PLEASE READ – INSTRUCTIONS FOR ADDING PAGE NUMBERS “X … · 2020-06-12 · VMware NSX Data...
26
Santiago 06 Noviembre 2018
Transcript of PLEASE READ – INSTRUCTIONS FOR ADDING PAGE NUMBERS “X … · 2020-06-12 · VMware NSX Data...
Santiago06 Noviembre 2018
VMware NSX Data Center
& Containers
in the Dell EMC Ecosystem
Alvaro FaúndezSr. Systems Engineer – VMware
VCIX6-DCV / VCP7-CMA / VCP6-NV
Containers are Here to stay!
• ~1B containers by 2020
• >60% in VMs by 2018
Source: IDC Special Study on Container Forecast (Dec 2016); Q&A with Gary Chen, IDC; CCMI team analysis
Container Instances(Installed Base; Million Units)
985M
555M
274M
111M
34M 3518
156
3485
334
57
165
611
285
88
6
Containers are doing to operating systems
what Virtual Machines did to server hardwarebut with a quicker adoption cycle.
7Confidential │ ©2018 VMware, Inc. 7Confidential │ ©2018 VMware, Inc.
Containers vs VMs
Application
Operating System &
Dependencies
Physical
Infrastructure
Application
Operating System &
Dependencies
Physical
Infrastructure
OS Dependencies
Compute | Net | Sec | Storage
OS Abstraction
Container Host OS
Container
Compute | Net | Sec | Storage
Hard
Problem
Easier
8Confidential │ ©2018 VMware, Inc. 8Confidential │ ©2018 VMware, Inc.
Container Registry
Repo for
Container Images
FROM: Ubuntu 14.04
RUN apt-get redis
EXPOSE 6379
CMD
[“/user/sbin/redis..]
Building a Container with Docker
Minimal Linux “Container Host”
Docker
Engine
Running Container
Redis
DB
Tools, Libs, SW
#docker build
#docker push#docker run redis_img1
Redis
DB
Tools, Libs,
SW
Dockerfile
Redis
DB
Tools, Libs,
SW
VM
99
Docker and Kubernetes
Docker
One at a timeKubernetes
Orchestrating Multiple Containers
The
“App
”
$docker run container1
$docker run container2
$docker run container3
$docker run container4
$kubectl create –f App.yaml
The “App”
Wanted:
Container Orchestrator!
Kubernetes Cluster
1010
P1R
3
P2R
2
P2R
2
P1R
2
P1R
2
P2R
1
P1R
1
P1R
1
P2R
1
P1R
1
P2R
1
App_X.yaml
POD1 ContainerImage1
Replicas: 3
POD2 ContainerImage2
Replicas: 2
High Level K8s 101Desired State Management
Node
(Container Host VM)
Node
(Container Host VM)
Node
(Container Host VM)
Kubernetes
Cluster
Services
(Master & etcd nodes)
API
K
K
K
App_Y.yaml
POD1 ContainerImage1
Replicas: 1
POD2 ContainerImage2
Replicas: 2
10
Challenges in Containers – Cloud Native Computing Foundation
Source: CNCF user Survey, December 2017
0%
5%
10%
15%
20%
25%
30%
35%
40%
45%
50%
Difficultychoosing anorchestration
solution
Reliability ScalingDeployments
Logging Complexity Networking Monitoring Storage Security
All solved by VMware
Mapping Challenges with VMware Portfolio
• Networking
• Security
• Monitoring
• Storage
• Reliability
• Scaling
• Complexity
vRops WavefrontvRLI
13Confidential │ ©2018 VMware, Inc. 13Confidential │ ©2018 VMware, Inc.
Kubernetes
Networking
Demystifying
Kubernetes node - VM
K8s Networking
pod1 netns
eth0
pod2 netns
eth0
root netns
veth.x veth.y
eth0
docker0
vSwitch
K8s node - VM
K8s Networking
pod1 netns
eth0
pod2 netns
eth0
root netns
veth.x veth.y
eth0
docker
0
K8s node - VM
pod3 netns
eth0
pod4 netns
eth0
root netns
veth.x veth.y
eth0
docker
0
L2 Overlays
L3/L4 Policies
LB Services
Challenges
Kubernetes node - VM
Container Network Interface & NSX-T
pod1 netns
eth0
pod2 netns
eth0
root netns
NSX CNI Plugin &
Node Agent
O
V
S
vSwitch
K8s node - VM
K
Container Network Interface & NSX-T
pod1 netns
eth0
pod2 netns
eth0
root netns
O
V
S
k8s ns LS
cif cif
DFWDFW
K8s node - VM
K
pod3 netns
eth0
pod4 netns
eth0
root netns
O
V
S
k8s ns LS
cif cif
DFWDFW
NSX CNI Plugin &
Node Agent
L2 Overlays
L3/L4 Policies
LB Services
NSX CNI Plugin &
Node Agent
NCP – NSX Container Plugin
NC
M
Infr
a
CloudFoundr
y Adapter
Libnetwork
Adapter
More…
K8s / OS
Adapter
NSX Container Plugin - K8s Pod
NSX
Manager
API
Client
NSX
Manager
NS:
foo
NS:
bar
NSX/ K8s topology
Schedule
r
etc
d
K8s master
API-
Server
NSX CNI Plugin &
Node Agent
Kubernetes
YELB
Hands On Labs - 1926-02-NETIntegrating Kubernetes with VMware NSX-T Data Center
Containers
Legacy VM
22Confidential │ ©2018 VMware, Inc.
Can
al
Kubernetes Networking Options
NSX-T
L2
L3 (North/South)
L4 – Security Policy
Load Balancing
VM Connectivity
End to End Configuration &
Troubleshooting + Existing
Ops Tools
FlannelL2 only (East/West Pod Traffic)
CalicoL3/L4 (IP Tables)
NGINX/HA ProxyLoad balancing
No End to End Configuration & Troubleshooting +
New Ops Tools
NSX-T
Zero VM Networking Integration
*Open Source
23
Container Networking & Security Operations
NSX-T Operational Tools
• Traceflow
• Port Mirroring
• Port Connection Tool
• Spoofguard
• Syslog
• Port Counters
• IPFIXNSX-T Traceflow
VMware NSX on CaaS or PaaS
26
