VMworld 2012 Live Blog of INF-NET2166 – How I Built My SDN-Based Cloud

This is the Live Blog of the VMworld 2012 INF-NET2166 – “How I Built My SDN-Based Cloud.” You’ll find my recap of the session below.

The presenters for this session are:

  • Justin Giardina, iland
  • Jesse Morgan, Peak 10
  • Adina Simu, VMware
  • Omar Torres, VeriStor Systems

Jesse Morgan, Peak 10 is up first. He will be discussing the Peak 10 cloud firewall offering. Challenges for firewall offering.

Shared

  • No VPN, No SSL-VPN
  • No overlapping of internal customer IP spaces
  • No load balancing

Dedicated

  • Physical device sprawl
  • Many connections

Peak 10 installed vShield Edge in their lab. The latest beta version 694615 of vShield Edge offers:

  • VPN
  • Load Balance HTTP
  • SSL-VPN
  • 10 interfaces
  • Load Balance HTTPS
  • Load Balance TCP
  • HA
  • Large and Compact Appliance
  • Configurable Load Balancing Health Checks

The Peak 10 testing infrastructure includes:

  • Cisco UCS B230 M2 – Good to see
  • EMC VNX 5300
  • 2 Web Servers
  • Load generator
  • Edge appliance

VMware has continually improved the performance of vShield Edge through the different versions. The takeaway for Peak 10 is that vShield Edge solves the following challenges.

  • Reduce physical firewall sprawl
  • Reduce ethernet cross connects
  • Reduce provisioning time
  • VPN / SSL-VPN without dedicated hardware
  • Load balancing for smaller customers
  • Ease of deployment (allows first level support to deploy virtual appliances)

The next solution is about vXLAN and it is presented by Omar Torres. He will be discussing his company’s “Cloud Continuity Service”.

The back-end virtualization platform for the offering is vSphere. He will discuss how they are using SDN for Disaster Recovery.

Traditional DR:

  • There is a Primary Site and a DR Site connected by MPLS
  • For service providers, the concept of dedicated DR Hosting does not allow shared infrastructure

Cloud DR:

  • Shared L3 / L2 infrastructure
  • Customers should not need to change the IP addresses of the workloads
  • Need to avoid overlapping IP subnets while still maintaining a shared L2 infrastructure

They created a virtual domain isolated at the hardware level while still maintaining a shared infrastructure. VM’s will come up at the DR site with the same IP addresses. This existing solution relies on hardware-based appliances. The cost does not scale with this solution.

vCloud and vShield is the way forward for the future infrastructure. On the front end they will be using simple L2 networking. At the vCloud / vShield layer, they will be using vXLAN technology to encapsulate the IP information in UDP to keep customers isolated. This allows them to collapse their multi-tenant infrastructure into a single platform.

Up next is Justin Giardina from iland. Their pod design today consists of physical switches. They experience challenges when customers ask for more resources. Provisioning and scaling can be a challenge. The solution they will talk about today leverages vXLAN to scale horizontally in compute capacity.

vXLAN allows compute to scale horizontally across pods while still maintaining isolation from other customers. This also allows the service provider to scale resources on demand as there is no pod boundary from a networking perspective because the vXLAN technology allows isolation across the pods without worrying about keeping excess capacity in certain pods to maintain isolation.

That’s all for this session. Keep reading for details on other sessions that I will be attending. Thank you.

leave a comment