cisco data center architectures for cloud...

© 2011 Cisco and/or its affiliates. All rights reserved. Cisco Confidential BRKDCT-2222 1

Cisco Data Center Architectures for

Cloud Computing

BRKDCT-2222

Carlos Pereira - Distinguished Systems Engineer II @ Latin America


Data Center and Virtualization (DC/V) & Cloud

market trends

DC Architectural and Solutions Update

Unified Fabric

Unified Network Services

Cisco Unified Computing (UCS)

Integrated Computing Stacks & VMDC

Cisco Cloud Computing Orchestration

Q&A


Key Trends Impacting IT & Data Centers

Server Virtualization — higher performance

LAN and Storage convergence

VM-Level awareness

Workload provisioning

Applications availability

Drive for Green—power, cooling and

space

The need to reduce costs and/or maximize

profits

IT as business enabler


Virtualization touches half (at least …)

Server Virtualization — higher performance

LAN and Storage convergence

VM-Level awareness

Workload provisioning

Applications availability

Drive for Green—power, cooling and

space

The need to reduce costs and/or maximize

profits

IT as business enabler


The Evolving Data Center Architecture Technology Disruptor – Server Virtualization

0

2,500,000

5,000,000

7,500,000

10,000,000

12,500,000

15,000,000

17,500,000

20,000,000

2005 2006 2007 2008 2009 2010 2011 2012 2013 2014

Virtualized Non-Virtualized Source: IDC, Nov 2010

Tipping Point

Traditional Virtualized

c

App OS App OS App OS



...1 Server,

or “Host”

Many Apps,

or “VMs”…

Hypervisor

App

OS App

OS App

OS 1 Application…

...1 Server

App

OS App

OS App

OS Transition

Cisco

launches

Unified

Computing


Management & Control

Primary Network

Secondary Network

Legacy

Server = Application Unified

Server = Resource

Unified Fabric

Wire Once and Walk Away


Ethernet Adapters & Switches and X86 servers


This is bad!


A larger picture

IEEE 802 Evolution of Ethernet

10 GE, 40 GE, 100 GE, copper and fiber

Evolution of switching

DCB: Data Center Bridging

INCITS/T11 Evolution of Fibre Channel

FCoE (Fibre Channel over Ethernet)

IBTA (Infiniband Trade Association) RoCE (RDMA over converged Ethernet), aka IBoE or RoE

IETF Layer 2 Multi-Path

TRILL (Transparent Interconnection of Lots of Links)


The Data Center is In Transition

Transformation Challenges

Virtualization

Compute Network

and Storage Access

Technology advances

Energy efficiency

Economic efficiency

Dynamic business environment

Scalability

Management integration

Application migration

Coherent policies and security


Solution Benefits

Unleashing the Data Center’s Full Potential

Virtualization

Compute Network and Storage

Access

Cohesive system that unites compute, network, storage access, and virtualization

Management simplification

Reduced TCO

Increased business agility

Improved energy efficiency

© 2010 Cisco and/or its affiliates. All rights reserved. Cisco Confidential BRKSPM-2604_c1 12

How about a fully Virtualized Data Center architecture ? Is that what “cloud computing” and the “data center fabric” are all about ?


Automation

Hybrid

Cloud

Private

Cloud

Virtualization

Inter-

Cloud

Consolidation

Public

Cloud

The Cloud Computing Journey

Consumption models for IT,

applications and services are changing

dramatically and will be a

hybrid mix – available both

on-premises and from the cloud

Cisco helps their customer take

advantage of this shift and ensure a

smooth journey

PRESENT


Consolidate

Assets

Automate

Service Delivery

Virtualize the

Environment

Standardize

Operations

Increased Agility, Efficiency and Simplicity

Increased Cloud Readiness


Cisco

Lifecycle

Services

Application

Networking Switching Management Compute Security OS Storage

Partner Ecosystem

Consolidate

Assets

Standardize

Operations

Virtualize the

Environment

Automate

Service Delivery

Efficiency Agility Simplification

New Service Creation and

Revenue Generation

Driving Profitability New Bus.

Models, Governance

and Risk

Unified

Fabric

Unified

Computing

Unified Network

Services

Architectural Framework



market trends


Unified Fabric





Q&A


Virtualized Network Infrastructure Overview Need to know concepts 1

Core

2

2

4

Aggregation

Access

Virtual

Access

AS / Area Boundary MPLS Edge Route Summarization Default route injection Stateful Services Connectivity Point Access Layer Connectivity Point L2 Services: root, loop-free features L3 Services: default GW, DCHP Relay, ACLs

Hosts Connectivity Point Mapping from virtual to physical L3 Services: Access layer functions L2 Services: Edge protocols

Virtual Host Connectivity Point Virtual Extension of access services Network policy enforcement point

Considerations…

Functions are well defined – Tiers can be collapsed or expanded based on scale

L2/L3 Boundary is highly dependent on application environment and redundancy model

Access-edge: provide FC/10GE/FCoE connectivity connection to the LAN & SAN clouds

Functions Tiers


Virtualized Network Infrastructure Overview Need to know concepts 2

Access Pod: Collection of compute nodes and

network ports behind a pair of access switches

Compute Pod: Collection of compute nodes

behind a single management domain or HA domain

Pod: Repeatable physical, compute and network infrastructure including L2/L3 boundary equipment. The pod is the L2 failure domain – fate-sharing domain

Considerations…

Each pod type is expecting and providing higher scalability

Traditional pod-to-pod connectivity has been through L3

DC efficiency and virtualization demand more flexibility

Greenfield pods in brownfield Data Centers


Network Planes of Operation

Policy Plane The business glue of the network. Rules execution, decision making, Service Manager and all the other components to make a productize service.

Services Plane Overlay “Layer 7” application flow built on the foundation of the other layers. Dependent on the other layers.

Management Plane

The management plane is the logical path of all traffic related to the system management of the platform.

Control Plane It’s the brain of any networking platform and the technical glue of the network. The control plane is where all routing, switching, other protocols and control information are exchanged

Data Plane The data plane receives, processes, and transmits network data between network elements, and represents the bulk of network traffic that passes to and through the gear.


Cisco Fabric Extender Concept Port Extender (was Pre-standard 802.1Qbh, now 802.1BR)

LAN LAN

Switch port extended over

Fabric Extender

Collapse networking tiers, reduce network management points.

Switch

Switch

Legacy multi-tier architecture FEX architecture

Switch

FEX


Distributed High Density

Edge Switching System

(up to 4096 virtual Ethernet

interfaces)

+

Cisco Nexus® 2000 FEX

Cisco Nexus® 5500

Cisco Nexus® 2000 FEX

Cisco Nexus® 7000

+

Cisco FEXlink: Virtualized Access Switch Nexus 2000 Fabric Extender


Cisco Virtual Port Channel (vPC)

FLEXIBILITY

Configure all servers for network redundancy in

the same way using standards based LACP

Virtual Port Channel (vPC) - Enables LACP between a device

and two upstream switches

- Supported with all Nexus portfolio

- Can be used for redundant links

towards Linux, Windows or ESX

servers

- More bandwidth to every server

LACP based

Etherchannel

Nexus 5000, 5500 or 7000 with or without Fabric Extender

Any server – Blade or Rack


VPC domain

Virtual Port Channel (vPC)

Introduces some changes to the data plane

Provides active/active redundancy

Does not rely on STP (STP kept as safeguard)

Limited to pair of switches (enough for most cases)

Redundancy

handled by STP

Redundancy

handled by vPC

Blocked port (STP)

Simple Networking Building Block

Data plane based loop prevention


To2R Example: Nexus 2000 Deployment

Rack 1 Rack 2

Access Layer

Rack 1 Rack 2Rack 1 Rack 2

Distribution LayerNexus 7000 Nexus 7000

Nexus 5000 Nexus 5000

Nexus 2000 Nexus 2000 x4 x4x4x4

x4 x4x4x4

Rack 1 Rack 2Rack 1 Rack 2 Rack 12 Rack 1 Rack 2 Rack 12

vPC

vPC

© 2010 Cisco and/or its affiliates. All rights reserved. Cisco Confidential BRKSPM-2604_c1 25

That’s nice, but how about the upstream DC networking layers scalability ?


L2 Requires a Tree Branches of trees never interconnect (no loop)

Spanning Tree Protocol (STP) typically used to build this tree

Tree topology implies:

Wasted bandwidth → increased oversubscription

Sub-optimal paths

Conservative convergence (timer-based) → failure catastrophic (fails open)

11 Physical Links 5 Logical Links

S1

S2

S3


Cisco STP Implementation Feature Rich

+

+

+

+

+

+ +

+

+

+

+ -

-

-

-

-


Aggregation

Access

Data Center

Core B

L

R

N

E

BPDUguard

Loopguard

Rootguard

Network port (Bridge Assurance)

Edge port

- Normal port type

B

R R

N N

N N N

N N N N

N N

N N N R R R R R R

- -

B

E

B

E

B

E

B

E

Layer 3

Layer 2 (STP + Bridge Assurance)

Layer 2 (STP + BA + Rootguard)

Layer 2 (STP + BPDUguard)

L L

E

Backup

Root

HSRP STANDBY

Root

HSRP ACTIVE

Global BPDU filter F

F F F F F

Data Center Design Based on STP Focused on Stability Features


VPC domain

Aggregation

Access

Data Center

Core

B

R R

N N

- - - - - - R R R R R R

- -

B

E

B

E

B

E

B

E E

- -

-

L

Layer 3

Layer 2 (STP + Bridge Assurance)

Layer 2 (STP + Rootguard)

Layer 2 (STP + BPDUguard)

HSRP ACTIVE

Data Center Design Based on vPC

Focused on Scalability Features

F F F F F

B

L

R

N

E

BPDUguard

Loopguard

Rootguard

Network port (Bridge Assurance)

Edge port

- Normal port type

Global BPDU filter F

HSRP ACTIVE

Root

Root


Nexus 5000/2000 Virtualized Access

Switch Pods . . .

Virtual Access Switch POD Nexus end-to-end loop free Layer 2 Logical Topology

Cisco Nexus 2248T / 2232 Fabric Extender (N2K) and Nexus 5500 (N5K) Pod

N2K + N5K Pod represents networking Access layer

Nexus 7000 at Aggregation Layer

Each Virtualized Access Switch Pod configured to support up to 768 1GE server ports

NO blocking

ports

VPC pair

NO

STP


Logical View: Star Topology without L2 loops

Virtual Blade Switching (VBS)

Nexus 7000 vPC

Nexus 5000 / 5500 + 2000 Virtual Access

Switch POD

Unified Computing System (UCS)

Nexus 7000 + 2000 Virtual Access

Switch POD


What if I need more than two (2)

aggregation switches ?

How do I scale MAC Addresses

with L2 bridging ?


MAC Address Scaling & L2 Bridging

MAC addresses encode no location or network hierarchy

Default forwarding behavior in bridged network is flood

MAC filtering database limits scope of flooding

Ultimately, may not scale well as every switch learns every MAC

MAC Table

A

MAC Table

A

MAC Table

A

MAC Table

A

MAC Table

A

MAC Table

A

Layer 2

Domain


Network Addressing Scheme MAC v.s. IP

10.0.0.10 /24

Network Address

10.0.0.0/24

Host Address

10.0.0.10

0011.1111.1111

Non-hierarchical

Address

L2 Forwarding (Bridging)

Data-plane learning

Flat address space and forwarding

table (MAC everywhere !!!)

Flooding required for unknown unicast

destination

Destination MACs need to be known

for all switches in the same network to

avoid flooding

0011.1111.1111 0011.1111.1111

0011.1111.1111

0011.1111.1111 0011.1111.1111

L3 Forwarding (Routing)

Control-plane learning

Hierarchical address space and

forwarding

Only forwarding to destination

addresses with matching routes in the

table

Flooding is isolated within subnets

No dependence on data-plane for

maintaining forwarding table

10.0.0.10 20.0.0.20

10.0.0.0/24

10.0.0.0/16 20.0.0.0/16

20.0.0.0/24


VLAN VLAN

VLAN VLAN

Access

Core

Eternal Debates on Network Design for Cloud Layer 2 or Layer 3?

Layer 3

Network

VLAN VLAN

VLAN VLAN

L3

L

2

Simplicity (no planning/configuration

required for either addressing or control

plane)

Single control plane protocol for unicast,

broadcast, and multicast

Easy application development

Subnet provide fault isolation Scalable control planes with inherent provision of multi-pathing and multi-topology HA with fast convergence Additional loop-mitigation mechanism in the data plane (e.g. TTL, RPF check, etc.)

Both Layer 2 and Layer 3 are required for any network design

Cisco has solutions for both Layer 2 and Layer 3 to satisfy

Customers’ requirements Layer 2?

Layer 3?


The Next Era of Layer 2 Network What Can Be Improved?

Network Address Scheme: Flat Hierarchical

Additional header is required to allow L2 “Routing” instead of “Bridging”. “Switch ID” comes to the picture.

Provide additional loop-prevention mechanism like TTL

Address Learning: Data Plane Control Plane

Eliminate the needs to program all MACs on every switches to avoid flooding

Control Plane: Distance-Vector Link-State

Improve scalability, minimize convergence time, and allow multipathing inherently

The ultimate solution needs to take both control

and data plane into consideration this time!!!


Cisco Nexus Platform

Cisco NX-OS

Cisco FabricPath Overview

FabricPath encapsulation

Conversation Learning

Routing, not bridging

Built-in loop-mitigation

Time-to-Live (TTL)

RPF Check

Data Plane Innovation

Plug-n-Play Layer 2 IS-IS

Support unicast and multicast

Fast, efficient, and scalable

Equal Cost Multipathing

(ECMP)

VLAN and Multicast Pruning

Control Plane Innovation

Cisco FabricPath


FabricPath – Simplicity to the Server team

Benefits server team by providing a network Fabric that looks like a single switch → Breaks down silos, permits workload mobility, provides maximum flexibility

Lowers OPEX by simplifying server team operation → Reduces dependency on/interaction with network team

Web Servers App Servers New Apps

Silo 1 Silo 2 Silo 3

Web Servers

App Servers

New Apps

FabricPath – Any App, Anywhere! Multi-Domain – Silos

Fabric


What is a Fabric?

Externally, a Fabric looks like a single switch

Internally, a protocol adds Fabric-wide intelligence and ties the elements together. This protocol provides in a plug-and-play fashion:

Optimal, low latency connectivity any to any

High bandwidth, high resiliency

Open management and troubleshooting

Cisco FabricPath provides additional capabilities in term of scalability and L3 integration

FabricPath FabricPath


FabricPath: an Ethernet Fabric

Connect a group of switches using an arbitrary topology

With a simple CLI, aggregate them into a Fabric:

Enabling Network Fabrics

N7K(config)# interface ethernet 1/1

N7K(config-if)# switchport mode fabricpath

An open protocol based on L3 technology provides Fabric-wide intelligence and ties the elements together

FabricPath


Example 1: Classical POD Migration

Q: Why migrate traditional Access/ Aggregation building block to FabricPath?

A:

• No STP – No STP sync, no topology changes, no blocked ports, no risk of loops

• Simple configuration

• Total flexibility in design and cabling

• Enables organic bandwidth growth – Grow where and whenever needed with minimal impact


Example 2: POD Interconnect / VLAN Anywhere

Q: How to interconnect DC PODs in order to have VLANs anywhere?

A:

Provide server/host connection to any edge port in network, regardless of physical location

Physical/rack/distribution pair location of host irrelevant with respect to IP subnet and Layer 2 adjacency with other hosts

Gateway placement options include GLBP, MHSRP and “leaf-attached” gateways, so far.

POD 1

VLANs 100-199

POD 2 POD 3

VLANs 200-299 VLANs 300-399 VLANs 100-399

PODS 1-3


Data Center Networking Architecture Flexibility: Cisco FabricPath

Spanning-Tree vPC FabricPath

Pod

Bandwidth

Active Paths

Up to 10 Tbps Up to 20 Tbps Up to 160 Tbps

Single Dual 16 Way

Infrastructure Virtualization and Capacity

Layer 2 Scalability

16

Switches



market trends


Unified Fabric





Q&A


ANY SERVICE

Offers flexibility and choice for any deployment model

ANY ENVIRONMENT

ANY FORM FACTOR

ANY DELIVERY MECHANISM

Network

Compute Cloud

Appliance Module Virtual Integrated

Dedicated

(Hardware coupled)

Dynamic

“On-demand”

….

Cisco Unified Network Services

Security Application

Acceleration

Network

Analysis/

Monitoring

Application

Delivery

Other

Services

Consistent

Policy

Operational

Simplicity

Workload

Portability


Data Center Virtualized Services Combination Example

v5

v105

v6 v7

v107

v2081

v2082

v2083

...

v206 v207

v206

BU-4 BU-2 BU-3

v105

v108

BU-1

1

2

3

4

* vX = VLAN X

**BU = Business Unit

VRF

VRF

VRF VRF VRF

v208

“Front-End” VRFs (MSFC)

Firewall Module Contexts

ACE Module Contexts

“Back-End” VRFs (MSFC)

Server Side VLANs

v207

3

4

v8


Physical to Virtual Services Transition

Physical NW Services

WAN Opt

• Application-specific

service nodes

• Form factors:

• Appliance

• Switch module

• Router-integrated

Private Cloud

Firewall Hypervisor

App OS

App OS

App OS

SLB/ADC VDC-1 VDC-2

Public Cloud

Provide a common framework for Physical and Virtual services

Extend customer investments in Physical, while addressing cloud requirements

• Virtual appliance form factor

• Elastic Instantiation/Provisioning

• Service transparent to VM mobility

• Support scale-out

• Large scale multi-tenant operation


• Typically provisioned as trunk to the server running ESX

• No visibility to individual traffic from each VM

• Unable to troubleshoot, apply policy, address performance issues

Boundary of network visibility

Current View of the Access Layer with VMs


Networking for Server Virtualization

Problems:

• Dynamic Migration of VMs may move them across physical server ports—policy must follow

• Impossible to view or apply policy to locally switched traffic

• Need collaboration between network and virtualization admin

VLAN 101


VN-Link, or Virtual Network Link, is a term which describes a new set of features and capabilities that enable VM interfaces to be individually identified, configured, monitored, migrated and diagnosed.

VN-Link can be though as the “virtual cable connecting the veth and vnic interfaces”

What is VN-Link?

Hypervisor

VNIC VNIC

VETH VETH


VN-Link View of the Access Layer

• Nexus 1000V and VN-Link provide visibility to the individual VMs

• Policy can be configured per-VM

• Policy is mobile within the ESX cluster

Boundary of network visibility

Nexus 1000V

Distributed Virtual Software Switch


Nexus 1000V VSM

Cisco Nexus 1000V Architecture

Nexus 1000V VSM

vCenter

Virtual Supervisor Module (VSM)

Virtual or Physical appliance running Cisco NXOS (supports HA)

Performs management, monitoring, & configuration

Tight integration with VMware vCenter

Virtual Ethernet Module (VEM)

Enables advanced networking capability on the hypervisor

Provides each VM with dedicated “switch port”

Collection of VEMs = 1 vNetwork Distributed Switch

Cisco Nexus 1000V Installation

ESX & ESXi

VUM & Manual Installation

VEM is installed/upgraded like an ESX patch

vSphere

Nexus

1000V

VEM

vSphere vSphere

Nexus 1000V

VEM

Nexus

1000V

VEM

VM VM VM VM VM VM VM VM VM VM VM VM


What is vPATH ?

Intelligence build into Virtual Ethernet Module (VEM) of Cisco Nexus 1000V virtual switch (version 1.4 and above);

vPATH has the following main functions:

1. Intelligent Traffic interception for Virtual Service Nodes (VSN): vWAAS & VSG;

2. Offload the processing of Pass-through traffic (from vWAAS, for instance);

3. ARP based health check;

4. Maintain Flow entry table.

vPATH is Multitenant Aware

Leveraging vPATH can enhance the service performance by moving the processing to hypervisor;

VMware ESX/ESXi Server

Nexus 1000V vPATH


vPATH Interception in Nexus 1000v

VPATH Interception is configured on Server VM’s Port Profile as both directions to redirect to VSN;

Server traffic is intercepted by vPATH interception in VEM and redirected to VSN;

Egress traffic (optimized/bypass) can be forwarded without further VPATH interception (e.g.: vWAAS).

Upstream

Switch

VSM

VSN Server

VM

VEM

VPATH

Interception

In/Out


vPATH – Policy Based configuration in Nexus1000v

Nexus 1000v VSM

vCenter Server

Non Opt Port-Profile

VSN Port-Profile

Optimize Port-Profile

Web

Server DB

Server

VMware ESXi Server

Nexus 1000V vPATH

VSN

Web

Server App

Server

VMware ESXi Server

Nexus 1000V vPATH

VSN

1. Optimization based on the port-profile

policy configured in Nexus 1000V

2. Policy gets propagated to vCenter

automatically

Feature

1. Provide on-demand service

orchestration in the cloud without

network disruption

Benefit


vPATH – Application based interception

Nexus 1000v VSM

Network Admin view

vPATH interception

vSphere client

Server Admin view

Attach Opt-port-profile

to server VMs

Port-Profile Port-group



market trends


Unified Fabric





Q&A


Cisco Unified Computing System The Cisco Unified Computing System is designed to dramatically reduce data center total cost of

ownership while simultaneously increasing IT agility and responsiveness.

Investment Protection

Industry standards-based Co-exists with existing data center infrastructure Leverage existing management applications via API

Increases Business Agility

Provision applications in minutes instead of days Automation reduces service outages Just-in-time resource provisioning

CapEx: Up to 20% reduction OpEx: Up to 30% reduction Cooling and power efficiency

Reduces Total Cost of Ownership


Cisco Unified Computing System (UCS)

A Platform for Cloud Ready’s Data Center.

• Run any x86 application: virtualized or non-virtualized

• Integrate with existing networks, storage, and management infrastructure

• Run side by side with legacy infrastructure

• Self integrating: Deploy rapidly & increase productivity


Technology Evolution

Storage Array Disk Drive

System Administrators used to manage each disk drive

The Storage Array fundamentally changed the focus

No one cares how many disk drives they have: storage matters

Simplify The Data Center


Unified Computing System

Technology Evolution

Server

• System Administrators have to manage each server

• Unified Computing changes the focus

• No one should care how many servers they have: Computing matters

Simplify The Data Center


What is “stateless” computing architecture?

Stateless client computing is where every compute node has no inherent state pertaining to the services it may host.

In this respect, a compute node is just an execution engine for any application (CPU, memory, and disk – flash or hard drive).

The core concept of a stateless computing environment is to separate state of a server that is built to host an application, from the hardware it can reside on.

The servers can easily then be deployed, cloned, grown, shrunk, de-activated, archived, re-activated, etc.

2010 Cisco Inc., Company Confidential – Presented under NDA 63


SAN B

UCS Compute Array

Single, scalable integrated system

Network + compute virtualization

Dynamic resource provisioning

Mgmt SAN A LAN

Simplicity


Private Cloud and UCS

Private Clouds

Service tools and portals designed for highly automated services

Integrated governance

Service Expiry – return resources when business need is complete

All Infrastructure within customer data centers

Metering, usage-based billing, and limiting

Abstract element managers to baseline API

UCS and XML are components here – not the entire solution

Enterprise can assign priorities to compute services to allow take-over

Data Center Infrastructure

Company

Business Unit A

Business Unit B

Services/ Policies

Services/ Policies

Unit B Servers

Unit B Spares

Unit B Network Unit B Disk

Unit A Servers

Unit A Spares

Unit A Network Unit A Disk



Private Cloud Extension

Same service tools and portals

Integrated governance

Service Expiry – return resources when business need is complete

Infrastructure can be assigned to provider data centers

Metering, usage-based billing, and limiting


Company

Business Unit A

Business Unit B

Services/ Policies

Services/ Policies

Unit B Servers

Unit B Spares


Unit A Servers

Unit A Spares


Cloud Provider Infrastructure




Private Cloud Bursting

Very rapid service additions

High volume bursts

Enterprise designs data center for nominal – not burst

Key context is a stateless and automated method to bring resources on-line

Usage-based billing


Company

Business Unit A

Business Unit B

Services/ Policies

Services/ Policies

Unit B Servers

Unit B Spares


Unit A Servers

Unit A Spares


Cloud Provider Infrastructure

Unit A Servers

Unit A Spares





Ex.1: UCS Technologies for Elasticity

Complete control of system boot policy separate from the BIOS settings

PXE, FC and SAN boot

iSCSI boot

Virtual media (CDROM, .iso, USB, floppy)

Complete control of how to return a server to the infrastructure when no longer required

Called “Scrub Policy”

Optionally clear BIOS settings

Optionally wipe local disk boot sector and table

Allows for removing the low-level configuration state on server

Easier automation possible

Boot and Server Disassociate Management



Ex.2: UCS Technologies for Elasticity

Default mode if customer using templating

Create 1 or more profiles from template

Can later create more when needed

Draw 1 or more entries from pools of server unique template data

UUID, MAC, WWN, etc.

When profile is created

Administrator or XML API can then modify configuration of profile

Used functionally as a starting-point

Shows as bound to initial template (record of origin)

Ability to extrapolate a given profile into an initial template for future use

Local disk implies state, Boot from SAN or iSCSI is stateless

Boot and Data images can stay on SAN storage for when needed

Initial Service Profile Templates

ESX-DRS-Node1

UUID, MAC,WWN

Boot info

firmware

LAN, SAN Config

Firmware…

ESX-DRS-Node

UUID, MAC,WWN

Boot info

firmware

LAN, SAN Config

Firmware…

Template

Customer 1

ESX-DRS-Node2

UUID, MAC,WWN

Boot info

firmware

LAN, SAN Config

Firmware…

Customer 2

One-Time

Instantiation



UCS Technologies for Elasticity

Method of pulling physical blades into server pool shown

Can be any blade on any chassis pooled together

Server Pools



UCS consolidated API for cloud

Single API for all components

No matter how many blade chassis, up to the limit of a pair of Fabric Interconnects (today 20)

Eth

Bla

de


Orchestration projects with UCS

Existing tools can easily be extended to support server automation

With Cisco-provided tools like “goUCS”, development of custom automation is extremely easy

3rd party tools are much easier to implement and maintain (BMC, Microsoft, IBM, Cloupia, CA, etc.)

Simpler management landscape: fewer professional services


A few examples…

Easier CMDB integration

Automatic server deployment from VMWare vCenter and Microsoft SCOM

Automatic server on/off from CapacityIQ

Automatic repurposing of servers (10-to-5 for VDI, 5-to-10 for HPC)

Automatic hardware outage recovery;

Scripting VLAN addition to ESX farms;


Use Case 1: getting system info


Use Case 2: mobile system monitor

Simple iPhone Management of UCS (SiMU)


Use Case 3: automate provisioning Cisco IT Tool CITEIS


Database

/Middleware

Operating

Systems

Virtualization

Storage

Management

Enterprise

Applications

http://www.mysql.com/

http://en.wikipedia.org/wiki/File:Suse_logo.svg

http://www.nec.com/

http://www.intui.biz/Images/DynamicOps.gif

http://www.siia.net/codies/2009/finalists/logos/2-SolarWinds_Logo.JPG

http://www.itsmf.org.au/image.php?file=art/rta/event_sponsor_logos/newscale_logo_final_cmyk.jpg&width=228&height=

http://www.gottabemobile.com/wp-content/uploads/hp-logo.jpg

http://download.101com.com/pub/TDWI/Images/TidalLogo.jpg



market trends


Unified Fabric





Q&A


Transition Steps to Cloud Consumption Model

Consolidation

(Reduce Costs)

Automation

(Transform IT)

Virtualization

(Improve Agility)

Unified Compute/IO

Unified Fabric

Unifies Network Services

Unified Storage

Multi-tenancy

Multi-site/ Virtual DC

CaaS

IaaS

PaaS

SaaS

Cloud Ready Infrastructure Cloud Automation

Shared Infrastructure

Resource pools

Service Centric

Pay as Used


Cloud Ready Infrastructure

VBlock FlexPod

Compute

Stacks

pod

DCI Metro Datacenter

- Migration

- Capacity Expansion

~100 tenants

~20,000 VMs

1,000+ tenants

100,000 VMs Tenant scale

Metro/ Geo

Application

performance

Geo Datacenter

- Disaster Recovery

SBA


Vblock Infrastructure Packages Pervasive Virtualization and Private Cloud

Performance/ Scale

Vblock 2 Large-scale, Public, Private & Hybrid Cloud Infrastructure

Ca

pa

bili

ty

10’s 100’s 1,000’s 10,000’s

Vblock 700 Large-scale, Public, Private & Hybrid Cloud Infrastructure

Vblock 1/1U Scalable, Private Cloud

Infrastructure

Vblock 0 Entry-level “Cloud in a rack”

Infrastructure

Vblock 300 Scalable, Private Cloud

Infrastructure

New


Multi-Tenant Security/Policy

FAST Storage

Optimal UCS Memory

Fully Converged FCoE

Unify Consolidation

Optimal Socket/Core Density

Platform Level HA

Blade Optimized Compute

Vblock Capabilities

Multi-User Security/Policy

FAST Storage

UCS Expanded Memory

Director Class Networking

Storage Scalability

High Socket/Core Density

System Level HA (VPLEX etc)

Blade and Rack Compute Models

Scale Out

Scale UP

Vblock Domain Manager (UIM)

vCloud Director Vblock Orchestration

Ecosystem

Fully Integrated, Extensible Management and Orchestration

Information Optimization Services (De-Dupe/Compression etc)

Information Integrity Services (Replication/BURA etc.)


FlexPod The Most Efficient Journey to the Next-Generation Data Center

Cisco® UCS B-Series

Blade Servers and

UCS Manager

Cisco Nexus®

Family Switches

NetApp® FAS

10GE and FCoE

Standard, prevalidated, best-in-class

infrastructure building blocks

Flexible: One platform scales to fit

many environments and mixed

workloads

– Add applications and workload

– Scale up and out

Simplified management and repeatable

deployments

Design and sizing guides

Services: Facilitate deployment of

different environments


Solution Overview

VMware

vSphere

Storage Virtualization

NetApp® MultiStore®

Network Virtualization

Cisco Nexus 1000v, Nexus 5000

Application Virtualization example

SAP® Adaptive Computing

Server Virtualization

VMware® vSphere™

Compute Node Virtualization

Cisco® Unified Computing System™

Extensible Open

Management

http://www.hsvsummit.com/images/sponsor_logos/CA_Technologies.JPG

http://www.intui.biz/Images/DynamicOps.gif

http://www.itsmf.org.au/image.php?file=art/rta/event_sponsor_logos/newscale_logo_final_cmyk.jpg&width=228&height=


Get Started and Grow on Demand

Base functionality for single- or multiple-tenant operation •Virtualization and standardization

•Application and data mobility

•Integrated storage-based backup

•Automated OS provisioning

•Automated SAP® system copies

Additional functionality for multiple-tenant operation •Secure multi-tenancy

•Isolation of subsidiaries or clients

•Automated tenant provisioning

•Provisioning of fenced SAP systems or landscapes

+

Few Tenants One Tenant Many Tenants

Enterprise Customers

Midsize Customers Service Providers



market trends


Unified Fabric





Q&A


Orchestration

HA Security Multi-Tenant QOS

Data Centre

Interconnect

Data Centre

Networking & Services

Integrated

Compute Stacks

Virtual Data Center

Self-service Portal

Orchestration

Gold Silver Bronze

Service Velocity & Compliance Assurance


Elements of Private Cloud Computing

Self-Service Interface

Provides ability for users to order and track metered services

Service Delivery Automation

Automates provisioning and meters usage of services

Operational Process Automation

Automates operational processes such as user management, capacity management, performance management, alerting, etc. to support services

Resource Management

Pooled resources are provisioned and managed as per service needs

Lifecycle

Man

agem

ent


Elements of Private Cloud Computing

Self-Service Interface: Provides ability for users to order and track metered services

Service Delivery Automation: Automates provisioning and meters usage of services

Operational Process Automation: Automates operational processes such as user management, capacity management, service level management, service desk integration, alerting…

Resource Management: Resources are provisioned and managed as per service needs

Lifecycle Management

Lifecycle Management of Cloud Services

• Dynamic resource allocation

• Capacity management

• Resource utilization

• Performance management

• Maintenance

Standardized

offerings

Very fast

provisioning/

de-provisioning

of resources Metered

usage

Web-based

front end

Automated

fulfillment

Broad Network Access

Rapid Elasticity

Measured Service

On-Demand Self-Service

Resource Pooling


Development Test Production for Private Cloud

Virtual Private Cloud

Hybrid Cloud Public Cloud

Compute as a Service for Internal Uses

Development

Functional and Load

Testing

UC on Demand

Sales Engineering

Demos

Agile application releases to production

VDI/VXI

Dynamic variation in production workloads and resources

ISV and Cloud Service Providers

providing SaaS

P to V Migration

Large Enterprise Multi-tenant

private cloud

Managed Services Providers

providing Services on demand

Private Cloud Operations where Bursting out to public

cloud helps reduce costs for peak usage

Multi-tenant rich SP

network offers

Quickly changing

commercial cloud

services

Product Trials

Storage as a Service


Cisco Intelligent Automation for Cloud Cisco Intelligent Automation for Compute

Cisco Intelligent Automation Cloud Offers

Full Infrastructure as a Service (IaaS) stack

Order to global orchestration to infrastructure provisioning

Orchestration of compute, network and storage provisioning and deployment, OS and software

provisioning

Services engagement for setting up automation workflows, and integration for metering, chargeback,

CMDB, ticketing, monitoring, etc.

Global orchestration across compute resources: server/virtual server, OS and application software,

Services engagement for integration for CMDB, ticketing, monitoring, etc.

Supports heterogeneous infrastructure — both virtual and physical

Set of sample automation packs

Compute Automation Technical User Manages IT Processes Across

Compute Tools

Cloud Automation Non-Technical User Orders a “SQL Server”

and Everything Is Provisioned


Cisco Intelligent Automation for Cloud

CMDB

IT Service Management

Tools

Cis

co

In

telli

ge

nt A

uto

ma

tio

n fo

r C

lou

d

Service Catalog and Self-Service Portal Cisco Cloud Portal (former newScale)

Global Orchestration and Reporting Cisco Tidal Enterprise Orchestrator (TEO)

Adapter Framework

OS/Software Provisioning Cisco Tidal Server

Provisioner

Virtualization Managers

e.g. ,VMware vCenter

Clo

ud A

uto

mation P

ack

Hardware Managers

e.g., UCS Manager

Compute Resources

Virtual Infrastructure

Network Resources

Storage Resources

Billing/ Chargeback

Monitoring and Governance


Cisco Intelligent Automation for Compute

CMDB

IT Service Management

Tools

Cis

co

In

telli

ge

nt A

uto

ma

tio

n fo

r C

lou

d

Global Orchestration and Reporting Cisco Tidal Enterprise Orchestrator (TEO)

Adapter Framework

OS/Software Provisioning Cisco Tidal Server

Provisioner



Com

pute

Auto

mation P

ack

Hardware Managers

e.g., UCS Manager

Compute Resources

Virtual Infrastructure

Billing/ Chargeback

Monitoring and Governance


Cisco Cloud Portal (former newScale) “Stand Alone”

Existing RBA System

Service Portal

RequestCenter



IT Service Mgmt System

Other 3rd Party Systems

LifecycleCenter PortfolioCenter DemandCenter

newScale Self-Service Portal, Service Catalog, and Lifecycle Management

ServiceLink and Adapters (e.g. VMware vCenter)

Service Catalog Foundation and Content Libraries (e.g. Data Center Library)

Advanced Reporting

Other Orchestrators


Intelligent Automation for Cloud

Intelligent Automation for Compute

Solution Highlights

Service catalog and ordering portal provides 1-stop shopping for infrastructure as a service

Single point orchestration of provisioning across all required components—compute, virtualization, network and storage

Software provisioning including OS and application provisioning

Open Architecture provides for integration with existing CMDB and ITIL investments and tools

Automation of ongoing operations


Network Automation Storage Automation Compute Automation


IT Service Catalog and Portal

Global Orchestration

Domain

Managers

Orchestration

Catalog, Order, Offer,

Metering, Billing,

Chargeback

UCS

Manager

TEO Terminal Adapter

vCD,

vCenter

Ticketing

Monitoring

CMDB

newScale

Portfolio

Center

newScale

Request

Center

newScale

Lifecycle

Center

newScale

Demand

Center

Tidal Server

Provisioner

Cisco Tidal Enterprise

Orchestrator

Chargeback

LDAP/AD

Governance

EMC

Netapp

MDS UCS

Blades

ESX,

VMs

OS

images

DSN (Cat6500,

ACE, FW)

Nexus 2K,

5K, 7K vBlock

Elements

Cisco software

OEM software

Domain managers within infra.

Infrastructure elements/devices

TEO Terminal Adapter

OverDrive for Sophisticated

Networks


FlexPod Orchestration with Cisco Intelligent Automation for Cloud (with NetApp OnCommand)

Cisco® UCS

APIs

Cisco Nexus®

NetApp

OnCommand

APIs


VMware vCenter and

vCloud Director APIs FlexPod

NetApp

OnCommand


Vblock: Tidal Enterprise Orchestrator View (with UIM)

Tidal Enterprise

Orchestrator

Cisco Cloud Portal

vCloud Director

(minus its UI)

vSphere /

Vcenter

EMC UIM & Ops

UCS

Manager

Network

Devices

Symettirx

VNX

MDS

Vblock specific


Our Solution at Work

Lifecycle

Management

Policies &

Governance Approvals & Controls

Standardized IT Offerings

Define and Publish

Standard Options

Architecture & IT

Management

Review Offerings,

Get Quotes

Self-Service

Developers

Self-Service IT Storefront

Report

Consumption

Tracking for Pay-Per-Use

Chargeback

or Showback

112

Security

Ops

DR

Network Storage

Orchestrate

Delivery

Process Coordination and

Delivery Automation

TEO

http://images.google.com/imgres?imgurl=http://comps.fotosearch.com/comp/CRT/CRT160/assorted-gears-hand_~008474IL.jpg&imgrefurl=http://www.fotosearch.com/CRT160/008474il/&usg=__BKLQjTnfiA_zxnrE8gNhdtFd_Zg=&h=311&w=300&sz=47&hl=en&start=13&sig2=aC4sAHIh614OIL_ZrGKsRQ&tbnid=CGPq0HoBSVHQ4M:&tbnh=117&tbnw=113&prev=/images?q=tools+and+gears&gbv=2&hl=en&safe=off&ei=K-JaSpn_Ldyntgf-k6WbCQ


Sample Use Case 1: End User Logs in to self service portal to request resources…

Cloud Customer


They select appropriate resources for project from service catalog… (i.e. create new VM DB Server)


Cisco Tidal Enterprise Orchestrator receives request and provisions resources..


Sample operations automated through Cisco Intelligent Automation pre-built workflows

Deployment of Service Profiles

Change management

Installation of ESX

Add infrastructure

De-provision infrastructure

Change a resource on a server

Capacity Check and automate capacity availability

Evacuate a blade for maintenance

Routine maintenance


Application Development IT Infrastructure/Ops

Use Case 2: Application Dev/Test Complex, Time-Consuming, Expensive Provisioning Process

Call or email IT Operations

Architecture Reviews

Approval Process

Track Down Status

?

?

One-Off Custom Server

Builds

Incomplete Requirements

Add Security, Back-UP, etc.

Exception Management

$

?

?

?


Service Orchestration End User Self-Service Governance

Service Requests

Compare Service Tiers and Options

Guided Shopping ‘Wizard’

Policy-Based Controls

Rich Interactive

Forms

Ordering and Approvals

Status Updates

Cisco Tidal Enterprise Orchestrator

Element Managers

Cisco Cloud Portal

Catalog Global Orchestration

UCS Manager

VMWare vCenter

EMC/ NetApp Storage

Provisioning

Cisco Tidal Server

Provisioner


Q&A; Q&Q; A&A; etc.


Complete Your Session Evaluation

Please give us your feedback!!

Complete the evaluation form you were given when you entered the room

This is session BRKDCT-2222

Don’t forget to complete the overall event evaluation form included in your registration kit

YOUR FEEDBACK IS VERY IMPORTANT FOR US!!! THANKS

cisco data center architectures for cloud...

Documents