VMware ESXi vSwitch Extension at Equinix Metal Digital Services
Introduction
Equinix Metal Digital Services provides bare metal servers as a service at a variety of POPs around the world. Bare metal servers offer the on-demand model, flexibility, and API-driven deployment patterns of Cloud Service Providers, along with the direct benefits of hosting your workload on server devices under your complete control. Equinix Metal Digital Services provides a fully programmable stack that includes compute, storage, networking, OS provisioning, and host cycle management via Web Portal and API.
Companies who have invested heavily in server virtualization on-premise are often left in a challenging position - how to migrate legacy virtualized workloads to Cloud Service Providers. Often, these efforts require multi-year software engineering efforts to make those workloads "Cloud Native." On the other hand, a "lift and shift" modernization can move workloads to modern, managed infrastructure, while maintaining their existing virtualized environment.
VMware ESXi is a popular hypervisor in use across the industry, providing server, network, and storage virtualization. VMware's networking stack provides support for local and distributed vSwitches, heavily leverages VLANs for segmentation purposes, and assumes it is built upon one or more fully connected Layer 2 networks. A common deployment scenario uses top of rack Ethernet switches in a multi-chassis Link Aggregation Group (commonly known as MLAG or MC-LAG) pair.
Challenges arise in this model when trying to migrate workloads using the Layer 2 model. As VMware's knowledge of Internet routing, SD-WAN, and encryption is limited, it can often require the adoption of multiple additional components to create fully distributed VMware networks across multiple locations. These additional components often require additional knowledge of BGP routing, IPSEC encryption, and a multitude of license fees.
Big Network has partnered with Equinix Metal Digital Services to build a migration pathway for VMware ESXi clusters to Equinix Metal Digital Services, leveraging Big Network's Edge Pro and Edge Virtual to provide Layer 2 VLAN-aware trunks across the global Internet. This allows point and click VLAN allocation and assignment within the native ESXi environment, regardless of where ESXi clusters are deployed - on-premise, colocated, and hosted at Equinix Metal Digital Services.
The Challenge
In migrating from On-Premise Infrastructure to Equinix Metal Services, or building a hybrid cluster, the challenge exists in how to best link disparate networks together. Shown above, we have an On-Premise Infrastructure with a simple 2x switch multi-chassis LAG (MLAG) cluster in use. The VMware ESXi infrastructure is using VLANs for network segmentation. For Wide Area Networking (WAN), the deployments solely have Internet Access available. The challenge exists in how to "extend" those VLANs to Equinix Metal Digital Services as the Internet does allow VLAN tagged frames to be carried.
Extending VLANs using Edge Pro and Edge Virtual
Edge Pro and Edge Virtual are logical choices to extend VLAN trunks from your on-premise Infrastructure to Equinix Metal. Since Cloud Networks are Layer 2 by nature, they can be used to carry VLAN tagged frames across a full mesh SD-WAN created among the Edge Pro and Edge Lite.
Required Components and Configuration
Cloud Network
Your Cloud Network should be configured as a flat Layer 2 Cloud Network, without any defined IP range or IP pool.
Edge Pro Configuration
Follow our guide to on-board your Edge Pro at your On-Premise Infrastructure location.
Configure the VLAN trunk from your switch cluster to Edge Pro Ethernet Port via a Local Service to the Cloud Network defined.
Edge Virtual Configuration
Deploy Edge Virtual on top of Equinix Metal's c3.small.x86 as an Unbonded Hybrid Network server running Ubuntu 20.04 LTS and KVM.
Your host will require at least an additional /30 of IPv4 address space to provide WAN addressing between KVM and Edge Virtual.
Configure VLAN trunks at Equinix Metal to be carried to the Edge Virtual Host. Configure a Linux bridge from the Unbonded L2 interface to Edge Virtual's LAN port.
Caveats
* Big Network does not suggest extending storage related networking fabrics such as NFS or iSCSI via the Internet.
Related Articles
Edge Virtual: Installation and On-Boarding on the VMware ESXi 7.X Hypervisor
Introduction This guide provides instructions to install and on-board Edge Virtual on the VMware ESXi 7.X Hypervisor. Note: Edge Virtual is available in a Limited Release at this time. Throughput may vary based upon Host OS, Hypervisor, and ...Big Edge: Local Services
Introduction Big Network's Edge Pro and Edge Lite devices feature the ability to host "Local Services" which are virtual network functions (VNFs) natively available on our devices. Local Services include: Local Breakout Dynamic Host Configuration ...Deploy Static IP Anywhere by Big Network
Introduction Static IP Anywhere (SIPA) by Big Network is the ideal solution for delivering Static IP addresses via multiple resilient ISP connections without the cost and complexity of BGP routing, expensive enterprise dedicated internet access, or ...Extending AWS VPC using Big Network and Edge Lite
Introduction In a prior blog post, we discussed how Big Network extended AWS’ Virtual Private Cloud (VPC) to Digital Ocean. Today, we are going to explore strategies to extend AWS VPC on-premise using Edge Lite. Organizations that are looking to ...Multi-Site Layer 2 Cloud Networks with Local-Site Internet Breakout
Introduction Big Network provides Software and Hardware that makes it fast and simple to deploy distributed multi-site Layer 2 networks, along with Local Internet Breakout functionality. By default, Local Internet Breakout relies upon two key ...