Register a SA Forums Account here!
JOINING THE SA FORUMS WILL REMOVE THIS BIG AD, THE ANNOYING UNDERLINED ADS, AND STUPID INTERSTITIAL ADS!!!

You can: log in, read the tech support FAQ, or request your lost password. This dumb message (and those ads) will appear on every screen until you register! Get rid of this crap by registering your own SA Forums Account and joining roughly 150,000 Goons, for the one-time price of $9.95! We charge money because it costs us $3,400 per month for bandwidth bills alone, and since we don't believe in shoving popup ads to our registered users, we try to make the money back through forum registrations.
«283 »
  • Post
  • Reply
Dilbert As FUCK
Sep 8, 2007

by Cowcaster


Pillbug

cheese-cube posted:

How are you handling compute/storage? Just interested as from what I've seen the popular option is flex-pods all the way.

Flex pods are okay given that you are okay with the delay of replication, expense per site, and the management overhead. Honestly in this day and age, by one of those UCS routers wuth a nutanix underlay and fail back things to the datacenter.

Personally what I am doing is silo'ing all our poo poo in a data-center, doing fail back to datacenters, then (I forget what ctirix calls it) but it is where you spin up VD sessions on a L2 host and use L2 connectivity to the client and only the main when the failbacks are down. Sorry, I've been cleaning up a SAN administrators mess for the past week so I am out of it...

Misogynist posted:

Has anyone worked with GPU passthrough in either KVM or Xen? I need to load a server with 6 or 8 low-cost GPUs and dedicate them to VMs. Cost is kind of really important, so not having to worry about VMware licensing on this would be great.

If a company was wanting Xen, I'd leave but that isn't always possible. they do vGPU's with Tegra I believe. I work with someone tomorrow who did a build out for a CAD environment with Xen. Nutanix, has some good stuff.

I work with a college doing CAD and 3D printing over VDI, what do you want to know?


Side note, anyone here rolling out VMware's EVO rails? My boss wants me to for our bigger site, I know it's considered small on this forum and "not a datacenter" but we are looking at about 900-1K VDI and 50 Server's. Any experiences in your all's data centers or branch offices with EVO Rails?

Dilbert As FUCK fucked around with this message at Nov 6, 2014 around 01:19

Adbot
ADBOT LOVES YOU

Dilbert As FUCK
Sep 8, 2007

by Cowcaster


Pillbug

Is anyone here actually considering evo rails for branch offices?

I'm indifferent about them after I probed the arch of them.

Maneki Neko
Oct 27, 2000



Dilbert As gently caress posted:

Is anyone here actually considering evo rails for branch offices?

I'm indifferent about them after I probed the arch of them.

I've hard a hard time imagining up a use case for them just based on the lack of flexibility in config. Nothing against hyperconverged blah blah in general, it's just not sized right for anywhere I could justify spending the money for it.

Bitch Stewie
Dec 17, 2011


Dilbert As gently caress posted:

Is anyone here actually considering evo rails for branch offices?

I'm indifferent about them after I probed the arch of them.

Given they start from around $150K what sort of branch offices do you have?

evol262
Nov 30, 2010
#!/usr/bin/perl

Dilbert As gently caress posted:

Is anyone here actually considering evo rails for branch offices?

They're a lot weaker than Nutanix architecturally, are years behind in features, VSAN is worse and more prone to data loss, the price is awful, and the configuration isn't configurable. Plus Nutanix works with non-VMware products. And hypervisors, if you ever want to switch. What's a single good reason to back EVO Rails?

Erwin
Feb 17, 2006



How does EVO Rails compare to Dell VRTX? I have no use case for either, so I haven't looked into either.

Also EVO Rails is the dumbest name.

Vulture Culture
Jul 14, 2003

I was never enjoying it. I only eat it for the nutrients.


Erwin posted:

How does EVO Rails compare to Dell VRTX? I have no use case for either, so I haven't looked into either.

Also EVO Rails is the dumbest name.
EVOO rails sounds like someone used rancid fryer oil instead of machine oil to grease their server mount.

Nukelear v.2
Jun 25, 2004
My optional title text

Erwin posted:

How does EVO Rails compare to Dell VRTX? I have no use case for either, so I haven't looked into either.

Also EVO Rails is the dumbest name.

Different beasts. VRTX shares storage amongst it's blades through a single raid controller.
EVO as I understand is hyper convergence and would be comparable to the new Dell XC series which is their Nutanix platform.
Each blade has it own's storage and tries to keep it's running VM's on that local storage for vastly improved IO because of data locality. Basically a not lovely version of vsan.

TLDR; VRTX is a way to make baby branch office semi-highly available vm platform. Hyperconverged platforms like Simplivity/Nutanix are probably going to be the future of enterprise so you probably want to watch it.

Nukelear v.2 fucked around with this message at Nov 7, 2014 around 16:30

bull3964
Nov 18, 2000

DO YOU HEAR THAT? THAT'S THE SOUND OF ME PATTING MYSELF ON THE BACK.

You can actually configure VRTX with redundant RAID controllers now which makes it a bit more robust.

Nukelear v.2
Jun 25, 2004
My optional title text

bull3964 posted:

You can actually configure VRTX with redundant RAID controllers now which makes it a bit more robust.

I was going to post that this options disables the controller cache, but it seems that as of two days ago they put out firmware that fixes that. It's actually a viable option now.

YOLOsubmarine
Oct 19, 2004

When asked which Pokemon he evolved into, Kamara pauses.

"Motherfucking, what's that big dragon shit? That orange motherfucker. Charizard."


Nukelear v.2 posted:

EVO as I understand is hyper convergence and would be comparable to the new Dell XC series which is their Nutanix platform.
Each blade has it own's storage and tries to keep it's running VM's on that local storage for vastly improved IO because of data locality. Basically a not lovely version of vsan.

EVO just uses vanilla VSAN, which does not enforce node locality for data. Nutanix does attempt to keep data local to the node that owns the VM, but I'm not really sure that's necessary as the latency penalties for cross node acces are pretty low.

skipdogg
Nov 29, 2004
Resident SRT-4 Expert


What's pricing on the VRTX and different EVO Rails solutions look like?

Our standard branch office deployment is just 3 DL360's and a VNXe which runs around 50 grand and will run quite a few VM's. We have several sites with no IT staff at all, and an AIO solution could be nice.

Vaporware
May 22, 2004

Still not here yet.

Nukelear v.2 posted:

I was going to post that this options disables the controller cache, but it seems that as of two days ago they put out firmware that fixes that. It's actually a viable option now.

Does this fix also make them hot-swappable?

Thanks Ants
May 21, 2004

Bless You Ants, Blants



Fun Shoe

skipdogg posted:

What's pricing on the VRTX and different EVO Rails solutions look like?

Our standard branch office deployment is just 3 DL360's and a VNXe which runs around 50 grand and will run quite a few VM's. We have several sites with no IT staff at all, and an AIO solution could be nice.

VRTX is pretty inexpensive, it's priced for the market it's aimed at, which is why it has the ability to be a tower instead of a rackmount unit and has "office level" acoustics.

Has anyone looked at the Dell PowerEdge FX stuff yet?

Nukelear v.2
Jun 25, 2004
My optional title text

NippleFloss posted:

EVO just uses vanilla VSAN, which does not enforce node locality for data. Nutanix does attempt to keep data local to the node that owns the VM, but I'm not really sure that's necessary as the latency penalties for cross node acces are pretty low.

It basically takes you back to SAN level performance, which isn't terrible, but obviously local is better and that's a large selling point. Would say it's also critical to being able to build converged platforms at large scale, something everyone is working to get better at. I have no doubt that vsan will eventually get all the features nutanix has, they just aren't there yet.



@Vaporware That would be some pretty impressive firmware. No, don't think so.


@Skippdogg It depends what all you shove into it, but yea it'd likely be cheaper than that. The real benefit as you mentioned is the AIO nature, makes the barrier to entry for branches or small shops really low.

YOLOsubmarine
Oct 19, 2004

When asked which Pokemon he evolved into, Kamara pauses.

"Motherfucking, what's that big dragon shit? That orange motherfucker. Charizard."


Nukelear v.2 posted:

It basically takes you back to SAN level performance, which isn't terrible, but obviously local is better and that's a large selling point. Would say it's also critical to being able to build converged platforms at large scale, something everyone is working to get better at. I have no doubt that vsan will eventually get all the features nutanix has, they just aren't there yet.

The extra 50 microseconds of latency per transaction isn't going to be noticeable when disk latencies are going to be an order of magnitude larger, even with SSD or PCI flash. There is basically no performance differential between locally and remotely accessed data when the cache begin used is flash. For RAM the difference is substantial because the latencies involved are in the nanosecond range, so network latency is pre-dominant. Local caching creates bin-packing problems since cache workloads are pinned to hosts, and can't be distributed throughout the cluster to balance resources.

There's no uniform thing that could be described as "SAN level performance," because that's entirely dependent on a lot of factors and you can easily get pretty modest array these days that will give you tens of thousands IOPs at a reasonable block size and sub millisecond latencies. But SAN latency is generally limited by media servicing the request (PCI flash, SSD, spinning disk, ram) and not the method of connecting the SAN to the host. Latencies over FC or modern ethernet switches are much lower than latencies for any persistent media we still have available. And even when you enforce data locality like Nutanix that is still only affecting reads, as writes must be written to other nodes and acknowledged before they can be acknowledged back to the client. So you're basically saying that a few microseconds of latency on certain reads are the difference between good and bad performance in a world where anything less than a couple of milliseconds is considered very good. Whatever you gain on the front end from having data local to the node on Nutanix (which is only true if the VM hasn't moved recently) you probably lose due to having to pass the IO through a VM anyway, since they don't hook in to the kernel and run their storage in user space.

The problems with VSAN are that it's immature and has no *good* integrated solutions for backup and replication. Leveraging VMware snapshots is no good because VMware snapshots suck. Storage level snapshots and replication are a much better proposition and that's where Simplivity and Nutanix are still ahead of the game.

DevNull
Apr 4, 2007

And sometimes is seen a strange spot in the sky
A human being that was given to fly



Erwin posted:

Also EVO Rails is the dumbest name.

Don't worry, I'm sure we will change it to something worse in 6 months. That is the VMware way.

Martytoof
Feb 25, 2003

It's called a hassle, sweetheart..



Welp, I upgraded VCSA 5.5 to U2 using the web UI, and after rebooting the appliance it looks like the vSphere Web Client is unavailable. VCSA isn't even listening on port 9443. I'm not really familiar with debugging this thing -- is there a go-to log I should be looking to see why it's not listening to web requests on 9443?

The standard admin WebUI on port 5480 is still up and running, however -- says the web client is in a Running state :|

Martytoof
Feb 25, 2003

It's called a hassle, sweetheart..



Oh wait, nevermind, it just took like half a year to start. Looks like it's up now. Disregard :|

Thanks Ants
May 21, 2004

Bless You Ants, Blants



Fun Shoe

Martytoof posted:

Oh wait, nevermind, it just took like half a year to start.

vcsa_problems.txt

Dilbert As FUCK
Sep 8, 2007

by Cowcaster


Pillbug

Bitch Stewie posted:

Given they start from around $150K what sort of branch offices do you have?


Looking at like 800VDI+50 servers.

The way I look at it HDX/RDS/PCoIP traffic + MPLS/T3 circuts + Net Engineer and SysOp's guys for 40+ sites > 150K+75k HW cost with automated reporting.

Just got done this weekend going over our Main colocated datacenter to effectively use resources, that was fun as poo poo.....

PS: 150K is kinda high depend how much you spend with your vendor and how eager they are to do a case study...

Erwin posted:

How does EVO Rails compare to Dell VRTX? I have no use case for either, so I haven't looked into either.

Also EVO Rails is the dumbest name.

Going to go prod read in AZ in a few weeks, but VRTX's remind me more of blades than evo rails do. Evo Rails seem like a supermicro fattwin with an 10Gb interconnect for vSAN to all blades...

evol262 posted:

They're a lot weaker than Nutanix architecturally, are years behind in features, VSAN is worse and more prone to data loss, the price is awful, and the configuration isn't configurable. Plus Nutanix works with non-VMware products. And hypervisors, if you ever want to switch. What's a single good reason to back EVO Rails?

Nutanix has a lot going for then they focused on converged and moving storage/IOPS to where it is most important. They spent a lot more in R&D, and PoC on things.

EVO rails isn't the BEST solution but it is going to be a mainstreamed one, which is why it will pick up traction. Personally a 3 host ARCH + a decent node + Engineer with competent DR plan > evo rails. But simplest poo poo to sell usually wins, even if it isn't the most full proof.

I have a few vendor relations with Nutainix and a few talks lined up with them, dunno if I'll bite.. Too few Charlotte, NC jobs... Probably go for Peak10, Varrow, or something offering me 110K min.


PS: NSX/VLXan's; some cool poo poo! Hope VMware gets competition and makes it more available....

Dilbert As FUCK fucked around with this message at Nov 11, 2014 around 03:06

Pantology
Jan 16, 2006



Dinosaur Gum

Dilbert As gently caress posted:

. Evo Rails seem like a supermicro fattwin with an 10Gb interconnect for vSAN to all blades...


It's more like a Supermicro TwinPro^2.

Dilbert As FUCK
Sep 8, 2007

by Cowcaster


Pillbug

Pantology posted:

It's more like a Supermicro TwinPro^2.

Yes exactly I forgot the ^2, I believe VMware contracted with them
http://ir.supermicro.com/releasedet...eleaseID=867502

Pantology
Jan 16, 2006



Dinosaur Gum

Dilbert As gently caress posted:

Yes exactly I forgot the ^2, I believe VMware contracted with them
http://ir.supermicro.com/releasedet...eleaseID=867502

Them and seven other OEMs, yes. VMware sets the specs, OEMs make the hardware. Supermicro, Dell, HP, EMC, Fujitsu, HDS, Inspur, and NetOne have or will shortly have EVO:RAIL SKUs. They all look about the same. I've seen public speculation that EMC's version will have extra software knobs, but I haven't seen public confirmation of that yet.

1000101
May 14, 2003

BIRTHDAY BIRTHDAY BIRTHDAY BIRTHDAY BIRTHDAY BIRTHDAY FRUITCAKE!

Dilbert As gently caress posted:



PS: NSX/VLXan's; some cool poo poo! Hope VMware gets competition and makes it more available....

http://www.arista.com/en/solutions/...-virtualization

http://www.cisco.com/c/en/us/soluti...ture/index.html

http://www.juniper.net/us/en/produc...s/sdn/contrail/

http://msdn.microsoft.com/en-us/lib...rdware/dn144775(v=vs.85).aspx

https://wiki.openstack.org/wiki/Neutron

Pretty much every network vendor has a hardware VTEP. Most do l2 vxlan in hardware and some even do l3 in hardware.

Dilbert As FUCK
Sep 8, 2007

by Cowcaster


Pillbug


Problem is doesn't have that big of a name yet... cool poo poo but when the investors are more secure with their pockets.


Kinda pricy, even if you spend ~25mill a year on them, but does have a name I can work with and a structure I can help other engineers stand with.


Love it but, "too hard for adaptation" But palo Alto isn't.... I dunno what to say other than throw my hands up and say "management!" on this

Windows and networking? noo, just no one would do it.

I am the only person who actually understands this at my company, and am teaching it to our CCNP/Sub Storage/VM guy... long path up hill compared to the simplicity of VMwares solution. Honestly thought this was a waste of time about while I waited at airports; glad to see someone else knows what the gently caress openstack is...

quote:

Pretty much every network vendor has a hardware VTEP. Most do l2 vxlan in hardware and some even do l3 in hardware.

Problem I have is not my company's confidence in me or my ability, it's the fact the company can honestly not spend any more on it's infrastructure donig the "wild wild west of IT" on things with as few people as we do.


Seriously Xenapp+MCS+PVS on AWS? Yeah 3 people doing it for +20K Xen/view/Xenapp/etc deploy... Not even local VCDX's or larger companies believe us till we do it...

Supposidly, Citrix is going to do what we do next year, but 10011101 feel free to PM me if you want to hear how crazy we are in doing things...

Pantology posted:

Them and seven other OEMs, yes. VMware sets the specs, OEMs make the hardware. Supermicro, Dell, HP, EMC, Fujitsu, HDS, Inspur, and NetOne have or will shortly have EVO:RAIL SKUs. They all look about the same. I've seen public speculation that EMC's version will have extra software knobs, but I haven't seen public confirmation of that yet.

We'll see, dell has some good offers right now.

Dilbert As FUCK fucked around with this message at Nov 11, 2014 around 04:59

1000101
May 14, 2003

BIRTHDAY BIRTHDAY BIRTHDAY BIRTHDAY BIRTHDAY BIRTHDAY FRUITCAKE!

Was just pointing out potential competitors and the fact that pretty much every network vendor supports VXLAN in some form (you can even buy NICs from Intel with VXLAN offload.)

Dilbert As gently caress posted:

Problem is doesn't have that big of a name yet... cool poo poo but when the investors are more secure with their pockets.

We're doing very will with Arista in a lot of accounts. It's a low cost reliable switch based pretty much on a lot of the same hardware you'll find in the Nexus 9k.


quote:

Kinda pricy, even if you spend ~mill a year on them, but does have a name I can work with and a structure I can help other engineers stand with.

The nexus 9k will generally win when head to head with other 40GbE vendors. That said you can get in the door with 125,000.


quote:

Love it but, "too hard for adaptation" But palo Alto isn't.... I dunno what to say other than throw my hands up and say "management!" on this

Not sure what you're saying here!

quote:

Windows and networking? noo, just no one would do it.

It's so horrible in fact that Cisco decided to also do hardware accelerated NVGRE on the 9k platform....


quote:

Seriously Xenapp+MCS+PVS on AWS? Yeah 3 people doing it for +20K Xen/view/Xenapp/etc deploy... Not even local VCDX's or larger companies believe us till we do it...

Dunno what you're saying here?

evol262
Nov 30, 2010
#!/usr/bin/perl

Dilbert As gently caress posted:

I am the only person who actually understands this at my company, and am teaching it to our CCNP/Sub Storage/VM guy... long path up hill compared to the simplicity of VMwares solution. Honestly thought this was a waste of time about while I waited at airports; glad to see someone else knows what the gently caress openstack is...
Neutron's a pig largely because VMware, Juniper, and Cisco have successfully leveraged their positions to make sure that the default, in-kernel Neutron/netns stuff is as neutered as possible so people buy :products:, but it's a performant, flexible SDN solution that does VXLAN, GRE, VLAN, and every other segmentation you can think of. Even if the default MTU sucks for vxlan.

It's not actually any more complex than any other sdn solution. Including VMware's. It's just familiarity. I know Neutron, so defining virtual routers and mappings through its api or Horizon makes sense to me. I don't know NSX, and it looks inflexible and hamstrung. Familiar often means "simple".

Dilbert As FUCK
Sep 8, 2007

by Cowcaster


Pillbug

1000101 posted:

Was just pointing out potential competitors and the fact that pretty much every network vendor supports VXLAN in some form (you can even buy NICs from Intel with VXLAN offload.)
No offence, I wasn't shooting you down because of the branding(well for the most part).


quote:

We're doing very will with Arista in a lot of accounts. It's a low cost reliable switch based pretty much on a lot of the same hardware you'll find in the Nexus 9k.
Yeah I bet, and honestly I would say you are right, but me selling my 3 of 9 directors on that does not win a business... I know you know it but yeah... I'd love to talk it with you but I am not sure what a company my size would ever have with you. We only have 40 sites + 2 AWS VPC's + 2 "infrastructure DataCenters"


quote:

The nexus 9k will generally win when head to head with other 40GbE vendors. That said you can get in the door with 125,000.
I agree

quote:

Not sure what you're saying here!
I love juniper, have a few friends who work onsite for NMCI, one in the VMware class, and a few who worked/work for them. I like them a lot but as someone who is doing full on cisco it is a tough sell, to explore other things. But the kick back has been out of this world... I am not sure how to describe it.

quote:

It's so horrible in fact that Cisco decided to also do hardware accelerated NVGRE on the 9k platform....
figured

quote:

Dunno what you're saying here?

Just some dumb poo poo we are doing, honestly we do poo poo that isn't even tested and we make it work with a 2(systems) engineers and 2 (network) engineers. Not sure how you can fit in on that but I dunno just throwing it out there...

evol262 posted:

Neutron's a pig largely because VMware, Juniper, and Cisco have successfully leveraged their positions to make sure that the default, in-kernel Neutron/netns stuff is as neutered as possible so people buy :products:, but it's a performant, flexible SDN solution that does VXLAN, GRE, VLAN, and every other segmentation you can think of. Even if the default MTU sucks for vxlan.

It's not actually any more complex than any other sdn solution. Including VMware's. It's just familiarity. I know Neutron, so defining virtual routers and mappings through its api or Horizon makes sense to me. I don't know NSX, and it looks inflexible and hamstrung. Familiar often means "simple".
out at your place soon, I would be glad to talk all this over and I loving agree man.

The problem is when you come into reliability, support-ability, replacibility(engineer), and flexibility. Cisco has some decent poo poo already out there that most people can grasp to learn NSX/VXLANS and the SDN networkings. That is the harder sell than the tech and such.

I think the issue more or less is an internal stuggle when you need to affirm that SDN does not replace jobs but asks of Net Engineers to work more effectively... Which becomes a problem since SysAdmins and NetAdmins responsibilities are shared..


I guess the problem with good solid advice is that it only goes as far as the budget.

Dilbert As FUCK fucked around with this message at Nov 11, 2014 around 05:29

evol262
Nov 30, 2010
#!/usr/bin/perl

Dilbert As gently caress posted:

out at your place soon, I would be glad to talk all this over and I loving agree man.

The problem is when you come into reliability, support-ability, replacibility(engineer), and flexibility. Cisco has some decent poo poo already out there that most people can grasp to learn NSX/VXLANS and the SDN networkings. That is the harder sell than the tech and such.

I think the issue more or less is an internal stuggle when you need to affirm that SDN does not replace jobs but asks of Net Engineers to work more effectively... Which becomes a problem since SysAdmins and NetAdmins responsibilities are shared..

I think it's totally fine for sysadmins and network admins to work on the same platform and share some responsibility. Good admins on either side often know a little about the other side anyway.

All the problems you named are SDN in general (reliability, supportability, replacability, etc). If you understand, broadly, how networking works, you'll be able to handle SDN. If you don't, a well-structured tool can help you get it to the point that it works, sort of, but you're still gonna be in a bad place when it falls over or you can't figure out how to route between networks (or how to stop routing between tenant networks), etc.

For Neutron in particular, imagine that any/every network company on this list steps up and says "well, I don't know if Neutron should do that out of the box, but maybe it should support drivers which let you do it...", then proceeds to write their own driver so people buy their kit. Cisco is particularly bad. OpenDaylight exists for a reason.

If Neutron is hard to use and a little crippled (even though it's as functional as NSX), it's because that's what the other named vendors want.

Dilbert As FUCK
Sep 8, 2007

by Cowcaster


Pillbug

evol262 posted:

I think it's totally fine for sysadmins and network admins to work on the same platform and share some responsibility. Good admins on either side often know a little about the other side anyway.

All the problems you named are SDN in general (reliability, supportability, replacability, etc). If you understand, broadly, how networking works, you'll be able to handle SDN. If you don't, a well-structured tool can help you get it to the point that it works, sort of, but you're still gonna be in a bad place when it falls over or you can't figure out how to route between networks (or how to stop routing between tenant networks), etc.

For Neutron in particular, imagine that any/every network company on this list steps up and says "well, I don't know if Neutron should do that out of the box, but maybe it should support drivers which let you do it...", then proceeds to write their own driver so people buy their kit. Cisco is particularly bad. OpenDaylight exists for a reason.

If Neutron is hard to use and a little crippled (even though it's as functional as NSX), it's because that's what the other named vendors want.

This time zone is killer, can we just meet at flemmings, House of tricks, tilt a kilt, Lon's, or <name a fancy rear end place here>?

I'd invite you and 1000101(I owe him) for some fancy place.

Be in Phoenix 1-5, then San Fran 6-8th

1000101
May 14, 2003

BIRTHDAY BIRTHDAY BIRTHDAY BIRTHDAY BIRTHDAY BIRTHDAY FRUITCAKE!

evol262 posted:

It's not actually any more complex than any other sdn solution. Including VMware's. It's just familiarity. I know Neutron, so defining virtual routers and mappings through its api or Horizon makes sense to me. I don't know NSX, and it looks inflexible and hamstrung. Familiar often means "simple".

What makes NSX look inflexible and hamstrung to you? (honest question not challenging you.)

I ask because you can plug it right into Neutron and everything just sort of works so it's at least as flexible as that.

Neutron in Icehouse has some things that bug me but I did notice that Juno's added this: https://wiki.openstack.org/wiki/Neutron/DVR

If you're interested I can do a braindump of interesting bits of NSX that I'm not sure have an analogue in Neutron with openvswitch.

edit:

If you're in San Francisco then you want to eat a bone-in fillet here: http://www.boboquivaris.com/

evol262
Nov 30, 2010
#!/usr/bin/perl

Dilbert As gently caress posted:

This time zone is killer, can we just meet at flemmings, House of tricks, tilt a kilt, Lon's, or <name a fancy rear end place here>?

I'd invite you and 1000101(I owe him) for some fancy place.

Be in Phoenix 1-5, then San Fran 6-8th

Phoenix timezone sucks, especially with time changes, since we don't do it.

Tilted Kilt in Tempe works for me.

1000101 posted:

What makes NSX look inflexible and hamstrung to you? (honest question not challenging you.)

I ask because you can plug it right into Neutron and everything just sort of works so it's at least as flexible as that.

NSX itself is incredibly flexible and capable. If you plug it into something else. And I'd take a long look before I said it was easier to use or better than other vendor's solutions (Neutron+openvswitch not really being a "vendor"). It's just that it sucks a little out of the box. It's an incredible, almost unbelievable number of wizards and boxes you need to click through to get anything done. I'm sure there's a more reasonable interface somewhere, but I haven't seen it.

1000101 posted:

Neutron in Icehouse has some things that bug me but I did notice that Juno's added this: https://wiki.openstack.org/wiki/Neutron/DVR

If you're interested I can do a braindump of interesting bits of NSX that I'm not sure have an analogue in Neutron with openvswitch.
Without putting too fine a point on it, Openvswitch doesn't have those analogues because certain partners have enough pull to insist that the reference implementation of Neutron doesn't need them, and that they're better as vendor-adds through plugins to NSX or Nexus 9ks or whatever, which is kind of what I was alluding to in my earlier posts.

Dilbert As FUCK
Sep 8, 2007

by Cowcaster


Pillbug

1000101 posted:

What makes NSX look inflexible and hamstrung to you? (honest question not challenging you.)

NSX: Low customer user base. When I explained it to the 6 network engineers we had; they got worried it would replace their jobs. Same way at the MSP/VAR's I was at. SDN was a killer to CCIE's and CCNP's.... Which it isn't, only a mere way for them to adapt. However, most directors and such see this as a Network eliminating job... Mine embraces it as he sees this as a way to take hold of the future and make all their network issues become manageable given a limited staff.

It took me about 2 weeks to fully explain SDN does not cut jobs but only asks for current positions to improve and standardize on their practices. After I did that, they love the idea of SDN; they are all gung ho about it. The issue which a fond friend of mine was like WTF about, was that when you sell a new tech you can't always say "I am replacing jobs", just cut the costs of HW and SW; then let the managers decide.

quote:

I ask because you can plug it right into Neutron and everything just sort of works so it's at least as flexible as that.

Which is why the biggest push back you are going to get from three letter titles is the fact you are eliminating jobs. The human element is always the strongest part of any solution, you can make a warp core that eliminates humans from running it, but it won't sell because people will question why they run it.

I'd say if you want to win more customers over, don't focus purely on the staff costs(as dumb as it sounds I know; staff takes up the most cost), focus on making all the jobs of the solutions you provide easier and making them work more effectively, while cutting HW/SW costs; more than cutting jobs.

quote:

Neutron in Icehouse has some things that bug me but I did notice that Juno's added this: https://wiki.openstack.org/wiki/Neutron/DVR

Is it because the unsolicited probing it does during a kernel panic or and I looking too deep into it, and missing the obvious?

quote:

If you're interested I can do a braindump of interesting bits of NSX that I'm not sure have an analogue in Neutron with openvswitch.

I'd actually like not to focus on a brain dump because those are stupid. I'd rather more so like to learn how I am right/wrong and then improve upon myself in those aspects. Brain dumps are pointless, regardless how fast I learn, I want to earn it rather than burn it.


quote:

If you're in San Francisco then you want to eat a bone-in fillet here: http://www.boboquivaris.com/

If you are in town I'll pay you and your friend back double, name the place but that looks great.

Dilbert As FUCK
Sep 8, 2007

by Cowcaster


Pillbug

evol262 posted:

Phoenix timezone sucks, especially with time changes, since we don't do it.

Tilted Kilt in Tempe works for me.

Hope you are willing to work with my directors....


quote:

NSX itself is incredibly flexible and capable. If you plug it into something else. And I'd take a long look before I said it was easier to use or better than other vendor's solutions (Neutron+openvswitch not really being a "vendor"). It's just that it sucks a little out of the box. It's an incredible, almost unbelievable number of wizards and boxes you need to click through to get anything done. I'm sure there's a more reasonable interface somewhere, but I haven't seen it.
The problem I find with it is these:
1) VARS
You introduce something as simple as NSX, Where to the cisco VAR's go?
2) IT groups
I did some on the side stuff for a mid size college of mine last week, they pushed back on NSX/VXLAN'S because they felt the job displacement instead of looking at it as opportunity. (not a fault of SDN, incompetence which if MSP/VAR'S want to win they better understand job placement and replacement!)
3)Traditional Bureaucracy
It's evolve or die, the problem is too many people want to be home depot and ride the stuff they learned out. Sometimes you just gotta earn it if you can smell the dinosaurs.


quote:

Without putting too fine a point on it, Openvswitch doesn't have those analogues because certain partners have enough pull to insist that the reference implementation of Neutron doesn't need them, and that they're better as vendor-adds through plugins to NSX or Nexus 9ks or whatever, which is kind of what I was alluding to in my earlier posts.
The problem with openstack is:
1. Low support
2. Need linux engineer
3. little to no gui
4. rapid release updates which do things!
6. unlike vCAC not meant for SMB

1000101
May 14, 2003

BIRTHDAY BIRTHDAY BIRTHDAY BIRTHDAY BIRTHDAY BIRTHDAY FRUITCAKE!

If there's an interest/desire I can write up an effortpost on NSX.

evol262 posted:

I'm sure there's a more reasonable interface somewhere, but I haven't seen it.

Comedy "REST API" option... I say that only partially in jest as the intent is to manage it via the API/through your cloud tool of choice (pretty much VMware vCAC or Openstack)

quote:

Without putting too fine a point on it, Openvswitch doesn't have those analogues because certain partners have enough pull to insist that the reference implementation of Neutron doesn't need them, and that they're better as vendor-adds through plugins to NSX or Nexus 9ks or whatever, which is kind of what I was alluding to in my earlier posts.

Fair enough. Worse case scenario you can roll NSX-MH and have the best of both worlds.

quote:

NSX: Low customer user base.

This isn't something that hamstrings it. It's a negative against the product but it's not hamstringing it in any specific way.

quote:

The problem I find with it is these:
1) VARS
You introduce something as simple as NSX, Where to the cisco VAR's go?
2) IT groups
I did some on the side stuff for a mid size college of mine last week, they pushed back on NSX/VXLAN'S because they felt the job displacement instead of looking at it as opportunity. (not a fault of SDN, incompetence which if MSP/VAR'S want to win they better understand job placement and replacement!)
3)Traditional Bureaucracy
It's evolve or die, the problem is too many people want to be home depot and ride the stuff they learned out. Sometimes you just gotta earn it if you can smell the dinosaurs.

Cisco VARs aren't going anywhere. Our current NSX customers are also heavy Cisco customers. It's just now they can provide a lot of rich network services regardless of network vendor. This is helpful since we're also Arista and Juniper resellers.

Regarding IT groups, if you pitch it right the network people should love it. You can build a fast converging very reliable network that's able to use all of the network bandwidth without resorting to things like MLAG/VSS/vPC or weird technologies like QFabric or Fabricpath. If you're using NSX (or any overlay technology really) then you can have the best of both worlds: server people get to VMotion poo poo anywhere in the datacenter and your network can be designed using L3 ECMP and be rid of STP. This means less pain for the network engineers and they can focus on more interesting projects.

Regarding the last point, this is pretty common but it's a fight that can be won if you have a good use case where overlays are "the right answer."

For example I have a customer right now that's hosting application stacks for their customers. They're doing the network multi-tenancy via VRF-lite and have ~200ish deployed application stacks. VPN tunnels to their customers get terminated on a single pair of firewalls which are starting to hit scalability limits. We're looking at NSX since it integrates with their preferred firewall vendor and basically scales as long as you have compute resources to throw at it.

quote:

The problem with openstack is:
1. Low support
2. Need linux engineer
3. little to no gui
4. rapid release updates which do things!
6. unlike vCAC not meant for SMB

#2 and #3 aren't really major show stoppers in my market (granted it's the Bay Area.) #1 can be addressed by buying commercial openstack (Red Hat support has been pretty helpful to my customers.) The last point I disagree with. You can pretty much be up and running with RHEL OSP in a day or two on some pretty cost effective hardware. From a pricing perspective it's potentially a much better fit if you've got an even average linux skillset.

Regarding #4 you can avoid this simply by using a vendor supplied distribution like Rackspace, Red Hat, Canonical, Mirantis, etc. They are packaging on a fairly regular schedule and tend to qualify features/packages before just rolling them right in.

Dilbert As FUCK
Sep 8, 2007

by Cowcaster


Pillbug

It's 2am

can I respond to that in the morning?

Jeoh
Jul 20, 2010



No, this is a real-time conversation, not a thread on an Internet comedy forum.

Anyone used Cloud Cruiser before? We're looking into it to support our chargeback model. Ties in nicely with Windows Azure Pack, too.

evol262
Nov 30, 2010
#!/usr/bin/perl

1000101 posted:

If there's an interest/desire I can write up an effortpost on NSX.
I'd definitely be interested.

1000101 posted:

Comedy "REST API" option... I say that only partially in jest as the intent is to manage it via the API/through your cloud tool of choice (pretty much VMware vCAC or Openstack)
I'd rather use a REST API than what I've seen of NSX. Still not sure whether this comes down on "simple to use" or not, though using it through vCAC or a Neutron driver is as simple as either of those tools.

Dilbert As gently caress posted:

Hope you are willing to work with my directors....
My schedule's pretty flexible. Perks of working from home as the only US team member.

Dilbert As gently caress posted:

The problem I find with it is these:
1) VARS
You introduce something as simple as NSX, Where to the cisco VAR's go?
2) IT groups
I did some on the side stuff for a mid size college of mine last week, they pushed back on NSX/VXLAN'S because they felt the job displacement instead of looking at it as opportunity. (not a fault of SDN, incompetence which if MSP/VAR'S want to win they better understand job placement and replacement!)
3)Traditional Bureaucracy
It's evolve or die, the problem is too many people want to be home depot and ride the stuff they learned out. Sometimes you just gotta earn it if you can smell the dinosaurs.
SDN isn't any more simple than traditional networking. You still need network people, and you still need network kit.

To turn this around, replace NSX with AWS. "You introduce something as simple as AWS, where do all the VARs go?" Insight and others are doing fine.

Sysadmins didn't go away either. It's easy for infrastructure people to look at all this software defined stuff and see it as displacement not because they don't know it's an opportunity, but because making upper management or mid-level devs/admins understand that you still actually need someone who understands all this stuff is harder. Go look at all the startups desperately hiring SREs (instead of "admins") because their developer-driven architecture is held together by duct tape and gum. But you can get by that way for a little while as long as you can punt DNS to Route53, etc.

I'd wager that SDN doesn't scare Sepist. But having someone come in and say "NSX is so simple, anyone can do it!" can put the fear into people because it's a half-truth which appeals to management who sees IT as bloated, not because it's actually true. Anyone can do it. Not anyone can do it well. But that understanding may dawn too late to keep their admins.

Dilbert As gently caress posted:

The problem with openstack is:
1. Low support
2. Need linux engineer
3. little to no gui
4. rapid release updates which do things!
6. unlike vCAC not meant for SMB

Openstack has problems, but I don't know that any of these qualify. You could apply many of the the same arguments to Linux, with the same answers.

The rapid release and support issues by using an actual distribution from Red Hat or Mirantis or Rackspace or whoever.

It's hard to find a cloud environment that doesn't have Linux people. Not that Windows doesn't or can't run, but it's not the target market at the moment, and there are still a number of hacky "solutions" for passing cloud metadata into Windows and problems with scaling out automatically. Powershell DSC and other tools will probably help.

I'm not sure what real benefits multitenancy, "cattle", and horizontal scaling have for SMBs. Traditional virt has its place. I'm sure there are SMBs out there doing in-house, but I don't know that I'd put it as a pro.

No GUI isn't even a con. If you're dealing with an environment that's as automated as possible (), just script it through utilities and the API.

But a vCAC v. Openstack argument is just as pointless. They're both fine products. VMware sees the writing on the wall, and they're doing both.

Adbot
ADBOT LOVES YOU

adorai
Nov 2, 2002

10/27/04 Never forget

Grimey Drawer

I have a question about all the NSX talk. I watched the videos, but haven't dived in too deeply.

How does the rest of the network learn about the NSX networks? From the network side, if I want to "create a new network" I create a VLAN across the switches that will use it, put an interface for a subnet on a router, and advertise with a routing protocol. My environment is pretty small and the system admins know about the network, so it's not an issue for us, but in a larger organization how do you stop them from advertising already used subnets?

  • 1
  • 2
  • 3
  • 4
  • 5
  • Post
  • Reply
«283 »