VMware NSX 기반의네트워크가상화아키텍처의현재와미래정석호이사, VMware Korea
Agenda 1 Network Virtualization Today 2 Management Plane Scale-Out 3 Control Plane Evolution 4 High-Performance Data Plane 5 NSX Vision : Driving NSX Everywhere 2
Network Virtualization Today Management Plane Scale-Out Control Plane Evolution High-Performance Data Plane
NSX 적용사례 자동화 IT 자동화개발자클라우드멀티-테넌트인프라 보안 마이크로-세그멘테이션유연한 DMZ 구성사용자업무공간보호 어플리케이션지속성 재해복구 (DR) 메트로자원그룹구성하이브리드클라우드네트워크 4
네트워크가상화 (Network Virtualization) 셀프서비스포털 현재아키텍처 클라우드운영 / 관리 CLOUD CONSUMPTION MANAGEMENT API 인터페이스, 사용자인터페이스 (UI) CONTROL 논리적구성을물리영역과연결 DATA Scale-out 분산포워딩
Management, Control & Data Planes 다양한계층에서상태정보연계 네트워크토폴로지요청 요청정보저장 MANAGEMENT CONTROL Desired State 데이터플레인상태연산 Discovered State Translated State DATA 데이터플레인자원확인 Realized State
왜분산서비스 (distributed Service) 가필요한가? Scale-out 을통한네트워크서비스확장 vnic 대상으로네트워크서비스적용 전례없는가시성제공 7
Network Virtualization Today Management Plane Scale-Out Control Plane Evolution High Performance Data Plane
Management Plane 의가용성 A data center in 2010 MANAGEMENT 3 9 s Admins CONTROL 4 9 s DATA 5 9 s End Users
Management Plane 의가용성 A data center in 2016 MANAGEMENT 5 9 s Admins CONTROL 5 9 s DATA 5 9 s Developers
Clustering 101 논리적으로중앙집중형태의기능, 컴퓨팅노드에분산된구조 Physical State Logical State COMPUTE NODE 1 COMPUTE NODE 2 COMPUTE NODE 3 COMPUTE NODE 4 COMPUTE NODE 5
다른점은무엇인가?
클러스터링기술 MANAGEMENT High Availability Write and read scalability COMPUTE NODE COMPUTE NODE COMPUTE NODE Durability Atomic transactions Shrink-wrapped Consistent snapshots CONTROL
Network Virtualization Today Management Plane Scale-Out Control Plane Evolution High-Performance Data Plane
Control Plane 의도전과제 MANAGEMENT CONTROL DATA 다양한환경지원 하이퍼바이저, 게이트웨이, TOR 스위치, 퍼블릭클라우드워크로드, 컨테이너 확장성 수천개의하이퍼바이저들, 10,000 개이상의논리적인스위치포트 새로운엔드포인트 ( 예, 컨테이너 ) 로인한규모확장에대한어려움
Control Plane 에서의다양한환경지원 MANAGEMENT CLUSTER CONTROL DATA DP 1 DP 2 DP 3
점더개선된이기종환경지원 MANAGEMENT CLUSTER CENTRAL CONTROL CLUSTER LOCAL CONTROL LCP 1 LCP 2 LCP 3 DATA DP 1 DP 2 DP 3
물리적인서버와연계는?
물리적인서버와 NSX 연계 기존 x86 서버 x86-based forwarding VXLAN VLAN Physical Workloads 고직접혹은 NSX 파트너하드웨어를통한연계 Physical Workloads VXLAN HW VTEP VLAN
Network Virtualization Today Management Plane Scale-Out Control Plane Evolution High-Performance Data Plane
IPv4 Layer 3 Forwarding (64 Byte packets) Performance for Various Generations of Intel architecture Processor-based Platforms Source: Intel. "Going Beyond Deep Packet Inspection (DPI) Software on Intel Architecture." http://www.intel.com/content/dam/www/public/us/en/documents/white-papers/communications-qosmospaper.pdf. 2012 DPDK(Data Plane Development Kit) 의장점
고성능아키텍처 Cache Multi-Context Appliance Flow Cache
Active-Active Edge Cluster ebgp Session Physical Router Physical Router BFD Session Edge Cluster A B
Stateful Service 를위한 Active-Hot-Standby ebgp Session Physical Router Physical Router BFD Session Edge Cluster Active Hot Standby
논리라우터를위한계층모델 Physical Router Physical Address Admin Controlled Tier-0 Internal Address Tier-1 Tenant / Developer Controlled Tenant Address Port 1 Port 2
지금까지의이야기를하나의그림으로
Public Cloud 를위한 NSX 클라우드간일관된서비스와보안지원 Technology Preview Public Cloud Developer AWS 콘솔을통한인스턴스실행 Data Center Web Server HR Server Internet IT Administrator 네트워크및보안정책할당
Public Cloud 로의 NSX 확장 Technology Preview Public Cloud OVS Agent OVS Agent Windows AMI Linux AMI VPC#1 VPC#2 Gateway VPC CLOUD GATEWAY Data Center CLOUD PLUGIN NSX Controller NSX Manager AWS/Azure/GCP Management Portal
Container Instance Container Instance Container Instance Container Instance Container Instance 컨테이너환경을위한네트워크가상화 Technology Preview Developer UNTRUSTED Guest OS IT Department TRUSTED Hypervisor 1:n Model
NSX Vision: Driving NSX Everywhere 다양한워크로드와서비스에대한보안과연결을관리 vcloud Air Network Public 클라우드 원격오피스 (Partner) 새로운 APP 프레임워크 자체데이터센터 가상데스크톱 (VDI) 모바일디바이스 (Airwatch) 보안 본질적으로안전한 IT 인프라 자동화 비즈니스속도에맞춘 IT 서비스 어플리케이션지속성 데이터센터의지리적제약극복
Developers Increase Pressure on the Management Plane API REQUEST API REQUEST API REQUEST MANAGEMENT Driving innovation: distributed, shared log https://github.com/corfudb/corfudb
Distributed Log Benefits Log 13 Log 14 I/O bandwidth scales with disk units No single point of failure Globally consistent view of state Transactions, snapshots Great abstraction for programmers Parallel reads and writes to redundant disks