VMware Networking Blog

The Virtual Computing Environment (VCE) coalition was announced this morning. This is a coalition between Cisco and EMC, together with VMware to accelerate customers’ ability to increase business agility.

Apart from bringing a single point of contact for design, service, and support, the coalition introduces the notion of the “Vblock Infrastructure Packages.” These are ready-to-go infrastructure packages that are fully tested, integrated and validated.

You can find more information (presentations, papers, videos, etc) at:

• Press Release
• Cisco’s VCE Coalition page
• EMC’s VCE Coalition page

As always, Chad Sakac from EMC also has a lot to say over on his Virtual Geek blog.

vSphere has SDKs and APIs for just about every component, feature and product (including the new vCloud API!). Just take a look at the VMware developer site. This is a powerful adjunct to vSphere enabling extremely powerful virtualization solutions.

But this is a networking blog, so let’s talk about the vNetwork API. This is already a powerful toolset enabling you to extend the capabilities of your network. But we’re not stopping there. Those of you who caught Howie Xu’s (Director, R&D) presentation at VMworld would have caught a glimpse of how we are enhancing monitoring, management and configuration through the toolset. (You can download Howie’s presentation here).

A few VMware developments worth highlighting:

• Wireshark Plug-ins. Wireshark is a great tool for frame-by-frame dissection of your network traffic. You can just install Wireshark in a Windows or Linux guest VM on a promiscuous vswitch port and away you go (select appropriate VLAN via the Port Group or all with VLAN=4095). The plug-ins add additional protocol dissectors so you can get analyses of VMotion, HA heartbeats, FT logging and so on (look at Howie’s presentation for some screenshots).
• vDS cmdlets for PowerCLI. The VMware vSphere PowerCLI is another great tool for scripting and automating vSphere tasks. The vDS cmdlets are an extension for deploying and operating vDS. e.g creating, modifying, and deleting vDS, dvPortGroups, etc. Donghai Han created a YouTube demonstration video you can see here.
• ESX Network Toolkit (ENT). This is toolkit that leverages a Probe VM to sanity check your virtual network environment for misconfigurations. Again, look at Howie’s presentation for some screenshots.

Note that these tools are not available just yet (sorry!). When ready, we’ll post them to the VMware Communities vNetwork API site, so be sure to check back. (I’ll also write a blog post)

Apologies for the long time between posts, but this might get a few of you interested…

Through to the end of this week, we are running a blogging contest around vDS (a.k.a. the VMware vNetwork Distributed Switch). All you have to do is blog about a novel technical or business ROI topic around vDS. Once you have posted your blog entry, send an email to vmtn@vmware.com to submit the entry for consideration. Remember, you have until Friday October 9, so get your thinking cap on and write away!

You can find more information on the competition at this entry at the VMware vSphere Blog. You can also see the results from the last round of the competition on VMware Fault Tolerance (FT).

**updated 8/27 to include room numbers!**

VMworld is upon us next week at the Moscone Center in San Francisco. We have a fantastic assortment of sessions from beginner level right up to the very advanced—something for everyone.

Breakout Sessions

As usual, we have a good assortment of networking sessions hosted by ourselves and our partners. I’ve listed the sessions in chronological order (I’m presenting the first two and then I’m done!). Srinivas Neginhal’s “VMware vSphere 4 Networking Deep Dive” (TA2525) is a 90-minute session and is also repeated at Thursday at 4:00pm.

Sessions are subject to change and sometimes repeated if very popular, so please consult the session catalog for the latest information.

The VMware Booth

We’ll have a network demo pod in the datacenter area of the VMware booth. We’ll be showing our three virtual networking solutions—vNetwork Standard Switch, vNetwork Distributed Switch, and the Cisco Nexus 1000V.

Self Paced Lab

This year we feature a vSphere Virtual Networking Fundamentals course among the Self Paced Lab. Students can configure a vNetwork Standard Switch, a vNetwork Distributed Switch, and a Cisco Nexus 1000V.  

Feeling creative? Have a virtual networking problem or idea? If so, then the vNetwork APIs could be for you. The '”vNetwork API Community” is now open for business at the easy to remember url of vmware.com/go/vnetworkapis

The vNetwork API Community is hosted under the VMware Developer Communities website where you’ll find APIs, code samples, and other developer goodies for a range of VMware products and technologies.

In an earlier post in April, titled, “Which NIC is my VM using"? Load Balancing Visibility with vSphere”,  I described how esxtop could reveal the active (or hashed) vmnic for a VM or vmkernel port. Early vSphere 4 customers have found this an extremely useful feature, however, in my description, I completely ignored ESXi (sorry!).

Ok, so how do you do esxtop on ESXi? This is where vMA (the VMware Management Assistant—formerly called VIMA) and resxtop come in.  vMA is a VM containing a prepackaged installation of the vCLI (vSphere Command Line Interface), which allows admins to run scripts and agents for managing ESX and ESXi hosts (yes, both!). Within the vMA VM, you run the resxtop command, then type “n” to show what vmnics are used by what VMs and vmkernel ports. 

Note that you an also download vCLI as standalone software and install it on your own system.

Another neat thing is that you can quickly and easily deploy vMA to an ESX or ESXi host with the “Deploy from URL” wizard within the vSphere Client. Just point it at: http://www.vmware.com/go/importvma/vma4.ovf to download the ovf.

For those who have not yet kicked the tires of the vNetwork Distributed Switch (vDS), or were a little confused when they did, help is at hand. I have written a guide titled, “VMware vNetwork Distributed Switch: Migration and Configuration.”

It’s a lengthy read at 37 pages, but I’ve tried to keep it as complete as possible with diagrams, screen shots and other such things to guide you on your way.

As with all our virtual networking papers for vSphere, it’s located in the Resources page behind the easy to remember URL, vmware.com/go/networking

DMZ’s with virtualization seems to elicit opinions from all quarters—security folks, network folks and server folks. A couple of months ago, we updated the DMZ with ESX paper to vSphere 4 level and reposted it as Network Segmentation in Virtualized Environments. This paper discusses and describes three different trust zone configurations with associated best practice approaches for secure deployment. (I blogged on this topic last month)

Last week we added a new paper on this topic, in this case using the Cisco Nexus 1000V virtual switch. This is a co-branded Cisco/VMware paper titled, “DMZ Virtualization Using VMware vSphere 4 and the Cisco Nexus 1000V Virtual Switch”. You will also find this posted on the Cisco website.

This 19-page paper is a great tutorial on the considerations around DMZ’s and how the Nexus 1000V can be used for DMZ virtualization.

VMotion, the VMware feature that enables live VM migration between ESX hosts is one of the major attractions of vSphere and before that, VMware Infrastructure (or VI for short). It’s simply quite amazing to watch a VM continue operation and maintain sessions while moving from one host to another.

As cool as this is, we’re often asked, “How do we take that one step further, and perform VMotion between datacenters?” This, of course, is a non-trivial thing to do.  There is the challenge of moving a VM over distance (which involves some degree of additional latency) without dropping sessions. To maintain sessions with existing technologies means stretching the L2 domain between the sites--not pretty from a network architecture standpoint. And then there is the storage piece. If you move the VM, it has to remotely access its disk in the other site until a Storage VMotion occurs.

Last year, Cisco and VMware began the task of trying to solve these long distance VMotion issues with the target of seamlessly migrating a VM between two datacenters separated by a reasonable distance. The joint Cisco/VMware lab in San Jose has run number of tests over varying distances (simulated with reels of optic fiber) as a proof of concept. We will demonstrate this proof of concept at Cisco Live this week in San Francisco. The demo as it stands incorporates a distance of 80km (50 miles). That’s around 400us latency each way over fiber or a round trip just under 1ms.

This proof of concept is aimed at the following requirements:

1. Load balance compute power over multiple sites: Migrate VMs between datacenters to “follow the sun”  or to simply load balance over multiple sites. Enterprises with multiple sites can also conserve power and cooling by dynamically consolidating VMs to fewer datacenters (automated by VMware Dynamic Power Management (DPM))—another enabler for the Green datacenter of the future.
2. Avoid downtime during DC maintenance: applications on a server or datacenter infrastructure requiring maintenance can be migrated offsite without downtime.
3. Disaster Avoidance: Data centers in the path of natural calamities (e.g. hurricanes) can proactively migrate the mission critical application environment over to another data center.

Use cases #2 and #3 above also require a Storage VMotion to move the disk image to the alternative datacenter.

Remember, this is a proof of concept, so we still have work to do in multiple areas. e.g. the storage VMotion for disaster avoidance and so on.

See and hear about it at Cisco Live this week…

Cisco Live is on this week in San Francisco. We will feature briefings in the VMware theatre (booth #531 …adjacent to the big Cisco booth). Refer to the theatre schedule posted at the VMware booth for session times. (of course, you can just come and ask us about it anytime)

See an update at VMworld in San Francisco—August 2009

We will demonstrate this again at VMworld (http://www.vmworld2009.com/) in San Francisco in August where we will also hold a technical breakout session on VMotion between datacenters. This will cover the proof on concept, test results, and reveal a little more of our plans to solve some of the remaining issues. Look for this session in the Technology and Architecture track.   

Neal Mueller and Pierre Ettori over at Cisco have published a few short tutorial style videos on the Nexus 1000V. You can get to kick the tires for 60 days without it costing you a cent. The videos to look at are:

1. How to install an (60-day) evaluation license for Nexus 1000V—this covers getting an eval copy of vSphere 4, Nexus 1000V, a 60-day license and installing it all.
   Note: go to our co-branded vSphere site to get your vSphere eval.
2. Detailed Feature Demo of Nexus 1000V—Pierre takes you through a 20-minute demo of the major Nexus 1000V features and shows the tight coupling with vCenter Server