VMworld: Designing Network for Multisite vSphere (VSP3122)

Speakers: Sanjay Aiyagari (VMware), Simon Hamilton-Wilkes (F5)

Journey of IT Transformation: Accelerate and Amplify
– moving from server consolidation to being able to monitor and manage your applications
– and from there to hosting multiple instances of your application in the cloud provisioned independently for varied users

The Journey: Stage 1 – Infrastructure Focus
+ shared resource pools
+ elastic capacity
– no business continuity

The Journey: Stage 2 – Application Focus
+ zero-touch infrastructure
+ increased control and service assurance
– possible downtime
– idle infrastructures
– infrastructure dependencies

The Journey: Stage 3 – Business Focus
+ service definition
+ self-service
+ chargeback
– isolation between instances
– application configuration updates reflect infrastructure

How Do We Get There?
– leverage infrastructure services to provide isolation and abstraction

What needs isolation / abstraction?
– geolocation & availability – proxy ingress IP – proxy external services
– “we’re all trying to get to a much more dynamic design” (F5)
– “you should be able to do this redirection based on whether the application is working or not” (VMware)
– typical DNS load balancing and redirection doesn’t address application-specific networking
– with application-aware URIs, you can have multiple instances of an application with same IPs (in different sites)
– the journey moves beyond the concern of overlapping IPs, network policies can be templated and applied per instance, and app instance sizing and chargeback can be applied per department

Application Isolation in Practice
– vCloud Director – vShield Edge – vApp
– vSphere – Route Domain – vApp
– Route Domains:
– – isolated routing per instance of application in shared cloud
– – IP address mgmt moves from application admin to infrastructure admin
– – – allows more agile change/add of new applications
– – – abstraction of addressing allows easier failover
– – beyond traditional NAT
– – – deep understanding of tier 1 applications and protocols
– – – allows intelligent session mgmt, not just by IP

Infrastructure Service Implementations:
– Global Availability + Load Balancing (global abstraction)
– – F5 GTM
– Local Abstraction, App Isolation (local abstraction)
– – VMware vCloud Director / vShield Edge
– – F5 LTM (Route Domains)
– Dynamic Traffic Mgmt, Orchestration (automation)
– – VMware SRM (orchestration)
– – F5 LTM, GTM (traffic mgmt)

Take Aways:
– to avoid complexity in multi-datacenter topologies, reduce need for coordination between different teams by abstracting network addressing, rules and service names
– stretching networks is not enough–an application and protocol specific approach is needed
– automation is your friend, today, and vTomorrow

Content of session varied, was sometimes difficult to practically apply, and centered on F5 integration that requires specific application consideration. Further details on this topic are best acquired with direct engagements with F5 and perhaps VMware sales and solutions architects.

Be First to Comment

Leave a Reply

This site uses Akismet to reduce spam. Learn how your comment data is processed.