트워크 가상화와 NSX(기초편)Laehyoung Kim
 
오픈스택 기반 클라우드 서비스 구축 방안 및 사례
오픈스택 기반 클라우드 서비스 구축 방안 및 사례오픈스택 기반 클라우드 서비스 구축 방안 및 사례
오픈스택 기반 클라우드 서비스 구축 방안 및 사례SONG INSEOB
 
AWS Fargate on EKS 실전 사용하기
AWS Fargate on EKS 실전 사용하기AWS Fargate on EKS 실전 사용하기
AWS Fargate on EKS 실전 사용하기AWSKRUG - AWS한국사용자모임
 
Docker Kubernetes Istio
Docker Kubernetes IstioDocker Kubernetes Istio
Docker Kubernetes IstioAraf Karsh Hamid
 
High Availability for OpenStack
High Availability for OpenStackHigh Availability for OpenStack
High Availability for OpenStackKamesh Pemmaraju
 
[오픈소스컨설팅] 쿠버네티스와 쿠버네티스 on 오픈스택 비교 및 구축 방법
[오픈소스컨설팅] 쿠버네티스와 쿠버네티스 on 오픈스택 비교 및 구축 방법[오픈소스컨설팅] 쿠버네티스와 쿠버네티스 on 오픈스택 비교 및 구축 방법
[오픈소스컨설팅] 쿠버네티스와 쿠버네티스 on 오픈스택 비교 및 구축 방법Open Source Consulting
 
VMware virtual SAN 6 overview
VMware virtual SAN 6 overviewVMware virtual SAN 6 overview
VMware virtual SAN 6 overviewsolarisyougood
 
Azure DNS Privé
Azure DNS PrivéAzure DNS Privé
Azure DNS PrivéAZUG FR
 
Advanced Architectures with AWS Transit Gateway
Advanced Architectures with AWS Transit GatewayAdvanced Architectures with AWS Transit Gateway
Advanced Architectures with AWS Transit GatewayAmazon Web Services
 
Kubernetes Networking
Kubernetes NetworkingKubernetes Networking
Kubernetes NetworkingCJ Cullen
 
DevSecOps in the Cloud from the Lens of a Well-Architected Framework.pptx
DevSecOps in the Cloud from the Lens of a Well-Architected Framework.pptxDevSecOps in the Cloud from the Lens of a Well-Architected Framework.pptx
DevSecOps in the Cloud from the Lens of a Well-Architected Framework.pptxTurja Narayan Chaudhuri
 
멀티클라우드 Service Mesh
멀티클라우드 Service Mesh멀티클라우드 Service Mesh
멀티클라우드 Service MeshJeong-Ho Na
 
Amazon EKS로 간단한 웹 애플리케이션 구축하기 - 김주영 (AWS) :: AWS Community Day Online 2021
Amazon EKS로 간단한 웹 애플리케이션 구축하기 - 김주영 (AWS) :: AWS Community Day Online 2021Amazon EKS로 간단한 웹 애플리케이션 구축하기 - 김주영 (AWS) :: AWS Community Day Online 2021
Amazon EKS로 간단한 웹 애플리케이션 구축하기 - 김주영 (AWS) :: AWS Community Day Online 2021AWSKRUG - AWS한국사용자모임
 
Presentation v mware virtual san 6.0
Presentation v mware virtual san 6.0Presentation v mware virtual san 6.0
Presentation v mware virtual san 6.0solarisyougood
 
VMware Tanzu Introduction- June 11, 2020
VMware Tanzu Introduction- June 11, 2020VMware Tanzu Introduction- June 11, 2020
VMware Tanzu Introduction- June 11, 2020VMware Tanzu
 
Disaster Recovery of on-premises IT infrastructure with AWS
Disaster Recovery of on-premises IT infrastructure with AWSDisaster Recovery of on-premises IT infrastructure with AWS
Disaster Recovery of on-premises IT infrastructure with AWSAmazon Web Services
 
OpenShift Virtualization- Technical Overview.pdf
OpenShift Virtualization- Technical Overview.pdfOpenShift Virtualization- Technical Overview.pdf
OpenShift Virtualization- Technical Overview.pdfssuser1490e8
 
VMware HCI solutions - 2020-01-16
VMware HCI solutions - 2020-01-16VMware HCI solutions - 2020-01-16
VMware HCI solutions - 2020-01-16David Pasek
 
MSA 전략 2: 마이크로서비스, 어떻게 구현할 것인가?
MSA 전략 2: 마이크로서비스, 어떻게 구현할 것인가?MSA 전략 2: 마이크로서비스, 어떻게 구현할 것인가?
MSA 전략 2: 마이크로서비스, 어떻게 구현할 것인가?VMware Tanzu Korea
 
Multitenancy on EKS
Multitenancy on EKSMultitenancy on EKS
Multitenancy on EKSIan Crosby
 
VMware - Virtual SAN - IT Changes Everything
VMware - Virtual SAN - IT Changes EverythingVMware - Virtual SAN - IT Changes Everything
VMware - Virtual SAN - IT Changes EverythingVMUG IT
 
A day in the life of a VSAN I/O - STO7875
A day in the life of a VSAN I/O - STO7875A day in the life of a VSAN I/O - STO7875
A day in the life of a VSAN I/O - STO7875Duncan Epping
 
Openstack live migration
Openstack live migrationOpenstack live migration
Openstack live migrationymtech
 
Inf net2227 heath
Inf net2227 heathInf net2227 heath
Inf net2227 heathreynolds_heath
 
OVHcloud Hosted Private Cloud Platform Network use cases with VMware NSX
OVHcloud Hosted Private Cloud Platform Network use cases with VMware NSXOVHcloud Hosted Private Cloud Platform Network use cases with VMware NSX
OVHcloud Hosted Private Cloud Platform Network use cases with VMware NSXOVHcloud
 

More Related Content

What's hot

High Availability for OpenStack
High Availability for OpenStackHigh Availability for OpenStack
High Availability for OpenStackKamesh Pemmaraju
 
[오픈소스컨설팅] 쿠버네티스와 쿠버네티스 on 오픈스택 비교 및 구축 방법
[오픈소스컨설팅] 쿠버네티스와 쿠버네티스 on 오픈스택 비교 및 구축 방법[오픈소스컨설팅] 쿠버네티스와 쿠버네티스 on 오픈스택 비교 및 구축 방법
[오픈소스컨설팅] 쿠버네티스와 쿠버네티스 on 오픈스택 비교 및 구축 방법Open Source Consulting
 
VMware virtual SAN 6 overview
VMware virtual SAN 6 overviewVMware virtual SAN 6 overview
VMware virtual SAN 6 overviewsolarisyougood
 
Azure DNS Privé
Azure DNS PrivéAzure DNS Privé
Azure DNS PrivéAZUG FR
 
Advanced Architectures with AWS Transit Gateway
Advanced Architectures with AWS Transit GatewayAdvanced Architectures with AWS Transit Gateway
Advanced Architectures with AWS Transit GatewayAmazon Web Services
 
Kubernetes Networking
Kubernetes NetworkingKubernetes Networking
Kubernetes NetworkingCJ Cullen
 
DevSecOps in the Cloud from the Lens of a Well-Architected Framework.pptx
DevSecOps in the Cloud from the Lens of a Well-Architected Framework.pptxDevSecOps in the Cloud from the Lens of a Well-Architected Framework.pptx
DevSecOps in the Cloud from the Lens of a Well-Architected Framework.pptxTurja Narayan Chaudhuri
 
멀티클라우드 Service Mesh
멀티클라우드 Service Mesh멀티클라우드 Service Mesh
멀티클라우드 Service MeshJeong-Ho Na
 
Amazon EKS로 간단한 웹 애플리케이션 구축하기 - 김주영 (AWS) :: AWS Community Day Online 2021
Amazon EKS로 간단한 웹 애플리케이션 구축하기 - 김주영 (AWS) :: AWS Community Day Online 2021Amazon EKS로 간단한 웹 애플리케이션 구축하기 - 김주영 (AWS) :: AWS Community Day Online 2021
Amazon EKS로 간단한 웹 애플리케이션 구축하기 - 김주영 (AWS) :: AWS Community Day Online 2021AWSKRUG - AWS한국사용자모임
 
Presentation v mware virtual san 6.0
Presentation v mware virtual san 6.0Presentation v mware virtual san 6.0
Presentation v mware virtual san 6.0solarisyougood
 
VMware Tanzu Introduction- June 11, 2020
VMware Tanzu Introduction- June 11, 2020VMware Tanzu Introduction- June 11, 2020
VMware Tanzu Introduction- June 11, 2020VMware Tanzu
 
Disaster Recovery of on-premises IT infrastructure with AWS
Disaster Recovery of on-premises IT infrastructure with AWSDisaster Recovery of on-premises IT infrastructure with AWS
Disaster Recovery of on-premises IT infrastructure with AWSAmazon Web Services
 
OpenShift Virtualization- Technical Overview.pdf
OpenShift Virtualization- Technical Overview.pdfOpenShift Virtualization- Technical Overview.pdf
OpenShift Virtualization- Technical Overview.pdfssuser1490e8
 
VMware HCI solutions - 2020-01-16
VMware HCI solutions - 2020-01-16VMware HCI solutions - 2020-01-16
VMware HCI solutions - 2020-01-16David Pasek
 
MSA 전략 2: 마이크로서비스, 어떻게 구현할 것인가?
MSA 전략 2: 마이크로서비스, 어떻게 구현할 것인가?MSA 전략 2: 마이크로서비스, 어떻게 구현할 것인가?
MSA 전략 2: 마이크로서비스, 어떻게 구현할 것인가?VMware Tanzu Korea
 
Multitenancy on EKS
Multitenancy on EKSMultitenancy on EKS
Multitenancy on EKSIan Crosby
 
VMware - Virtual SAN - IT Changes Everything
VMware - Virtual SAN - IT Changes EverythingVMware - Virtual SAN - IT Changes Everything
VMware - Virtual SAN - IT Changes EverythingVMUG IT
 
A day in the life of a VSAN I/O - STO7875
A day in the life of a VSAN I/O - STO7875A day in the life of a VSAN I/O - STO7875
A day in the life of a VSAN I/O - STO7875Duncan Epping
 
Openstack live migration
Openstack live migrationOpenstack live migration
Openstack live migrationymtech
 

What's hot (20)

Docker Kubernetes Istio
Docker Kubernetes IstioDocker Kubernetes Istio
Docker Kubernetes Istio
 
High Availability for OpenStack
High Availability for OpenStackHigh Availability for OpenStack
High Availability for OpenStack
 
[오픈소스컨설팅] 쿠버네티스와 쿠버네티스 on 오픈스택 비교 및 구축 방법
[오픈소스컨설팅] 쿠버네티스와 쿠버네티스 on 오픈스택 비교 및 구축 방법[오픈소스컨설팅] 쿠버네티스와 쿠버네티스 on 오픈스택 비교 및 구축 방법
[오픈소스컨설팅] 쿠버네티스와 쿠버네티스 on 오픈스택 비교 및 구축 방법
 
VMware virtual SAN 6 overview
VMware virtual SAN 6 overviewVMware virtual SAN 6 overview
VMware virtual SAN 6 overview
 
Azure DNS Privé
Azure DNS PrivéAzure DNS Privé
Azure DNS Privé
 
Advanced Architectures with AWS Transit Gateway
Advanced Architectures with AWS Transit GatewayAdvanced Architectures with AWS Transit Gateway
Advanced Architectures with AWS Transit Gateway
 
Kubernetes Networking
Kubernetes NetworkingKubernetes Networking
Kubernetes Networking
 
DevSecOps in the Cloud from the Lens of a Well-Architected Framework.pptx
DevSecOps in the Cloud from the Lens of a Well-Architected Framework.pptxDevSecOps in the Cloud from the Lens of a Well-Architected Framework.pptx
DevSecOps in the Cloud from the Lens of a Well-Architected Framework.pptx
 
멀티클라우드 Service Mesh
멀티클라우드 Service Mesh멀티클라우드 Service Mesh
멀티클라우드 Service Mesh
 
Amazon EKS로 간단한 웹 애플리케이션 구축하기 - 김주영 (AWS) :: AWS Community Day Online 2021
Amazon EKS로 간단한 웹 애플리케이션 구축하기 - 김주영 (AWS) :: AWS Community Day Online 2021Amazon EKS로 간단한 웹 애플리케이션 구축하기 - 김주영 (AWS) :: AWS Community Day Online 2021
Amazon EKS로 간단한 웹 애플리케이션 구축하기 - 김주영 (AWS) :: AWS Community Day Online 2021
 
Presentation v mware virtual san 6.0
Presentation v mware virtual san 6.0Presentation v mware virtual san 6.0
Presentation v mware virtual san 6.0
 
VMware Tanzu Introduction- June 11, 2020
VMware Tanzu Introduction- June 11, 2020VMware Tanzu Introduction- June 11, 2020
VMware Tanzu Introduction- June 11, 2020
 
Disaster Recovery of on-premises IT infrastructure with AWS
Disaster Recovery of on-premises IT infrastructure with AWSDisaster Recovery of on-premises IT infrastructure with AWS
Disaster Recovery of on-premises IT infrastructure with AWS
 
OpenShift Virtualization- Technical Overview.pdf
OpenShift Virtualization- Technical Overview.pdfOpenShift Virtualization- Technical Overview.pdf
OpenShift Virtualization- Technical Overview.pdf
 
VMware HCI solutions - 2020-01-16
VMware HCI solutions - 2020-01-16VMware HCI solutions - 2020-01-16
VMware HCI solutions - 2020-01-16
 
MSA 전략 2: 마이크로서비스, 어떻게 구현할 것인가?
MSA 전략 2: 마이크로서비스, 어떻게 구현할 것인가?MSA 전략 2: 마이크로서비스, 어떻게 구현할 것인가?
MSA 전략 2: 마이크로서비스, 어떻게 구현할 것인가?
 
Multitenancy on EKS
Multitenancy on EKSMultitenancy on EKS
Multitenancy on EKS
 
VMware - Virtual SAN - IT Changes Everything
VMware - Virtual SAN - IT Changes EverythingVMware - Virtual SAN - IT Changes Everything
VMware - Virtual SAN - IT Changes Everything
 
A day in the life of a VSAN I/O - STO7875
A day in the life of a VSAN I/O - STO7875A day in the life of a VSAN I/O - STO7875
A day in the life of a VSAN I/O - STO7875
 
Openstack live migration
Openstack live migrationOpenstack live migration
Openstack live migration
 

Similar to VMware NSX - Lessons Learned from real project

OVHcloud Hosted Private Cloud Platform Network use cases with VMware NSX
OVHcloud Hosted Private Cloud Platform Network use cases with VMware NSXOVHcloud Hosted Private Cloud Platform Network use cases with VMware NSX
OVHcloud Hosted Private Cloud Platform Network use cases with VMware NSXOVHcloud
 
VMware NSX-T Design for Small to Mid-Sized Data Centers v1.0 EN.pptx
VMware NSX-T Design for Small to Mid-Sized Data Centers v1.0 EN.pptxVMware NSX-T Design for Small to Mid-Sized Data Centers v1.0 EN.pptx
VMware NSX-T Design for Small to Mid-Sized Data Centers v1.0 EN.pptxHythamsaadeh
 
VMworld 2013: vSphere Networking and vCloud Networking Suite Best Practices a...
VMworld 2013: vSphere Networking and vCloud Networking Suite Best Practices a...VMworld 2013: vSphere Networking and vCloud Networking Suite Best Practices a...
VMworld 2013: vSphere Networking and vCloud Networking Suite Best Practices a...VMworld
 
VMworld 2015: VMware NSX Deep Dive
VMworld 2015: VMware NSX Deep DiveVMworld 2015: VMware NSX Deep Dive
VMworld 2015: VMware NSX Deep DiveVMworld
 
VMworld 2015: VMware NSX Deep Dive
VMworld 2015: VMware NSX Deep DiveVMworld 2015: VMware NSX Deep Dive
VMworld 2015: VMware NSX Deep DiveVMworld
 
ASBIS: Virtualization Aware Networking - Cisco Nexus 1000V
ASBIS: Virtualization Aware Networking - Cisco Nexus 1000VASBIS: Virtualization Aware Networking - Cisco Nexus 1000V
ASBIS: Virtualization Aware Networking - Cisco Nexus 1000VASBIS SK
 
Presentation cisco nexus 1010 overview and deployment
Presentation cisco nexus 1010 overview and deploymentPresentation cisco nexus 1010 overview and deployment
Presentation cisco nexus 1010 overview and deploymentxKinAnx
 
VMworld 2016: How to Deploy VMware NSX with Cisco Infrastructure
VMworld 2016: How to Deploy VMware NSX with Cisco InfrastructureVMworld 2016: How to Deploy VMware NSX with Cisco Infrastructure
VMworld 2016: How to Deploy VMware NSX with Cisco InfrastructureVMworld
 
VMware NSX and Arista L2 Hardware VTEP Gateway Integration
VMware NSX and Arista L2 Hardware VTEP Gateway IntegrationVMware NSX and Arista L2 Hardware VTEP Gateway Integration
VMware NSX and Arista L2 Hardware VTEP Gateway IntegrationBayu Wibowo
 
VMworld 2013: NSX PCI Reference Architecture Workshop Session 1 - Segmentation
VMworld 2013: NSX PCI Reference Architecture Workshop Session 1 - SegmentationVMworld 2013: NSX PCI Reference Architecture Workshop Session 1 - Segmentation
VMworld 2013: NSX PCI Reference Architecture Workshop Session 1 - SegmentationVMworld
 
VMware Cloud Foundation - PnP presentation 8_6_18 EN.pptx
VMware Cloud Foundation - PnP presentation 8_6_18 EN.pptxVMware Cloud Foundation - PnP presentation 8_6_18 EN.pptx
VMware Cloud Foundation - PnP presentation 8_6_18 EN.pptxBradLai3
 
PLNOG 13: Jacek Wosz: User Defined Network
PLNOG 13: Jacek Wosz: User Defined NetworkPLNOG 13: Jacek Wosz: User Defined Network
PLNOG 13: Jacek Wosz: User Defined NetworkPROIDEA
 
VMworld 2013: An Introduction to Network Virtualization
VMworld 2013: An Introduction to Network Virtualization VMworld 2013: An Introduction to Network Virtualization
VMworld 2013: An Introduction to Network Virtualization VMworld
 
PLNOG16: VXLAN Gateway, efektywny sposób połączenia świata wirtualnego z fizy...
PLNOG16: VXLAN Gateway, efektywny sposób połączenia świata wirtualnego z fizy...PLNOG16: VXLAN Gateway, efektywny sposób połączenia świata wirtualnego z fizy...
PLNOG16: VXLAN Gateway, efektywny sposób połączenia świata wirtualnego z fizy...PROIDEA
 
VMware Disaster Recovery Solution Presentation EN (1).pptx
VMware Disaster Recovery Solution Presentation EN (1).pptxVMware Disaster Recovery Solution Presentation EN (1).pptx
VMware Disaster Recovery Solution Presentation EN (1).pptxFernando564134
 
Simplifying the secure data center
Simplifying the secure data centerSimplifying the secure data center
Simplifying the secure data centerCisco Canada
 

Similar to VMware NSX - Lessons Learned from real project (20)

Inf net2227 heath
Inf net2227 heathInf net2227 heath
Inf net2227 heath
 
OVHcloud Hosted Private Cloud Platform Network use cases with VMware NSX
OVHcloud Hosted Private Cloud Platform Network use cases with VMware NSXOVHcloud Hosted Private Cloud Platform Network use cases with VMware NSX
OVHcloud Hosted Private Cloud Platform Network use cases with VMware NSX
 
VMware NSX-T Design for Small to Mid-Sized Data Centers v1.0 EN.pptx
VMware NSX-T Design for Small to Mid-Sized Data Centers v1.0 EN.pptxVMware NSX-T Design for Small to Mid-Sized Data Centers v1.0 EN.pptx
VMware NSX-T Design for Small to Mid-Sized Data Centers v1.0 EN.pptx
 
VMworld 2013: vSphere Networking and vCloud Networking Suite Best Practices a...
VMworld 2013: vSphere Networking and vCloud Networking Suite Best Practices a...VMworld 2013: vSphere Networking and vCloud Networking Suite Best Practices a...
VMworld 2013: vSphere Networking and vCloud Networking Suite Best Practices a...
 
VMworld 2015: VMware NSX Deep Dive
VMworld 2015: VMware NSX Deep DiveVMworld 2015: VMware NSX Deep Dive
VMworld 2015: VMware NSX Deep Dive
 
VMworld 2015: VMware NSX Deep Dive
VMworld 2015: VMware NSX Deep DiveVMworld 2015: VMware NSX Deep Dive
VMworld 2015: VMware NSX Deep Dive
 
ASBIS: Virtualization Aware Networking - Cisco Nexus 1000V
ASBIS: Virtualization Aware Networking - Cisco Nexus 1000VASBIS: Virtualization Aware Networking - Cisco Nexus 1000V
ASBIS: Virtualization Aware Networking - Cisco Nexus 1000V
 
Presentation cisco nexus 1010 overview and deployment
Presentation cisco nexus 1010 overview and deploymentPresentation cisco nexus 1010 overview and deployment
Presentation cisco nexus 1010 overview and deployment
 
VMworld 2016: How to Deploy VMware NSX with Cisco Infrastructure
VMworld 2016: How to Deploy VMware NSX with Cisco InfrastructureVMworld 2016: How to Deploy VMware NSX with Cisco Infrastructure
VMworld 2016: How to Deploy VMware NSX with Cisco Infrastructure
 
VMware NSX and Arista L2 Hardware VTEP Gateway Integration
VMware NSX and Arista L2 Hardware VTEP Gateway IntegrationVMware NSX and Arista L2 Hardware VTEP Gateway Integration
VMware NSX and Arista L2 Hardware VTEP Gateway Integration
 
VMworld 2013: NSX PCI Reference Architecture Workshop Session 1 - Segmentation
VMworld 2013: NSX PCI Reference Architecture Workshop Session 1 - SegmentationVMworld 2013: NSX PCI Reference Architecture Workshop Session 1 - Segmentation
VMworld 2013: NSX PCI Reference Architecture Workshop Session 1 - Segmentation
 
VMware Cloud Foundation - PnP presentation 8_6_18 EN.pptx
VMware Cloud Foundation - PnP presentation 8_6_18 EN.pptxVMware Cloud Foundation - PnP presentation 8_6_18 EN.pptx
VMware Cloud Foundation - PnP presentation 8_6_18 EN.pptx
 
PLNOG 13: Jacek Wosz: User Defined Network
PLNOG 13: Jacek Wosz: User Defined NetworkPLNOG 13: Jacek Wosz: User Defined Network
PLNOG 13: Jacek Wosz: User Defined Network
 
VXLAN Practice Guide
VXLAN Practice GuideVXLAN Practice Guide
VXLAN Practice Guide
 
Cisco NetApp VMware - Long Distance VMotion
Cisco NetApp VMware - Long Distance VMotionCisco NetApp VMware - Long Distance VMotion
Cisco NetApp VMware - Long Distance VMotion
 
VMworld 2013: An Introduction to Network Virtualization
VMworld 2013: An Introduction to Network Virtualization VMworld 2013: An Introduction to Network Virtualization
VMworld 2013: An Introduction to Network Virtualization
 
PLNOG16: VXLAN Gateway, efektywny sposób połączenia świata wirtualnego z fizy...
PLNOG16: VXLAN Gateway, efektywny sposób połączenia świata wirtualnego z fizy...PLNOG16: VXLAN Gateway, efektywny sposób połączenia świata wirtualnego z fizy...
PLNOG16: VXLAN Gateway, efektywny sposób połączenia świata wirtualnego z fizy...
 
VMware Disaster Recovery Solution Presentation EN (1).pptx
VMware Disaster Recovery Solution Presentation EN (1).pptxVMware Disaster Recovery Solution Presentation EN (1).pptx
VMware Disaster Recovery Solution Presentation EN (1).pptx
 
NSX-MH
NSX-MHNSX-MH
NSX-MH
 
Simplifying the secure data center
Simplifying the secure data centerSimplifying the secure data center
Simplifying the secure data center
 

More from David Pasek

FlexBook Software - Conceptual Architecture
FlexBook Software - Conceptual ArchitectureFlexBook Software - Conceptual Architecture
FlexBook Software - Conceptual ArchitectureDavid Pasek
 
Flex Cloud - Conceptual Design - ver 0.2
Flex Cloud - Conceptual Design - ver 0.2Flex Cloud - Conceptual Design - ver 0.2
Flex Cloud - Conceptual Design - ver 0.2David Pasek
 
E tourism v oblasti cestovního ruchu
E tourism v oblasti cestovního ruchuE tourism v oblasti cestovního ruchu
E tourism v oblasti cestovního ruchuDavid Pasek
 
Architektura a implementace digitálních knihoven v prostředí sítě Internet
Architektura a implementace digitálních knihoven v prostředí sítě InternetArchitektura a implementace digitálních knihoven v prostředí sítě Internet
Architektura a implementace digitálních knihoven v prostředí sítě InternetDavid Pasek
 
Intel & QLogic NIC performance test results v0.2
Intel & QLogic NIC performance test results v0.2Intel & QLogic NIC performance test results v0.2
Intel & QLogic NIC performance test results v0.2David Pasek
 
VMware ESXi - Intel and Qlogic NIC throughput difference v0.6
VMware ESXi - Intel and Qlogic NIC throughput difference v0.6VMware ESXi - Intel and Qlogic NIC throughput difference v0.6
VMware ESXi - Intel and Qlogic NIC throughput difference v0.6David Pasek
 
Exchange office 3.0 - Stanovisko Státní banky československé
Exchange office 3.0 - Stanovisko Státní banky československéExchange office 3.0 - Stanovisko Státní banky československé
Exchange office 3.0 - Stanovisko Státní banky československéDavid Pasek
 
Network performance test plan_v0.3
Network performance test plan_v0.3Network performance test plan_v0.3
Network performance test plan_v0.3David Pasek
 
vSAN architecture components
vSAN architecture componentsvSAN architecture components
vSAN architecture componentsDavid Pasek
 
FlexBook overview - v2.4
FlexBook overview - v2.4FlexBook overview - v2.4
FlexBook overview - v2.4David Pasek
 
Hybrid cloud overview and VCF on VxRAIL
Hybrid cloud overview and VCF on VxRAILHybrid cloud overview and VCF on VxRAIL
Hybrid cloud overview and VCF on VxRAILDavid Pasek
 
Private IaaS Cloud Provider
Private IaaS Cloud ProviderPrivate IaaS Cloud Provider
Private IaaS Cloud ProviderDavid Pasek
 
Spectre/Meltdown security vulnerabilities FAQ
Spectre/Meltdown security vulnerabilities FAQSpectre/Meltdown security vulnerabilities FAQ
Spectre/Meltdown security vulnerabilities FAQDavid Pasek
 
FlexBook Basic Overview - v2.0
FlexBook Basic Overview - v2.0FlexBook Basic Overview - v2.0
FlexBook Basic Overview - v2.0David Pasek
 
Spectre meltdown performance_tests - v0.3
Spectre meltdown performance_tests - v0.3Spectre meltdown performance_tests - v0.3
Spectre meltdown performance_tests - v0.3David Pasek
 
FlexBook basic overview v2.0
FlexBook basic overview v2.0FlexBook basic overview v2.0
FlexBook basic overview v2.0David Pasek
 
FlexBook - reservation system basic overview v1.1
FlexBook - reservation system basic overview v1.1FlexBook - reservation system basic overview v1.1
FlexBook - reservation system basic overview v1.1David Pasek
 
CLI for VMware Distributed Switch (Community project)
CLI for VMware Distributed Switch (Community project)CLI for VMware Distributed Switch (Community project)
CLI for VMware Distributed Switch (Community project)David Pasek
 
Dell VLT reference architecture v2 0
Dell VLT reference architecture v2 0Dell VLT reference architecture v2 0
Dell VLT reference architecture v2 0David Pasek
 
Metro Cluster High Availability or SRM Disaster Recovery?
Metro Cluster High Availability or SRM Disaster Recovery?Metro Cluster High Availability or SRM Disaster Recovery?
Metro Cluster High Availability or SRM Disaster Recovery?David Pasek
 

More from David Pasek (20)

FlexBook Software - Conceptual Architecture
FlexBook Software - Conceptual ArchitectureFlexBook Software - Conceptual Architecture
FlexBook Software - Conceptual Architecture
 
Flex Cloud - Conceptual Design - ver 0.2
Flex Cloud - Conceptual Design - ver 0.2Flex Cloud - Conceptual Design - ver 0.2
Flex Cloud - Conceptual Design - ver 0.2
 
E tourism v oblasti cestovního ruchu
E tourism v oblasti cestovního ruchuE tourism v oblasti cestovního ruchu
E tourism v oblasti cestovního ruchu
 
Architektura a implementace digitálních knihoven v prostředí sítě Internet
Architektura a implementace digitálních knihoven v prostředí sítě InternetArchitektura a implementace digitálních knihoven v prostředí sítě Internet
Architektura a implementace digitálních knihoven v prostředí sítě Internet
 
Intel & QLogic NIC performance test results v0.2
Intel & QLogic NIC performance test results v0.2Intel & QLogic NIC performance test results v0.2
Intel & QLogic NIC performance test results v0.2
 
VMware ESXi - Intel and Qlogic NIC throughput difference v0.6
VMware ESXi - Intel and Qlogic NIC throughput difference v0.6VMware ESXi - Intel and Qlogic NIC throughput difference v0.6
VMware ESXi - Intel and Qlogic NIC throughput difference v0.6
 
Exchange office 3.0 - Stanovisko Státní banky československé
Exchange office 3.0 - Stanovisko Státní banky československéExchange office 3.0 - Stanovisko Státní banky československé
Exchange office 3.0 - Stanovisko Státní banky československé
 
Network performance test plan_v0.3
Network performance test plan_v0.3Network performance test plan_v0.3
Network performance test plan_v0.3
 
vSAN architecture components
vSAN architecture componentsvSAN architecture components
vSAN architecture components
 
FlexBook overview - v2.4
FlexBook overview - v2.4FlexBook overview - v2.4
FlexBook overview - v2.4
 
Hybrid cloud overview and VCF on VxRAIL
Hybrid cloud overview and VCF on VxRAILHybrid cloud overview and VCF on VxRAIL
Hybrid cloud overview and VCF on VxRAIL
 
Private IaaS Cloud Provider
Private IaaS Cloud ProviderPrivate IaaS Cloud Provider
Private IaaS Cloud Provider
 
Spectre/Meltdown security vulnerabilities FAQ
Spectre/Meltdown security vulnerabilities FAQSpectre/Meltdown security vulnerabilities FAQ
Spectre/Meltdown security vulnerabilities FAQ
 
FlexBook Basic Overview - v2.0
FlexBook Basic Overview - v2.0FlexBook Basic Overview - v2.0
FlexBook Basic Overview - v2.0
 
Spectre meltdown performance_tests - v0.3
Spectre meltdown performance_tests - v0.3Spectre meltdown performance_tests - v0.3
Spectre meltdown performance_tests - v0.3
 
FlexBook basic overview v2.0
FlexBook basic overview v2.0FlexBook basic overview v2.0
FlexBook basic overview v2.0
 
FlexBook - reservation system basic overview v1.1
FlexBook - reservation system basic overview v1.1FlexBook - reservation system basic overview v1.1
FlexBook - reservation system basic overview v1.1
 
CLI for VMware Distributed Switch (Community project)
CLI for VMware Distributed Switch (Community project)CLI for VMware Distributed Switch (Community project)
CLI for VMware Distributed Switch (Community project)
 
Dell VLT reference architecture v2 0
Dell VLT reference architecture v2 0Dell VLT reference architecture v2 0
Dell VLT reference architecture v2 0
 
Metro Cluster High Availability or SRM Disaster Recovery?
Metro Cluster High Availability or SRM Disaster Recovery?Metro Cluster High Availability or SRM Disaster Recovery?
Metro Cluster High Availability or SRM Disaster Recovery?
 

Recently uploaded

Use of FIDO in the Payments and Identity Landscape: FIDO Paris Seminar.pptx
Use of FIDO in the Payments and Identity Landscape: FIDO Paris Seminar.pptxUse of FIDO in the Payments and Identity Landscape: FIDO Paris Seminar.pptx
Use of FIDO in the Payments and Identity Landscape: FIDO Paris Seminar.pptxLoriGlavin3
 
What is Artificial Intelligence?????????
What is Artificial Intelligence?????????What is Artificial Intelligence?????????
What is Artificial Intelligence?????????blackmambaettijean
 
From Family Reminiscence to Scholarly Archive .
From Family Reminiscence to Scholarly Archive .From Family Reminiscence to Scholarly Archive .
From Family Reminiscence to Scholarly Archive .Alan Dix
 
Dev Dives: Streamline document processing with UiPath Studio Web
Dev Dives: Streamline document processing with UiPath Studio WebDev Dives: Streamline document processing with UiPath Studio Web
Dev Dives: Streamline document processing with UiPath Studio WebUiPathCommunity
 
Artificial intelligence in cctv survelliance.pptx
Artificial intelligence in cctv survelliance.pptxArtificial intelligence in cctv survelliance.pptx
Artificial intelligence in cctv survelliance.pptxhariprasad279825
 
Sample pptx for embedding into website for demo
Sample pptx for embedding into website for demoSample pptx for embedding into website for demo
Sample pptx for embedding into website for demoHarshalMandlekar2
 
SIP trunking in Janus @ Kamailio World 2024
SIP trunking in Janus @ Kamailio World 2024SIP trunking in Janus @ Kamailio World 2024
SIP trunking in Janus @ Kamailio World 2024Lorenzo Miniero
 
Training state-of-the-art general text embedding
Training state-of-the-art general text embeddingTraining state-of-the-art general text embedding
Training state-of-the-art general text embeddingZilliz
 
What's New in Teams Calling, Meetings and Devices March 2024
What's New in Teams Calling, Meetings and Devices March 2024What's New in Teams Calling, Meetings and Devices March 2024
What's New in Teams Calling, Meetings and Devices March 2024Stephanie Beckett
 
WordPress Websites for Engineers: Elevate Your Brand
WordPress Websites for Engineers: Elevate Your BrandWordPress Websites for Engineers: Elevate Your Brand
WordPress Websites for Engineers: Elevate Your Brandgvaughan
 
The Role of FIDO in a Cyber Secure Netherlands: FIDO Paris Seminar.pptx
The Role of FIDO in a Cyber Secure Netherlands: FIDO Paris Seminar.pptxThe Role of FIDO in a Cyber Secure Netherlands: FIDO Paris Seminar.pptx
The Role of FIDO in a Cyber Secure Netherlands: FIDO Paris Seminar.pptxLoriGlavin3
 
"Debugging python applications inside k8s environment", Andrii Soldatenko
"Debugging python applications inside k8s environment", Andrii Soldatenko"Debugging python applications inside k8s environment", Andrii Soldatenko
"Debugging python applications inside k8s environment", Andrii SoldatenkoFwdays
 
Ensuring Technical Readiness For Copilot in Microsoft 365
Ensuring Technical Readiness For Copilot in Microsoft 365Ensuring Technical Readiness For Copilot in Microsoft 365
Ensuring Technical Readiness For Copilot in Microsoft 3652toLead Limited
 
"Subclassing and Composition – A Pythonic Tour of Trade-Offs", Hynek Schlawack
"Subclassing and Composition – A Pythonic Tour of Trade-Offs", Hynek Schlawack"Subclassing and Composition – A Pythonic Tour of Trade-Offs", Hynek Schlawack
"Subclassing and Composition – A Pythonic Tour of Trade-Offs", Hynek SchlawackFwdays
 
What is DBT - The Ultimate Data Build Tool.pdf
What is DBT - The Ultimate Data Build Tool.pdfWhat is DBT - The Ultimate Data Build Tool.pdf
What is DBT - The Ultimate Data Build Tool.pdfMounikaPolabathina
 
A Journey Into the Emotions of Software Developers
A Journey Into the Emotions of Software DevelopersA Journey Into the Emotions of Software Developers
A Journey Into the Emotions of Software DevelopersNicole Novielli
 
Digital Identity is Under Attack: FIDO Paris Seminar.pptx
Digital Identity is Under Attack: FIDO Paris Seminar.pptxDigital Identity is Under Attack: FIDO Paris Seminar.pptx
Digital Identity is Under Attack: FIDO Paris Seminar.pptxLoriGlavin3
 
unit 4 immunoblotting technique complete.pptx
unit 4 immunoblotting technique complete.pptxunit 4 immunoblotting technique complete.pptx
unit 4 immunoblotting technique complete.pptxBkGupta21
 
Merck Moving Beyond Passwords: FIDO Paris Seminar.pptx
Merck Moving Beyond Passwords: FIDO Paris Seminar.pptxMerck Moving Beyond Passwords: FIDO Paris Seminar.pptx
Merck Moving Beyond Passwords: FIDO Paris Seminar.pptxLoriGlavin3
 
TrustArc Webinar - How to Build Consumer Trust Through Data Privacy
TrustArc Webinar - How to Build Consumer Trust Through Data PrivacyTrustArc Webinar - How to Build Consumer Trust Through Data Privacy
TrustArc Webinar - How to Build Consumer Trust Through Data PrivacyTrustArc
 

Recently uploaded (20)

Use of FIDO in the Payments and Identity Landscape: FIDO Paris Seminar.pptx
Use of FIDO in the Payments and Identity Landscape: FIDO Paris Seminar.pptxUse of FIDO in the Payments and Identity Landscape: FIDO Paris Seminar.pptx
Use of FIDO in the Payments and Identity Landscape: FIDO Paris Seminar.pptx
 
What is Artificial Intelligence?????????
What is Artificial Intelligence?????????What is Artificial Intelligence?????????
What is Artificial Intelligence?????????
 
From Family Reminiscence to Scholarly Archive .
From Family Reminiscence to Scholarly Archive .From Family Reminiscence to Scholarly Archive .
From Family Reminiscence to Scholarly Archive .
 
Dev Dives: Streamline document processing with UiPath Studio Web
Dev Dives: Streamline document processing with UiPath Studio WebDev Dives: Streamline document processing with UiPath Studio Web
Dev Dives: Streamline document processing with UiPath Studio Web
 
Artificial intelligence in cctv survelliance.pptx
Artificial intelligence in cctv survelliance.pptxArtificial intelligence in cctv survelliance.pptx
Artificial intelligence in cctv survelliance.pptx
 
Sample pptx for embedding into website for demo
Sample pptx for embedding into website for demoSample pptx for embedding into website for demo
Sample pptx for embedding into website for demo
 
SIP trunking in Janus @ Kamailio World 2024
SIP trunking in Janus @ Kamailio World 2024SIP trunking in Janus @ Kamailio World 2024
SIP trunking in Janus @ Kamailio World 2024
 
Training state-of-the-art general text embedding
Training state-of-the-art general text embeddingTraining state-of-the-art general text embedding
Training state-of-the-art general text embedding
 
What's New in Teams Calling, Meetings and Devices March 2024
What's New in Teams Calling, Meetings and Devices March 2024What's New in Teams Calling, Meetings and Devices March 2024
What's New in Teams Calling, Meetings and Devices March 2024
 
WordPress Websites for Engineers: Elevate Your Brand
WordPress Websites for Engineers: Elevate Your BrandWordPress Websites for Engineers: Elevate Your Brand
WordPress Websites for Engineers: Elevate Your Brand
 
The Role of FIDO in a Cyber Secure Netherlands: FIDO Paris Seminar.pptx
The Role of FIDO in a Cyber Secure Netherlands: FIDO Paris Seminar.pptxThe Role of FIDO in a Cyber Secure Netherlands: FIDO Paris Seminar.pptx
The Role of FIDO in a Cyber Secure Netherlands: FIDO Paris Seminar.pptx
 
"Debugging python applications inside k8s environment", Andrii Soldatenko
"Debugging python applications inside k8s environment", Andrii Soldatenko"Debugging python applications inside k8s environment", Andrii Soldatenko
"Debugging python applications inside k8s environment", Andrii Soldatenko
 
Ensuring Technical Readiness For Copilot in Microsoft 365
Ensuring Technical Readiness For Copilot in Microsoft 365Ensuring Technical Readiness For Copilot in Microsoft 365
Ensuring Technical Readiness For Copilot in Microsoft 365
 
"Subclassing and Composition – A Pythonic Tour of Trade-Offs", Hynek Schlawack
"Subclassing and Composition – A Pythonic Tour of Trade-Offs", Hynek Schlawack"Subclassing and Composition – A Pythonic Tour of Trade-Offs", Hynek Schlawack
"Subclassing and Composition – A Pythonic Tour of Trade-Offs", Hynek Schlawack
 
What is DBT - The Ultimate Data Build Tool.pdf
What is DBT - The Ultimate Data Build Tool.pdfWhat is DBT - The Ultimate Data Build Tool.pdf
What is DBT - The Ultimate Data Build Tool.pdf
 
A Journey Into the Emotions of Software Developers
A Journey Into the Emotions of Software DevelopersA Journey Into the Emotions of Software Developers
A Journey Into the Emotions of Software Developers
 
Digital Identity is Under Attack: FIDO Paris Seminar.pptx
Digital Identity is Under Attack: FIDO Paris Seminar.pptxDigital Identity is Under Attack: FIDO Paris Seminar.pptx
Digital Identity is Under Attack: FIDO Paris Seminar.pptx
 
unit 4 immunoblotting technique complete.pptx
unit 4 immunoblotting technique complete.pptxunit 4 immunoblotting technique complete.pptx
unit 4 immunoblotting technique complete.pptx
 
Merck Moving Beyond Passwords: FIDO Paris Seminar.pptx
Merck Moving Beyond Passwords: FIDO Paris Seminar.pptxMerck Moving Beyond Passwords: FIDO Paris Seminar.pptx
Merck Moving Beyond Passwords: FIDO Paris Seminar.pptx
 
TrustArc Webinar - How to Build Consumer Trust Through Data Privacy
TrustArc Webinar - How to Build Consumer Trust Through Data PrivacyTrustArc Webinar - How to Build Consumer Trust Through Data Privacy
TrustArc Webinar - How to Build Consumer Trust Through Data Privacy
 

VMware NSX - Lessons Learned from real project

  • 1. ©  2014  VMware  Inc.  All  rights  reserved. NSX  Architecture  Design   Lessons  Learned  from  real  project David  Pasek Infrastructure  Architect VCDX  #200 End  to  End  QoS Solution  for  VMware  vSphere   with  NSX  on  top  of  CISCO  UCS
  • 2. Agenda 1 Project  Overview 2 NSX  Conceptual  &  Logical  Design 3 Deep  Dive  in  to  Network  QoS – Design  Decision  Point 4 Q  &  A CONFIDENTIAL 2
  • 3. • Private  Cloud  – EMC  FEHC-­CA  with  custom  enhancements • vSphere  VM  as  a  Service • Hyper-­V  VM  as  a  Service • Physical  Server  as  a  Service • Backup  as  a  Service • Storage  as  a  Service • Environment  /  Facilities • Two  datacenters  in  metro  distance  (<5  ms) • Remote  Offices  (Technical  Rooms)  in  MPLS  distance • Products  and  Technologies • CMP:  vRealizeAutomation,  vRealize Orchestrator,   vRealize Business • Infrastructure  Virtualization:  VMware  vSphere,  Hyper-­V,  NSX-­v • Servers:  Cisco  UCS • Networking:  Cisco  Nexus • Storage:  EMC  VIPR,  EMC  VPLEX,  EMC  VNX,  VMware  VSAN • Backup:  EMC  Avamar,  EMC  Networker,  EMC  DataDomain • Security:  NSX  +  PaloAlto Networks Project  Overview
  • 4. Overall  Project  High  Level  Concept Datacenter A Datacenter B vSphere Resource Pool - GOLD TIER VMware vSphere Metro Cluster Stretched across two datacenters Storage Stretched across two datacenters (VPLEX) Technical Room Resource Pool - TR TIER (vSphere + VSAN) Remote Location Existing Core Network Cloud Consumers Cloud Administrators vRealize Automation vRealize Business Std. + Adv. IT Finance vRealize Automation vCenter Orchestrator vRealize LogInsight vRealize Operations Manager vSphere Resource Pool - SILVER TIER Cluster in single datacenter Storage in single datacenter (different storage tiers) vSphere Resource Pool - SILVER TIER Cluster in single datacenter Storage in single datacenter (different storage tiers) Cloud Management Infrastructure Cluster VMware vSphere Metro Cluster Stretched across two datacenters Storage Stretched across two datacenters (VPLEX) Cloud Management Software Stack Cloud Management Platform, vSphere Management, NSX Management workloads Hyper-V Resource Pool Cluster in single datacenter Storage in single datacenter Hyper-V Resource Pool Cluster in single datacenter Storage in single datacenter Physical Servers Resource Pool Server in single datacenter Storage in single datacenter Physical Servers Resource Pool Server in single datacenter Storage in single datacenter
  • 5. NSX-­v  Conceptual  Architecture Datacenter A (CDP-A) Datacenter B (CDP-B) CORE NETWORK (dynamic routing protocol has to be implemented) PaloAlto FW Physical Appliance PaloAlto FW Physical Appliance NSX Edge GW NSX Edge GW NSX Edge GW NSX Edge GW VIRTUALNETWORKOVERLAY PHYSICAL NETWORK UNDERLAY ESXi Host ESXi HostESXi Host ESXi Host GOLD vSphere Cluster - STRETCHED ESXi HostESXi Host ESXi Host SILVER vSphere Cluster LOCAL ESXi Host ESXi HostESXi Host ESXi Host LOGICAL SWITCH (VXLAN SEGMENT) vNIC vPaloAlto L7 FW vPaloAlto L7 FW vPaloAlto L7 FW vPaloAlto L7 FW vPaloAlto L7 FW vPaloAlto L7 FW vPaloAlto L7 FW vPaloAlto L7 FW LOGICAL SWITCH (VXLAN SEGMENT) NSX FW NSX FW NSX FW NSX FW NSX FW NSX FW NSX FW NSX FW NSX DLR Distributed Logical Router East-West Routing in DCs Traffic Steering NSX DISTRIBUTED LOGICAL FIREWALL NSX DISTRIBUTED LOGICAL FIREWALL L3 Fabric ECMP + Dynamic Routing between PAN, NSX Edge GWs and NSX DLRs PaloAlto Panorama Centralized Security Management VMware NSX Manager Centralized Virtual Network Management NSX Edge L2 VPN NSX Edge L2 VPN NSX Edge L2 VPN Highly Available TR VPN Termination NSX Edge Services GWs Highly Available North South Routing NSX Edge GW L2 VPN LOGICAL SWITCH (VXLAN SEGMENT) Technical Room (TR) L2 VPN TUNNEL (TR<—>DC) FEHC Management vSphere Cluster - STRETCHED ESXi Host ESXi Host SILVER vSphere Cluster - LOCAL LOGICAL SWITCH (VLAN SEGMENT) ESXi HostESXi Host ESXi Host SILVER vSphere Cluster LOCAL LOGICAL SWITCH (VXLAN SEGMENT) NSX DISTRIBUTED LOGICAL FIREWALL
  • 6. NSX-­v  Security  Concept vRA Business Group: HR Logical Network Micro Security Zone Technical Service - SAP [NSX Security Group of all VMs having tag MSZ-SAP] Micro Security Zone Technical Service - A [NSX Security Group of all VMs having tag MSZ-A] vRA Business Group: FINANCE Logical Network Micro Security Zone Technical Service - B [NSX Security Group of all VMs having tag MSZ-B] NSX Distributed Logical Router MSZ-SAP MSZ-SAP MSZ-SAP MSZ-SAP MSZ-SAP MSZ-A MSZ-A MSZ-B MSZ-B MSZ-B Default NSX Security Policy NAME SOURCE DESTINATION SERVICE ACTION Default Any Any Any Block SECURITY TAGS Security tags for technical services: MSZ-<Technical-Service-from-CMDB> For example: MSZ-SAP, MSZ-A, MSZ-B Security tags for applications: APP-<gkpke.APP-SEC-TAG[x]> For example: APP-MSSQL, APP-IIS, APP-EXCHANGE APP-MSSQL APP-MSSQL NSX SECURITY GROUPS We have NSX Security Group for each Technical Service. This security group forms Micro Security Zone for particular Technical Service. For example: MSZ-SAP, MSZ-A, MSZ-B All VMs tagged with the Security Group name will belong to this security group. NSX Security Policy for Micro Security Zones NAME SOURCE DESTINATION SERVICE ACTION Inside MSZ-A MSZ-A MSZ-A Any Allow Inside MSZ-B MSZ-B MSZ-B Any Allow Inside MSZ-SAP MSZ-SAP MSZ-SAP Any Allow Other NSX Security Groups and Policies Other NSX security groups and polices can be created based on applications tags and other metadata available for NSX. Physical or Hyper-V Server belonging in to Micro Security Zone
  • 7. End  to  End  Network  QoS -­ Design  Decision  Point • Requirements • End  to  end  network  QoS is  required  to  achieve  guarantees  for  particular  network  traffics.    These   traffics  are   • FCoE Storage • vSphere  Management • vSphere  vMotion • VM  production • VM  guest  OS  agent  based  backup  <==  this  is  the  most  complex  requirement  in  context  of  QoS • Constraints • CISCO  Nexus  7k • VMware  NSX-­v • CISCO  UCS  servers  B200  M4  with  virtual  interface  card  VIC1340  (2x10Gb  ports  -­ each  port   connected  to  different  fabric  interconnect) • Cloud  Automation  (vRA,  vRO)
  • 8. End  to  End  Network  QoS – Option  1  of  3 UCS Blade Server B200 M4 NIC-A1 - 10Gb NIC port vHBA0 FCoE CoS 3 40% Mark as CoS 3 vNIC0 Mgmt VLAN 100 CoS 1 10% Mark CoS 1 vNIC2 vMotion VLAN 101 CoS 2 10% Mark CoS 2 vNIC4 VM Traffic VLAN 102 CoS 0 20% Mark CoS 0 NIC-B1 - 10Gb NIC port vHBA1 FCoE CoS 3 40% Mark as CoS 3 vNIC1 Mgmt VLAN 100 CoS 1 10% Mark CoS 1 vNIC3 vMotion VLAN 101 CoS 2 10% Mark CoS 2 vNIC5 VM Traffic VLAN 102 CoS 0 20% Mark CoS 0 UCS Fabric Interconnect A (EHM) UCS Fabric Interconnect B (EHM) vFC vEth vEth vEth vFC vEth vEth vEth CISCOUCS CISCO Nexus 7k CISCO Nexus 7k Eth Eth Eth EthFc Fc SAN A SAN B vPC Domain vPCvPC vNIC7 Backup VLAN 103 CoS 4 20% Mark CoS 4 vNIC6 Backup VLAN 103 CoS 4 20% Mark CoS 4 VMwarevSphere-ESXi vmkernel Mgmt (Native VLAN) vmkernel vMotion (Native VLAN) vmkernel VTEP VMware Distributed vSwitch DVS portgroup (Native VLAN) VTEP DVS portgroup (native VLAN) Backup vEth vEth VMwareNSX NSX Logical Switch (VXLAN) logical segment - Business Group VM vNIC Production VM vNIC Backup UCS uplink & N7K downlink QoS Settings CoS 0: 50% (VM Traffic) CoS 1: 10% (Mgmt) CoS 2: 10% (vMotion) CoS 4: 30% (Backup) vmnic0 vmnic2 vmnic4 vmnic6 vmnic1 vmnic3 vmnic5 vmnic7 VMware Standard vSwitch VMware Standard vSwitch VMware Distributed vSwitch Cisco VIC 1340 (4x10Gb port) DVS portgroup Virtual Wire - Business Group 1 CISCO UCS QoS Polices Bandwidth Management & QoS Marking UCS QoS Policy UP (Uplinks): CoS 0: 50% (VM Traffic) CoS 1: 10% (Mgmt) CoS 2: 10% (vMotion) CoS 4: 30% (Backup) UCS QoS Policy 1 (vNIC): CoS 0: 20% (VM Traffic) CoS 1: 10% (Mgmt) CoS 2: 10% (vMotion) CoS 3: 40% (FCoE) CoS 4: 20% (Backup) UCS all vNIC Templates: Host Control: None
  • 9. End  to  End  Network  QoS – Option  2  of  3 UCS Blade Server B200 M4 10Gb NIC port (NIC-A1) vHBA0 FCoE CoS 3 40% Mark as CoS 3 10Gb NIC port (NIC-B1) vHBA1 FCoE CoS 3 40% Mark as CoS 3 UCS Fabric Interconnect A (EHM) UCS Fabric Interconnect B (EHM) vFC vEth vEth vEth vFC vEth vEth vEth CISCOUCS CISCO Nexus 7k CISCO Nexus 7k Eth Eth Eth EthFc Fc SAN A SAN B vPC Domain vPCvPC VMwarevSphere-ESXi vmkernel Mgmt vmkernel vMotion vmkernel VTEP DVS portgroup VLAN 102, Mark as CoS 0 VTEP DVS portgroup VLAN 103, Mark as COS 4 Backup vEth vEth VMwareNSX NSX Logical Switch (VXLAN) logical segment - Business Group VM vNIC Production VM vNIC Backup UCS uplink & N7K downlink QoS Settings CoS 0: 40% (VM Traffic) CoS 1: 10% (Mgmt) CoS 2: 10% (vMotion) CoS 4: 40% (Backup) vmnic0 vmnic1 VMware Distributed vSwitch (DVS) DVS portgroup VLAN 100, Mark as CoS 1 Mgmt DVS portgroup VLAN 101, Mark as CoS 2 vMotion Cisco VIC 1340 (4x10Gb port) DVS portgroup Virtual Wire - Business Group 1 DVS per PortGroup Marking CoS 0: System: VM Traffic CoS 1: System: Mgmt CoS 2: System: vMotion CoS 4: User-def: Backup vmnic2 vmnic3 CISCO UCS QoS Polices Bandwidth Management & QoS Marking UCS QoS Policy UP (Uplinks): CoS 0: 40% (VM Traffic) CoS 1: 10% (Mgmt) CoS 2: 10% (vMotion) CoS 4: 40% (Backup) UCS QoS Policy 1 (vNIC 0,1): CoS 0: 20% (VM Traffic) CoS 1: 10% (Mgmt) CoS 2: 10% (vMotion) CoS 3: 40% (FCoE) CoS 4: 20% (Backup) UCS all vNIC Templates: Host Control: None vNIC0 trunk CoS0 20% CoS1 10% CoS2 10% CoS4 20% vNIC1 trunk CoS0 20% CoS1 10% CoS2 10% CoS4 20%
  • 10. End  to  End  Network  QoS – Option  3  of  3 UCS Blade Server B200 M4 10Gb NIC port (NIC-A1) vHBA0 CoS 3 40% FCoE Mark as CoS 3 10Gb NIC port (NIC-B1) vHBA1 CoS 3 40% FCoE Mark as CoS 3 UCS Fabric Interconnect A (EHM) UCS Fabric Interconnect B (EHM) vFC vEth vEth vEth vFC vEth vEth vEth CISCOUCS CISCO Nexus 7k CISCO Nexus 7k Eth Eth Eth EthFc Fc SAN A SAN B vPC Domain vPCvPC VMwarevSphere-ESXi vmkernel Mgmt vmkernel vMotion vmkernel VTEP DVS portgroup VLAN 102 VTEP vEth vEth VMwareNSX NSX Logical Switch (VXLAN) logical segment - Business Group VM vNIC Production & Backup UCS uplink & N7K downlink QoS Settings CoS 0: 40% (VM Traffic) CoS 1: 10% (Mgmt) CoS 2: 10% (vMotion) CoS 4: 40% (Backup) vmnic0 vmnic1 VMware Distributed vSwitch (DVS) DVS portgroup VLAN 100, Mark as CoS 1 Mgmt DVS portgroup VLAN 101, Mark as CoS 2 vMotion Cisco VIC 1340 (4x10Gb port) DVS portgroup Virtual Wire - Business Group 1 if DST IP = Backup Server mark as CoS 4 else CoS 0 DVS per PortGroup Marking CoS 0: System: VM Traffic CoS 1: System: Mgmt CoS 2: System: vMotion CoS 4: User-def: Backup vmnic2 vmnic3 CISCO UCS QoS Polices Bandwidth Management & QoS Marking UCS QoS Policy UP (Uplinks): CoS 0: 40% (VM Traffic) CoS 1: 10% (Mgmt) CoS 2: 10% (vMotion) CoS 4: 40% (Backup) UCS QoS Policy 1 (vNIC 0,1): CoS 0: 20% (VM Traffic) CoS 1: 10% (Mgmt) CoS 2: 10% (vMotion) CoS 3: 40% (FCoE) CoS 4: 20% (Backup) UCS all vNIC Templates: Host Control: None vNIC0 trunk CoS0 20% CoS1 10% CoS2 10% CoS4 20% vNIC1 trunk CoS0 20% CoS1 10% CoS2 10% CoS4 20%
  • 11. End  to  End  Network  QoS – Final  Decision • Decision • Option  3  – QoS (802.1p)  marking  in  VDS  and  end-­2-­end  bandwidth  management  in  UCS • Justification • Decision  is  fully  compliant  with  End  to  end  network  QoS requirement • VXLAN  protocol  is  designed  to  keep  L2  CoS tags  by  copying  inner  Ethernet  header  into  outer   Ethernet  header    =>  virtual  overlay  CoS tag  is  kept  even  in  physical  network  underlay  and  it  can  be   leveraged  in  Cisco  UCS  bandwidth  management  (aka  DCB  ETS  -­ Enhanced  Transmission   Selection)  to  guarantee  bandwidth  for  particular  CoS traffics.   • Single  vNIC in  VM  has  positive  impact  on • NSX  Security  Policies • Simple  In-­guest  OS  routing  (default  gateway  only)  without  need  for  additional  static  routes • vRealize Automation  Custom  Integrations  are  simpler  (single  hostname,  simpler  integration   with  IPAM,  etc.) • Impact • DVS  QoS Policy  (conditional  802.1p  marking)  has  to  be  configured  manually  for  each  DVS   portgroup used  as  NSX  virtual  wire  (aka  VXLAN)  – can  be  automated  by  custom  integration   (SOLUTION  IMPROVEMENT) • Detail  Test  Plan  has  to  be  prepared  to  validate  correct  QoS behavior  (RISK  MITIGATION)
  • 12. Questions  and  Answers Blog  post  with  additional  details: http://blog.igics.com/2015/12/end-­to-­end-­qos-­solution-­for-­vmware.html Twitter:  @david_pasek Blog:  http://blog.igics.com