welcome meec members! sddc: a new architecture for a …the data center’s resources and services...
TRANSCRIPT
©2015 Data Networks
Welcome MEEC Members!
SDDC: A New Architecture for a New Era of Ed IT
M E E C M E M B E R C O N F E R E N C E • A P R I L 2 3 , 2 0 1 5
Chuck KiesslingData NetworksSolutions Architect
Dan RadkeVMware Network and Security Specialist
PRESENTED BY
©2015 Data Networksdatanetworks.com
VISIT BOOTH #13 Vmware vRealize and VDI
live demo
Enter to win a $100 Best Buy gift card
DON’T FORGET!Please fill out a session evaluation and leave it with Amy/Jan
THANKS FOR JOINING US!
TODAY’S AGENDA
What is the Software Defined Data Center?
Software-Defined Components
Virtual Storage
Virtual Networking
Wrap-Up and Questions
2
©2015 Data Networksdatanetworks.com3
Understanding the needs of all BU’s
Understanding the structure of all internal orgs
Designing a reference architecture
Procuring components from different vendors
Time investment before first VM deployment
PLANNING
Making disparate infrastructure (compute, storage, network) work together
Lack of automation and tools for workload provisioning and deployment
Many points of control
PROVISIONING
Troubleshooting Support calls to
multiple vendors Business
interruption during maintenance
Upgrade Planning and Implementation
LIFECYCLE MANAGEMENT
COMMON DATA CENTER CHALLENGES
©2015 Data Networksdatanetworks.com
WHAT MOTIVATES YOU?
Time is Money
4
©2015 Data Networksdatanetworks.com
ENTER THE SOFTWARE-DEFINED DC
“SDDC (also Virtual Data Center- VDC) is a vision for IT
infrastructure that extends virtualization concepts
such as abstraction, pooling, and automation to all of
the data center’s resources and services to achieve IT
as a service (ITaaS).”
“In a software-defined data center, all elements of
the infrastructure — networking, storage, CPU and
security – are virtualized and delivered as a service.”
WikipediaSoftware-Defined Data Center (SDDC)
5
©2015 Data Networksdatanetworks.com
PHYSICAL COMPONENTS
6
Compute Nodes
Network Nodes
Storage Nodes
©2015 Data Networksdatanetworks.com
SOFTWARE-DEFINED COMPONENTS
7
Virtualization Platform
Software Layer
Management Layer
©2015 Data Networksdatanetworks.com9
SDDC: A NEW ARCHITECTURE
VIRTUAL STORAGE
©2015 Data Networksdatanetworks.com
THE SAN OF YESTERDAY
10
Key Drivers
Falling Storage Prices
Abundant CPU Cycles
Converged Infrastructure
Cloud Economics
Server Storage
20-30 years ago
Shared Storage
10-15 years ago
New Forms
Today
©2015 Data Networksdatanetworks.com
HYPERVISOR = NEW OPPORTUNITIES
11
vSphere
The Virtualization Platform
Knows the needs of all apps in real time
Global view of underlying infrastructure
Sits directly in the I/O path
New way of provisioning and managing storage
SAN / NAS
x86 Servers Cloud Storage
©2015 Data Networksdatanetworks.com
Object-based Pool
SAN/NAS Pool
vSAN Storage Pool
THE HYPERVISOR TRANSFORMS STORAGE
TODAY SOFTWARE-DEFINED STORAGE
12
LUN
Array A
LUN
LUN
Array B
LUN
LUN
Abstract and pool(Virtualized Data Plane)
x86 Servers SAN / NAS
Cloud Object
Storage
vSphere
©2015 Data Networksdatanetworks.com
vSphere + Virtual SAN
13
Simple to set up via policy
Delivered on per VM basis
Zero data loss in case of disk, network or host failures
Ensures zero downtime from disk or network failures
Interoperable with vSphere HA and Maintenance Mode
Virtual SAN is Designed to Ensure Data is Never Lost in Case of Failures
HOW DOES IT WORK?
13
©2015 Data Networksdatanetworks.com
WHY VIRTUAL SAN?
14
Two click Install
Single pane of glass
Policy-driven
Self-tuning
Integrated with VMware stack
Radically Simple
Embedded in vSphere kernel
Flash-accelerated
90,000 iOPS per Host
Up to 8.8 PB per Cluster
Up to 64 Hosts
Granular and linear scaling
High Performance Lower TCO
Server-side economics
No large upfront investments
Grow-as-you-go
Easy to operate with powerful
automation
No specialized skillset
©2015 Data Networksdatanetworks.com18
SDDC: A NEW ARCHITECTURE
VIRTUAL NETWORKING
©2015 Data Networksdatanetworks.com19
“The NSX solution should be considered by existing VMware customers as a way of providing network agility and reducing network operational challenges within the data center.”
Gartner Data Center Networking Magic Quadrant, April 24, 2014
RAVE REVIEWS FOR NSX
©2015 Data Networksdatanetworks.com
Admin/IT Execs Speed and Agility Secure Infrastructure Time-to-Market Competitive Advantage
20
IT Operations Efficiency of Change De-risking Change
IT Infrastructure & Security Data Center Micro-segmentation Network Hardware Choice Compute Capacity Utilization
THE VALUE OF NSX
©2015 Data Networksdatanetworks.com
Software
Hardware
VirtualMachines
ComputeCapacity Network Storage
Applications
Server Virtualization
• Intelligence in the virtualization layer
• Vendor independent x86 capacity
• Transformative operational model
• Automated configuration & management
Intelligence in hardware
Dedicated, vendor specific infrastructure
Manual configuration & management
Manual Operational Model
Automated Operational Model
Programmatically Create,Snapshot,
Store,Move,
Delete,Restore
TAKING WHAT WE HAVE LEARNED…
21
©2015 Data Networksdatanetworks.com
TO DELIVER AN SDDC APPROACH
Software
Hardware
VirtualMachines
VirtualNetworks
VirtualStorage
ComputeCapacity
NetworkCapacity
StorageCapacity
Applications
Location Independence
Data Center Virtualization
Pooled compute, network and storage capacity
Vendor independent, best price/performance
Simplified configuration & management
Automated Operational Model
Programmatically Create,Snapshot,
Store,Move,
Delete,Restore
22
©2015 Data Networksdatanetworks.com
NETWORK VIRTUALIZATION OVERVIEW
Decoupled
Hardware
Software
General Purpose Networking Hardware
Network Hypervisor
Requirement: IP Transport
Virtual Network Virtual Network Virtual Network
Workload Workload Workload
L2, L3, L4-7 Network Services
General Purpose Server Hardware
Server Hypervisor
Requirement: x86
Virtual Machine Virtual Machine Virtual Machine
Application Application Application
x86 Environment
23
©2015 Data Networksdatanetworks.com
CURRENT – NEW NETWORK ENVIRONMENT PROVISIONING
24
Effort (hrs):
• Pre-Prod: 1
• Prod: 1
Error Rate:
• 0%
Lag Time:
• 1 Day
Request &
Review
Network &
Security
Resources
1
Effort (hrs):
• Pre-Prod: 3
• Prod: 4.5
Error Rate:
• 0%
Lag Time:
• 3 Days
Define Network
& Security
Environment
2
Effort (hrs):
• Pre-Prod: 3
• Prod: 4.5
Error Rate:
• 0%
Lag Time:
• 3 Days
Determine
Changes
Required
(Capacity
Availability)
3
Effort (hrs):
• Pre-Prod: 0.3
• Prod: 0.5
Error Rate:
• 0%
Lag Time:
• 5 Days
Review &
Approval
Process (CAB)
4
Effort (hrs):
• Pre-Prod: 0.5
• Prod: 0.5
Error Rate:
• 0%
Lag Time:
• 5 Days
Change Order
Scheduling
5
Effort (hrs):
• Pre-Prod: 1
• Prod: 1
Error Rate:
• 8%
Lag Time:
• 2 Days
Config
Network (vlan,
routing)
6
Effort (hrs):
• Pre-Prod: 1
• Prod: 1
Error Rate:
• 8%
Lag Time:
• 2 Days
Config Security
(FW)
7
Effort (hrs):
• Pre-Prod: 1
• Prod: 1
Error Rate:
• 8%
Lag Time:
• 2 Days
Config Load
Balancer
8
Effort (hrs):
• Pre-Prod: 0.3
• Prod: 0.3
Error Rate:
• 0%
Lag Time:
• .025 Days
Provision
Environment
9
Process Duration – 23 Days
©2015 Data Networksdatanetworks.com25
Effort (hrs):
• Pre-Prod: 0
• Prod:0
Error Rate:
• 0%
Lag Time:
• 0 Days
Request &
Review
Network &
Security
Resources
1
Effort (hrs):
• Pre-Prod: 0.5
• Prod: 1
Error Rate:
• 0%
Lag Time:
• 0 Days
Define Network
& Security
Environment
2
Effort (hrs):
• Pre-Prod: 0
• Prod:0
Error Rate:
• 0%
Lag Time:
• 0 Days
Determine
Changes
Required
(Capacity
Availability)
3
Effort (hrs):
• Pre-Prod: 0
• Prod: 0.5
Error Rate:
• 0%
Lag Time:
• 0 Days
Review &
Approval
Process (CAB)
4
Effort (hrs):
• Pre-Prod: 0
• Prod:0
Error Rate:
• 0%
Lag Time:
• 0 Days
Change Order
Scheduling
5
Effort (hrs):
• Pre-Prod: 0
• Prod:0
Error Rate:
• 0%
Lag Time:
• 0 Days
Config
Network (vlan,
routing)
6
Effort (hrs):
• Pre-Prod: 0
• Prod:0
Error Rate:
• 0%
Lag Time:
• 0 Days
Config Security
(FW)
7
Effort (hrs):
• Pre-Prod: 0
• Prod:0
Error Rate:
• 0%
Lag Time:
• 0 Days
Config Load
Balancer
8
Effort (hrs):
• Pre-Prod: 0.3
• Prod: 0.3
Error Rate:
• 0%
Lag Time:
• 0 Days
Provision
Environment
9
Process Duration – less than a Day
FUTURE – NEW NETWORK ENVIRONMENT PROVISIONING
©2015 Data Networksdatanetworks.com
THE M&M APPROACH TO SECURITY
26
“In today’s new threat landscape, this M&M and ‘trust but verify’ is no longer an effective way of enforcing security.”
Forrester ResearchIn Response to NIST RF 130208119-3119-01I
“Developing a Framework to Improve Critical Infrastructure Cyber-Security”
©2015 Data Networksdatanetworks.com
PROBLEM: DC NETWORK SECURITY
Perimeter-centric network security has proven insufficient, and micro-Segmentation is operationally infeasible
Little or no
lateral controls
inside perimeter
Internet Internet
Insufficient OperationallyInfeasible
27
©2015 Data Networksdatanetworks.com
Regain control of your security posture and build practical measures to protect your infrastructure
This is the future of data center networking and security!
28
WHAT DOES THIS ENABLE?
E N D U S E R C O M P U T I N G D ATA C E N T E R O P T I M I Z AT I O N I N F R A S T R U C T U R E + S E C U R I T Y
©2015 Data Networks
About Data Networks
Simplifying enterprise IT for ourcustomers since 1983
Complete solutions include:
End User Computing
Data Center Optimization
Infrastructure and Security
Full-time staff of 60+ with flexible staffing model that scales to customer needs
VMware Enterprise Partner
Visit DataNetworks.com for More