Back in 2018 VMware began a beta program based on Istio, a service mesh management platform. VMware has extended the capabilities of this offering to bring visibility, control, and security through microservices at the API level into their offering called NSX Service Mesh.
NSX Service Mesh works as an extension of the NSX-T Data Center platform for cloud-native applications like kubernetes containers and applies security and networking directly to the containers through the Container Network Interface (CNI). In short, a service mesh is a configurable infrastructure layer that makes it easier to manage microservices and Istio, an open source project backed by Google, IBM, and Lyft, is probably the best-known service mesh.
VMware has been a contributor to Istio and has participated in open source community projects like this. Basing the NSX Service Mesh on Istio, VMware makes it easier to on-board Kubernetes clusters and federate across multiple clouds and Kubernetes clusters.
Bringing security, control, and visibility services directly to the containers you can now manage the transactions from services and better control the data they have access to through microservices transactions. This enhances security by managing authentication, authorization, and encryption of service communications. This will also provide the ability to trace, monitor, and log of a service transaction to gain visibility of the health and performance of an application’s microservices.
The NSX Service Mesh also brings the following benefits:
NSX Service Mesh will be featured at VMworld 2019 and for those interested in learning more about this offering below are some of my recommendations from the published content catalog.
NSX Service Mesh [MTE6098U]
Niran Even-Chen, Principal Systems Engineer, VMware
Introduction to NSX Service Mesh [CNET1033BU]
Niran Even-Chen, Principal Systems Engineer, VMware
Oren Penso, Cloud Native Staff Systems Engineer, VMware
Getting Started with Service Mesh [CODE3102U]
Anderson Duboc, Sr. Systems Engineer, VMware
Cross-Cluster and Cross-Cloud Service Mesh Architecture and Use Cases [KUB1939BU]
Mark Schweighardt, Director, Product Management, VMware
The Future of Networking with NSX [CNET1296BU]
Bruce Davie, CTO, APJ, VMware
Marcos Hernandez, Chief Technologist - Networking and Security, VMware
The VMworld Content Catalog is now available to view. You can see it here and whether you’re a registered attendee or looking to see what’s on the schedule, the Content Catalog will help you get an idea of your schedule!
The catalog is to help you get an idea of the tracks and session types you may find interesting. The schedule builder is where you will build out your own schedule; this is currently available to those that have registered for VMworld.
I have gone through the list and there is plenty to keep you busy, however, I thought I would offer some recommendations:
I have several areas I am focusing on this year. The first of these is NSX and the Virtual Cloud Network. I agree with VMware in saying "We are continuing a movement toward software-defined", and NSX is the backbone. It ties together all aspects of the data center, such as networking, security, EUC, and containers. With NSX you can bring network automation to your data center applications, containers, along with security through micro-segmentation and third party service insertion.
Virtual Cloud Networking is built on VMware NSX. It provides a secure, consistent, and agile foundation. As you can see from the graph below, software defined networking touches every aspect of our business. Whether you are in healthcare, looking to bring better security to your endpoints with NSX or looking to secure public cloud initiatives, Virtual Cloud Networking is the backbone to it all.
My next focus area is containers. Specifically, a focus on offerings like vSphere Integrated Containers. This offering from VMware makes integrations with existing traditional applications easier to manage, deploy, and keep Highly Available (HA). If you are a heavy VMware shop, you are like most companies I encounter: virtualizing 95% or more via vSphere.
Making the move into containers means that you will initially need to maintain traditional applications, such as vms, along side your new container environment. This can introduce a lot of challenges and going "bare metal" can introduce further complications. For example, when you run Kubernetes on bare metal, a simple NIC update can directly impact the Kubernetes host which complicates configuration management. You are responsible for verifying that the component is supported by Kubernetes. The same applies to central storage and network management.
When we run Kubernetes on VMware vSphere, the VMware Hardware Compatibility List provides known working hardware for use with VMware vSphere. Virtualized hardware creates an abstraction that is supported by the underlying Linux distro. Decoupling the OS from the underlying hardware, reduces operational overhead for supported firmware versions of components. .
Running containers in a VMware environment allows you to keep running the traditional and containerized applications side-by-side, on a common platform. Having that common platform means bringing security, predictability, and agility into your infrastructure.
This brings me to my last area of focus, while I am out at VMworld this year, VMware Cloud Foundations. VMware Cloud Foundations is an integrated software stack that bundles VMware vSphere with NSX and vSAN, into a single platform. This can be deployed on premises as a private cloud or ran as a service within a public cloud such as VMC on AWS. Cloud Foundations helps to remove the traditional silos in data centers, merging compute, storage and network to facilitate end-to-end support for application deployment and hybrid-cloud support.
With VMware Cloud Foundations, you can move into a fully software-defined data center. Some of the benefits to this solution are storage elasticity with vSAN, end-to-end security with NSX, automation, better lifecycle management, self driving operations, and hybrid-cloud infrastructure. Which allows you to more seamlessly connect and manage hybrid-cloud offerings from VMware with VMC on AWS.
VMC on AWS is a hybrid cloud service developed jointly by VMware and Amazon. Users can run a VMware software-defined data center on AWS with familiar enterprise tools. These tools are vSphere, NSX, and vSAN. The concept relies on running a native ESXi hyper-visor on AWS bare-metal instances, which enables direct access to the underlying server's processor and memory.
You can learn about these products and much more. Register to attend VMworld 2019!