networking in virtual environments virtualization – why do i care?
TRANSCRIPT
Networking in Virtual Environments
• Virtualization – Why do I care?
• Technical components of virtualization
• Networking in a virtual world
• What is cloud computing?
Karen Lynn Rhodes
Layered Tech
Karen.Rhodes at LayeredTech.com
Virtualization- Why do I care?• Datacom and Telcom
merged in the last decade• This decade System
Administration and Network Administration will be merging
10+ % Unemployment
Unemployment
Under Employment
Job Insecurity
Networking skills that do translate to virtual environment needs
• Documentation of complex environments
• Security Principles and procedures
• Technical project lead
Technical components of virtualization
• Traditional way of deploying servers
• Virtual way of deploying servers
Operating System
Application
HyperVisor
Operating SystemOperating System
Operating SystemOperating System
Operating SystemOperating System
Operating System
Operating System
ApplicationApplication
ApplicationApplication
ApplicationApplication
Application
Application
Virtual Environment Math
• 4 physical servers• 32 Virtual servers• 1 Management console
HyperVisor HyperVisor HyperVisor
HyperVisor
Medium dedicated environment
CustomerHeadquarters
Dallas
Chicago
Primary Site
Overflow Processing and Disaster Recovery site
Dedicated KVM
Web Cluster Virtual Desktop
Cluster
Internet Addressable Load Balanced Networks
Email Server
Gig Switch Cisco Firewall
Load Balancer
Gig Switch
EMCStorage
Array
Storage network
not show
R1Soft Dedicated
ServerFile
Servers
Gig Switch
Private Network
PDC DevDatabase Cluster
Application Servers
Dedicated KVM
Web Cluster Virtual Desktop
Cluster
Internet Addressable Load Balanced Networks
Email Server
Gig Switch Cisco Firewall
Load Balancer
Gig Switch
EMCStorage
Array
Storage network
not show
R1Soft Dedicated
ServerFile
Servers
Gig Switch
Private Network
BDCDatabase Cluster
Application Servers
Dev
Medium Virtual environment
Development #3
Quality Assurance #3
Production #3
Development #2
Quality Assurance #2
Production #2
4 Node VMWare – Physical Environment
Gig Switch
Gig Switch
Private Network
Public Network
VMWare – Virtual Environment
Web Cluster
Internet Addressable
Load Balanced Networks
Switch
Switch
AuthenticationCluster
Database Cluster
Development Environment #1
Load Balancer
Switch
Quality Assurance Environment #1
Private Network
Web Cluster
Internet Addressable
Load Balanced Networks
Switch
Private Network
AuthenticationCluster
Database Cluster
Web Cluster
Internet Addressable
Load Balanced Networks
Switch
SwitchPrivate
Network
AuthenticationCluster
Database Cluster
Production Environment #1
AuthenticationCluster
Load Balancer
EMCStorage
Array
Hypervisor ManagementXen : Opensource AppLogic
Hypervisor ManagementXen : Citrix XenCenter
Hypervisor ManagementHyper-V – Microsoft System Center
Hypervisor ManagementESX, ESXi – VMware Virtual Center
Cisco Nexus 1000V
Networking in a virtual worldNIC Teaming- IEEE 802.3ad
• Physical servers now using multiple NIC’s.• Physical and Virtual NIC’s can be bonded in NIC Teaming sets similar to
trunks. • NIC’s can be configured for failover, load balancing or multi-pathing.
Networking in a virtual worldMultiple Virtual Networks
• External= Frontend network between physical servers permits access to outside network.
• Internal= Backend network between physical servers (RFC1918)
• Private= Between Virtual servers on the same physical server, this traffic never touches any physical switch.
External
Internal
Private
Internet
Networking in a virtual worldAdvanced Networking Needs
• Distributed switching is available between multiple servers.
• VLAN Tagging, Layer 2 security, traffic shaping and rate limiting.
Networking in a virtual worldNetwork Security
• Firewall rules and VLAN’s are activated on physical and virtual devices.
• Nested Firewalls are now the rule.
• NAT within NAT does not work.
• Promiscuous mode NIC’s on Virtual Servers can enable promiscuous sniffing of physical and virtual networks in some environments!
External
Internal
Private
Internet
17
Googlonomics
What is the next trend?
Cloud
Server Utilization*
Data Center Labor
Today
Today
+150%
- 30%
+280%
- 40%
Physical Virtual
What does Gartner say…
18DELL CONFIDENTIAL
What is cloud computing? 42
19DELL CONFIDENTIAL
• My definition: You can only take out of a cloud what the cloud provider has chosen to place into the cloud.
• “Elastic”: scale up or down
• On Demand, Self-service
• Abstracted/Pooled resources
• “Unlimited” processing and storage
Public Clouds
• Public clouds are pooled resources available to the public.
• Many cloud providers allow hourly usage and billing.
• A La Carte/cell phone type billing is common with bandwidth, CPU, memory and storage each charged at different rates per hour
• Uptime guarantees and data integrity are not part of public clouds, if your cloud provider goes offline you may need to re-upload all of your content.
What are public clouds great for?
• CPU and Memory clouds: Amazon EC2– Running programs that need
thousands of processors for a few hours or days.
• CPU, Memory and Storage: Mosso– Provide springboards for small
businesses into the market at a low cost.
• CPU, Memory, storage and network infrastructure clouds: TheGridLayer– Replace traditional
development environments.
Get off of my cloud• Public clouds due primarily to their hourly usage and
billing attract unscrupulous Internet users.• Resource contention is a common complaint on public
clouds, especially with storage IO.• Network security is not part of most public clouds,
encrypt all data prior to transit and while it is at rest in the cloud, do not place sensitive data in a shared cloud.
• Keep a backup of all data outside of the cloud!
Private Clouds• Private clouds are strictly defined
resources available to only one customer.
• Billing is inclusive of all resources.• Private clouds do not share any
hardware including NIC’s between customers.
• Uptime guarantees and data integrity are part of private clouds, if your private cloud goes offline all of your data should be safe since data integrity is built into the private cloud.
• You are the cloud provider so you state what resources you want in your cloud, you can grow and shrink your cloud as you need.
What are private clouds great for?
• Centralized storage allows for reduced cost per GB within the organization• Increased security by centralizing patch deployment and security audits.• In house virtual environments are private clouds.• External private clouds can be managed along with your internal private
cloud to expand your cloud to multiple physical locations for disaster recovery and seamless failover.
• Decreased time to market for new projects• External private clouds allow companies to expand development and
production environments without paying for additional equipment.
Future Cloud use• Internal Private clouds onsite
for standard deployment needs.
• External Private clouds offsite for Disaster Recovery, Overflow computing and cost reduction efforts.
• Centralized management of both environments.
• Internal IPv6 Private Clouds connecting to External IPv6 Private Clouds via IPv4 tunnels using 802.1 Q in Q Vlans for seamless communication.
802.1 Q in Q Vlan
IPv6 Headquarters Virtual Environment
IPv6 OffSite Virtual Environment
Questions?