Perhaps one of the most important pieces to the VMware’s puzzle of a fully software-defined data center (SDDC) is it’s network virtualization tool NSX.
In August 2013, NSX became a reality for VMware by way of an acquisition of a company called Nicira. The fledgling product has done quite a bit for VMware since it was launched, but it still has its work cut out for it.
On Monday, August 31, 2015, Bruce Davie, CTO for networking at VMware, led a breakout session where he presented a high-level view of the future of the technology and how NSX plays into VMware’s overall strategy.
The NSX story started when Davie and his team, who were a part of Nicira before the acquisition, began trying to tackle a problem they saw in large organizations — manually provisioning networks was becoming a bottleneck. So, early on, the initial use case was automation.
However, as the product has grown it has developed two other main use cases: security and application continuity.
For security, the ability to provide micro segmentation between components in the data center helped administrators drill down and focus on how they wanted to protect their organization. They no longer had to rely solely on perimeter security.
Application continuity, or “The ability to have an application consume resources across multiple data centers,” Davie said, allows applications to take advantage of capacity in other areas when they need it, and quickly became another key use.
Moving forward, though, there are three issues that are foundational to the growth of NSX. The first of those is dealing with physical networks and bare metal workloads. To address this, Davie said that the NSX team is working on distributed logical routing with hardware VTEP as an additional option instead of x86.
Logical segmentation around application boundaries plays a big part in the future of NSX as well. Being able to set certain VMs to be able to communicate with each other is great, but the ability to throw physical machines into the segmentation mix as well is also crucial. For example, NSX will be able to tell a segment of physical machines, not just VMs, to implement certain policies at specific tiers in an application.
The second key to the future of NSX is distributed services, which help with scalability. VMware has had success with its distributed firewall in that it allows a VM to VM communication path, or the shortest network path when that isn’t an option. The next step, though, is distributed load balancing. Currently in technology preview, the load balancers logically balance workloads through VMs across different tiers to maintain availability.
Beyond the data center, Davie called WAN and multi-site use cases “the next big frontier for NSX.” Multi-site deployments of NSX are already happening, so growing that use case scenario is obviously part of the future strategy, but SD-WAN (software-defined wide area network) will be an increasing focus for NSX.
SD-WAN lets you build overlays over the WAN, just like NSX builds overlays in the data center, Davie said, so it makes sense that it would work as part of the general strategy moving forward for NSX.