Embed Size (px)
Citation preview
![Page 1: NSX scenariji - Beograd | Coming Computer Engineeringkonferencija.coming.rs/wp-content/uploads/2017/10/NSX-scenariji.pdf · NSX scenariji Jelena Tatomirovi Uu Îv]]vÎ vi D]ovsµi}À]](https://reader034.pdfslide.tips/reader034/viewer/2022042707/5a763fcf7f8b9aea3e8d1d26/html5/thumbnails/1.jpg)
NSX scenariji
Jelena Tatomirović, rež i i že jer
Mila Vujo ić, rež i i že jer
![Page 2: NSX scenariji - Beograd | Coming Computer Engineeringkonferencija.coming.rs/wp-content/uploads/2017/10/NSX-scenariji.pdf · NSX scenariji Jelena Tatomirovi Uu Îv]]vÎ vi D]ovsµi}À]](https://reader034.pdfslide.tips/reader034/viewer/2022042707/5a763fcf7f8b9aea3e8d1d26/html5/thumbnails/2.jpg)
Virtualiza ija u da aš je data e tru
Applications
Compute Storage Networking
![Page 3: NSX scenariji - Beograd | Coming Computer Engineeringkonferencija.coming.rs/wp-content/uploads/2017/10/NSX-scenariji.pdf · NSX scenariji Jelena Tatomirovi Uu Îv]]vÎ vi D]ovsµi}À]](https://reader034.pdfslide.tips/reader034/viewer/2022042707/5a763fcf7f8b9aea3e8d1d26/html5/thumbnails/3.jpg)
Zašto je virtualiza ija reže it a?
3
![Page 4: NSX scenariji - Beograd | Coming Computer Engineeringkonferencija.coming.rs/wp-content/uploads/2017/10/NSX-scenariji.pdf · NSX scenariji Jelena Tatomirovi Uu Îv]]vÎ vi D]ovsµi}À]](https://reader034.pdfslide.tips/reader034/viewer/2022042707/5a763fcf7f8b9aea3e8d1d26/html5/thumbnails/4.jpg)
NSX komponente
Control Plane NSX Controller
Run-time state
• Decouples virtual networks
form physical topology
• Not in Data Path
• Highly Available
Data Plane
NSX Edge
VDS
Hypervisor Extension Modules
Firewall Distributed
Logical Router VXLAN
NSX vSwitch
• Highly Available VM form factor
• Data Plane for N-S traffic
• Routing and Advanced services
• Intelligent network edge
• Line Rate performance
Management
Plane
NSX Manager • Single point of configuration
• REST API and UI interface
CMP Consumption
• Self Service Portal
• vRealize Automation
• Etc.
4
![Page 5: NSX scenariji - Beograd | Coming Computer Engineeringkonferencija.coming.rs/wp-content/uploads/2017/10/NSX-scenariji.pdf · NSX scenariji Jelena Tatomirovi Uu Îv]]vÎ vi D]ovsµi}À]](https://reader034.pdfslide.tips/reader034/viewer/2022042707/5a763fcf7f8b9aea3e8d1d26/html5/thumbnails/5.jpg)
NSX – rež i odel ove ge era ije
Switching
Routing
Firewalling/ACLs
Load Balancing
![Page 6: NSX scenariji - Beograd | Coming Computer Engineeringkonferencija.coming.rs/wp-content/uploads/2017/10/NSX-scenariji.pdf · NSX scenariji Jelena Tatomirovi Uu Îv]]vÎ vi D]ovsµi}À]](https://reader034.pdfslide.tips/reader034/viewer/2022042707/5a763fcf7f8b9aea3e8d1d26/html5/thumbnails/6.jpg)
Šta se do ija uvođe je NSX-a?
Bezbednost
Automatizacija
Kontinuitet aplikacija (DR)
![Page 7: NSX scenariji - Beograd | Coming Computer Engineeringkonferencija.coming.rs/wp-content/uploads/2017/10/NSX-scenariji.pdf · NSX scenariji Jelena Tatomirovi Uu Îv]]vÎ vi D]ovsµi}À]](https://reader034.pdfslide.tips/reader034/viewer/2022042707/5a763fcf7f8b9aea3e8d1d26/html5/thumbnails/7.jpg)
Bezbednost virtuelne infrastrukture
Web App DB
Mikrosegmentacija
Bezbednost krajnjih korisnika
DMZ bilo gde
![Page 8: NSX scenariji - Beograd | Coming Computer Engineeringkonferencija.coming.rs/wp-content/uploads/2017/10/NSX-scenariji.pdf · NSX scenariji Jelena Tatomirovi Uu Îv]]vÎ vi D]ovsµi}À]](https://reader034.pdfslide.tips/reader034/viewer/2022042707/5a763fcf7f8b9aea3e8d1d26/html5/thumbnails/8.jpg)
Bezbednost i VDI
APP1
Web 1 App 1
APP2
Web 2 App 2
Engineering External
Contractor 1 External
Contractor 2
Eng Eng net 4
Exter al * Web 1 4
Exter al * Web 2 4
APP1
Web 1 App 1
APP2
Web 2 App 2
Engineering External
Contractor 1 External
Contractor 2
Traditional Data Center NSX Data Center
VLANs
Engineering
External Contractor 1
External Contractor 2
Eng Web 1 4
Eng App 1 4
Eng Web 2 4
Eng App 2 4
Ext1 Web 1 4
Ext1 App 1 5
Ext2 Web 2 4
Ext2 App 2 5
…
![Page 9: NSX scenariji - Beograd | Coming Computer Engineeringkonferencija.coming.rs/wp-content/uploads/2017/10/NSX-scenariji.pdf · NSX scenariji Jelena Tatomirovi Uu Îv]]vÎ vi D]ovsµi}À]](https://reader034.pdfslide.tips/reader034/viewer/2022042707/5a763fcf7f8b9aea3e8d1d26/html5/thumbnails/9.jpg)
Inteligentno grupisanje epodrža ih OS
Smanjiti rizik koji nose operativni sistemi koji nisu
podrža i od stra e proiz ođača pr. Wi do s Ser er
Unsupported OS Group
![Page 10: NSX scenariji - Beograd | Coming Computer Engineeringkonferencija.coming.rs/wp-content/uploads/2017/10/NSX-scenariji.pdf · NSX scenariji Jelena Tatomirovi Uu Îv]]vÎ vi D]ovsµi}À]](https://reader034.pdfslide.tips/reader034/viewer/2022042707/5a763fcf7f8b9aea3e8d1d26/html5/thumbnails/10.jpg)
Automatizovana sigurnost u SDDC-u
10
Security Group = Quarantine Zone
Members = {Tag = ‘ANTI_VIRUS.VirusFound’, L2 Isolated Network}
Security Group = Web
Tier Policy Definition
Standard Desktop VM Policy
Anti-Virus – Scan
Quarantined VM Policy
Firewall – Block all except security tools
Anti-Virus – Scan and remediate
![Page 11: NSX scenariji - Beograd | Coming Computer Engineeringkonferencija.coming.rs/wp-content/uploads/2017/10/NSX-scenariji.pdf · NSX scenariji Jelena Tatomirovi Uu Îv]]vÎ vi D]ovsµi}À]](https://reader034.pdfslide.tips/reader034/viewer/2022042707/5a763fcf7f8b9aea3e8d1d26/html5/thumbnails/11.jpg)
Automatizacija
Web App DB BLUEPRINT
IT Automating IT
Developer Cloud
Multi-tenant Cloud
![Page 12: NSX scenariji - Beograd | Coming Computer Engineeringkonferencija.coming.rs/wp-content/uploads/2017/10/NSX-scenariji.pdf · NSX scenariji Jelena Tatomirovi Uu Îv]]vÎ vi D]ovsµi}À]](https://reader034.pdfslide.tips/reader034/viewer/2022042707/5a763fcf7f8b9aea3e8d1d26/html5/thumbnails/12.jpg)
Brzo kreiranje aplikacija iz template-a
12
• Dynamic Configuration and Deployment of templated application (NSX and vRealize Automation)
Logical Switch
Logical Router
NSX
Logical Firewall
Logical Load Balancer
On Demand Application Delivery vRealize Automation
Resource Reservation
Multi-Machine
Blueprint
Service Catalog
Cloud
Management
Platform
Network Profiles
Security Policies
Security Groups
Web
App
Database
VM VM
VM VM VM
VM
![Page 13: NSX scenariji - Beograd | Coming Computer Engineeringkonferencija.coming.rs/wp-content/uploads/2017/10/NSX-scenariji.pdf · NSX scenariji Jelena Tatomirovi Uu Îv]]vÎ vi D]ovsµi}À]](https://reader034.pdfslide.tips/reader034/viewer/2022042707/5a763fcf7f8b9aea3e8d1d26/html5/thumbnails/13.jpg)
Kontinuitet aplikacije
Disaster recovery
Multi DC pooling
Cross Cloud
Data Center 1
Data Center 2
VM VM
VM VM
VM VM
VM VM
VM VM
VM VM
VM VM
VM VM
VM
VM VM VM
VM VM
VM
VM VM VM
VM VM
VM VM
VM VM VM VM
VM VM
VM VM
VM VM VM VM
VM VM
VM VM
VM VM
VM VM
VM VM
![Page 14: NSX scenariji - Beograd | Coming Computer Engineeringkonferencija.coming.rs/wp-content/uploads/2017/10/NSX-scenariji.pdf · NSX scenariji Jelena Tatomirovi Uu Îv]]vÎ vi D]ovsµi}À]](https://reader034.pdfslide.tips/reader034/viewer/2022042707/5a763fcf7f8b9aea3e8d1d26/html5/thumbnails/14.jpg)
Multisite networking and security
14
vCenter-A vCenter-B
<150ms
Local Storage Local Storage
Universal Distributed Logical Router
App Web D
B
App Web D
B
Secure, High Availability, Distributed, Virtualized Resource Pool
Site-A Site-B
![Page 15: NSX scenariji - Beograd | Coming Computer Engineeringkonferencija.coming.rs/wp-content/uploads/2017/10/NSX-scenariji.pdf · NSX scenariji Jelena Tatomirovi Uu Îv]]vÎ vi D]ovsµi}À]](https://reader034.pdfslide.tips/reader034/viewer/2022042707/5a763fcf7f8b9aea3e8d1d26/html5/thumbnails/15.jpg)
Disaster recovery
APP APP APP
15
Data Center 2 Data Center 1
Disaster Recovery
APP APP APP APP APP APP APP APP APP
Network Storage Compute Network Storage Compute
Recover
Always Synchronized
No IP change, Instantaneous Availability of Apps upon Disaster Failover of Logical Switching, Routing & Firewall Rules
![Page 16: NSX scenariji - Beograd | Coming Computer Engineeringkonferencija.coming.rs/wp-content/uploads/2017/10/NSX-scenariji.pdf · NSX scenariji Jelena Tatomirovi Uu Îv]]vÎ vi D]ovsµi}À]](https://reader034.pdfslide.tips/reader034/viewer/2022042707/5a763fcf7f8b9aea3e8d1d26/html5/thumbnails/16.jpg)
Implementacija NSX-a u ali okruže ji a
NSX bez overlay reže
• NSX e adžer
• vCenter server
• Bez VXLAN-ova
• Bez izmene MTU vrednosti
NSX sa overlay režo (Full stack NSX)
• NSX e adžer
• vCenter server
• 1600 byte MTU
• 3 NSX kontrolera
• 2 NSX EDGE-a (HA/ECMP)
![Page 17: NSX scenariji - Beograd | Coming Computer Engineeringkonferencija.coming.rs/wp-content/uploads/2017/10/NSX-scenariji.pdf · NSX scenariji Jelena Tatomirovi Uu Îv]]vÎ vi D]ovsµi}À]](https://reader034.pdfslide.tips/reader034/viewer/2022042707/5a763fcf7f8b9aea3e8d1d26/html5/thumbnails/17.jpg)
Pitanja?
![Page 18: NSX scenariji - Beograd | Coming Computer Engineeringkonferencija.coming.rs/wp-content/uploads/2017/10/NSX-scenariji.pdf · NSX scenariji Jelena Tatomirovi Uu Îv]]vÎ vi D]ovsµi}À]](https://reader034.pdfslide.tips/reader034/viewer/2022042707/5a763fcf7f8b9aea3e8d1d26/html5/thumbnails/18.jpg)
NSX – monitoring i upravljanje
• NSX Flow monitoring
• NSX Traceflow
• vRealize Log Insight
• VRNI – vRealize Network Insight
![Page 19: NSX scenariji - Beograd | Coming Computer Engineeringkonferencija.coming.rs/wp-content/uploads/2017/10/NSX-scenariji.pdf · NSX scenariji Jelena Tatomirovi Uu Îv]]vÎ vi D]ovsµi}À]](https://reader034.pdfslide.tips/reader034/viewer/2022042707/5a763fcf7f8b9aea3e8d1d26/html5/thumbnails/19.jpg)
vRealize Network Insight
9
Transformative Operations for NSX based Software-Defined Data Center
Optimize Network
Performance with
3600 Visibility &
Analytics
Ensure Best Practices,
Health and Availability
of NSX Deployment
Plan Micro-
segmentation
Deployment and
Ensure Compliance
Across Virtual, Physical and Cloud
![Page 20: NSX scenariji - Beograd | Coming Computer Engineeringkonferencija.coming.rs/wp-content/uploads/2017/10/NSX-scenariji.pdf · NSX scenariji Jelena Tatomirovi Uu Îv]]vÎ vi D]ovsµi}À]](https://reader034.pdfslide.tips/reader034/viewer/2022042707/5a763fcf7f8b9aea3e8d1d26/html5/thumbnails/20.jpg)
vRealize Network Insight
21
• A aliza sao raćaja data e tra: East-West, VM-to-VM, VM-to-Physical, Switched, Routed..
• Detalj i statistički poda i o s i tipo i a sao raćaja
![Page 21: NSX scenariji - Beograd | Coming Computer Engineeringkonferencija.coming.rs/wp-content/uploads/2017/10/NSX-scenariji.pdf · NSX scenariji Jelena Tatomirovi Uu Îv]]vÎ vi D]ovsµi}À]](https://reader034.pdfslide.tips/reader034/viewer/2022042707/5a763fcf7f8b9aea3e8d1d26/html5/thumbnails/21.jpg)
Hvala na paž ji! Pitanja?
