First Look Clinic How to Configure and Deploy VMware NSX...
First Look Clinic: ™ Realize the Promise of Technology How to Configure and Deploy VMware NSX SURYAN SU RYANTO TO Speaker (
[email protected] [email protected] )
Date 30 June 2017
© Ingram Micro Inc.
Confidentialinformation Proprietary and proprietary proprietary of Ingram information Micro of Inc.Ingram — Do Micro not distribute Inc. —Do ornot duplicate distribute without without or duplicate Ingram Micro's withoutexpress Ingram Micro's written permission. express written permission.
1
Introduction Suryanto (Ryan) [
[email protected]]
VMware Certified Instructor VMware Certifi Certified ed Advanced Advanced Professional Professional - DCA VMware Certified Professional DCV VMware Certified Professional Cloud VMware Certified Professional Network Virtualization Microsoft Certified Trainer Citrix Certified Instructor Palo Alto Network Certified Network Security Instructor, Instructor, etc. [URL : http://www.ryan http://www.ryansuryanto.com suryanto.com] 000000_ 2
1405002
AGENDA 1. Introduction 2. Software Defined Data Center 3. Vmware NSX Component & Services 4. Vmware NSX Configuration & Deployment 5. NSX Course & Certification 6. CITREP Grant 7. Accessing your certificates & Class Evaluation 8. Quiz
Confidential and proprietary information of Ingram Micro Inc. —Do not distribute or duplicate without Ingram Micro's express written permission.
3
1405002
About the Software-Defined Data Center • All major services of the data center can be virtualized. Application Consumption
Applications
Software
Virtual Machines
Virtual Networks
Virtual Storage
Hardware
Compute Capacity
Network Capacity
Storage Capacity
Location Independence
Desktop Internet Virtual Desktop Laptop Tablet Mobile
Confidential and proprietary information of Ingram Micro Inc. —Do not distribute or duplicate without Ingram Micro's express written permission.
4
1405002
VMware and the Virtual Machine • VMware introduced the virtual machine.
Confidential and proprietary information of Ingram Micro Inc. —Do not distribute or duplicate without Ingram Micro's express written permission.
5
1405002
Software-Defined Storage Storage Today New Control Plane • From hardware-centric to • • application-centric
New Data Plane From specialized to industry-standard hardware
• • •
Policy-driven automation Common across arrays Dynamic control
Server SAN Flash-accelerated Distributed
Confidential and proprietary information of Ingram Micro Inc. —Do not distribute or duplicate without Ingram Micro's express written permission.
6
1405002
Networking: Barrier to the Software-Defined Data Center • Slow provisioning • Limited placement • Limited mobility • Hardware-dependent • Operationally intensive
Confidential and proprietary information of Ingram Micro Inc. —Do not distribute or duplicate without Ingram Micro's express written permission.
7
1405002
Need for the Correct Abstraction
• The correct abstraction is the virtual network, which enables you to change the operational model. • Changing the operational model brings benefits: − − −
Greater speed and agility Lower operational overhead Decreased capital expenditures
Confidential and proprietary information of Ingram Micro Inc. —Do not distribute or duplicate without Ingram Micro's express written permission.
8
Correct Abstraction: VMware NSX VMware NSX is a network virtualization platform that you can use to build a rich set of logical networking and security services in a software-defined data center.
Any Application (without modification) Virtual Networks Any Cloud Management Platform VMware NSX Network Virtualization Platform Logical Firewall
Logical Load Balancer
Logical L2
Logical VPN Logical L3
ESXi
Any Network Hardware
© 2015 VMware Inc. All rights reserved.
Logical switching: Layer 2 over layer 3, decoupled from the physical network Logical routing: Routing between virtual networks without exiting the software container Logical firewall: Distributed firewall, kernel integrated, high performance Logical load balancer: Application load balancing in software Logical VPN: Site-to-site and remote access VPN in software NSX API: REST API for integration into any cloud management platform Robust partner ecosystem: Additional features and use cases supported
VMware NSX: Install, Configure, Manage
2-9
1405002
Components of the Software-Defined Data Center • VMware has many products that integrate with VMware NSX to create the functionality of the software-defined data center.
Management and Automation vRealize Automation vRealize Operations
vCenter Server
Storage/Availability
Compute
Network/Security
vSphere
VMware NSX
vRealize Business
Virtual SAN vSphere Virtual Volumes Site Recovery Manager
Confidential and proprietary information of Ingram Micro Inc. —Do not distribute or duplicate without Ingram Micro's express written permission.
10
1405002
vSphere Virtual Network
Implemented through virtual switches: • Standard vSwitch • Distributed vSwitch
Confidential and proprietary information of Ingram Micro Inc. —Do not distribute or duplicate without Ingram Micro's express written permission.
11
1405002
Types of Virtual Switch Connections •
A virtual switch has specific connection types: −
Virtual machine port groups
−
VMkernel port: −
For IP storage, VMware vSphere® vMotion® migration, VMware vSphere® Fault Tolerance, VMware Virtual SAN™, and VMware vSphere® Replication™
−
For the ESXi management network Virtual Machine Port Groups
Producti on
TestDev
DMZ
VMkernel Ports
vSphere Management vMotion
Virtual Switch
Uplink Ports
Confidential and proprietary information of Ingram Micro Inc. —Do not distribute or duplicate without Ingram Micro's express written permission.
12
1405002
Virtual Switch Connection Examples • More than one network can coexist on the same virtual switch. Or networks can exist on separate virtual switches. Management vSphere vMotion
Production
TestDev
iSCSI
Virtual Switch
Management
Virtual Switch
vSphere vMotion Virtual Switch
Production
Virtual Switch
TestDev
Virtual Switch
iSCSI
Virtual Switch
Confidential and proprietary information of Ingram Micro Inc. —Do not distribute or duplicate without Ingram Micro's express written permission.
13
1405002
Standard Switch Components • A standard switch provides connections for virtual machines to communicate with one another, whether they are on the same host or on different hosts. VM1
VNIC
VM2
VNIC
VM3
IP storag e
Management Network
VNIC VNIC
VMkernel
Test VLAN 101 Production VLAN 102 IP Storage VLAN 103 Management VLAN 104 Confidential and proprietary information of Ingram Micro Inc. —Do not distribute or duplicate without Ingram Micro's express written permission.
14
1405002
Distributed Switch Architecture Management Port
Management Port vSphere vMotion Port
vSphere vMotion Port Distributed Ports and Port Groups
vCenter Server
Distributed Switch (Control Plane)
Uplink Port Groups
Hidden Virtual Switches (I/O Plane)
Virtual Physical
Physical NICs (Uplinks)
Host 1
Host 2
Confidential and proprietary information of Ingram Micro Inc. —Do not distribute or duplicate without Ingram Micro's express written permission.
15
1405002
Distributed Switch Example • You create a distributed switch named VDS01. You create a port group named Production, which will be used for virtual machine networking. You assign uplinks vmnic1 on host ESXi01 and vmnic1 on host ESXi02 to the distributed switch.
Distributed Switch VDS01
Uplink Port Group
Production
Virtual
Uplink s
Physical vmnic 0
vmnic vmnic 1 2 ESXi01
vmnic 0
vmnic vmnic 1 2 ESXi02
Confidential and proprietary information of Ingram Micro Inc. —Do not distribute or duplicate without Ingram Micro's express written permission.
16
1405002
Deploying Vmware NSX Components • • • • • • • • •
Deploy the NSX Manager virtual appliance Integrate the NSX Manager with vCenter Server Create IP Pools Implement and Configure NSX Controllers Prepare Host Clusters for Network Virtualization Implement NSX Edge Services Gateway devices Implement Logical Routers Deploy vShield Endpoints Implement Data Security Confidential and proprietary information of Ingram Micro Inc. —Do not distribute or duplicate without Ingram Micro's express written permission.
17
1405002
NSX Training and Certification Portfolio • Training Courses (www.vmware.com/go/NSXtraining) • Certifications (www.vmware.com/certification)
Confidential and proprietary information of Ingram Micro Inc. —Do not distribute or duplicate without Ingram Micro's express written permission.
18
1405002
������+ �������� ���������� ������� ������ ������� ��� 6.5 ������ ��� 6.2 ���� ��� ����
�������� ������ ��� ������������� �� �� 70% �� ��� ���� ������� ������ ��� ������������� ����, ������ �� $2,500 ��� �������
����
�� �� 90% �� ��� ���� ������� ������ ��� ������������� ����, ������ �� $2,500 ��� ������������� (40 ����� ������� ��� ��� �����)
����������� �������
��������� �������
������������� ����
������ ��������� ������������ �.� � ���� ������ ��������������
������ ��������� ������������ � ������� ��������������
������ �����
������ �������: �������, ���������, ������ (�6.5)
������ ���: �������, ���������, ������ (6.2)
�$5,061.10
�$5,168.10
������ & ���� ���� (���� �% ���) ��������� ������� �������
*�$2,500
���� ������� ���� �� ���� �� ��� ��������� �� ��� �������� ������ �������� ����� �� ���������� ��� ����� ����������� Confidential and proprietary information of Ingram Micro Inc. —Do not distribute or duplicate without Ingram Micro's express written permission.
19
1405002
������+ �������� ���������� ������� ������ ������� ��� 6.5 ������ ��� 6.2 ����������� ��������� � A�� ������ ����������� ��� ����� ������������ ���� �� ��������� ������ ��� ��� ���A�� �������� ���������� ���������� ������ (����). � ��� ���������� ������������� ��� �������������� ����������� ���� ���� � ����� ���� ������� �� ������ � ������+ �����. � �� �������� ������+ ������, ������ www.imda.gov.sg/citrep ����������� �������� � �� �� �������� ��� ������� ������� ����� ������+, ��� �������� ���� �� �������� �� ��� �������� ������ �������� �� ������� ������ ��� ��� �������� ������ �� ������������� �� ���� ������ ��� ������������ �� ��� �������� ������ �� �������������. ����� ���������� ��� ������ ��� ������������� ���� �������, ��� ������� ���� �������� ��� ������ ��� ���� ��� ������������ �������� �� ��� ������������� �� ������������� ���������� ������ 12 ������ ���� ��� ������ ������������ ���� ���� ��� ��������� ����������:
� �
���� ��� ������� 75% ���������� �� ��� �������� ������ �� ��� �������� �������; ��� A������ ��� ����� ������������� ������ (���������� �� ����������� ����������). Confidential and proprietary information of Ingram Micro Inc. —Do not distribute or duplicate without Ingram Micro's express written permission.
20
1405002
������+ �������� ���������� ������� ������ ������� ��� 6.5 ������ ��� 6.2
���� ���� 1. A������� �������� ����, ��������� A������ ������� (@ ��������� ���������) 2. ����� ���.�������������������.��� (������ �������: ���������) 3. ��� ���� ������� �� ������+ ������� �������, ������ ����� ���.����.���.��/������ �� ������� �� �� ���������.��@�����������.��� ��� �������� �������.
Confidential and proprietary information of Ingram Micro Inc. —Do not distribute or duplicate without Ingram Micro's express written permission.
21
1405002
Access your Certificate of Attendance Login to: https://mylearn.vmware.com
Confidential and proprietary information of Ingram Micro Inc. —Do not distribute or duplicate without Ingram Micro's express written permission.
22
1405002
Access your Certificate of Attendance (cont…)
Confidential and proprietary information of Ingram Micro Inc. —Do not distribute or duplicate without Ingram Micro's express written permission.
23
1405002
Evaluate this Event
Confidential and proprietary information of Ingram Micro Inc. —Do not distribute or duplicate without Ingram Micro's express written permission.
24
1405002
Try VMware NSX for Free • https://www.vmware.com/sg/products/nsx/nsx-hol.html
Confidential and proprietary information of Ingram Micro Inc. —Do not distribute or duplicate without Ingram Micro's express written permission.
25
1405002
Q&A
Confidential and proprietary information of Ingram Micro Inc. —Do not distribute or duplicate without Ingram Micro's express written permission.
26
1405002
Confidentialinformation Proprietary and proprietary of Ingram information Micro of Inc.Ingram — Do Micro not distribute Inc. —Do ornot duplicate distribute without or duplicate Ingram Micro's withoutexpress Ingram Micro's written permission. express written permission.
27
