The network must converge -- but admin roles don't have to

FREE

Become An Insider

Sign up now and get free access to hundreds of Insider articles, guides, reviews, interviews, blogs, and other premium content from the best tech brands on the Internet: CIO, CITEworld, CSO, Computerworld, InfoWorld, ITworld and Network World. Learn more.

Cisco's Nexus 1000V gives server and network administrators separate, familiar interfaces with which to manage their respective chunks of infrastructure

The relentless march of network convergence is transforming the data center into a leaner, more efficient animal than ever before. But convergence also presents serious challenges to traditionally siloed IT departments -- blurring the roles of server, network, and storage administrators.

The frequent result is that these three roles merge into one group of "data center administrators" who must be conversant with the entire range of skills. This may work in smaller environments, but it can be extremely difficult to maintain the level of skill necessary to support a large environment without depending too much upon a handful of individuals.

One answer is to develop converged products that present separate interfaces catering to different administrative roles. Consider, for example, Cisco's Nexus 1000V virtual switch software. Though it has been well received by just about anyone I know who has deployed it, it's often looked at as simply an extension of the Cisco Nexus switch line -- but that misses the point of what the N1000V can do. It also represents what I hope will be a continuing effort on the industry's part to allow easier separation of administrative control in converged networks without trading off capability or efficiency in the process.

vDS in a nutshell

Before taking a look at the N1000V, it's worth examining the VMware switching technology that forms the framework for it. Prior to vSphere 4.0, virtual switching within VMware was based solely on traditional vSwitches, which are defined on a per-host basis. While fairly uncomplicated, traditional vSwitches did not scale well as the number of hosts or virtual machine networks increased.

The N1000V is made up of two distinct components: the Virtual Supervisor Module (VSM) and Virtual Ethernet Module (VEM). The VSMs, generally installed as a pair of redundant virtual appliances, act as the management head for the VEMs, which are embedded in the vSphere hosts via the automated installation of a vSphere host extension. When configured, the N1000V feels and acts like a Cisco modular switch with the VSMs filling the role of the supervisor modules and the VEMs acting as modular line cards.

Once initially installed, the network administrator can configure uplink port profiles to match the configuration of the physical switch ports that he already controls. One example of the 1000V's NX-OS pedigree is that it makes it possible to use dynamic 802.3ad LACP load balancing as well as subgroup load balancing -- which neither traditional vSwitches or plain-old vDS can do. After the uplink profile is configured, the network admin can deploy port profiles for virtual machines to attach to. These port profiles can contain any supported NX-OS commands, including everything from VLAN configuration and QoS to fine-grained ACLs.

As the network admin deploys and enables these port profiles, they immediately become visible within the vSphere environment as vDS port groups. The server admin can then add his hosts to the N1000V vDS -- automatically installing the VEM host extension and configuring the uplink interfaces in the process -- and add virtual machines to the virtual machine port groups.

As the server admin adds virtual machines, virtual Ethernet interfaces become visible within the N1000V configuration, allowing visibility into the network behavior of each virtual machine. The N1000V also supports NetFlow, RSPAN, and ERSPAN, so it's exceptionally easy to troubleshoot network problems that might exist between two virtual machines on the same host.

In short, the Nexus 1000V allows the network administrator a great deal of visibility into and control over the virtualized networking infrastructure without forcing him to learn new virtualization-specific tools or have access to virtualization management tools at all. Likewise, the server administrator no longer has to worry about how the network is configured or how upstream network changes might affect him. While I certainly advocate cross-training anywhere you can get away with it (the more people know about each other's jobs, the better), not being forced to work with something you may not be particularly familiar or skilled with can only result in saved time and fewer administrative mistakes.

To continue reading, please begin the free registration process or sign in to your Insider account by entering your email address:
Recommended
Join the discussion
Be the first to comment on this article. Our Commenting Policies