Nutanix Networking in Azure - hybridcloud

  • 2 November 2021
  • 0 replies

Userlevel 4
Badge +19


Nutanix’s support for bare-metal is getting close. Please take a look at some of the foundational components for networking in Azure.

NCM (Nutanix Clusters on Azure) utilizes Flow Networking to create an overlay network in Azure to ease administration for Nutanix administrators and reduce networking constraints across Cloud vendors.  Flow Networking is used to abstract the Azure native network by creating overlay virtual networks. On the one hand this abstracts the underlying network in Azure, while at the same time, it allows the network substrate (and its associated features and functionalities) to be consistent with the customer’s on-premise Nutanix deployments.

You will be able to create new virtual networks (called Virtual Private Clouds or VPCs) within Nutanix, subnets in any address range, including those from the RFC1918 (private) address space and define DHCP, NAT, routing, and security policy right from the familiar Prism Central interface.

Flow networking can mask or reduce Cloud constraints by providing an abstraction layer. As an example, Azure only allows for one delegated subnet per VNET. Subnet delegation enables you to designate a specific subnet for an Azure PaaS service of your choice that needs to be injected into your virtual network. NCM needs a management subnet delegated to the Microsoft.BareMetal/AzureHostedService .  

Once your subnet is delegated to the BareMetal service the Clusters Portal will be able to use that subnet to deploy your Nutanix Cluster. The AzureHostedService is what the Clusters portal uses to deploy and configure networking on the bare-metal nodes.

Every subnet used for user native VM networking also needs to be delegated to the same service. Since a VNET can only have delegated subnet, networking configuration would get out of hand with needing to peer VNETs among each other to allow communication. With Flow networking we can drastically reduce the amount of VNETS needed to allow communication of the workloads running on Clusters and Azure. Flow Networking will allow you to create over 500 subnets with only consuming 1 Azure VNET.

Azure Network Design

Prism Central (PC) will be deployed onto the Nutanix Cluster after deployment. Prism Central contains the control plane for Flow Networking.  The subnet for PC will be delegated to the Microsoft.BareMetal/AzureHostedService so native Azure networking can be used to distributed IPs for PC. Once PC is deployed, the Flow gateway will deployed into a Native Azure subnet. The Flow gateway allows the User VMs using the Flow VPC(s) to communicate to native Azure services and allows the VMS to have parity with native Azure VMs; such as:

  • User defined routes  - You can create custom, or user-defined(static), routes in Azure to override Azure's default system routes, or to add additional routes to a subnet's route table. In Azure, you create a route table, then associate the route table to zero or more virtual network subnets.
  • Load Balancer   Deployment - The ability to front-end services offered by UVMs with Azure-native load balancer.
  • Network Security Groups: The ability to write stateful firewall policies.

Hopefully that gives you enough to get you thinking. Please ask any questions and take the test drive for yourself. 

This topic has been closed for comments