Sweet Symphony: Nutanix AHV and Mellanox DCI for Multi-Clouds

  • 30 October 2018
  • 0 replies
Sweet Symphony: Nutanix AHV and Mellanox DCI for Multi-Clouds
Userlevel 7
Badge +35
This post was authored by our friends at Mellanox

Automated network virtualization is imperative to business continuity in a multi-cloud environment. Open standard based VXLAN-EVPN is an efficient and scalable datacenter interconnect (DCI) for multi-clouds. Integrated network management holds the key to fully realize the benefits of a multi-cloud deployment. Nutanix and Mellanox orchestrate a seamless multi-cloud networking solution providing much improved application up-time and business continuity, while making enterprise cloud network management simple and efficient. Hence the sweet symphony starts.

First Movement: Cloud, Hybrid Cloud, and Nutanix Enterprise Cloud

Cloud computing has seen rapid adoption these days. Cloud provides a virtualized environment to deliver platform, infrastructure and applications as services to improve business efficiency and allow fast expansion to new businesses. While building their own clouds on premises or running their businesses on public clouds such as Amazon Web Services (AWS) and Microsoft Azure, many enterprise customers start making the hybrid-cloud strategy to benefit from the best of both worlds -the control and security of private clouds and the scalability and agility of public clouds. In this approach, to streamline business operations across multiple clouds, enterprises are resorting to solutions for a single, unified cloud infrastructure.

As a leader in enterprise cloud solutions, Nutanix delivers a unified, hybrid cloud experience across the entire IT fabric, from private cloud on premises to remote office/branch office (ROBO), public cloud and remote disaster recovery (DR) site. Built on its enterprise cloud OS and AHV hyperconverged infrastructure platform, the Nutanix solution combines the agility and one-click simplicity of a public cloud with the security, control, predictable economics, and performance needed in a private cloud.

With a focus towards applications running on the clouds, the Nutanix hybrid cloud solution (AOS 5.6 or later) contains VM microsegmentation with Flow to increase application security. Flow also provides network visualization for enhanced policy management and easy extension of network and security functions and automation via 3rd party software integration. As a result, cloud operations are greatly simplified, with consumer-grade management that reduces complex operations such as disaster recovery to a single click, and enables business continuity of mission-critical applications.

Second Movement: Network Virtualization and Datacenter Interconnect

Cloud is built on network virtualization, and multiple clouds are connected through datacenter interconnect (DCI). By separating tenant traffic into virtual network segments and supporting application movement across datacenters, the cloud infrastructure is application oriented, providing mobility, scalability and security for delivering applications and services to multiple tenants.

Network segmentation starts in a datacenter where a Layer 2 (L2) network can be segmented into Virtual Local Area Networks (VLANs). The VLAN provides the connectivity between hosts or virtual machines (VMs) and facilitates their movements within the segment, and isolates traffic from other VLANs for security (with some loopholes). However, VLAN is limited in scale - maximum 4K segments - and couldn’t scale beyond the single datacenter (no virtualized end points).

To extend VLAN across data centers connected through Layer 3 (L3) networking, the VXLAN (Virtual eXtensible Local Area Network) technology is developed, which overlays L2 VLAN on top of L3 underlay network. A tunneling mechanism over L3 network, VXLAN allows hosts/VMs to be placed in the infrastructure, and communicate as if they were on the same local VLAN. Figure 3 illustrates a simplified VXLAN topology. Host A and Host B are connected to respective leaf switches in two datacenters. The two leaf switches also serve as the endpoints of the VXLAN tunnel (a.k.a. VTEP).

Through VXLAN tunnel VNI1000, these two hosts, even though residing in two separate datacenters, can communicate in VLAN100. With a 24-bit identification number, a total of 16 million VXLAN segments are supported for cloud scale. As data traffic runs on an L3 underlay, the network is much more scalable and flexible (BGP), reliable (multi-pathing), and fully utilized (ECMP), again to meet cloud requirements!

VXLAN specifies a flood-and-learn mechanism for VTEP discovery and MAC address learning in a VXLAN segment, i.e., forwarding BUM traffic (ARP requests) via L3 multicast. To avoid flooding, IT admins typically deploy VXLAN with a control plane. However, when proprietary VXLAN controllers are used, the users are challenged with new issues such as bottlenecks of a single controller, expensive software licensing and vendor lock-in. Today, more and more VXLAN deployments take a controller-less approach, using a BGP-EVPN based control plane.

As a predominant, trusted L3 protocol supporting very large-scale networks, and combined with EVPN address family extension, BGP distributes network reachability information in both L2 MAC and L3 IP, resulting in automated VTEP discovery, efficient address learning and optimized routing/switching. Distributed anycast gateways also remove the bottleneck of a single controller. Most importantly, a BGP-EVPN control plane is standard-based, providing cloud scale.

Of available VXLAN-EVPN-based DCI solutions, the Mellanox DCI, built on Mellanox Spectrum switches, stands out in performance, enterprise-class reliability, and cloud-scale. With VTEP support on Spectrum switches, the Mellanox DCI provides hardware VXLAN encapsulation and decapsulation, and symmetrical and asymmetrical VXLAN routing at up to 100Gb/s speed. Supporting up to 750 VTEPs and 100K VXLAN tunnels, equivalent to 6x server racks compared to other solutions, the Mellanox DCI offers unlimited VXLAN scale in practice.

The Mellanox DCI works with commonly used VXLAN controllers as well.

Third Movement: Integrated Network Orchestration

As BGP-EVPN based DCI abstracts network control plane from the underlying physical network infrastructure across multiple clouds, we come to the point to further simplify multi-cloud operations by integrating L2-L3 network management with the network virtualization and security management plane of the cloud solution. Nutanix and Mellanox have done exactly that, namely, application deployment with Prism Central, security automation with Flow and service insertion/chaining. Such is the case for the integration of the Mellanox network orchestrator, NEO™, and Nutanix Prism Central.

Mellanox NEO is a powerful solution for network orchestration and management. It provides deep visibility into network configuration and real-time status, allowing datacenter operators, in a few mouse clicks, to configure, monitor, and troubleshoot high-speed end-to-end Ethernet networks. RESTful API based, NEO can be seamlessly integrated with third-party management software which further simplifies network design, provisioning, operation and troubleshooting, for both a local network in one cloud and datacenter interconnect (DCI) in a multi-cloud environment.

Through webhook APIs, Nutanix and Mellanox have integrated NEO and Prism. This integration allows automated VLAN mapping and discovery, VLAN/VXLAN mapping for DCI, and network provisioning upon VM CRUD events (creation, migration, and deletion). In addition, providing VM-level network visibility, NEO enables Nutanix AHV customers to visualize and reach VM placement, and manage and monitor their network infrastructure to meet both virtualization and specific application needs.

For example, when an application fails over to the remote site (e.g., a DR site), NEO gets the API trigger from Prism Central. Based on that, NEO orchestrates the DCI for data backup and recovery associated with the application to the remote site. The orchestration is mainly based on EVPN DCI we discussed above – where a VXLAN is stretched from the primary data location to the backup data location while keeping VLANs intact. Anycast gateway functionality of EVPN helps seamless workload movement and essentially make the network abstracted from the user’s point of view - the user continues accessing the application without any disruption during the whole process.

Mellanox NEO is made available through Nutanix Calm with one-click download and deployment.

Finale: Ensure Business Continuity in Multi-Clouds

In a multi-cloud environment, business continuity is imperative. As applications are moved between clouds for scaling or disaster recovery, networking often remains as one of the key challenges in ensuring business continuity. The joint solution between Nutanix and Mellanox automates network provisioning as part of workload lifecycle management, and allows workloads to preserve their IP addresses when they failover to the target site, enabling business continuity during partial or full failover. These capabilities are delivered using VXLAN/EVPN overlays that allow transparently stretching networks across the primary and secondary sites.

VXLAN-EVPN is an open and standard based technology simplifying datacenter interconnect (DCI) over multiple clouds. EVPN based DCI stretches a layer2 network between data centers, and applications in the form of virtual machines (VMs) can move easily with same IP and gateway, eliminating the traditional and costly way of manually re-configuring DNS entry. In the event of application failover or disaster recovery, the EVPN-based control plane automatically updates VM locations, and the client will continuously access the VM without even noticing the change in VM location.

The entire orchestration is seamless with the integration of Mellanox’s network orchestrator NEO and Nutanix’s Prism Central. To provide a transparent, automated experience and ensuring business continuity, NEO provides the following capacities:
  • VM-level network visualization
  • Automated VLAN/VXLAN provisioning for VM operations
  • One-click mLAG and RoCE configuration
  • Real-time and historical network telemetry for traffic/performance monitoring
  • Switch software upgrade at scale
  • One-click NEO deployment from Nutanix CALM

Interested? Join this joint webinar to learn more about the Sweet Symphony for Multi-Cloud Networking. Tune-in Oct. 31st, 2018 or watch on demand.

Follow us on Twitter: @MellanoxTech, @nutanix. Also visit us for the solution demo at .NEXT London and upcoming Mellanox/Nutanix events in your area.

Related resources:

© 2018 Nutanix, Inc. All rights reserved. Nutanix, the Enterprise Cloud Platform, the Nutanix logo and the other Nutanix products, features, and/or programs mentioned herein are registered trademarks or trademarks of Nutanix, Inc. in the United States and other countries. All other brand and product names mentioned herein are for identification purposes only and are the property of their respective holder(s), and Nutanix may not be associated with, or sponsored or endorsed by such holder(s). This document is provided for informational purposes only and is presented ‘as is’ with no warranties of any kind, whether implied, statutory or otherwise.

Disclaimer: The views expressed in this blog are those of the author and not those of Nutanix, Inc. or any of its other employees or affiliates. This blog may contain links to external websites that are not part of Nutanix does not control these sites and disclaims all responsibility for the content or accuracy of any external site. Our decision to link to an external site should not be considered an endorsement of any content on such site.

This topic has been closed for comments