Ce diaporama a bien été signalé.
Nous utilisons votre profil LinkedIn et vos données d’activité pour vous proposer des publicités personnalisées et pertinentes. Vous pouvez changer vos préférences de publicités à tout moment.
Why ACI? 
© 2013-2014 Cisco and/or its affiliates. All rights reserved. Cisco Confidential 2
Data Center Network: Trends and Challenges 
25% Annual Growth —Big Data1 75% Bare Metal2 45% Multi-Hypervisor3 
“Can you l...
Application Centric Infrastructure 
Customer Business Benefits 
• Deploy applications faster 
• Workload mobility 
• Highe...
ACI: Business Outcome and Benefits for Cisco IT 
“Cisco’s open standards approach 
makes ACI even stronger. We conducted 
...
What is ACI? 
© 2013-2014 Cisco and/or its affiliates. All rights reserved. Cisco Confidential 6
Application Centric Infrastructure Building Blocks 
Rapid Deployment of Applications onto 
Networks with Scale, Security a...
Programmable DC Networking for The Next Decade 
Nexus 9000 
1/10/40/100G* 
Performance, Scale: Fastest 40G Platform 
Open ...
Application Policy Infrastructure Controller 
Embracing SDN and Going Beyond 
POLICY: Centralized Application-Level Policy...
Application Centric Policy is Business Relevant 
• Application Centric Infrastructure (ACI) allows the entire infrastructu...
Applications and The Network 
Application 
Requirements 
WEB APP DB 
WAN 
Firewall 
LB to App 
Connect to DB 
Connect to A...
An Innovative Approach to Policy= Application Profile 
Provided Contract 
WEB 
Consumed 
Contract WEB 
OUTSIDE 
EPG 
Provi...
Application Policy Model and Instantiation 
Storage Storage 
DB Tier 
Application 
Client 
Web 
Tier 
App Tier 
Applicatio...
Data Center Automation – Manual versus Policy Driven 
Architect it 
Design it 
Procure it 
Install it 
Configure it 
Secur...
Data Center Automation and IT Collaboration 
Today: Serialized Configuration and Management 
MANUAL PROCESS LEADS TO INCRE...
Data Center Automation and IT Collaboration 
ACI: Common Policy Framework and Operational Model 
POLICY-BASED AUTOMATION 
...
Application Awareness 
ACI: Application-Level Visibility 
Actions: 
No new hosts or VMs 
Evacuate hypervisors 
Re-balance ...
ACI Addresses the Security Challenge in the DC 
Automate 
Compliance, 
Centralized Audit 
Visibility, 
Analytics, 
Forensi...
Open 
Open Source, Open S tandards, Open Interfaces 
©2014 Cisco and/or its affiliates. All rights reserved. Cisco Confide...
Open: Choice and Investment Protection 
OPERATIONAL MODELS 
1. Scripting/Languages 
RESTful APIs, Python etc. 
2. IT Autom...
How ACI fits into Private and 
Public Clouds? 
© 2013-2014 Cisco and/or its affiliates. All rights reserved. Cisco Confide...
ACI is Multi-Hypervisor-Ready 
Virtual Integration 
! Integrated gateway for VLAN, 
VxLAN, and NVGRE networks 
from virtua...
ACI is Part of Cisco Intercloud Fabric Value Proposition: 
Secure Workload Mobility 
Cisco Intercloud Fabric 
Provider Clo...
ACI is Part of Data Center Automation 
Prime Services Catalogue 
Stack Designer 
IaaS PaaS SaaS ITaaS Intercloud 
Process ...
Summary 
© 2013-2014 Cisco and/or its affiliates. All rights reserved. Cisco Confidential 25
Summary: Our Direction 
Data centers and cloud network infrastructures, both 
physical and virtual, will no longer be conf...
Thank you.
Primend Praktiline Konverents - Rakenduse keskne IT infrastruktuur / Cisco Application Centric Infrastructure, Delivering ...
Prochain SlideShare
Chargement dans…5
×

Primend Praktiline Konverents - Rakenduse keskne IT infrastruktuur / Cisco Application Centric Infrastructure, Delivering Software Flexibility with Hardware Performance and Scalability

648 vues

Publié le

Andmekeskuse virtualiseerumise ja konvergeerumise tulemusena on tekkinud keskkond, kus seadmete senised haldamise lahendused ja protseduurid ei ole piisavad käideldavuse ja konfidentsiaalsuse tagamiseks. Uue põlvkonna halduslahendused peavad hakkama saama salvestuse, arvutuse ja rakenduste mobiilsusega.

Publié dans : Technologie
  • Soyez le premier à commenter

  • Soyez le premier à aimer ceci

Primend Praktiline Konverents - Rakenduse keskne IT infrastruktuur / Cisco Application Centric Infrastructure, Delivering Software Flexibility with Hardware Performance and Scalability

  1. 1. Why ACI? © 2013-2014 Cisco and/or its affiliates. All rights reserved. Cisco Confidential 2
  2. 2. Data Center Network: Trends and Challenges 25% Annual Growth —Big Data1 75% Bare Metal2 45% Multi-Hypervisor3 “Can you look into my application Performance ..NOW?” “..I need to move workloads to the cloud…NOW!.” “…I need to roll out new security policies NOW…” 1 Cisco Global Cloud Index *2 IDC Worldwide Virtual Machine 2013-2017 Forecast *3 InformationWeek 2013 Virtualization Management Survey © 2013-2014 Cisco and/or its affiliates. All rights reserved. Cisco Confidential
  3. 3. Application Centric Infrastructure Customer Business Benefits • Deploy applications faster • Workload mobility • Higher application availability • Compliant and secure • CapEx reduction Network Service Appliances X86 Multi-Hypervisor HYPERVISOR HYPERVISOR HYPERVISOR Application Centric Infrastructure East-West optimized for all workloads Single open API for entire system X86-Virtual Machines & Virtual Appliances X86 Servers Unix Systems P and Z systems IP Storage Customer Operational Benefits • Risk mitigation • Better utilization of resources • Operational efficient / zero touch deployment and de-commissioning • Self documenting network • Simplified day-2 troubleshooting • OpEx reduction ©2014 Cisco and/or its affiliates. All rights reserved. Cisco Confidential 4
  4. 4. ACI: Business Outcome and Benefits for Cisco IT “Cisco’s open standards approach makes ACI even stronger. We conducted testing on ACI … it fully delivered everything we expected, and proved to be quite stable and mature.” Nik Weidenbacher Principal Engineer, SunGard “Cisco ACI is an open, future-proofed data center architecture that can continue to grow as we enhance client services.” Chuck Crane Network and Security Architect, Axciom (Transitioning from AWS to Private Cloud) “This will enable Telstra to deliver service agility, security and performance that our customers expect from an enterprise grade cloud.” Erez Yarkoni Executive Director, Telstra Resource Optimization 10-20% Compute and Storage Optimization Greater Business Agility 58% Reduce Network Provisioning Reduced Costs/ Complexity 21% Reduce Management Costs Lower Operating Cost 45% Reduce Power and Cooling Costs Lower Capital Expenses 25% CAPEX Reduction Source: Cisco IT © 2013-2014 Cisco and/or its affiliates. All rights reserved. Cisco Confidential 5
  5. 5. What is ACI? © 2013-2014 Cisco and/or its affiliates. All rights reserved. Cisco Confidential 6
  6. 6. Application Centric Infrastructure Building Blocks Rapid Deployment of Applications onto Networks with Scale, Security and Full Visibility APPLICATION CENTRIC NEXUS 9500 AND 9300 POLICY CONTROLLER ACI © 2013-2014 Cisco and/or its affiliates. All rights reserved. Cisco Confidential
  7. 7. Programmable DC Networking for The Next Decade Nexus 9000 1/10/40/100G* Performance, Scale: Fastest 40G Platform Open Source / APIs / Standards Python, Power Shell, Puppet, Chef … 1011 15% Better Power and Cooling 2.8X Better Reliability $ Multi-million Savings 40/100G on Existing Cables 0010 Standalone / ACI Ready *100G Ready © 2013-2014 Cisco and/or its affiliates. All rights reserved. Cisco Confidential
  8. 8. Application Policy Infrastructure Controller Embracing SDN and Going Beyond POLICY: Centralized Application-Level Policy VISIBILITY: System-Wide Visibility, Telemetry, Health OPENESS: Open Source / APIs / Standards SECURE: Security and Performance @ Scale EXTENSIBLE: Hypervisors, L4-7, Storage, Compute Centralized Point of Management © 2013-2014 Cisco and/or its affiliates. All rights reserved. Cisco Confidential 9
  9. 9. Application Centric Policy is Business Relevant • Application Centric Infrastructure (ACI) allows the entire infrastructure to take commands in a business-relevant language. ACI Policy Aligned with Applications Traditional Policy Aligned with ….? “Let my app servers talk to my web servers.” 1. “Figure out where app lives in physical net” 2. “Trunk VLAN 112 to switch 22.” 3. “Add route….” 4. “Plumb ports 7-12…” 5. “Configure ACL…” 6. “Apply QoS…” 7. Repeat every time app moves or needs more capacity © 2013-2014 Cisco and/or its affiliates. All rights reserved. Cisco Confidential 10
  10. 10. Applications and The Network Application Requirements WEB APP DB WAN Firewall LB to App Connect to DB Connect to App High Priority Map existing Networks into Groups WEB APP DB VLAN 100 QOS ACLs Layer 3 F/W WEB APP DB ADC ADC WEB WEB WEB APP APP APP DB DB DB DIRECTLY MAP TO ACI APPLICATION PROFILES Map Groups and Policies into Application Profile © 2013-2014 Cisco and/or its affiliates. All rights reserved. Cisco Confidential
  11. 11. An Innovative Approach to Policy= Application Profile Provided Contract WEB Consumed Contract WEB OUTSIDE EPG Provided Contract DB DB EPG Consumed Contract DB APP EPG Consumed Contract APP WEB Provided Contract APP FW EPG ADC ADC Service Chain FW Service Chain APP Service Chain WEB What is an Application Profile? 1) End Point Group (EPG): A set of virtual or physical workloads with the same policy 2) Contracts: A set of rules governing communication between groups 3) Service Chains. A set of network services between groups © 2013-2014 Cisco and/or its affiliates. All rights reserved. Cisco Confidential 12
  12. 12. Application Policy Model and Instantiation Storage Storage DB Tier Application Client Web Tier App Tier Application policy model: Defines the application requirements (application network profile) Policy instantiation: Each device dynamically instantiates the required changes based on the policies VM VM VM VM VM 10.2.4.7 VM 10.9.3.37 VM 10.32.3.7 All forwarding in the fabric is managed through the application network profile IP addresses are fully portable anywhere within the fabric Security and forwarding are fully decoupled from any physical or virtual network attributes Devices autonomously update the state of the network based on configured policy requirements APIC © 2013-2014 Cisco and/or its affiliates. All rights reserved. Cisco Confidential
  13. 13. Data Center Automation – Manual versus Policy Driven Architect it Design it Procure it Install it Configure it Secure it QA it Is it ready? Architect it Design it Is installed Is configured Is secured Is QA’d Is procured It is ready ACI Policy Driven Service ARCHITECT DESIGN COMPUTE Request SERVICES SECURITY NETWORK Application Available Application Available ©2014 Cisco and/or its affiliates. All rights reserved. Cisco Confidential 14
  14. 14. Data Center Automation and IT Collaboration Today: Serialized Configuration and Management MANUAL PROCESS LEADS TO INCREASED DEPLOYMENT TIMES COMPUTE SERVICES NETWORK SECURITY Application Requirements Configuration Mismatch Policy Violation Successful Deployment Deployment Trigger Service ARCHITECT DESIGN COMPUTE Request SERVICES SECURITY NETWORK Application Available ©2014 Cisco and/or its affiliates. All rights reserved. Cisco Confidential 15
  15. 15. Data Center Automation and IT Collaboration ACI: Common Policy Framework and Operational Model POLICY-BASED AUTOMATION STORAGE SECURITY Application Policy COMPUTE NETWORK APPLICATION CLOUD Application Requirements Defined set of application requirements Team builds application policy and template Deployment Trigger Operations team deploys with minimal risk and maximum speed Service ARCHITECT DESIGN Request Application Available ©2014 Cisco and/or its affiliates. All rights reserved. Cisco Confidential 16
  16. 16. Application Awareness ACI: Application-Level Visibility Actions: No new hosts or VMs Evacuate hypervisors Re-balance clusters CiscoLive Event PetStore Dev • Leaf 1 and 2 • Spine 1 – 3 • Atomic counters Triggered Events or Queries PetStore Prod • Leaf 2 and 3 • Spine 1 – 2 • Atomic counters PetStore QA • Leaf 3 and 4 • Spine 2 – 3 • Atomic counters APIC VXLAN Per-Hop Visibility Physical and Virtual as One ACI Fabric provides the next generation of analytic capabilities Per application, tenants, and infrastructure: • Health scores • Latency • Atomic counters • Resource consumption Integrate with workload placement or migration © 2013-2014 Cisco and/or its affiliates. All rights reserved. Cisco Confidential
  17. 17. ACI Addresses the Security Challenge in the DC Automate Compliance, Centralized Audit Visibility, Analytics, Forensics Simplified Policy-based Segmentation Network Services Automation, Open Eco- System Security Expressed in Application Language Centralized Security Across Physical and Virtual © 2013-2014 Cisco and/or its affiliates. All rights reserved. Cisco Confidential 18
  18. 18. Open Open Source, Open S tandards, Open Interfaces ©2014 Cisco and/or its affiliates. All rights reserved. Cisco Confidential 19
  19. 19. Open: Choice and Investment Protection OPERATIONAL MODELS 1. Scripting/Languages RESTful APIs, Python etc. 2. IT Automation 3. OpenSource OpFlex APPLICATION NETWORK SECURITY 4. Integrated ACI Approach RICH ECOSYSTEM Hypervisors L4-L7 Services Management Security Storage Automate CLOUD Operational Choice—Service Provider, Enterprise, Commercial © 2013-2014 Cisco and/or its affiliates. All rights reserved. Cisco Confidential
  20. 20. How ACI fits into Private and Public Clouds? © 2013-2014 Cisco and/or its affiliates. All rights reserved. Cisco Confidential 21
  21. 21. ACI is Multi-Hypervisor-Ready Virtual Integration ! Integrated gateway for VLAN, VxLAN, and NVGRE networks from virtual to physical ! Normalization for NVGRE, VXLAN, and VLAN networks ! Customer not restricted by a choice of hypervisor ! Fabric is ready for multi-hypervisor Network Admin Application Admin VLAN VXLAN BARE METAL SERVER VLAN VXLAN Any to Any VLAN NVGRE VMware © 2013-2014 Cisco and/or its affiliates. All rights reserved. Cisco Confidential VLAN Hyper-V KVM Hypervisor Management APIC APIC VMware Microsoft Red Hat XenServer Microsoft Red Hat C240 M3 with OmniStack
  22. 22. ACI is Part of Cisco Intercloud Fabric Value Proposition: Secure Workload Mobility Cisco Intercloud Fabric Provider Cloud Fixed Workloads Variable Workloads Consistency Security/Networking as an extension of Private Cloud Control Unified workload management across clouds DC/Private Cloud Choice Freedom to place workloads across heterogeneous Clouds Compliance Policy-based deployment with ACI/ governance in cloud © 2013-2014 Cisco and/or its affiliates. All rights reserved. Cisco Confidential
  23. 23. ACI is Part of Data Center Automation Prime Services Catalogue Stack Designer IaaS PaaS SaaS ITaaS Intercloud Process Orchestrator 3rd Party Orchestrator Intercloud Fabric UCS Director Openstack UCS Manager Application Policy Infrastructure Controller Converged Infrastructure Managers OpenDaylight Virtual Machine Manager PORTAL SERVICES ORCHESTRATION AUTOMATION INFRASTRUCTURE MANAGEMENT Open Integration MANAGEMENT AUTOMATION POLICY SECURITY ECOSYSTEM PARTNERS © 2013-2014 Cisco and/or its affiliates. All rights reserved. Cisco Confidential
  24. 24. Summary © 2013-2014 Cisco and/or its affiliates. All rights reserved. Cisco Confidential 25
  25. 25. Summary: Our Direction Data centers and cloud network infrastructures, both physical and virtual, will no longer be configured, will not be software defined (or programmed), but instead will be Policy Driven and Application Centric. © 2013-2014 Cisco and/or its affiliates. All rights reserved. Cisco Confidential 26
  26. 26. Thank you.

×