Post on 12-Mar-2021
KPN CloudNL VMware
vRA en NSX in een Nederlandse
multi-tenant Cloud oplossing
Albert W. Alberts, 16 maart 2017
Even voorstellen …
• KPN sinds jan. 1999:
– HetNet, VoIP, Comet, Bewaarplicht, Cloud, CloudNL
VMware
• Architect (met een software achtergrond)
• KPN patenten
• devNetNoord organisatie
Albert W. Alberts
Privé
Raspberry Pi / Home automation
MeetUp bezoeker
Zwemmen. waterpolo, reizen
Contact
LinkedIn: https://www.linkedin.com/in/albertalberts/
Twitter: @a_w_alberts
Email: albert.albert@kpn.com
KPN CloudNL VMware
• 1 Commercieel Product Owner
• 1 Technisch Product Owner
• 3 OPS
• 2 DEV
• 1 Test
• 1 Architect
• ½ Proces
The Team: who and how?
CloudNL kenmerken:
• Diensten worden geleverd vanuit KPN eigen
datacenters in Nederland;
• Beheer vanuit Nederland
onder Nederlandse wet- en
regelgeving;
• Assurance via het Cloud
Compliance Framework (CCF).
Cloud kenmerken:
• Self-service management
• Eigen infra creëren
• Eigen infra beheren
• Schaalbaarheid
• Betalen voor gebruik
CloudNL Microsoft, gebaseerd op Microsoft technologie
CloudNL VMware, gebaseerd op VMware technologie
• vRealize Automation;
• vRealize Orchestration;
• NSX;
• vCenter & vSphere.
Virtual Machines Networking Backup
CloudNL VMwareFocus op Infrastructuur (IaaS)
Virtual Machines Networking Backup
CloudNL VMwarevRealize suite
vRealize AutomationvRealize Orchestration
vRealize
Automation
vRealize
Orchestration
Compute
resources
Networking
resources
Storage
resources
CloudNL VMware
Port
al
ReST
API
What does the customer get?Interfaces
vRealize
Automation
vRealize
Orchestration
Compute
resources
Networking
resources
Storage
resources
CloudNL VMware
Portal ReST API
What does the customer get?Interfaces
GoRuby
Python
C#
vRealize
Automation
vRealize
Orchestration
Virtual Machines Networking Backup
Compute
resources
Networking
resources
Storage
resources
CloudNL VMware
Portal API
What does the customer get?Interfaces
Tenant ATenant Aprivate IP private IP
NSX Edge pair
public IPpublic IP
TenantESG
TenantESG
Perimeter ESG
Perimeter ESG
default GW
Perimeter ESG
Perimeter ESG
Distributed Logical Router
Tenant AESG
Tenant AESG
Distributed Logical Router
VM VM VM VM
VM VMVM VM
transport network
default GW
defaultGW
defaultGW
transport networkpublic network, without NAT(ting)
private network, with sNAT(ting)
Internet
Aalsmeer (CCA) Apeldoorn (APD)
What does the customer get?Default network setup:
front-end & back-end
Tenant ATenant Aprivate IP private IP
NSX Edge pair
public IPpublic IP
TenantESG
TenantESG
default GW
Distributed Logical Router
Tenant AESG
Tenant AESG
Distributed Logical Router
VM VM VM VM
VM VMVM VM
transport network
default GW
defaultGW
defaultGW
transport networkpublic network, without NAT(ting)
private network, with sNAT(ting)
Aalsmeer (CCA) Apeldoorn (APD)
KPN Cloud Connect
What does the customer get?Custom network setup: no internet,
on-premise connected via
KPN Cloud Connect
TenantESG
Distributed Logical Router
Tenant BESG
transport network
Tenant A
TenantESG
Distributed Logical Router
Tenant BESG
transport network
Tenant A
private IP
public IP
Perimeter ESG
default GW
Perimeter ESG
VM VM
VM VM
defaultGW
transport network
Internet
TenantESG
Tenant AESG
Distributed Logical Router
Aalsmeer (CCA) Apeldoorn (APD)
private IP
public IP
Perimeter ESG
default GW
Perimeter ESG
VM VM
VM VM
defaultGW
transport network
TenantESG
Tenant AESG
Distributed Logical Router
Wat does the customer get?Multitenancy,
separation at the pESG
vRealize
Automation
vRealize
Orchestration
Compute
resources
Networking
resources
Storage
resources
CloudNL VMware
Port
al
ReST
API
How does the customer get it?
vRealize
Automation
vRealize
Orchestration
Compute
resources
Networking
resources
Storage
resources
CloudNL VMware
Portal
How does the customer get it?Order / Request
vRealize
Automation
vRealize
Orchestration
Compute
resources
Networking
resources
Storage
resources
How does the customer get it?Order / Request flow
Portal
€Billing
vRealize
Orchestration
Compute
resources
Networking
resources
Storage
resources
How does the customer get it?Order / Request flow
€Billing
vRealize
Automation
Portal
vRealize Orchestrator workflowCreate NSX Load Balancer
Tenant
AWAlberts
Tenant
AWAlbertsprivate IP private IP
NSX Edge pair
public IPpublic IP
TenantESG
TenantESG
Perimeter ESG
Perimeter ESG
default GW
Perimeter ESG
Perimeter ESG
Distributed Logical Router
Tenant ESGAWAlberts
Tenant ESGAWAlberts
Distributed Logical Router
transport network
default GW
defaultGW
defaultGW
transport network
Internet
Aalsmeer (CCA) Apeldoorn (APD)
Demo: Create Virtual MachineCreate a Virtual Machine
in the back-end network
Tenant
AWAlbertsprivate IP
public IP
TenantESG
Perimeter ESG
default GW
Perimeter ESG
Distributed Logical Router
Tenant ESGAWAlberts
VM
defaultGW
transport network
Internet
Aalsmeer (CCA)
Create Virtual Machine:
CentOS Linux v7.1
CTOS7CCA01CTOS7CCA01
Portal
vRA, vRO
Demo: Create Virtual MachineCreate a Virtual Machine
in the back-end network
Tenant
AWAlbertsprivate IP
public IP
TenantESG
Perimeter ESG
default GW
Perimeter ESG
Distributed Logical Router
Tenant ESGAWAlberts
VM
defaultGW
transport network
Internet
Aalsmeer (CCA)
CTOS7CCA01
Portal
vRA, vRO
CentOS Linux 7 (Core)
Kernel 3.10.0-327.36.3.e17.x86 on
an x86_64
C7ACTOS7CCA01 login: root
Password:
Last login: Fri Mar 10 10:44:55 on
ttty1
root@C7ACTOS7CCA01 ~]#
Demo: Create Virtual MachineCreate a Virtual Machine
in the back-end network
Demo
Create a Virtual Machine
in the back-end network
Tenant
AWAlberts
Tenant
AWAlbertsprivate IP private IP
NSX Edge pair
public IPpublic IP
TenantESG
TenantESG
Perimeter ESG
Perimeter ESG
default GW
Perimeter ESG
Perimeter ESG
Distributed Logical Router
Tenant ESGAWAlberts
Tenant ESGAWAlberts
Distributed Logical Router
VM VM
transport network
default GW
defaultGW
defaultGW
transport network
Internet
Aalsmeer (CCA) Apeldoorn (APD)
CTOS7CCA01 CTOS7CCA02
Demo: Create an Internet-Facing Load BalancerCreate an Internet-Facing
Load Balancer with
two VMs in the back-end
Tenant
AWAlbertsprivate IP
public IP
TenantESG
Perimeter ESG
default GW
Perimeter ESG
Distributed Logical Router
Tenant ESGAWAlberts
VM VM
defaultGW
transport network
Internet
Aalsmeer (CCA)
CTOS7CCA01 CTOS7CCA02
Load Balancer
Create NSX Load Balancer,
with nodes:
CTOS7CCA01
CTOS7CCA02
public IP
Portal
vRA, vRO
Demo: Create an Internet-Facing Load BalancerCreate an Internet-Facing
Load Balancer with
two VMs in the back-end
Tenant
AWAlbertsprivate IP
public IP
TenantESG
Perimeter ESG
default GW
Perimeter ESG
Distributed Logical Router
Tenant ESGAWAlberts
VM VM
defaultGW
transport network
Internet
Aalsmeer (CCA)
CTOS7CCA01 CTOS7CCA02
Load Balancer
public IP
while true; do
curl
145.128.67.82:3000
sleep 1
done
Portal
vRA, vRO
Demo: Create an Internet-Facing Load BalancerCreate an Internet-Facing
Load Balancer with
two VMs in the back-end
Demo
Create an Internet Facing Load
Balancer
with two VMs in the back-end
Vragen
nu of straks bij de KPN stand
Bedankt voor jullie
aandacht !en er zijn vacatures …
var http = require('http');
http.createServer(function (req, res) {
res.writeHead(200, {'Content-Type': 'text/plain'});
res.end(‘Hello, my name is CTOS7CCA01. I\’m
numero UNO!\n’);
}).listen(3000, “[node IP-address]”);
console.log('Server running at http://[node IP-
address]:3000/‘);
Webserver with node.js, load balancer nodeindex.js
#!/bin/bash
# This script runs until you stop it with Ctrl-
C
while true; do
curl [load balancer IP-address]:3000
sleep 1
done
Bash script calling the load balancer IP-addressload-balancer-test.sh