How to leverage NSX
When it comes to leveraging NSX features, customers have the following three options:
- Installing NSX in private cloud and leveraging NSX features.
VMware NSX can be integrated with vSphere, vCloud Director, vCloud Automation Center and VMware Integrated Openstack. A multi-hypervisor environment, such as Xen Server, KVM or VMware ESXi™ with a choice of cloud management solution such as vCloud Automation Center.
- VMware vCloud Air, which is a public cloud, delivers advanced networking service networking and security features powered by NSX.
Customer can secure networking in a public cloud built on the same platform as vSphere. Mirror on-premises networks in the cloud with minimal changes to design and networking topology. Manage at scale with controls and constructs familiar to network security administrators, minimizing operational disruption and need for retraining.
- For true network hybridity, a customer can have NSX in a private cloud and VMware vCloud Air as the public cloud.
Cloud networking is an essential component of cloud computing and forms the foundation for the hybrid cloud. Every vCloud Air service includes a connection to the Internet, one or more public IP addresses, and critical networking capabilities such as load balancing, a firewall, Network Address Translation (NAT), and VPN connectivity via the Edge Gateway. NSX in vCloud Air supports Border Gateway Protocol (BGP) and Open Shortest Path First (OSPF) routing to simplify the integration of a customer's public cloud workloads and on-premises applications and resources.
A simple diagram describing the same is shown in the following figure:
Feature-rich networking and security services on both private and public clouds ensure both the environments are secured and, most importantly, no application remodification is required while moving the workloads back and forth. The rest of the integration and design between private cloud with NSX and vCloud Air is beyond the scope of this book. We will have a quick look at NSX features and where they will fit in our current data center deployment scenarios.
It is very important to understand the nature of our application that is driving the network traffic in any data center environment. Traditional network architectures were based on a series of switches and routers, and those types of network architecture would perfectly fit in a client-server environment. Today's application workloads are highly in need of reducing the number of hops when they are communicating in a network. In modern-day application requirements, virtual machines talk to each other sitting in the same rack or a different rack before sending a reply packet to the client which is outside the data center. Workloads are moving from server memory to server flash drives for analysis. Big data, virtualization, and cloud have highly contributed to such types of traffic. Hence, we certainly need an intelligent networking for such big application workloads. Lack of speed and flexibility in provisioning a network is addressed with the help of network virtualization features.
With that said, let's have a look at the following diagram, which explains types of traffic in a data center environment. Networking traffic flow in a data center environment is of two types: East-West and North-South:
Let's have a look at an example. Let's assume we have a private data center and we need to access some applications which are hosted in a virtualized server from outside the data center:
- East-West traffic: Traffic between virtual machines in the same data center
- North-South traffic: Traffic which is coming into and going out of the data center
