infraxstructure: Emil Gągała "Ludzie, procesy, technika – czy wirtualizacja sieci to rewolucja w firmie?"
0 likes•159 views
The document outlines best practices for implementing network virtualization, emphasizing the importance of a blended team structure and the necessity of adapting existing roles and processes. It debunks common myths regarding automation and complexity associated with network virtualization, encouraging collaboration and incremental changes for successful transformation. Key recommendations include automating processes, utilizing existing tools, and ensuring career growth opportunities for network engineers as they adapt to new technologies.
infraxstructure: Emil Gągała "Ludzie, procesy, technika – czy wirtualizacja sieci to rewolucja w firmie?"
- 1. © 2015 VMware Inc. All rights reserved. People, processes, technology Network Virtualization Best Practise Emil Gągała Network & Security Architect InfraXstructure, 20.04.2016, Warszawa
- 2. Network Virtualization change areas 2 TechnologyPeople Process Best practices and guidance based on production customers
- 3. The maturity model: the path to the vision 3 Blended Cross-domain and discipline Siloed Specialization Organization (Structure) People (Roles & Responsibilities) People Automated Modern Manual Legacy Processes Tooling Process Minimum Maximum Minimum MaximumLeaf-spine fabric Virtual 3-tier Physical Architecture Infrastructure Architecture
- 5. Myth busters! 5 People You will not be automated out of a job. MYTH #1 Software-defined data center is going to automate me out of a job MYTH #2 Network functions will be absorbed into the virtualization team MYTH #3 A virtual overlay is going to make my job more difficult MYTH BUSTER #1 Your job will not go to the virtualization team. MYTH BUSTER #2 Overlays do not make your job more difficult. MYTH BUSTER #3
- 6. Private cloud | SDDC Traditional network | HDDC Hybrid cloud | SDDC Org structures (simplified view) 6 Successfully operationalized in a variety of org structures Compute Storage Networking People Minimum Maximum OperationsEngineeringArchitecture Minimum Maximum • Blended • Autonomous • Intra-team training Compute Storage Networking
- 7. Best practices CONFIDENTIAL 7 Start with a small, cross-functional team Select change agents Define measures of success Communicate lessons and wins People 1 Network SecurityCompute Storage Incubation team Tiger team
- 8. High impact 8 Unified team working together, sharing lessons learned, and continuously improving People Silos Specialization Blended Cross-domain and discipline A closely-knit team working in unison increases company speed and agility Team gains new expertise and experience, making them more strategic and valuable to the company Leadership opportunity during this networking and security transformation Avoid surprises! New Cloud networking and security roles Org structure People
- 9. 9 Network virtualization is based on networking concepts that require networking expertise Need network engineers to deploy and operate it Career growth and opportunity Network engineers must learn network virtualization to stay current Learning network virtualization is required for future career growth People
- 11. Myth busters! 11 Process & Tooling Virtual networks bring agility and simplicity to processes. MYTH #1 Virtual networks adds complexity to existing processes MYTH #2 You need separate tools to manage virtual and physical networks MYTH #3 Network virtualization reduces visibility MYTH BUSTER #1 Existing management tools can monitor both networks. MYTH BUSTER #2 Provides more context and visibility. MYTH BUSTER #3
- 12. Best practices CONFIDENTIAL 12 Inventory and analyze existing processes Process 2 Inventory Benchmark Measure
- 13. CONFIDENTIAL 13 Start COTS? Create Network Data flow diagram Asset Discovery vCenter (Tags, notes) Define List of IP s & VM s End VMware Infrastructure Navigator Existing Firewalls NetFflow Collectors Existing Documentation Existing Asset and Discovery Monitoring Dashboards Potential Data Sources Define Grouping Objects Documentation Security Groups Vendor Documentation Services / Service Groups IPSETs List of IP AddressesList of VM s Define Security Posture Security Policies Manual Firewall Rules Deploy Performance / Capacity management reports
- 14. Best practices CONFIDENTIAL 14 Automate provisioning and management Process 3 Start with IT automation Quick win: security automation Self-service: portals and catalogs Security Policies & Groups Development workload Test workload Production workload Application type: customer PCI Groups Finance Sales Engineering Standards Config #1 Config #2 Config #3 Config #4 Config #5 Config #6
- 16. Application Dashboard Best practices CONFIDENTIAL 16 Create application-level visibility Process 4 Start with existing tools Use same instrumentation and protocols Using blend of tools is OKHealth Utilization Capacity COMPUTE NETWORK STORAGE Real-time summary Monitoring and troubleshooting Debugging
- 17. High impact 17 Automated processes and enhanced network management Automated Modern Manual Legacy Process & Tooling Policy-based provisioning of networks and services brings agility and eliminates common config. errors Manual operations can be automated (e.g., self service portals, scaling network services, rule management) Single view providing highest level of visibility into virtual and physical SDDC infrastructureProcesses Tooling
- 19. A tightly integrated system from a single vendor is not always best. Technology MYTH #1 A tightly integrated system from a single vendor is the best approach. MYTH #2 Network virtualization requires a re-architecture of the physical network. MYTH #3 Overlay networks are inherently difficult to manage. Myth busters! MYTH BUSTER #1 Network Virtualization works on your existing physical network. MYTH BUSTER #2 Overlay networks have been proven to be flexible and easy to manage. MYTH BUSTER #3
- 20. Define your initial use cases 20 Micro segmentation DMZ anywhere Secure end user Security IT automating IT Multi-tenant infrastructure Developer cloud IT automation Disaster recovery Metro pooling Hybrid cloud networking Application continuity IT optimization Server asset utilization Price | performance Hardware lifecycle $
- 21. Best practices CONFIDENTIAL 21 Implement network virtualization incrementally5 Focus on service quality Collaborate with stakeholders Develop SLAs over time Design the physical network for simplicity Technology Use case #1 Micro-segmentation Communicate • Project wins • Learnings • KPI metrics
- 22. Best practices CONFIDENTIAL 22 Design the network for simplicity and resiliency6 Technology Add networking and security to DR Workload mobility and portability Throughput, scalability, and robustness
- 23. Traditional VLAN network VM1 VM2 Server 1 VM3 VM4 VM5 Server 2 VM6 VM7 VM8 Server 3 VM9 Physical switch Virtual networks: 1 2 3 VLANs Technology
- 24. Software Defined Data Center VM1 VM2 Server 1 VM3 VM4 VM5 Server 2 VM6 VM7 VM8 Server 3 VM9 Controller Technology
- 25. High impact Decouple and abstract networking services for increased control Leaf-spine ECMP fabric Virtual Access/aggregation /core Physical Resilient and scalable leaf-spine architecture increases reliability and performance Centralized point of control for management and monitoring of virtual networks and security Distributed implementation of services means fine-grained policies can be operationalized Technology Architecture Infrastructure
- 26. Next steps 26 Minimum Maximum Minimum Maximum Blended Cross-domain and discipline Silos Specialization People Automated Modern Manual Legacy Process Leaf-spine ECMP fabric Virtual Access/Aggregation /Core Physical Architecture TransformationPilotLearning Organization (structure) People (roles and responsibilities) Processes Tooling Architecture Infrastructure
- 27. Things to remember 27 Operations transformation results in big outcomes and rewards Leadership: set vision, communicate, and involve people Grow: gain expertise and achieve professional and career growth Incremental: start with one use case and set of applications Many have done it. It’s not complicated. Minimal changes.
- 28. Thank You