techwisetv workshop: enterprise nfv
Post on 11-Apr-2017
543 Views
Preview:
TRANSCRIPT
Enterprise NFVNetwork VirtualizationJames Sandgathe – Engineer, Technical Marketing
May 2016
**
Enterprise Infrastructure Solutions Group
Cisco Enterprise NFV • Concept to Award Winning < 12 Months
Cisco Enterprise NFV2016 Best of Interop Award - Networking
Agenda
• What’s the Problem• This Thing Called NFV• Enterprise NFV Building Blocks• Platforms for Enterprise NFV
The Current Enterprise Branch Landscape
Multiple DevicesRouters, Appliances, Servers
Costly to OperateUpgrades, refresh cycles,
site visits
Difficult to ManageDevice integration and
operation
Horseman of the branch apocalypse
Implementing VirtualizationData Center and Branch
Focus on virtualization has been in the cloud and DC where between management console, VMs and hypervisors:
• Near infinite bandwidth • Near zero latency • Straight IP
Over the WAN this is not the same:• WAN BW is not infinite• WAN latency is not sub millisecond• WANs have tunneling, encryption, and labeling• Management of the hypervisor can be dependent
on a VM and its stability
MPLS Wireless Route Security
Hypervisor Platform
PKT
Implementing VirtualizationData Center and Branch
• Packet from the same flow can be spread across many different CPU pools
SLB
HTTP HTTP
PKT
WAN OptRoute Security
HypervisorPlatform
• Packet from the same flow use same CPU pool
• Two, Three or more VMs may process all packets of the same flow PKT
What NFV Can Do For You
Gives you flexible deployment options
Simplify day to day operations
Quickly roll out new services and locationsSimple and easy
to design, provision, manage the trusted
services that are critical to your business
How would the branch office change ….
NIC NIM BMC Switch
X86 Processor
Life Cycle MGT Automation Policy Enforcement
Virtualization Layer - KVM
Operating System
Router
Firewall
Wireless
WAN Opt
Proxy/Cache
WAN-Opt vAPP WLC
Route/Path
Selection
FW/IDS
NIC NIM BMC Switch
X86 Processor
Life Cycle MGT Automation Policy Enforcement
Virtualization Layer - KVM
vAPP
Operating System
Branch on Hardware This is a Branch with Cisco Enterprise NFV
What if remote sites looked like this …
Route
vnet
Platform
Route
vnet
Platform
Route
Platform
Orchestration & Automation
vnet
What if remote sites looked like this …
Route
vnet
Platform
Route
vnet
Platform
Route
Platform
Orchestration & Automation
vnet
Orchestration & Automation
What if a company wide webcast needed to be run …
Route
vnet
Route
vnet
Route
vnet
Platform
Video
Video
Video
Platform
Platform
Orchestration & Automation
When the webcast is over, resources are released
Route
vnet
Route
vnet
Route
vnet
Platform
Video
Video
Video
Platform
Platform
Orchestration & Automation
Consider a new threat the business
Route WAN Opt
vnet
Route WAN Opt
vnet
Route WAN Opt
Platform WLC FW/IPS WLC
FW/IPS
FW/IPS
vnet
vnet vnet
vnet vnet
vnet vnet
vnet
But a new defense network can be up… everywhere at once
Platform
Platform
Why Virtualization for the Network?
Lower operating costsAND
IoTMobility Analytics CloudMobile traffic will Exceed
wired traffic by 2017IoT Devices will triple by 2020
76% of companies planning to or investing in Big Data
80% of organizations will primarily use SaaS by 2018
Deploy new capabilities faster
Enterprise NFV Solution ArchitecturePhase 1
Platform Hardware
NFVIS
Cisco VNF
Cisco VNF
3rd VNF1
App1 Appn
Orchestration, Automation and Management (OAM)
… …
Various Host options for different Branch
Sizes
Software host managing
virtualization and hardware
VNF and Application hosting with 3rd party support
Common Orchestration and
Management across virtual & physical
network
API Interface
Platform Management Hypervisor Virtual
Switching
NFVIS = Network Function Virtualization Infrastructure Software
3rd VNFn
…
• Enterprise Service Automation (ESA)• Creates implementable policy from business intent via Profiles• Automates site turn up
• APIC-EM & Prime Infrastructure• Branch (NFVIS) registration & PnP Server• API interface to NFVIS• Day 1+ services configuration• Monitoring and Service Assurance
Enterprise NFVOAM System Platform Hardware
NFVIS
Cisco VNF
Cisco VNF
3rd VNF1
App1 Appn
Orchestration, Automation and Management (OAM)
… …
API Interface
Platform Management Hypervisor Virtual
Switching
3rd VNFn
…
Upload Devices to be used
Upload the Branch locations
Design a Profile & select functions
Map to Branch(s)
Assign template and attributes
Pick validated topologies
1 2 3
5
4
Branch DesignEnterprise Service Automation
Platform Hardware
NFVIS
Cisco VNF
Cisco VNF
3rd VNF1
App1 Appn
Orchestration, Automation and Management (OAM)
… …
API Interface
Platform Management Hypervisor Virtual
Switching
3rd VNFn
…
Orchestration & ManagementDay 0
WAN
SN, IP for host
Office
IP
NFVIS
IPSWAAS
vSwitchPr
ofile
to S
N m
appi
ng
Prov
isio
ning
Prov
isio
ning
APIC-EMPrime Infrastructure PnP
REST
ESC-Lite
Enterprise Services Automation (ESA)
Platform Hardware
NFVIS
Cisco VNF
Cisco VNF
3rd VNF1
App1 Appn
Orchestration, Automation and Management (OAM)
… …
API Interface
Platform Management Hypervisor Virtual
Switching
3rd VNFn
…
Profile mapped to branch
-Inventory-Create Network-Deploy Services
-Set Device
Orchestration & ManagementMonitoring
Platform Hardware
NFVIS
Cisco VNF
Cisco VNF
3rd VNF1
App1 Appn
Orchestration, Automation and Management (OAM)
… …
API Interface
Platform Management Hypervisor Virtual
Switching
3rd VNFn
…
WCMCSM
WAN
Office
IP
NFVIS
IPSWAAS
vSwitch
Enterprise Services Automation (ESA)
APIC-EMPrime Infrastructure
Monitoring• Performance• Health• Fault
Service Element Manager
Network Services from CiscoConsistent software across physical and virtual
* FirePOWER Threat Defense for ENFV June/July 2016
Platform Hardware
NFVIS
Cisco VNF
Cisco VNF
3rd VNF1
App1 Appn
Orchestration, Automation and Management (OAM)
… …
API Interface
Platform Management Hypervisor Virtual
Switching
3rd VNFn
…
ISRv
High Performance
Rich Features
ASAv/FTD
Full DC-class Featured Functionality
* vWAAS Application Optimization
and Akamai Connect
vWLC Built for small and medium
branches
LinuxWindows Server
Extending the Reach of NFV Application and Network Services
Active Directory, SCCM, File Share
Server Applications
Custom ApplicationsDNS/DHCP
Platform Hardware
NFVIS
Cisco VNF
Cisco VNF
3rd VNF1
App1 Appn
Orchestration, Automation and Management (OAM)
… …
API Interface
Platform Management Hypervisor Virtual
Switching
3rd VNFn
…
3rd PartyNetwork Services
Management & Monitoring
NFVIS Software
Linux
NFVIS
Virtualization Layer Hypervisor & vSwitch
Orchestration APIPlug-n-PlayClient
Console/SSH
ESA via Prime
CLI REST/NETCONF
Health Monitor
HTTPS
Device Web PortalAPIC-EM
Platform Hardware
NFVIS
Cisco VNF
Cisco VNF
3rd VNF1
App1 Appn
Orchestration, Automation and Management (OAM)
… …
API Interface
Platform Management Hypervisor Virtual
Switching
3rd VNFn
…
WAN OptRoute Security
HypervisorPlatform
• Packet from the same flow use same CPU pool
• Two, Three or more VMs may process all packets of the same flow PKT
Remember our discussion where at the branch multiple virtualized functions could be processing every packet of a flow
NFVIS Software
Linux
NFVIS
Virtualization Layer Hypervisor & vSwitch
Orchestration APIPlug-n-PlayClient
Console/SSH
APIC-EM/Prime
CLI REST/NETCONF
Health Monitor
HTTPS
Device Web Portal
PlatformsInterface Controller
Interface Adaptors
PKT
C C C
PKT
PKT
PKT PKT VNF
VNF
VNF
APIC-EM
Platform Hardware
NFVIS
Cisco VNF
Cisco VNF
3rd VNF1
App1 Appn
Orchestration, Automation and Management (OAM)
… …
API Interface
Platform Management Hypervisor Virtual
Switching
3rd VNFn
…
NFVIS Software
Linux
NFVIS
Virtualization Layer Hypervisor & vSwitch
Orchestration APIPlug-n-PlayClient
Console/SSH
APIC-EM/Prime
CLI REST/NETCONF
Health Monitor
HTTPS
Device Web Portal
PlatformsInterface Controller
Interface Adaptors
VNF
VNF
VNF
VF VFVF
PKT
APIC-EM
Platform Hardware
NFVIS
Cisco VNF
Cisco VNF
3rd VNF1
App1 Appn
Orchestration, Automation and Management (OAM)
… …
API Interface
Platform Management Hypervisor Virtual
Switching
3rd VNFn
…
• Enterprise NFV local management capabilities
• Components:• Local GUI, VM Life-cycle Manager• Local PnP Agent• Useful if WAN connectivity is unavailable• For small deployments
NFVIS Local ManagementThe POWER under the hood
All controls written using public APIs!!
Linux
NFVIS
Virtualization Layer Hypervisor & vSwitch
Orchestration API Plug-n-Play Client
CLI REST/NETCONF
Health Monitor
HTTPS
Reliable
Long life cycle Secure
What’s needed from the platform
Form factor
Expandable
Programmable Scalable
Strong Support
• Designed for a wide range of workloads
• Dense 1RU modular general compute platform • CPU: Single/Dual 4 to 18 cores each• Memory: Up to 784GB• Storage : 4 or 8 up to 8TB (RAID 10)
• External Interfaces: • Dual GE on-board• Two PCIe slots (Quad or Dual GE)
• Cisco integrated management controller (CIMC)
Enterprise NFV UCS-220-M4
VM VM VM
NFVIS
Enterprise NFV Modular Compute Platform
SupportOne support cost
Native L2-7 ServicesSecurity, optimization
Virtualized Services FrameworkAppliance-level performance
Life-Cycle5 – 7 Years
Cisco ISR4000
Revolutionary Platform
Architecture
ReliableBest edge platform
UCS® E-SeriesIntegrated & OIR Support compute – up to 8 cores
x86GE
With an SD-WAN solution built in
WAN
Internet
IWANNFVIS
VNF VNF
Orchestration & Automation
x86 blade with NFVISAlong with automation control
Remember our discussion on how virtualization was different over the WAN
Over the WAN this is not the same:• WAN BW is not infinite• WAN latency is not sub millisecond• WANs have tunneling, encryption, and labeling• Management of the hypervisor can be dependent
on a VM and its stability
MPLS Wireless Route Security
Hypervisor Platform
Hypervisor (KVM)
IOS
-XE
vSwitch BR2
WAAS
FFP DataPlane (ISR-4K)
GE (MGF)
FPGA
GE GE0 GE1
ISR-4K
Snort
Mgmt NIC GE
IOSd
NIM
NFV
-OS
WLC Windows vFP(t)
OVS
UC
S-E
GE
GE
1 GE
2
Internal NIC GE0 GE1
UCS-E
Hypervisor (KVM)
BR1
vnet vnet
BR0
3rd Party
NIM
IoT
Enterprise NFV ISR-4000 Modular Compute Platform
DMVPN & MPLS
• UCS-E Compute blade runs orchestrated and automated NFVIS
• Platform CIMC fully manages the x86 UCS-E hardware with control right down to BIOS
• 4K implements Transport Services and Intelligent WAN along with varying interfaces CIMC
ZBFW
NFVI
S
MGF
During his keynote for the first iPhone, Steve Jobs quoted computer scientist Alan Kay …
"People who are really serious about software should make their own hardware…”
Thanks to Dave Zacks, Distinguished Engineer
• CCO information (www.cisco.com/go/enfv)
• CiscoLive Melbourne - BRKCRS-3447: Enterprise Network Function Virtualization
• Two new sessions are added at CiscoLive Las Vegas 2016BRKCRS-2006 – 2 Hour Breakout TECCRS-3006 – 8 Hour Deep Dive Tectorial and Hands On Lab
• Interop Tech Field Day – Enterprise NFV Session
Additional Resources
top related