Virtualization

Today DataCore announced their latest SANsymphony-V release. After the merge of SANmelody & SANsymphony, SANsymphony-V10 is the 10th generation of DataCores flagship product. Interestingly DataCore uses the terms  “software-defined” and “Virtual SAN”. Whether the product of the definition of the terms corresponds everyone should decide for themselves. But this is another story.

What is DataCore SANsymphony-V?

What DataCore definitely does is automating and simplifying storage management and provisioning. I really like it the simplicity. DataCore SANsymphony-V can deliver enterprise-class functionality, like synchronous mirroring, replication, snapshots, clones, thin-provisioning and tiering . It runs on x86 hardware with Microsoft Windows Server 2008 or 2012. Multiple servers can grouped together for load balancing and redundancy. A storage pool can created out of the internal or external flash and roting rust. Single or mirrored virtual disks can be carved out of this storage pool. Hosts can access these virtual disks using iSCSI or Fibre-Channel. Because DataCore SANsymphony-V10 can use several different technologies as backend for storage pools, it’s easy to replace backend storage. You can add or remove disks to or from storage pools. If you backend storage is an old EMC CLARiiON and you get a new HP MSA 2040 Storage, you can replance the old storage without disruption.

In 2008 HP acquired LeftHand Networks for “only” $360 million. In relation to the acquiration of 3PAR in 2010 ($2.35 billion) this was a  really cheap buy. LeftHand Networks was a pioneer in regard of IP based storage build on commodity server hardware. Their secret was SAN/iQ, a linux-based operating system, that did the magic. HP StoreVirtual is the TAFKAP (or Prince…? What’s his current name?) in the HP StorageWorks product familiy. ;) HP LeftHand, HP P4000 and now StoreVirtual. But the secret sauce never changed: SAN/iQ or LeftHand OS. Hardware comes and goes, but the secret of StoreVirtual was and is the operating system. And because of this it was easy for HP to bring the OS into a VM. StoreVirtual Virtual Storage Appliance (VSA) was born. So you can chose between the StoreVirtual Storage nodes (HW appliances) and the StoreVirtual VSA, the virtual storage appliance. This article will focus on the StoreVirtual VSA with LeftHand OS 11.

A side effect of data growth is the growth of the amount of data that must be backed up. The path of least resistance is buying more disks and/ or tapes. Another possible solution is data deplucation. With data deduplication you can’t reduce the amount of data that must be backed up, but you can reduce the amount of data that must be stored. HP StoreOnce Backup is HPs solution to address this problem.

A discourse is going on in the community. I can’t say who has started the discourse, but the number of blog postings to this discourse is an indication for the interest at this topic. But what’s the topic?

Homelabs

A homelab is the datacenter of the poor man. Some people have the luck to use a fully populated data center for test and study purposes. Our job requires to work with the latest technology and products, so we need an environment for test- and study purposes. Back in the days it was sufficient to have some VMs on you computer or laptop. But as virtualization moved into the data center, it was necessary to have this in the lab. At this point homelabs began to explode.

I’m a big fan of Juniper Networks! I work mainly with the SSG (ScreenOS) and SRX (Junos) series. The Juniper SRX is a network security solution, which can be positioned in the data center or at the branch. You will surely agree, that virtualization and cloud computing changed a lot from the network perspective. This demands security solutions that are not bound to hardware boundaries. Juniper Firefly Perimeter addresses this demands.

What is Juniper Firefly Perimeter?

Juniper Firefly Perimeter is a SRX Service Gateway and it’s delivered in form of a virtual appliance. You can compare it with HP VSR1000 Virtual Service Router or Cisco Cloud Service Router 1000V. Firefly Perimeter is available for VMware vSphere 5.x and Linux KVM. Microsoft Hyper-V is currently not supported. When you take a look into the datasheet you will notice, that Firefly Perimeter can all the cool things, that you expect from this kind of a virtual appliance: From simple routing, routing protocols (RIP, OSP, BGP, IS-IS…), MPLS, VPN, stateful/ stateless firewall, Network attack detection, a lot of management feature and many more.

One possible use case for the HP VSR1000 is to build IPsec tunnels for secure data transfer. In this post I will show you how to configure a IPsec tunnel between two HP VSR1000. If you need a short introduction, feel free to take a look at this article.

The experimental setup

We have two server VMs (in this case Windows Server 2008 R2 with SP1) and two HP VSR1000 Virtual Service Router. To simplify I added a vSwitch without uplinks to my ESXi at home. This vSwitch has three port groups. While each VSR1000 is connected to only one site and the WAN port group, the server VMs are only connected to one site. The WAN port group should simulate the WAN link, but in reality WAN can be anything. This is a screenshot of the ESXi vSwitch and port group configuration, as well as the logical setup.

Nutanix was founded in 2009 and left the stealth mode in 2011. Their Virtual Computing Platform combines storage and computing resources in a building block scheme. Each appliance consists up to four nodes and local storage (SSD and rotating rust). At least three nodes are necessary to form a cluster. If you need more storage or compute resources, you can add more appliances, and thus nodes, to the cluster (scale out). Nutanix scales proportionately with cluster growth. The magic is not the hardware - it’s the software. The local storage resources of each appliance are passed to the Nutanix Controller VM (CVM). The CVM services I/O and storage to the VMs and is running on each node, regardless of the hypervisor. You can run VMware ESXi, Microsoft Hyper-V and KVM on the nodes. Although the Nutanix Distributed File System (NDFS) is stretched across all nodes, I/O for a VM is served by the local CVM. The storage can be presented via iSCSI, NFS or SMB3 to the hypervisor.

In an earlier blog post I wrote a bit about virtual service routers. Now I want to show you how easily you can deploy a virtual service router in your lab. To do so I have downloaded the the HP VSR1000 Virtual Service Router and the Cisco Cloud Service Router 1000V. If you want to know how to download them, just read the mentioned blog post. Because both virtual service routers delivered as OVA, I can easily deploy them through the vSphere Client (sorry, no Web Client. It’s a standalone HP Micro Server without a vCenter). I will show an example on how to deploy the Cisco CSR1000V. That procedure is exactly the same for the HP VSR1000. The procedure is pretty straightforward. The screenshots are self-explanatory.

Today you can get nearly everything as a virtual appliance. So even a router. Usually virtual router appliances are used for the same purposes as physical router: Connecting different networks. A router is nothing more then a piece of hardware and software. Due to this fact a router can be easily deployed as a virtual appliance. So where do you find router typically? In you datacenter? Yes, but in a datacenter you will deal typically with layer-3 switches rather than a classical router. In you WAN? That’s much warmer. Think of all the CE router in the branch offices, or the router that is running at a SMB customer. Or the small linux VM with IPtables which secures a special VM on your hypervisor. Or public cloud deployments. But what’s the benefit of a virtual router?