cisco dynamic fabric automation · cisco® dynamic fabric automation (dfa) represents an evolution...

Cisco Dynamic Fabric Automation

At-A-Glance

© 2014 Cisco and/or its affiliates. All rights reserved. Cisco and the Cisco logo are trademarks or registered trademarks of Cisco and/or its affiliates in the U.S. and other countries. To view a list of Cisco trademarks, go to this URL: www.cisco.com/go/trademarks. Third-party trademarks mentioned are the property of their respective owners. The use of the word partner does not imply a partnership relationship between Cisco and any other company. (1110R)

OverviewCisco® Dynamic Fabric Automation (DFA) represents an evolution of the Cisco Unified Fabric. It simplifies the deployment of data center fabric and automates consumption of network services. It provides a scale-out architecture without congestion points in the network while providing optimized forwarding for all types of applications. It consists of four modular building blocks, shown in Figure 1, that can be deployed independently or in combination.

Figure 1. Cisco DFA Building Blocks

Virtual FabricsWorkloadAutomation

Optimized Networking

FabricManagement

Cisco DFA attributes and features include the following:

• Transparent integration with existing Cisco Nexus® 5000, 6000, and 7000 Series Switches deployments and strong investment protection

• Flexible topologies and optimized traffic forwarding

• Interoperation with existing data center networks and data center fabrics

• Secure multitenancy at scale

• Central point of management (CPOM) to enforce policies for physical servers and virtual machines

• Open northbound APIs from the Cisco Prime™ Data Center Network Manager (DCNM) CPOM and the data center fabric

• Fabric, host, and tenant visibility

• Integration with third-party Layer 4 through 7 services, virtualization, and management

Simplified Fabric ManagementCisco DFA uses the Cisco Prime DCNM CPOM to provide an easy way to deploy, provision, and manage data center fabric. It provides zero-touch deployment of fabric nodes and automates configuration of these fabric nodes,. It discovers the data center fabric topology and can verify the cabling of the fabric against a cable plan provided by the operator. It provides a simple presence-based messaging interface to group an arbitrary set of nodes and manage them as a logical element. It can provide visibility into the location of a workload in the fabric and simplify troubleshooting of data center fabric and tenant virtual networks (Figure 2).

Figure 2. Simplified Fabric Management for Ease of Operations

AutomatedNetwork Provisioning

Common Point ofFabric Access

Host, Network and Tenant MonitoringVisibility

Cisco PrimeDCNM CPOM

REST APIs

Cisco and Third-Party ISV Applications

OpenStack, VMware vCD, and Cisco UCS® Director Management

and Orchestration

VM VM MANFW

The Cisco Prime DCNM CPOM provides an open Representational State Transfer (REST) API that can be used by customers to integrate custom-developed management tools and other third-party management tools.

At-A-Glance


Workload AutomationCisco DFA workload automation refers to the ability to manage data center resources dynamically on demand. It offers a framework to automate workload life-cycle. Cisco DFA automates the provisioning of port profiles associated with a virtual machine or physical server. Port profiles can be configured through the Cisco Prime DCNM CPOM GUI or using the REST API provided by the Cisco Prime DCNM CPOM. The Cisco Prime DCNM CPOM is also integrated with cloud stack tools such as Cisco UCS Director OpenStack and VMware vCloud Director (vCD) to learn tenant network configurations (Figure 3). Automation of virtual and physical services (L4-L7) are handled by Cisco PNSC in a similar manner.

Figure 3. Workload Automation

ServerAdministratorNetwork

Administrator

SubnetQoS andSecurity-BasedRouting

VM VMMANWAN

Network administratorde�nes port pro�le template for virtual machines

1 Port pro�les are automatically created in Cisco Prime DCNM CPOM when a server administrator provisions a virtual machine

2 When a virtual machine is detected, the port pro�le is applied to the port

3 When a virtual machine moves, the port pro�le is automatically applied to the new port

4

FW

When a virtual machine is provisioned, the Cisco DFA leaf node autodetects the virtual machine, pulls and applies the policies associated with the virtual machine, on the connected port. The fabric tracks a virtual machine and moves these port profiles within the fabric automatically. The Cisco DFA fabric is capable of applying this automation workflow to a physical server alike.

Optimized NetworkingCisco DFA fabric uses a standard control-plane protocol to distribute the gateway functions, thereby providing a scale-out architecture that limits the fault domain and increases the resiliency of the fabric (Figure 4).

Figure 4. Optimized Fabric

EnhancedForwarding

DistributedControl Plane

Integrated Virtual& Physical

Transparent Mobility

VM VM MAN/WAN

ExtensibleResiliency Smaller Failure Domains

MultitenantScale

10,000 Networks at First Customer Shipment (FCS)

Virtual Machine MobilityNetwork Extensibility

AnyNetwork

Anywhere

FW

Cisco DFA fabric enables a tenant to extend their private network anywhere within and/or across fabrics. To simplify the data center fabric while providing a scale-out architecture, Cisco DFA uses a fabric encapsulation.

Virtual FabricsCisco DFA allows creation of tenant-specific virtual fabrics and allows these virtual fabrics to be extended anywhere within the physical data center fabric. It uses a 24-bit (16 million) segment identifier to support a large-scale virtual fabric that can scale beyond the traditional 4000 VLANs (Figure 5).

Figure 5. Virtual Fabrics

Human Resources

Manufacturing

Finance

Sales

Multi-tenantScale

Scalable Secure Virtual FabricsRouting and SwitchingSegmentation

GranularVisibility

Rapid Virtual FabricDeploymentNo Sub-Networks

AnyWorkloadAnywhere

Virtual Fabric Tenant VisibilityWorkload Name-BasedSearch

At-A-Glance


This virtual fabric provides transparent integration of both physical and virtual hosts. The virtual fabric also supports integration of tenant-specific Layer 4 through Layer 7 services – physical and virtual - such as firewalls and application delivery controllers (ADCs).

Cisco DFA Components and Platform SupportFigure 6 shows the essential components of Cisco DFA:

• Cisco DFA leaf nodes provide connectivity to computing and service appliances such as firewalls and ADCs.

• Cisco DFA border leaf nodes provide connectivity to external networks and can optionally provide data center interconnect (DCI) and WAN services.

• Spine nodes provide backplane connectivity to all leaf and border leaf nodes.

• The Cisco Prime DCNM CPOM provides integrated management for the entire fabric.

Figure 6. Cisco DFA Components

LeafIntegrated Management

Spine

Border Leaf

Note that you are not tied to a particular topology with this architecture. Even though Cisco recommends a Clos or fat-tree topology, customers can deploy any topology that meets their application needs.

Benefits of Cisco DFACisco DFA offers many benefits:

• Management simplicity: Central point of management with customizable workflow automation.(Figure 7).

Figure 7. Cisco DFA Offers Management Simplicity

5

• Simpli�ed Operations

• Physical and Virtual Integration

• Application Consistency

Cisco DFAApproach

Create TenantPro�le

CreateWorkloads

Network IsAutoprovisioned

Today

Point toConsider WhenProvisioning aTenant

1 2

1 2

3 4 6

Subnet VLANSpace

Layer 2 orLayer 3

Connections

IPv4 or IPv6 MulticastNeeds

LatencyNeeds

7 8 9 10

Layer 4-7Requirements

WorkloadMobility

Requirements

Virtual andPhysical

Communication

OverprovisioningFuture Growth

QoS andSecurityPolicies

At-A-Glance

© 2014 Cisco and/or its affiliates. All rights reserved. Cisco and the Cisco logo are trademarks or registered trademarks of Cisco and/or its affiliates in the U.S. and other countries. To view a list of Cisco trademarks, go to this URL: www.cisco.com/go/trademarks. Third-party trademarks mentioned are the property of their respective owners. The use of the word partner does not imply a partnership relationship between Cisco and any other company. (1110R) C45-731012-00 04/14

• Flexible workload placement and mobility: Enables virtual machines to be deployed and moved across the fabric on demand within and across data centers.

• Massive scalability on demand: Cisco DFA provides a nonblocking fabric capable of more than 240 terabits per second (Tbps) of bandwidth supporting more than 50,000 edge ports at FCS. Cisco DFA fabric scales seamlessly from a few 100s of servers to more than 100,000 servers, with a plan to scale up to 1 million physical and virtual servers,. Data center capacity can be incrementally added, with high bisectional bandwidth, high availability, with predictable latency.

• Multitenancy: Cisco DFA uses a fabric header that can support up to 16 million segments theoretically. The initial release, will support 10,000 tenants.

ConclusionCisco DFA is a culmination of Cisco’s experience, innovation, and product leadership in the data center market. Cisco DFA evolves the data center from traditional architecture to a streamlined workload lifecycle management framework. It brings simplification, automation, and optimization to data centers transparently, which helps to lower your TCO.

Customers can use Cisco Services to migrate to Cisco DFA or deploy Cisco DFA in a completely new (greenfield) environment. With Cisco Services, you’ll know more, save more, and innovate more. You can rely on us because we’re a worldwide leader in IT, helping companies seize the opportunities of tomorrow. We have more than 28 years of experience, 50 million installed devices, and 6 million customer interactions each year. Delivered by Cisco and our Cisco Certified Partners, service engagements result in measurable business gains for our customers, who have achieved benefits such as 15 to 20 percent faster time to revenue, 30 percent lower infrastructure costs, 50 percent faster disaster recovery, and 90 percent reduction in deployment time. For information about Cisco Services, visit www.cisco.com/go/services.

For More Informationhttp://www.cisco.com/go/dfa

cisco dynamic fabric automation · cisco® dynamic fabric automation (dfa) represents an evolution...

Documents