3
We are in the 3rd fundamental structural transition in the history of IT
Cloud Computing
We are here
Mainframe
Mainframe
PC Revolution
Client/Server
Cloud
Cloud
• Mobile Devices & Clouds
(public & private)
• Software Defined
• Local Applications
• Minor role for networking
• Desktops & Servers
• Campus Networks
• Data Centers
4
Clouds are the New SilosIT Department Nightmare: Different teams, different technology stacks, different security & compliance
On-Premises Datacenter
5
Multi-Cloud NetworkingCompanies need to extend networks across public clouds
On-Premises Datacenter Multi-Cloud Networking
6
Web
Portal
Retail
App
Web
PortalBig Data Big Data
Tomorrow’s NetworkingConnect and Secure Applications across Private and Public Multiple Clouds
Connect & Secure
• Create private networks within
or across clouds
• Define logical switches routers
• Use firewalls to segment
applications
• Service Insertion
• Distributed Enterprise Edge
Internet
7
OpenStack Networking TodayPhysical and Virtual Networks connect Virtual Machines
Physical Network
Virtual Network
8
Tomorrow: Cross-Platform NetworkingYour network needs to manage many different types of endpoints
Physical Network
Virtual Network
Hyper-V
9
“NSX on Public Cloud”
NSX supported on major public cloud – AWS and Azure
– Hybrid Cloud and pure Public Cloud deployment options
– Support both Linux and Windows Guest VM
– Extend existing network and security services to Cloud
Product is sold and supported by VMware
– Purchasing through existing direct & indirect channels
– Licensing is based on VM count & socket to VM count
– Cloud Marketplace and usage based license
Extend integration with public cloud tools and APIs
– Support CloudFormation, OPSworks, Management Portal
– Co-existence with cloud provider native tools and products
Key Concepts
1
2
3
CONFIDENTIAL
9
…
NSX
10
Example: NSX for OpenStack and Amazon Web Services
1
0
Native support for AWS instances with coherent services and security posture for on and off-premise
10
AWS Cloud
Data Center
Web
Server
HR
Server
Developer
Launches instances
via Amazon console
Amazon Web
Services• Native AWS Server
instances (AMI’s)
• Added to NSX virtual
networks via policy
On-Premise NSX/vSphere
• AWS instances are added to logical switch
• Consistent security posture on-premise and in cloud
• AWS instances leverage services
…
IT Administrator
Defines network and
security policy
Internet
11CONFIDENTIAL
1
1
On-Prem Data Center(Today) Containers
(2016)
Public Clouds(2016)
Virtual Desktop(VDI)
Mobile Devices(Airwatch)
Internet of Things(Roadmap)
Branch Offices(Partner)
Networking is Evolving
• H/W networks no longer under IT control (e.g. mobile, IoT, public clouds)
• Challenge is security, compliance and QoS
NSX Everywhere
• An overlay to manage network policy
• Spans many types of underlying networks
• Transparent app-level security across clouds
Example: NSX for OpenStack and beyond…Managing Security and Connectivity for many Heterogeneous End Points
13
ProvidesA Faithful Reproduction of Network & Security Services in Software
Management APIs, UI
Switching Routing
Firewalling
LoadBalancing
VPN
Connectivity to Physical Networks
Policies, Groups, Tags
Data Security Activity Monitoring
14
Cloud Consumption
Data Plane
NSX Edge
ESXi Hypervisor Kernel Modules
Distributed Services
• High – Performance Data Plane
• Scale-out Distributed Forwarding Model
Management Plane
NSX Manager
Control Plane
NSX Controllers
FirewallDistributed
Logical RouterLogical
Switch
Lo
gic
al N
etw
ork
Ph
ys
ica
l
Ne
two
rk
DLR Control VM
netcp
a
vsfwd
VMware NSX Architecture and Components
vCenter Server
• Control-Plane Protocol
• Provides Separation of Control and Data
Plane
• L2, L3 Data Plane Programming (VXLAN, DLR)
• Single configuration portal
• REST API entry-point
• Provides Registration of 3rd Party Services
• OpenStack
…
…
15
• Provisioning and Management of
Network and Network services
• Cluster & ESXi Host Preparation
• Network Services Configuration
• Logical Services Consumption
NSX Manager
NSX Manager1:1
Management
Plane
VIO / vRA / Custom CMP
vCenter
Server
NSX REST APIsvSphere APIs
3rd Party
Management Console
NSX Manager
Plugin
Centralized
Configuration via
NSX Manager
vSphere Web Client
Plugin
VMware NSX – Management Plane Components
16
IT Process Automation
Management APIs, UI
Policies, Groups, Tags
Switching
Routing
LoadBalancing
Connectivity to Physical Networks
Firewalling
VPN
Data Security
Activity Monitoring
Automation for IT department
Multi-tenant environment
Business Value
Reduce the infrastructure provisioning time from weeks to minutes.
Cloud developers
The provision of IT environment that corresponds to the business speed.
17
SecurityProviding essential security infrastructure
Micro-segmentation
DMZ Anywhere
Secure end-user environment
Data center boundary
Internet
Business value
It provides inherent security
infrastructure with 1/3 costDMZ
18
Application continuityData Center – Anywhere
Data center #1
Disaster Recovery
Metro pooling
Hybrid CloudNetworking
Business Value
Up to 80 percent of the RTO reduction
Data center #2
Cloud
19
NSX – Hardware L2/L3 Network support
21
≈
SDDC
Nova
Cinder
Swift
Neutron
OpenStack provides basic IaaS “primitives” similar to AWS capabilities
EBS
EC2
S3
VPC
SDDC
Compute | Network | StorageCONFIDENTIAL
22
If AWS is Primarily Used for Infrastructure as Code
2
2
Tools app owners/developers use TODAY
vRA
W W
AA
R
WW
A A
R
Provision
Infrastructure
(with code)
Application
CodeApplication
CodeProvision
Infrastructure
(with code)
23CONFIDENTIAL
Application Owner/Developer-Centric IT
tools
Success
Easy Consumption - API
Ecosystem - Tools/Knowledge
Developer Autonomy
Production Workloads
Challenges
AWS Lock-in
Cost – Long-Lived VMs
Data Sovereignty
Differences Dev/Test/Prod
Success
Same as AWS +
Vendor Neutral API
Everything on premises
Dev = Test = Prod
Challenges
Perceived Stability
Choice/Snowflakes
Perceived Expertise Req’d
No Governance
24
VMware Integrated OpenStack
• OpenStack Distribution*
– Not a “proprietary distribution”
– OpenStack API compliant (DefCore**)
• Preconfigured drivers and plugins for VMware infrastructure technology
– vSphere
– NSX
– VMDK (VMFS, NFS, VSAN)
• Free license to use with vSphere Enterprise/Plus
*VIO 2.0 Based on Kilo Edition
**https://wiki.openstack.org/wiki/Governance/DefCoreCommittee
***Includes vSphere, NSX, VIO for one location
vSphere | NSX | VMDK
VIO
OpenStack APIs
VMware Plugins
25
Framework +
Infrastructure
OpenStack Stability Concerns
• Separate the OpenStack “framework” from the infrastructure
• Stability issues:
– OpenStack Framework Maturity
– Open Source Infrastructure Maturity and Skillset
– Four new technologies to learn
• Stability obtained through:
– VMware Infrastructure Technology (vSphere/NSX)
– Consistent Framework Deployment
Developer Tools
Framework
Compute | Network | Storage
OpenStack APIs
An OpenStack cloud is only as reliable as the infrastructure underneath it
vSphere | NSX | VMDK
VIO
OpenStack APIs
3,000 combinations of compute, network,
storage drivers…
26
NSX Customer and Business Momentum
NSX Customers
1200+
Production Deployments(adding 25-50 per QTR)
250+
Organizations have spent over US$1M on NSX
100+
Stats as of end of Q4 2015