Home > Blogs > VMware vSphere Blog

vSphere IAAS Interoperability: Virtual SAN, NSX, OpenStack

VSAN-NSX-OpenStackJust in time and right before everyone is off on a long 4th of July weekend here in the good old U.S. of A, I wanted to share a integration demo that I’ve been holding for some time now. Hopefully everyone can see the fireworks delivered by the demo as well.

In this demonstration we’re showcasing the advanced IAAS features and deep integration of vSphere with Virtual SAN, and NSX using Openstack as the Cloud Management Portal for a multi tenant IAAS platform.  To prove our point here, this is not just some isolated lab environment, this is a real environment running today and its leveraging currently available technologies.

The  environment utilized in this demonstration is actually the NSBU internal cloud which has over 200 environment as a mix of KVM and vSphere.  Virtual SAN is used for all vSphere data stores and NSX is used for all tenant connectivity with OpenStack providing a scalable and secure multi-tenant, multi-hypervisor environment.

This demonstration showcases the agility and flexibility of the integration capabilities of vSphere, NSX and Virtual SAN.  In the demonstration we rapidly standup of a two tier ‘application’ and demonstrate the connectivity between all elements of the virtual machines providing the applications.

When complete, all instances, networks and routers are decommissioned and the tenant is returned to an ‘empty state’.  The whole process takes less than 10 minutes (as can be seen in the instance uptime section in the horizon UI).

Demonstration Highlights:
  • L2 Connectivity between instances on the web tier network is via overlay, between KVM and vSphere hypervisors and without any modification to the physical network.  VLANs are not consumed by logical networks.
  • Tenants are securely separated, although not demonstrated, two different tenants can created two separate logical networks and routers event with the same subnet range and not impact each other.  Networks and routers created by the tenant are dedicated to the tenant.
  • Connectivity via provider networks automatically implies NAT (overload) is occurring at the tenant router to allow tenants to use any IP scheme they wish without impacting other tenants.  While not shown, ‘floating ip’s’ can also be assigned to individual instances which provide 1:1 NAT capabilities for ‘publishing’ applications.
  • While not shown, security features of NSX exposed through openstack allow tenants to create security groups that can restrict traffic inbound, outbound (to or from the outside world) and also east west, not only between different networks, but also between instances on the same network.
  • Virtual SAN provides a scalable method of growing storage with compute requirements and is a natural fit for an openstack platform.  Also not shown is that Virtual SAN is the backing for ‘Cinder Volumes’, which is tenant dedicated persistent storage, and also can (is not in our environment due to KVM hypervisors in use though ) be used as a glance image repository for an all vSphere environment.
  • NSX provides a flexible, scalable and performant virtual networking layer allowing a multi tenanted environment to scale with simple and repeatable physical network and compute design principles, without the limitations of typical multi tenant network environments such as routing, overlapping IPs, VLAN consumption and more.

– Enjoy

I want to thank Nick Bradford, Solutions Architect from the NSBU for his contribution to this article and demonstration. Nick you rock!!!!

For future updates, be sure to follow me on Twitter: @PunchingClouds

This entry was posted in Networking, Security, vSphere and tagged , , on by .
Rawlinson Rivera

About Rawlinson Rivera

Rawlinson is a Principal Architect working in the Office of CTO for the Storage and Availability Business Unit at VMware. Focus on defining and communicating VMware’s product vision and strategy, and an active advisor for VMware's product roadmap and portfolio. Responsibilities revolved around connecting VMware's R&D team with customers, partners and the field. Serve as a partner and trusted adviser to VMware's customers primarily in the US. Rawlinson specialize on cloud enterprise architectures, software-defined storage, Hyper-converged Infrastructures and business continuity / disaster recovery solutions with focus on Virtual SAN, vSphere Virtual Volumes, as well as storage solutions and technologies for OpenStack and Cloud-Native Applications. Rawlinson is one of the few VMware Certified Design Experts (VCDX#86) and main author of the blog punchingclouds.com.

4 thoughts on “vSphere IAAS Interoperability: Virtual SAN, NSX, OpenStack

  1. Pingback: vSphere IAAS Interoperability: Virtual SAN, NSX, OpenStack | Vmware Review

  2. Pingback: VMware NSX, VSAN, and OpenStack | Virtualization Software

  3. Pingback: Official VMware Virtual Blog Index - Punching Clouds

  4. Pingback: Official VMware Virtual SAN Blog Index | VMware vSphere Blog - VMware Blogs

Leave a Reply

Your email address will not be published. Required fields are marked *