Upgrade to Pro — share decks privately, control downloads, hide ads and more …

vRA and NSX in a Dutch multi-tenant Cloud solution

vRA and NSX in a Dutch multi-tenant Cloud solution

Presentation at VMware Customer Technical Advisory Board in Berlin.
Load Balancer (service) video: https://youtu.be/weAFSCoN5jM

Albert W. Alberts

May 16, 2018
Tweet

More Decks by Albert W. Alberts

Other Decks in Technology

Transcript

  1. KPN CloudNL VMware vRA and NSX in a Dutch multi-tenant

    Cloud solution Albert W. Alberts, VMware CTAB May 17 2018 in Berlin
  2. Who am I … • KPN since Jan. 1999: –

    HetNet (ISP), VoIP, Comet (backend deployment), Bewaarplicht (email logging), Cloud DevOps, CloudNL VMware, ApiMarketplace (Apigee) • Architect (with a software focus) • KPN patents & pending • MeetUp organization: – devNetNoord, – domoticaGrunn, – ManageIQ Albert W. Alberts Private Home automation (soft- & hardware), Bramble Swimming, Waterpolo, Cycling, Travelling Contact [email protected] @a_w_alberts www.linkedin.com/in/albertalberts
  3. KPN CloudNL VMware • 1 Product Owner • 3 OPS

    • 3 DEV • 1 Test • ½ Architect The Team: who and how?
  4. CloudNL characteristics: • Services delivered by KPN in Dutch datacenters;

    • Platform managed from within the Netherlands under Dutch law; • Cloud Compliance Framework assurance (CCF).
  5. CloudNL VMware, based on VMware technology • vRealize Automation; •

    vRealize Orchestration; • NSX; • vCenter & vSphere.
  6. vRealize Automation vRealize Orchestration Compute resources Networking resources Storage resources

    CloudNL VMware Portal ReST API What does the customer get? Interfaces
  7. vRealize Automation vRealize Orchestration Compute resources Networking resources Storage resources

    CloudNL VMware Portal ReST API What does the customer get? Interfaces Go Ruby Python C#
  8. vRealize Automation vRealize Orchestration Virtual Machines Networking Backup Compute resources

    Networking resources Storage resources CloudNL VMware Portal API What does the customer get? Interfaces
  9. Tenant A Tenant A private IP private IP NSX Edge

    pair public IP public IP Tenant ESG Tenant ESG Perimeter ESG Perimeter ESG default GW Perimeter ESG Perimeter ESG Distributed Logical Router Tenant A ESG Tenant A ESG Distributed Logical Router VM VM VM VM VM VM VM VM transport network default GW default GW default GW transport network public network, without NAT(ting) private network, with sNAT(ting) Internet Aalsmeer (CCA) Apeldoorn (APD) What does the customer get? Default network setup: front-end & back-end
  10. Tenant ESG Distributed Logical Router Tenant B ESG transport network

    Tenant A Tenant ESG Distributed Logical Router Tenant B ESG transport network Tenant A private IP public IP Perimeter ESG default GW Perimeter ESG VM VM VM VM default GW transport network Internet Tenant ESG Tenant A ESG Distributed Logical Router Aalsmeer (CCA) Apeldoorn (APD) private IP public IP Perimeter ESG default GW Perimeter ESG VM VM VM VM default GW transport network Tenant ESG Tenant A ESG Distributed Logical Router Wat does the customer get? Multitenancy, separation at the pESG
  11. vRealize Automation vRealize Orchestration Virtual Machines Networking Backup Compute resources

    Networking resources Storage resources CloudNL VMware Portal API How does the customer get it? Interfaces
  12. vRealize Automation vRealize Orchestration Compute resources Networking resources Storage resources

    CloudNL VMware Portal How does the customer get it? Order / Request API
  13. vRealize Automation vRealize Orchestration Compute resources Networking resources Storage resources

    How does the customer get it? Order / Request flow Portal € Billing
  14. vRealize Orchestration Compute resources Networking resources Storage resources How does

    the customer get it? Order / Request flow € Billing vRealize Automation Portal
  15. NSX Load Balancers: “simple” vs advanced Quick and easy vs

    Lot’s of options “simple” Load Balancer: one catalog item with multiple tabs Advanced Load Balancer: multiple catalog items with dependencies
  16. “Load Balancer” NSX Load Balancer: “simple” vs advanced Guided vs

    Reusable Building blocks Load Balancer Host Load Balancer Certificate Load Balancer Application Profile Load Balancer Load Balancer Health Monitor Load Balancer Application Rule Load Balancer Pool Load Balancer Pool Members Application Profile Health Check Certificates “simple” Load Balancer: one catalog item with multiple tabs General Advanced Load Balancer: multiple catalog items with dependencies tab Catalog item
  17. Structure of an advanced NSX Load Balancer Creation order Load

    Balancer Host Load Balancer Certificate Load Balancer Application Profile Load Balancer (service) Load Balancer Health Monitor Load Balancer Application Rule Load Balancer Pool creation order
  18. Tenant AWAlberts Tenant AWAlberts private IP private IP NSX Edge

    pair public IP public IP Tenant ESG Tenant ESG Perimeter ESG Perimeter ESG default GW Perimeter ESG Perimeter ESG Distributed Logical Router Tenant ESG AWAlberts Tenant ESG AWAlberts Distributed Logical Router VM VM transport network default GW default GW default GW transport network Internet Aalsmeer (CCA) Apeldoorn (APD) Demo_01 Demo_02 Create an Internet-Facing Load Balancer Create an Internet-Facing Load Balancer with two VMs in the back-end
  19. Tenant AWAlberts private IP public IP Tenant ESG Perimeter ESG

    default GW Perimeter ESG Distributed Logical Router Tenant ESG AWAlberts VM VM default GW transport network Internet Aalsmeer (CCA) Load Balancer Create NSX Load Balancer, with two nodes public IP Portal vRA, vRO Create an Internet-Facing Load Balancer Create an Internet-Facing Load Balancer with two VMs in the back-end Demo_01 Demo_02
  20. Tenant AWAlberts private IP public IP Tenant ESG Perimeter ESG

    default GW Perimeter ESG Distributed Logical Router Tenant ESG AWAlberts VM VM default GW transport network Internet Aalsmeer (CCA) Create NSX Load Balancer, with two nodes public IP Create an Internet-Facing Load Balancer Create an Internet-Facing Load Balancer with two VMs in the back-end Demo_01 Demo_02 Load Balancer Portal vRA, vRO Application Profile Health Check Certificates General Load Balancer Load Balancer Host Load Balancer Pool Health Monitor Application Profile
  21. Tenant AWAlberts private IP public IP Tenant ESG Perimeter ESG

    default GW Perimeter ESG Distributed Logical Router Tenant ESG AWAlberts VM VM default GW transport network Internet Aalsmeer (CCA) Load Balancer public IP: 145.128.67.82:3333 while true; do curl 145.128.67.82:3333 sleep 1 done Portal vRA, vRO Create an Internet-Facing Load Balancer Create an Internet-Facing Load Balancer with two VMs in the back-end Demo_01 Demo_02 VMs listening on port 3333
  22. Tenant AWAlberts Tenant AWAlberts private IP private IP NSX Edge

    pair public IP public IP Tenant ESG Tenant ESG Perimeter ESG Perimeter ESG default GW Perimeter ESG Perimeter ESG Distributed Logical Router Tenant ESG AWAlberts Tenant ESG AWAlberts Distributed Logical Router VM VM transport network default GW default GW default GW transport network Internet Aalsmeer (CCA) Apeldoorn (APD) Create an advanced Internet-Facing Load Balancer Create an Internet-Facing Load Balancer with two VMs in the back-end Demo_01 Demo_02
  23. Tenant AWAlberts private IP public IP Tenant ESG Perimeter ESG

    default GW Perimeter ESG Distributed Logical Router Tenant ESG AWAlberts VM VM default GW transport network Internet Aalsmeer (CCA) Adv. Load Balancer Create NSX Load Balancer, with same two nodes public IP Portal vRA, vRO Create an advanced Internet-Facing Load Balancer Create an Internet-Facing Load Balancer with two VMs in the back-end Demo_01 Demo_02
  24. Tenant AWAlberts private IP public IP Tenant ESG Perimeter ESG

    default GW Perimeter ESG Distributed Logical Router Tenant ESG AWAlberts VM VM default GW transport network Internet Aalsmeer (CCA) Create NSX Load Balancer, with same two nodes public IP Create an advanced Internet-Facing Load Balancer Create an Internet-Facing Load Balancer with two VMs in the back-end Demo_01 Demo_02 Adv. Load Balancer Portal vRA, vRO Load Balancer Application Rule Health Monitor Application Profile Load Balancer Pool Load Balancer Application Rule Health Monitor Application Profile Load Balancer Pool Load Balancer Host
  25. Tenant AWAlberts VMs listening on port 3000 public IP Tenant

    ESG Perimeter ESG default GW Perimeter ESG Distributed Logical Router Tenant ESG AWAlberts VM VM default GW transport network Internet Aalsmeer (CCA) Adv. Load Balancer public IP: 145.128.67.85:2222 while true; do curl 145.128.67.85:2222 sleep 1 done Portal vRA, vRO Demo: Create an Internet-Facing Load Balancer Create an Internet-Facing Load Balancer with two VMs in the back-end Demo_01 Demo_02 Application rules: - whitelist, - redirect HTTP to HTTPs
  26. NSX Load Balancer Advanced Load Balancer Load Balancer Host Load

    Balancer Certificate Load Balancer Application Profile Load Balancer (Service) Load Balancer Health Monitor Load Balancer Application Rule Load Balancer Pool 01:07 01:15 01:49 01:26 02:12
  27. Demo Create an advanced Internet Facing Load Balancer with two

    VMs in the back-end a sample application rule and port redirecting ~15 min. reduced to 2:37
  28. var http = require('http'); http.createServer(function (req, res) { res.writeHead(200, {'Content-Type':

    'text/plain'}); res.end(‘Hello, my name is DEMO_01. I\’m the numero UNO!\n’); }).listen(3333, “[node IP-address]”); console.log('Server running at http://[node IP-address]:3333/‘); Webserver with node.js, load balancer node index.js
  29. #!/bin/bash # This script runs until you stop it with

    Ctrl-C while true; do curl [load balancer IP-address]:3333 sleep 1 done Bash script calling the load balancer IP-address load-balancer-test.sh