Konstantin Emelyanov - Fotolia


Bring DevOps agility to business with NSX networking and Kubernetes

Even though Kubernetes is the container orchestration gold standard, it needs a little help integrating microservices-based apps into enterprise networks. That's where NSX comes in.

Kubernetes is the de facto standard for container orchestration and has high adoption rates from enterprises that want to run container-based applications. Kubernetes didn't start life as an enterprise IT product, but rather as an offshoot of Google's Borg controller, which the company uses to run its massive cloud infrastructure. Since it wasn't developed for enterprise IT, it needs some help fitting into enterprise constructs, starting with networking. One possible way to fit Kubernetes into an existing enterprise network is to use a software-defined networking product that plugs into Kubernetes and provides enterprise network features; VMware NSX networking is one such product.

Kubernetes allows developers and operations teams to use automation to create, manage and destroy groups of containers as needed. A microservices-based application might require tens of microservices, each consisting of a group of containers. Some of the microservices might only need three or four containers, while others might need hundreds. Kubernetes provides a way to manage the microservice container groups and the applications that these microservices make up.

With modern DevOps practices, dozens of changes are made to microservices on a daily basis; these changes can be anything from new features to bug fixes to existing code. The ability to push multiple updates rapidly is a hallmark of the agility that DevOps, microservices and containers promise. New versions of containers are started and old ones are destroyed to deploy these changes, and thousands of containers are created and destroyed every day.

Every one of these containers must be securely connected to the right network. Kubernetes can use standard Docker networking -- which doesn't resemble a typical enterprise network -- or it can work with other network providers that plug into Kubernetes.

Integrate microservices with NSX

NSX networking takes the same automation approach as Kubernetes. Applications can make calls to NSX to define the subnets, load balancers, firewalls and routers that they require, and software commands can create and destroy network components. Without a software-defined networking platform, the network is resistant to change. A lot of legacy enterprises manage networking by cutting and pasting into configuration files on each physical switch and network. In order to manage the agility of DevOps and containers, the network must be software-defined and software-controlled.

NSX's distributed nature is crucial to scaling network functions for thousands of containers.

One of the benefits of NSX networking is that it functions in a distributed manner: Load balancing, firewalling and routing all happen inside each physical server rather than in central appliances. NSX's distributed nature is crucial to scaling network functions for thousands of containers. We usually associate NSX with the vSphere hypervisor platform, but there's another edition called NSX-T, which works with physical servers and hypervisors through Open vSwitch. Between these two versions, you can use NSX networking with containers on a vSphere platform, physical servers, VMs with another hypervisor and even VMs that run on public cloud platforms. At some point in the future, there will likely be a single NSX networking product that spans all platforms rather than separate management products for vSphere and non-vSphere platforms.

Integrating Kubernetes and NSX allows microservices-based applications to integrate into an enterprise network. When a developer instructs Kubernetes to start a container that's part of the development customer relationship management (CRM) system, NSX automatically deploys a new network that provides the containers access to just the development CRM system. When the developer is finished and deletes the container, NSX automatically removes the network it created. NSX with Kubernetes will automatically deliver enterprise networking to microservices-based applications. The integration of cloud-native applications with legacy apps can unlock the value of the data in the legacy applications.

Explore Kubernetes plugin options

The plugin architecture of Kubernetes isn't limited to NSX; Kubernetes documentation lists over a dozen network plugins. The majority of integrations listed are cloud-native network platforms, such as CoreOS Flannel, Calico and Weave Cloud. These tools improve the networking between parts of cloud-native applications. A few of the other network plugins are designed for integration into enterprise networks.

It makes the most sense to use NSX with Kubernetes when you use NSX for the rest of the enterprise network. Using VMware NSX for Kubernetes networking makes the most sense where NSX is used for the rest of the enterprise network. Combining a software-defined network with a container orchestration platform is an important part of enabling greater application agility, and Kubernetes with NSX networking make for a great enterprise pairing.

Next Steps

Container networking could revolutionize data centers

Which container software is best for business?

Get familiar with microservices pros and cons

Dig Deeper on VMware and networking