Solution provider takeaway: In this tip, solution providers will learn about helping server managers and network...
managers deal with enterprise network virtualization problems with vSphere 4, integrated with the Cisco Nexus 1000V switch. Learn about the Cisco Nexus 1000V's pros and cons and why solution providers should be recommending it to customers.
Every day, solution providers are put in the unenviable position of trying to please the various silos of control that make up today's IT departments. The server infrastructure group manages the servers, the network infrastructure group manages the network devices, and so on. Until recently, these groups had relatively clear fiefdoms to rule, and they were relatively happy about it. Then came virtualization.
The network virtualization problem
When server virtualization came into the picture, server managers loved it because it reduced the number of servers they had to manage and made life easier. Along with server virtualization came the concept of virtual networks. Suddenly these servers were no longer connected directly to a physical switch (managed by the network infrastructure group); instead, virtual machines are connected to "standard" virtual switches. While the network infrastructure group wasn't especially happy about this virtual network, there wasn't much that they could do about it -- because the server virtualization software didn't offer the option to delegate management of these new virtual networks, it had different tools to manage the virtual network, and the server managers became the new virtual network managers.
As virtualization software has evolved, end users have complained about the lack of delegation possible in the management software and the lack of features built into virtual networking. The portability of virtual machines allows them to move from server to server using VMware's VMotion, which is, in turn, used by VMHA, DRS and DPM. This further aggravates the problems for network managers because these virtual machines aren't always connected to the same virtual switch or on the same physical server. To help out both groups, VMware, Cisco and other companies have responded.
How vSphere 4 helps to solve these problems
With VMware vSphere 4 Enterprise Plus, VMware now offers the Distributed Virtual Switch (dvswitch) or vNetwork Distributed Switch (vDS). Also in vSphere 4, VMware admins can create network administrator roles and delegate permissions to the virtual networks and the new distributed virtual switch port groups. With this new advanced switching option available in vSphere 4, these virtual switches can connect VMs not just on a single ESX server but across multiple ESX servers and can then be administered as if they were connected to a single switch. Among other very beneficial features, the distributed switch also offers the ability to use a third-party switch instead. This is where these benefits really start paying off for network administrators.
Figure 1 - Cisco Nexus 1000V connecting virtual machines to vSphere
Graphic courtesy of Cisco.com
Upgrading to the Cisco Nexus 1000V
Today, the only third-party switch appropriate for this situation is the Cisco Nexus 1000V. Unlike other Cisco switches, the 1000V is a software switch that integrates with vSphere 4 (Enterprise Plus Edition).
Above and beyond the purchase of VMware Enterprise Plus, you must purchase the Cisco Nexus 1000V license for each vSphere server. The VMware licenses are likely to come from the server manager's budget; the Cisco Nexus license is likely to come from the network manager's budget. This is also true because the Nexus 1000V may be much more than the typical server admin needs or even wants to understand. However, the 1000V is the solution that network managers have been looking for. Here are a few reasons why:
- The Cisco Nexus 1000V provides the Cisco IOS command line that the network admin is used to seeing and using every day. To me, if there were no other advanced features of the Nexus 1000V except the Cisco IOS command line, I would still want the product, as a network manager, solely to have a common IOS interface between the physical switches and the virtual switches. To make the product even better, there's more...
- The Nexus 1000V understands that there are virtual machines and they are running on physical host servers.
- Cisco's VN-Link is the technology in the Nexus 1000V that allows the network security and port profiles and policies to move with the virtual machine, even when it moves to another physical host server.
The 1000V is made up of two pieces -- the VSM (virtual supervisor module) and the VEM (virtual Ethernet module). The VSM is actually a virtual appliance running on an ESX server. The VSM is where you connect and gain access to the Cisco IOS prompt in order to manage the VEMs that are connected to each virtual server (see Figure 2, below).
Figure 2 - Cisco Nexus 1000V architecture
Graphic courtesy of Cisco.com
Pros and cons of the Cisco Nexus 1000V
I just covered some of the benefits of the Nexus 1000V. Now let me break the 1000V down into its pros and cons:
- There is a Cisco IOS command line for virtual switches, just like physical Cisco switches.
- It allows network managers to administer virtual networks, just as they administer physical networks.
- This Cisco switch understands virtual infrastructure.
- It allows for virtual switch ports and policies that stay with a VM as it moves from server to server.
- VMware vSphere Enterprise Plus is required. This is the most costly version of vSphere.
- Customers must purchase the Cisco Nexus 1000V at a cost of $695 per CPU (list price).
Nexus 1000V, network managers, and VMware admins
So can the Nexus 1000V fill the network management hole that was created by virtualization? I believe so. By implementing the 1000V, enterprises can begin delegating the management of the virtual network infrastructure back to the network management team. Better yet, those network managers will be able to manage the virtual network with the same Cisco IOS interface and features that they already use. This will let the network managers and server managers do what they do best. Better still, the solution provider can bring the Nexus 1000V solution to the table, making all parties happy.
How can solution providers help?
As a solution provider, you are going to have the most success by making "everyone happy." While this is always difficult, the Cisco Nexus 1000V is a solution that can help you do it.
Virtualization is becoming more and more of a "savior" to overworked server managers who need options to allow them to do more in less time. It can also help rescue the IT budget by consolidating physical servers into virtual servers (P2V), thus saving money. However, virtualization hasn't been much help to network managers in the past. Sure, it has helped them save money by reducing the number of switch ports that are required, but it has also taken away much of the control and many of the features that they are used to using.
In my opinion, the Cisco Nexus 1000V steps in to solve these problems. Certainly, it is going to cost you, but that cost is small compared with the per port switch cost of an enterprise-ready network switch. And the 1000V is going to bring the Cisco IOS command line and features to network managers who badly need to regain the network features and control that they have lost (or soon will lose).
In fact, I was so impressed by the Cisco Nexus-1000V that I was one of the judges who selected it as the Best of VMworld 2008.
For more information on the 1000V, visit the Cisco Nexus 1000V product page.
About the author
David Davis is Director of Infrastructure at TrainSignal.com, the global leader in video training for IT pros. He has a number of certifications, including vExpert, VCP, CISSP and CCIE #9369. In addition, David has authored hundreds of articles and six video training courses at Train Signal, with his most popular course being the VMware vSphere 4 video training course. His personal website is VMwareVideos.com. You can follow David on Twitter or connect with David on LinkedIn.