Ce diaporama a bien été signalé.
Nous utilisons votre profil LinkedIn et vos données d’activité pour vous proposer des publicités personnalisées et pertinentes. Vous pouvez changer vos préférences de publicités à tout moment.

Cisco’s Cloud Ready Infrastructure

4 105 vues

Publié le

Cisco Virtualized Multi-tenant Data Center solution (VMDC) is an architectural approach to IT which delivers a Cloud Ready Infrastructure. The architecture encompasses multiple systems and functions defining a standard framework for an IT organization. Standardization allows the organization to achieve operational efficiencies, reduce risk and achieve cost reductions while offering a consistent platform for business.

Publié dans : Technologie, Business

Cisco’s Cloud Ready Infrastructure

  1. 1. © 2011 Cisco and/or its affiliates. All rights reserved. Cisco Connect 11© 2012 Cisco and/or its affiliates. All rights reserved.Toronto, CanadaMay 30, 2013Cisco’s Cloud ReadyInfrastructureVMDC – Virtualized Multi-service DataCenterSunil Cherukuri (sunilc@cisco.com)Technical Lead, Systems Development Unit
  2. 2. Hotels and Data CentersQuestion: What do they have in common?
  3. 3. © 2012 Cisco and/or its affiliates. All rights reserved. Cisco Connect 3Hotels and Data CentersAnswer: Both are Shared InfrastructuresHotel Rooms are expected to haveSecure SeparationData Centers without Secure Separation look likehotel rooms with military sleeping quartersData Centers Deployed Following VMDC Guidelines Ensures Critical Workloads are Protected
  4. 4. © 2012 Cisco and/or its affiliates. All rights reserved. Cisco Connect 4Acronyms• VMDC – Virtualized Multi-Service Data Center• ICS – Integrated Compute Stack• Vblock – An ICS based on Cisco, EMC & VMWare components• FlexPod – An ICS based on Cisco, NetApp & VMWare components• HCS – Hosted Collaboration Solution. A Cisco software solution to provide rich voice &collaboration software in a cloud environment• DCI – Data Center Interconnect.• VPDC – Virtual Private Data Center• HVD – Hosted Virtual Desktop
  5. 5. Agenda• Cloud Drivers and Introduction• VMDC System Overview• VMDC Physical Infrastructure• VMDC Logical Infrastructure• VMDC Infrastructure Updates• VMDC Management and Automation• VMDC Summary
  6. 6. © 2012 Cisco and/or its affiliates. All rights reserved. Cisco Connect 6Cloud Drivers &Introduction
  7. 7. 31% CAGR 2011–2016Global Data Center Traffic GrowthData Center Traffic Nearly Quadruples from 2011 to 20160. 2012 2013 2014 2015 2016Zettabytes/Year6.6 ZB1.8 ZB2.6 ZB3.3 ZB4.1 ZB5.2 ZB
  8. 8. 0204060801001201401601802002011 2012 2013 2014 2015 2016InstalledWorkloadsinMillionsCloud Data CenterTraditional Data CenterWorkload Shift: Cloud vs. TraditionalNearly Two-thirds of all Workloads Will Be Cloud-based by 201662%38%30%70%52%48%20% CAGR 2011–2016
  9. 9. WithinData Center76%Data Center-to-Data Center7%Data Center-to-User17%Global Data Center Traffic by DestinationMost Data Center Traffic Consistently Stays Within the Data CenterWeb, email,internal VoD,WebEx, et al.Storage, productionand development data,authenticationABWithin Data Center (76%)CReplication,inter-databaselinksData Center-to- Data Center (7%)Data Center-to-User (17%)© 2012 Cisco and/or its affiliates. All rights reserved.
  10. 10. The Challenge IT Initiatives1. Improve ITefficiency2. Streamline/improvebusiness processes3. Increase ITresources to drivebusiness innovation4. Improve customermanagementcapabilitiesBusiness Goals“Raising theproductivity ofemployees whose jobscant be automated isthe next greatperformancechallenge.”McKinsey & Company, The 21stCentury Organization, 20051. Grow revenue2. Lower overalloperating costs3. Acquire/retaincustomers4. Drive new marketoffering or businesspractices5. Improve workforceproductivityCloud Adoption Drivers
  11. 11. Enable cloud servicesincluding people-centriccollaboration and otherapplicationsRich Ecosystem ofIntegrated SolutionsEnable customers todeploy tested, best ofbreed solutionsEnable customers tobuild and operate private,public or hybrid cloudsEnabling CloudApplications/Services by Uniquely Combiningthe Unified Data Center and Cloud Intelligent NetworkTailored Solutions forBuilding CloudsInnovativeCloud ServicesResearch In Motion SAMSUNGCisco’s Cloud Strategy
  12. 12. Cisco IT Case Study – “CITEIS”Cisco IT Elastic Infrastructure Services (Internal Private Cloud)Unified Infrastructureand AutomationVirtualization100% Physical,Legacy Computer PlatformAverageTCO-31%Speed of delivery6-8 Weeks Speed of Delivery2-3 WeeksSpeed of Delivery15 Minutes-37%40% Physical, 60% Virtual,Legacy Computer PlatformAverageTCO35% Physical, 65% Virtual,Unified Computing Platform,100% AutomatedAverageTCOIT Maintenance /IT Innovation70/30IT Maintenance /IT Innovation40/60IT Maintenance /IT Innovation60/40
  13. 13. Public Private Hybrid CommunityDeploymentModelsServiceModelsSoftware as aService (SaaS)Platform as aService (PaaS)Infrastructure as aService (IaaS)EssentialCharacteristics On-DemandSelf ServiceBroad NetworkAccessResourcePoolingRapid ElasticityMeasured Servicehttp://www.csrc.nist.gov/groups/SNS/cloud-computing/index.htmlIT Resources and Services that Are Abstracted from theUnderlying Infrastructure and Are Provided “On-Demand” and “At Scale”Visual Model of NIST’s Working Definition of Cloud ComputingA Style of Computing Where Massively Scalable IT-Enabled Capabilities AreDelivered “as a Service” to Multiple External Customers Using Internet TechnologiesSource: Gartner 2008What Is Cloud Computing?Taxonomy Check
  14. 14. © 2009 Cisco Systems, Inc. All rights reserved.14Open CloudPrivate Cloud Private CloudPublic Cloud#1Public Cloud#2Inter-CloudStand-AloneData CentersPrivate CloudPublic CloudPRESENTEnterpriseExtensionHybrid CloudVirtualPrivate CloudPrivate CloudPublic CloudCloud Deployment ModelsPrivate, Public, Hybrid
  15. 15. Consolidation(Reduce Costs)Automation(Transform IT)Virtualization(Improve Agility)GoldPlatinumIT Infrastructure Business Applications IT-as-a-ServiceThe Journey to CloudEvolution of IT + Business Agility
  16. 16. © 2012 Cisco and/or its affiliates. All rights reserved. Cisco Connect 16VMDC SystemOverview
  17. 17. Inter-DataCenter NetworkingUnified Fabric andData CenterNetworkingProviding Networkand ServicesVirtualizationUnified Computing andIntegratedSystemsProviding Serverand ApplicationVirtualizationComputeNAS SANWANAccessServicesNetworkFabricNetworking FabricVMDCCloud ServiceManagementBusinessSupportProvisioningConfigurationPortability/InteroperabilityStorageComputeUnified ComputingMulti-Site ConnectivityVirtualized Multiservice Data CenterAll Specifications Subject to Change without Notice
  18. 18. Cisco Virtualized Multi-Service Data Center (VMDC)• Cisco® VMDC: A validated reference architecture– CVD Design & Implementation Guides– Validated Orchestration & Assurance tools– Reducing time to deployment– Reducing risk– Increasing flexibility– Improving operational efficiency• A flexible, modular, scalable and validated architecture thatcombines integrated computing stacks, unified data center, and datacenter interconnects into an end-to-end architecture – Blueprint forCloud• Multi-service & Multi-tenant• One-cloud solution for any layer infrastructure, platform, and softwareas a service (IaaS and SaaS) and any deployment(Private, Public, or Hybrid Cloud)Design the Cloud with Confidence
  19. 19. System Development GuidelinesPlanning Design End-To-End Validation DocumentationSystemDevelopmentFundamentals System DeliveryTested and validated designsThought LeadershipSystem level innovationsProduct DevelopmentCross platform collaborationKey Customer EngagementsConsider end-to-end viewUnitFeatureIntegrationSystemCustomerCisco Validated Design ProcessInnovation and Quality Through System Level Design and Validation
  20. 20. VMDC Solution Validation Scope- Synopsis• Systems Level End to end feature/integration testing to enable service delivery, and multi-tenancy / isolationMulti-dimensional Scalability (i.e., Tenants, VMs, VLANs, MAC, HSRP, Routes, Contexts, etc.)3rd party components, including BMC CLM, Zenoss CSA, Vmware vSphere, vCloud Director, EMC , NetApp, Citrix Netscaler, Microsoft,RedHat• Service Differentiation Validation of Service Tier offering (network, compute, storage) and DC Services(VPN, FW, IPS, SLB, GSS etc). Stress/Load tests to validate end-end Service Flows, QoS, reliability, monitorcpu/memory.• “Real-World” Simulations Baseline Steady State Traffic and background traffic injection (N-S, E-W, Stateful+ Stateless)• HA Focus Failover/Negative tests to validate redundancy designs and technologies end to end (Routing,vPC/MEC, ECMP, VSS, HSRP, Active-Active service modules, Clustering, SAN, Fabric, UCS blades,Storage controllers). Analysis and characterization of end to end service restoral.• Manageability Validation of statistics and monitoring capabilities – SNMP, Sylog, Netflow, I/O statistics, etc.Validation of Orchestration & Management tools
  21. 21. • Cross Architecture Validation – Cloud/DC, Mobility, IPv6, Video, Collaboration• VMDC 2.2 based architecture – each test overlaid as tenant in multi-tenant cloud• 70+ 10G IXIA ports, 75+ VRFs/tenants, 600+ VLANs, 1500+ VMs• 80 Gbps of north-to-south (next-generation network [NGN]to cloud) traffic: 1 million clients to 50,000 servers• 300 Gbps of east to west (within data center ) traffic: switched & routed - with Cisco®FabricPath 2-tier design – showing 15,000 MAC addresses and 256 VLANs• 67 million NAT64 sessions simulated, at 80Gbps, 4 million/sec• 1 million residential gateways shown for 6rd, at 80Gbps• 40Gbps of video streaming – using Cisco CDS Internet streaming appliance, and on aCisco ASR 9000 Series Cisco Integrated Services Module (ISM)• PCRF for throttling mobile subscribers in real time• Any video format, any device, any where: iPad, Android, PC, etc.• Cisco VM-FEX in VMDirectPath performance demonstrated:– VM-FEX compared to software DVS in 4 ways:iSCSI read-write, L3 IMIX traffic, HTTP traffic, and video encoding– 20 to 30% performance improvement in throughput, CPU, and IOPS with Cisco DataCenter VM-FEX DirectPath I/OCloud Megatest (LightReading / EANTC)http://www.cisco.com/en/US/solutions/ns341/eantc_cloud.html
  22. 22. Challenges in Building and Maintaining CloudYou need to have a plan!• Predictably grow the data center• Scale the data center• Secure the data center from external andinternal threats• Protect the DC from HW and SW failures• Establish virtual containers to be assignedto consumers with pre-defined servicepolicy profiles• Securely separate these virtual containers• Connect the DC to other DCs• Provision the DC• Manage and Monitor the DC• Cloud Automation• Provision virtual containers andassign to consumers• Manage virtual containers• Provide differentiated services forconsumers of virtual containers• Cloud resource management andassurance
  23. 23. © 2012 Cisco and/or its affiliates. All rights reserved. Cisco Connect 23VMDC PhysicalInfrastructure
  24. 24. Building a Multi-Service InfrastructureArchitecture PillarsService OrchestrationDynamic application and reuse of resourcesAutomated service orchestration and fulfillmentIntegration with Network ContainersRapid Self Service ITHigh AvailabilityCarrier Class AvailabilityPlatform/Network/Hardware/Software ResiliencyMinimize the probability and duration of incidentsFocus on your business, not fighting firesDifferentiated Service SupportDesign logical models around use casesServices-oriented frameworkCombines compute/storage/networkResources are applied and tuned to meet needsModularityPod based designScalability framework for manageable incrementsPredictable physical and cost characteristicsStreamline Turn-up of New ServicesSecure Multi-tenancyShared Physical InfrastructureTenant Specific ResourcesUse CasesComply with business policies
  25. 25. The Challenge:How do I scale my data center?The Solution• Point of Delivery(POD)Integrated Compute StackComputeStorage NetworkIntegrated Compute StackComputeStorage NetworkServiceAppliancesDataCenterServicesNodePoDPoint of Delivery (PoD)Architectural consistencythrough a modular approach• Modular, tiered construct consisting ofgroupings of integrated compute stacksplus storage and networkinginfrastructure• A single Pod can be deployed andoperated by itself or connected togetherto other Pods to achieve scale• VMDC validates 2 styles of Pods:Compact and LargeBenefits• Simplified capacity planning• Ease of new technology adoption• Consistent and efficient operation© 2012 Cisco and/or its affiliates. All rights reserved.
  26. 26. Enhanced DataCenter InterconnectUnifiedData CenterNetworkingIntegratedCompute StacksComputeNAS SANVMDCVMDCVMDCData CenterAccessServicesAggregationCoreVMDCCloud ServiceManagementBusinessSupportProvisioningConfigurationPortability/InteroperabilityFlexPod™Cisco Virtualized Multi-Service Data CenterScale the Compute with UCS and Integrated Compute Stacks
  27. 27. Scalable Compute: VMDC Supported ICSVCE’S Vblock Family of Cloud Infrastructure PackagesVblock Series 700Storage: EMC Symmetrix VmaxCompute: Cisco UCSVirtualization: VMwareOrchestration:Unified InfrastructureManager (UIM)Vblock Series 700model MXVblock Series 300Storage: EMC VNXCompute: Cisco UCSVirtualization: VMwareOrchestration: UnifiedInfrastructure Manager (UIM)Four ModelsPre-Integrated and SupportedCloud InfrastructureFocus teams on using infrastructure vs.assembling and supporting the individualcomponentsCloud Service ProviderOperational ModelProvisioning, service delivery, chargeback, etc.Accelerates the Shift to a PrivateCloud ModelLess time debating, more time using
  28. 28. Scalable Compute: VMDC Supported ICSCisco and NetApp’s FlexPod Reference Architecture• Standard, pre-validated, best-in-classinfrastructure building blocks• Flexible: One platform scales tofit many environments andmixed workloads• Add applications and workload• Scale up and out• Simplified management andrepeatable deployments• Design and sizing guides• Services: Facilitate deployment ofdifferent environmentsCisco®UCS B-SeriesBlade Servers andUCS ManagerCisco Nexus®5000Family SwitchesNetApp®FAS10GE and FCoE
  29. 29. Scaling the InfrastructureAdd PoDs to Meet Business Demands29PoDIntegrated ComputeStackComputeStorage NetworkIntegrated ComputeStackComputeStorage NetworkServiceAppliancesDataCenterServicesNodePoDIntegrated ComputeStackComputeStorage NetworkIntegrated ComputeStackComputeStorage NetworkServiceAppliancesDataCenterServicesNodeThe Solution• PoD replicationBenefits• Optimize CAPEX savings while maintaining SLAs• Predicable performance and scale based on building blocks• Effective way to add separate application environments• Pod’s are interconnected at Core or WAN layerKey Factors to Consider• L2 Scale - Virtual Machine Density,VMNics per VM, MAC AddressCapacity,• Cluster Scale, ARP Table Size,VLAN scale, Port Capacity, LogicalFailure Domains L2 Control Plane• L3 Scale – BGP Peering, HRSPInterfaces, VRF Instances, RoutingTables and Convergence, Services• Resource Oversubscription –Network Compute, and StorageOversubscription, Bandwidth per VM© 2012 Cisco and/or its affiliates. All rights reserved.
  30. 30. VMDC 2.2 Topology
  31. 31. Podmax. of 512 servers, 12,000 VMs200 tenantsDCmax. of 3072 servers, 72,000 VMs200 tenantsScale can be increased through tweaking design- removing Core layer- reducing cross-connects (ladder)- reducing BGP peering- using Static routes instead of BGP- using different Core or Agg devices- using MPLS instead of VRF-LiteIntegrated Compute StackComputeStorage NetworkIntegrated Compute StackComputeStorage NetworkServiceAppliancesDataCenterServicesNodePoD1Nexus 7k accessN7k CoreN7k AGGVMDC 2.2 Scale
  32. 32. Network Scale ConsiderationsPoD ScalabilityNetwork StorageComputeWhat Determines the Host Scale in a PoD?• Aggregation—Number of ICS, Blades• Work-load domain• Number of MAC address and VLANs• Failure Domain• Features to facilitate L2/L3 Boundary• Number of vFiler IPSpace• Number of VLANssupported• Number of 10 GigNICs• Number of LUNs,Ports, Zones, WWNs• VM Density• VM Sizing• MAC per VM• Logical Ports• Virtual Switch• Total number of MACAddresses & ARPentries• STP logical ports• Number of VLANs,Tenants• Routing Peers,Adjacencies
  33. 33. PoD Sizing ConsiderationsFor Reference• Network‒ Traffic throughput‒ Number of Tenants (VRFs), VLANs‒ Oversubscription factors‒ High Availability (redundant links)‒ Port and Line-card/Chassis density‒ Platform scalability (VRFs, VLANs, Interfaces)‒ Ratio of Service Tiers (Gold:Silver:Bronze)• Security & L4-7 Services‒ Service Modules or Appliances‒ Type and Number of Services‒ Number of Virtual Contexts (Modules)‒ Number of VLANs tied to service modules‒ Application throughput• Storage‒ SAN/NAS ports/links‒ Storage throughput, oversubscription, IOPS‒ Number of VSAN, Zones‒ Storage Array Density (disks, ports)‒ Distributed or Centralized Storage• Compute‒ Number of VMs per tenant, per VLAN‒ VM to Core ratio, Memory size per VM‒ Number of links, oversubscription factors‒ Ratio of Service Tiers (Gold:Silver:Bronze)‒ Number of blades in a UCS cluster‒ Number of blades in a ESX cluster‒ Number of VMs per blade, per cluster, per Pod‒ VCenter limits on VM’s, Servers, DataStores, Ports
  34. 34. The Challenge:How do I ensure high availability?34The Solution• End to end HAarchitectureBenefits• Maximize infrastructure uptime• Comprehensive end to end architecture• Focus on your business, not fighting fires• Redundant links, nodes andpaths, end to end plus:• L2 Redundancy – ❶vPCs,❷ MEC, and ❸MAC-pinning• L3 Redundancy - ❹HSRP,Non-stop forwarding, non-stop routing, LDP sync,MPLS graceful restart• Compute Redundancy - ❺UCS end host mode, others(N1KV and MAC-pinning,Active/Standby Redundancy,Intra-Cluster HA)• Storage Redundancy –❻FCport channeling, multi-pathingsoftware from VMware orSAN vendor• Services Redundancy – ❼ASA, ACE redundancy• Routing ProtocolRedundancy - BGP, OSPFComputeNAS SANAccessResilient Fabric& Services❻❺❹❼❶ ❷❸© 2012 Cisco and/or its affiliates. All rights reserved.
  35. 35. The Challenge:How do I enable QoS for SLA Compliance?35The Solution• Quality of ServiceBenefits• Supports applications with differing latency requirements• Provides end to end QoS• Supports QoS across hybrid public/private domains• Define low latency trafficclasses in this newmultimedia service tier (i.e.,VoIP bearer and videoconference) arecharacterized by threemetrics - bandwidth, delay,and availability.• Support QoS across hybridpublic/private domains• Traffic Classification andMarking - ❶It is a generalbest practice to mark traffic atthe source-end system or asclose to the traffic source aspossible in order to simplifythe network design.• Hierarchical QoS for Multi-Tenancy• Queuing, Scheduling, andDropping – accounts fordifferences in queuingstructures• Shaping and PolicingComputeNAS SANData CenterAccessServicesAggregationCore© 2012 Cisco and/or its affiliates. All rights reserved.
  36. 36. © 2012 Cisco and/or its affiliates. All rights reserved. Cisco Connect 36VMDC LogicalInfrastructure
  37. 37. Cloud ConsumerDefining the Role• Cloud consumers use shared infrastructure resources• Each organization must choose its approach to resource allocation and separation• These policies define a form of multi-consumer or multi-tenancyCloud ConsumerShared IT InfrastructureCustomers Business UnitsDepartmentsApplications
  38. 38. VMDC Consumer ModelsDeployed as Containers• Consumer models are logical constructsinstantiated on the VMDC infrastructure• Consumer modelsare customizable• Consumer models must address applicationrequirements• Consumer models should be unaware ofunderlying technology• Models will evolve as new technologies areintroducedCloud Consumer “X”
  39. 39. VMDC Consumer ModelsAddressing Application Requirements• Network Requirements• Session persistence• High Availability• Scalability• Latency Mitigation• Reliable transport• Security Requirements• Secure sessions with encryptionmay be required• Each layer of the application stackauthenticates data transportCloud Consumer “Z”Cloud Consumer “X” Cloud Consumer “Y”
  40. 40. The Challenge:How do I create tenant (consumer) containers?40The Solution• Pre-defined andAutomatedVirtualizedContainersBenefits• Quickly and securely onboard similar consumers• Covers different levels of network services for a variety of needs• Addresses varying security, QoS, and other requirements• Solutions available to automate the processTenant 30Tenant 20Tenant 10Tenant 1Physical Data CenterComponentsResilientFabricServicesComputeLoadBalancerFirewallVirtualFirewall UCSVirtualizedContextsZone 1 Zone 2© 2012 Cisco and/or its affiliates. All rights reserved.
  41. 41. VMDC Container ModelTiered Security in VMDC 2.2Public/SharedVRFvPathProtected VRF(control point)Nexus1000v VSGASA Context(per tenant)Public Zone (DMZ) Protected FE Zone 1 Zone 2 Zone 3Sub-ZoneWSub-ZoneXSub-ZoneYSub-ZoneZPrivate(Tenant VRF)Less Trusted ZonesFront-end Zones Back-end Zones
  42. 42. VMDC Sample Network ContainersDifferentiated Services – Common PlatformSilver Gold Palladium Expanded GoldBronzeL2L3FWLBLBPublic ZonePrivate ZoneL2L3FWLBLBvFWvFWFWProtectedBack-EndProtectedFront-EndL2L3L3vFWLBL2L3L3vFWFWL2L3L3vFWLB• Predefined containers provide examples for different types of deployments• Automated provisioning and management logic for each container type is pre-defined in the Managementand Orchestration software• Customers can choose from existing models or define their own customized models – Flexible frameworkallows variations© 2012 Cisco and/or its affiliates. All rights reserved.
  43. 43. The Challenge:How do I secure my containers?43The Solution• Container serviceabstraction and rightsizingBenefits• End to end secure separation across the data center• Overlapping IP addresses are allowed• Automation tools to simplify deploymentWANL2L3L3L3Layer 2 TrunksLayer 2 TrunksHSRP/L3GatewayWebDatabaseAppWebDatabaseAppWebDatabaseAppCoreAggregationWAN Edge SiSiSiSi• Defense in Depth perconsumer (front end ASA,back end VSG)• VRF-lite implemented at coreand aggregation layersprovides per tenant isolationat L3• Separate dedicated per-tenant routing and forwardingtables insuring that no inter-tenant (server to server)traffic within the data centerwill be allowed, unlessexplicitly configured• VLAN IDs and the 802.1q tagprovide isolation andidentification of tenant trafficacross the L2 domain• Compute Separation(vNICs, VLANs, Port Profiles)• Storage Separation (ClusterFile System Mgmt, VSAN andFC Zoning, LUN Masking,vFilers)• Application Tier (NetworkCentric, Logical and Physicalsegmentation with L2/L3firewalling and securityzoning)© 2012 Cisco and/or its affiliates. All rights reserved.
  44. 44. Cisco’s Data CenterInterconnect• LAN Extentions:OTV, VPLS, EoMPLS,• Path OptimizationLISP, GSS• SAN ExtensionsNetApp’s FlexCache,MetroClusterEMC’s VPLEXThe Challenge:How do I achieve efficient Business Resilience and Disaster Recovery?44Benefits• Workload balancing across data centers and clouds• Proactive response to disruptions – mitigates risks of Approaching disasters, viz. hurricanes,floods, etc., Power grid maintenance, Data center maintenance and migrations• Planned events scheduled over a period of time• Backup and Disaster Recovery aaSCisco Catalyst6500 SeriesCisco Nexus 7000SeriesCisco Nexus 7000SeriesThe Solution:• Cisco DCI Solutionenables new operationalmodels for BR, DR andMulti-site operations© 2012 Cisco and/or its affiliates. All rights reserved.
  45. 45. Data Center Interconnect• Interconnection Models:Enterprise to Enterprise (E2E)Enterprise to Service Provider (E2SP)Service Provider to Service Provider (SP2SP)• Overlay-Based TechniquesOTV, LISP, VXLAN• Suitable for intra-Ent DC interconnectNGN-Based DCI Solution:Addresses E2SP for workload migrationAddresses SP2SP for regional or distributed data centres• Standalone DCI NetworkProvides interconnection between main SP DCsOwned by SP DC teamAddresses SP2SP onlyVery high bandwidth—packet/optical solution likely themost cost effectiveSP DC1 SP DC2Ent DC1 Ent DC2SP NGNDCPEDCPEDCEDCEPE PECE CEEnterprise DCI “back door”Standalone DCI networkEthernet (e)TRILL / 802.1adMPLS VPLS, A-VPLS, EVPN, EoMPLSIP OTV, LISP, VXLAN
  46. 46. © 2012 Cisco and/or its affiliates. All rights reserved. Cisco Connect 46VMDCInfrastructureUpdates
  47. 47. VMDC 2.3• Lower Cost, Higher Tenancy Scale VMDC design• Based on VMDC 2.2, with some optimizations in the architecture to achieve higher tenancy scale, withlower cost.• Increased tenant scale - can support upto 500 mixed tenants in a Pod, and 2000 in a DC• Lower VM scale per – can support upto 6000 VMs in a Pod, and 24000 in a DC.• VRF-Lite and vPC based architecture - VMDC 2.x aligned• Collapsed Core/Aggregation layer – uses smaller Nexus 7004 platform with F2 modules – to reducecost. Can use other Nexus 7000 form-factors and modules for higher port-density.• ASA/ACE appliances directly connected to Nexus 7004 – no 6500-DSN layer• ASR 1006 as DC-PE. Can use other ASR form factors for higher port-density.• Architecture works with Vblock, FlexPod or any other integrated compute stacks. For validation, aFlexPod-aligned topology was used
  48. 48. VMDC 2.3 Physical Topology
  49. 49. VMDC 2.3 Expanded Gold Container
  50. 50. VMDC 2.3 Silver Container
  51. 51. VMDC 2.3 Bronze Container
  52. 52. VMDC 2.3 Copper Container
  53. 53. VMDC 2.3 Scaled Pod
  54. 54. VMDC 2.3 Scaled DC
  55. 55. Tenant Scale with VMDC 2.3(as of NX-OS 6.1) ***Tenancy Model Scale per POD Scale in DC(4 POD)All ExpandedGold125 500All Gold 200 800All Silver 300* 1200*All Bronze 300 1200All SMB 500 2000Mixed * 500 2000• Mixed = 10 Ext.Gold, 20 Silver, 220 Bronze, 250 SMB per POD• * Needs multiple pairs of ASA and/or ACE appliances per POD• *** These numbers will increase 2-3x with NXOS 6.2
  56. 56. DC Aggregation/AccessDC CoreDC AccessL3 BoundaryL2Data Center PerimeterCLOS based model as a new L2 option for the Data Center• VMDC 2.x releases validated topology variants (i.e., collapsed core/aggregation, as the L2/L3boundary)• VMDC 3.x releases validated with FabricPath based architecture – for intra-POD or inter-POD VMMobilitySPINEFPSPINEFPSPINEFPSPINEFPFPLEAFFPLEAFFPLEAFFPLEAFFPLEAFFPLEAFL3 BoundaryL2Multi-Layer L3 Hierarchical Design L2 CLOS Design
  57. 57. If needing more Scale..Scale Factor Change in design BenefitMore than VM per Pod Use M2 linecards instead of F2 on Nexus 7004Agg128k MAC on M2, so can get to 50k VMsMore ICS and UCS blades inPodUse N7009 instead of N7004 Can get more port-density – for connectingmore servers, or for more throughputMore Pods in DC Use ASR1013 or ASR9010 instead of ASR1006 Get higher port density and throughput toconnect more Pods.With ASR9000 get more VRF and BGP scale tosupport more Pods and TenantsHigher Tenant Scale Use MPLS in the DC.Inter-AS option B or Intra-AS MPLS betweenASR and Nexus7000Eliminates per-VRF BGP and mitigates controlplane scale limits. Can scale to 1000-2000tenants per Pod (* with NxOS 6.2)More Gold/Silver tenants Use multiple ASA/ACE appliances throughN2000 FEX to N7000. Or, use 6500 DSN withservice modulesSupport more FW/SLB contexts.For even lower scale, cost,footprintUse Nexus 5500 or Nexus 6000 as Aggregationlayer1 or 2 RU with 50-100 tenants per Pod.• Numbers depend on tenancy type and distribution. Will increase with NXOS 6.2• Not validated as CVD
  58. 58. Enhanced DCInterconnectUnifiedData CenterNetworkingIntegratedCompute StacksComputeNAS SANData CenterAccessServicesAggregationCoreVMDC Cloud Ready Infrastructure KitsPre-Defined Unified Data Center Networking Scalable Bill of MaterialsSecurely share common Cloud infrastructureBased on VMDC Cisco Validated DesignsSecure separation between workloadsShared network servicesPre-Built Bill of Materials available as CCW templatesVMDC 2.3
  59. 59. VMDC Cloud Ready Infrastructure KitPre-defined and Pre-Validated BOMs Sized to Meet Customer Requirementshttp://www.cisco.com/en/US/docs/solutions/Enterprise/Data_Center/VMDC/CRI/VMDC_CRI_Kits.html• Ideal for initial Cloud deploymentsStarts small and provides incremental growthSpace OptimizedPay as You Grow• Use BoM as BaselinePre-Built Bill of Materials available as CCWtemplatesTweak design, platforms, quantity etc based ondeployment requirements• Does not include ICSBased on Compute & Storage requirements,specific Vblock, FlexPod or other ICS types needto be includedCCW configurations are available from theSales Acceleration Centersac-support@cisco.comScalability with Price PerformanceCRI-SO-S CRI-PO-S CRI-PO-M CRI-PO-LAggregation Switch Nexus 5548UP Nexus 7004 Nexus 7009 Nexus 7018Network ServicesASA5555-XASA5555-XASA5555-XASA5585-XDSN + ASA5555-X DSN + ASA5585-XStarting List Price –Does not includeservice$300,000 $800,000 $ 1,400,000 $ 1,700,000VMDC 2.3
  60. 60. VMDC 3.0 with FabricPathNew Infrastructure DesignsSimplified Network, Reducing Operating Expenses Switch addresses are assigned automatically A single control protocol Easily expanded in a plug and play manner Non-FabricPath switches can still be without STPReliability Based on Proven Technology Cisco FabricPath is built on top of IS-IS, an industry Loop prevention and mitigation is available in the data planeEfficiency and High Performance 2.56 terabits per second (Tbps) of bandwidth betweenswitches(16-way ECMP combined with 16-port 10-GbpsPortChannels) Lower Latency than Spanning Tree based solution Cisco FabricPath enables massive scalability of the L2domain
  61. 61. VMDC 3.0 with FabricPathDesign Options and CriteriaDesign criteria included: Available FabricPath modules:‒ M1/F1 mixed VDC‒ M1/F2 split VDC VLAN scale: constrained by HSRP, GLBP MAC scale ARP learning rate Conversational MAC address learning Port Density Forwarding Paths Port-channel vs. single links VPC, VPC+ options QoS Distance (intra-PoD)
  62. 62. VMDC 3.0 Tenant ContainerVMDC 3.0PalladiumL2L3FWLBLBPublic ZonePrivate Zone 1L2L3FWLBPrivate Zone 32vFWvFWvFW
  63. 63. Trend towards Virtualised Services• Insertion of services {load-balancing, firewalling, tenant routing} within the tenantcontainer fundamentally drives the logical design (both L2 and L3) within the data centerServices are typically L3• Industry transition underway from network-based services to virtualised services• VMDC 4.x focusAddress transition to virtual servicesAddress tenancy scalability constraints of current solutionRouting as a Service (RaaS) for Cloud providersHighlight service chaining considerations/issuesHighlight new scalability considerations (virtual appliances in compute tier)
  64. 64. CSR1000V as Virtual Router (vCE) inside DC• Alleviates need to extend L3 VPN natively intothe data centreE/W L3 via vCEE/W L2 extension via L2 overlay (VXLAN)• PAYG solution – virtual CE per tenant followssame model for tenant routing as for other tenantservices, i.e.. RaaSCould be multiple vCEs per tenant• Mirrors branch CE model, i.e. can support samefeatures and management modelsAllows for end-to-end services with enterprise sites (WaaS,LISP, IPSEC, etc)• No cross-tenant dependencies, simplifiesmanagement and orchestrationCisco working through dynamic PE VRF provisioning models• Requires scalable DC WAN gateway and PE-vCE segmentation technologyVirtual CEWAN Edge(ASR9k)Aggregation/ core(N7k)Access(61x0, N5k)Compute& StorageL2 or L3 FabricL3VPNServicesVMsL3 VPN Edge(NGN-PE)Tenant L3Edge (vCE)
  65. 65. Tenant Scale:2000 per Pod or DC* Depends on DesignVMDC with Virtual Services - Physical Topology
  66. 66. VSGPublic Zone (DMZ) Protected FE Zone 1 Zone 2 Zone 3Sub-Zone WSub-Zone XSub-Zone YSub-Zone ZFront-end ZonesVMDC 4.x: Virtual Private Cloud ContainerL3 VPNInternetBack-end ZonesASA1000vVPNCSR1000v (vCE)Nexus 1000v + VPATHVPXVPXVPXvWaaSvNAMvWaaSPossible Components:CSR1000V XE 3.9 (IOS FW,Routing, VPN, ZBF, AppNavController, NBAR2)Netscaler VPX 10.1Nexus1000V 2.2VXLAN on N1kVVSGASA1000VvWaaS 5.2 (vPath and AppNavredirection)vNAM 6.0IPv6 Dual Stack (TBC)Hyper-V (TBC)VXLANs used to extend segmentation scale within tenant containersMapping of VXLAN to VLAN occurs on N1kvAlso, mixed Physical + Virtual Containers
  67. 67. Sample Container with CSR1000V, VSG, VPX
  68. 68. © 2012 Cisco and/or its affiliates. All rights reserved. Cisco Connect 68VMDCManagement &Automation
  69. 69. The Challenge:How do I manage, automate, and monitor service performance?The Solution• Extensible, OpenManagement Framework• Pre-Integrated Automationand OrchestrationBenefits• Simplifies and accelerates the USE of cloud services by providing capabilitiesto rapidly offer users cloud services• This new management integrates with the existing IT environment• VMDC offers an openmanagement frameworkthrough a documented set ofcomponent APIs• The VMDC openmanagement solutionprovides flexibility• Cisco offers domain elementmanagement and networkspecific offerings such as: Cisco Network ServicesManager (NSM) Cisco Data Center NetworkManager Cisco UCS Manager• Storage solutions vary byvendor• An open frameworkexpedites VMDC integrationinto existing managementsolutions and thedevelopment of new onesAggregation/AccessComputevPCvPC4x10GE 4x10GEvPCServicesMEC MECCoreWAN Edge/DCIStorageAPIAPIAPIAPIAPIAPI© 2012 Cisco and/or its affiliates. All rights reserved.
  70. 70. VMDC Cloud Management Solutions• High Scale & Multi-tenant Apps• Significant Complexity• Established Market Position• Complex Cloud Target/SP• Others like OpenStack• Leveraging partner company assets• Automation of IT processes• Integration of apps to the business process• Private Cloud/ Large EnterprisesCISCO COMMON TECHNOLOGYVNMC, UCSM, etcOnePK, OneController (Future)OpenStack/OthersCIAC, Prime, Cloupia
  71. 71. Automating the Service DeploymentsBMC’s CLM Workload Automation and Lifecycle Management• Provides an end-to-endautomated lifecyclemanagement• 2nd Generation CloudLifecycle ManagementPlatform• Integrated full-stack cloudservices• Intelligent placement ofprovisioned services• Service-Catalog Platform forAutomation, Orchestration,and Management• “Day 2 management”—performance, compliance,securityOperationalRepositoryMap toCMDBNetwork ServicesSecure NetworkContainersFlexPod, VblockNetworksIntegratedCompute StackStorage ServersVirtualized Multi-Service Data CenterResource ManagementService GovernorServiceBlueprintNetworkBlueprintStorageService CatalogUserRequestServiceCatalogServiceBlueprintDesign Servicesand OptionsTranslate toBusiness OfferingsVXI, HCS, IaaSCompletes aService Request
  72. 72. BMC Cloud Lifecycle Management (CLM)– System ComponentsNetworkBNABSAComputeVMDC 2.0/2.1/2.2/2.3UCS B & CSeries/UCSMComputeNetApp/EMCStorageNexus/VSS/ASA/ACE/ASR/CRS/VSGNetworkVMware vSphere, CitrixXenServer, Microsoft Hyper-VVirtual ComputeCloudPortalsServiceCatalogServiceGovernorCloud APIMoM
  73. 73. VMDC 2.0 + CLM 2.1CRS, N7k, C6k, FWSM, ACE20VMDC 2.1 + CLM 2.1C6k, N7k, FWSM, ACE20VMDC 2.2 + CLM 3.1(With VSG & Expanded Goldcontainer)A9k, N7k, C6k, ASA, ACE30VMDC 2.2 + CLM 3.04-Zone Flexible Container(No VSG)A9k, N7k, C6k, ASA, ACE30Flexible ContainerBMC CLM Validated Network Containers (to-date)
  74. 74. Cloud Service AssuranceKey Objectives & FunctionsAutomateserviceenablement &lifecycleAuto-provisioning of serviceassurance system through auto-discovery and integration withorchestrationConsolidatemonitoringSingle pane of glass for fault andperformance monitoring ofcompute, storage, network and OSReduce MTTR(Reduces OPEX,IncreasesAvailability)Root-cause analysis and tenantbased service impact analysisReduce cost ofOSS/BSSintegrationAbstracted and normalizedinterfaces to simplify integration andmaintenance of northbound systems
  75. 75. VMDC Cloud Assurance-With Zenoss CSA• Validated design for cloud operations automationSingle view for compute, virtualization, DC network and storage fault &performanceComplete VMDC/Flexpod/Vblock component coverageMulti-tenant service availability & performance reporting• Providing service visibility to tenants through tenant portals• Orchestration integration or stand alone operations• Advanced Services deployment services• Zenoss Cloud Service Assurance – Solutions plus on CiscoGPL in UCS plus software category• Zenoss CSA 4.2 validated for VMDC 2.3Recently Updatedfor VMDC 2.2, 2.3and 3.0 SystemsDelivers unified fault & performance management ofcompute, storage, network & applications infrastructure
  76. 76. Cloud Service AssuranceSimplified Service Impact & Root Cause AnalysisApplicationVMData StoreHostUCS ServiceProfileUCS BladeUCS ChassisTenant ServiceRanked probable root-cause events Service Impact Events1122RootCauseServiceImpact
  77. 77. © 2012 Cisco and/or its affiliates. All rights reserved. Cisco Connect 77VMDC Summary
  78. 78. Summary• VMDC is the Cisco validated reference architecture for Cloud infrastructure - Public/Private/Hybrid• Cisco CVDs for cloud infrastructure, orchestration and assurance enable quicker adoption anddeployment of complex technologies for end-end solutions• Multi-tenancy, service differentiation, tiered security services, virtualization and automation are keyfor cloud deployments• Defined System for today, evolving for tomorrowReduced complexity as system is characterized via validation efforts with supporting collateralFacilitates Modularity, Scalability, Pay-as-you-Grow modelsSpeed, Risk mitigation for DeploymentsMultiple VMDC phases and tenancy models – evolving with new technologies/platforms and customer needs• Validated Automation & ManagementResource pools encompassing network, compute and storageOut-of-Box Orchestration & Assurance support for different VMDC designs and tenancy models• Validated Onboarding of servicesHosted Collaboration (HCS), Hosted Virtual Desktop (HVD), DRasS, Hybrid• VMDC based Cloud Ready Infrastructure kit provides pre-packaged BOMs in CCW
  79. 79. Resources• www.cisco.com/go/vmdc• ask-vmdc-external@cisco.com• http://www.cisco.com/go/dci• http://www.cisco.com/go/cloudverse• http://www.cisco.com/en/US/products/ps11104/serv_home.html• http://www.cisco.com/en/US/solutions/ns341/eantc_cloud.html•http://www.cisco.com/en/US/partner/docs/solutions/Enterprise/Data_Center/VMDC/2.3/implementation_guide/VMDC_2.3_IG.html•http://www.cisco.com/en/US/partner/solutions/ns340/ns414/ns742/cloud_orchestration_bmc_clm.html•http://www.cisco.com/en/US/partner/docs/solutions/Enterprise/Data_Center/VMDC/CLSA/Partner_DIG/CLSA_VMDC_DIG.html•http://www.cisco.com/en/US/docs/solutions/Enterprise/Data_Center/VMDC/CRI/VMDC_CRI_Kits.html• http://www.cisco.com/go/vblock• http://www.cisco.com/go/flexpod• http://www.cisco.com/go/bmc
  80. 80. Complete Your Paper“Session Evaluation”Give us your feedback and you could win1 of 2 fabulous prizes in a random draw.Complete and return your paperevaluation form to the room attendantas you leave this session.Winners will be announced today.You must be present to win!..visit them at BOOTH# 100
  81. 81. © 2012 Cisco and/or its affiliates. All rights reserved. Cisco Connect 81Thank you.