Datacenter Networking. Joy ABOIM Consulting System Engineer

Datacenter Networking

Joy ABOIM

Typical journey to a new Target Operating Model

Standardise

Consolidate

Virtualise

Automate

Market

A new Target Operating Model (TOM) which is market

driven (private or public cloud), outsourced, out-tasked or

Orchestration and automated provisioning of virtualised

(and where appropriate physical) infrastructure

Abstraction of physical resources – unified data center

comprising network, compute and storage

Applications, network, servers, storage and operational

silos

Vendors, architectures, devices (network, compute,

storage) & their configurations

Evolution of Data Center Networking

Distributed

•

_{Manual Provisioning}

•

_{Limited scaling}

•

Rack-wide VM mobility

Application Driven

•

_{Service-centric Provisioning}

•

Flexible – Anywhere, Anytime

•

_{Cross-cloud VM Mobility}

Compute

Compute Storage Storage Services Services

L2,

L3

Programmable

Provisionable

Monitoring

Apps

Provisioning

Apps

Networking

Apps

End-User

_Apps

Integrated Fabric & Cloud

World of Many Clouds

Fabric Based

Cloud

•

_{Policy-based Provisioning}

•

_{Scale Physical & Virtual/Cloud}

•

_{DC-wide/Cross-DC VM Mobility}

Compute

Compute Storage Storage Services Services

L2,

L3

Fabric

Cloud

Expose Network Value

Automation, Monitoring, Programmability

POLICY

Orchestration

ANALYTICS

Network

Harvest Network

Intelligence

Program for

Optimized

Experience

Private Cloud

Automation

Research/

Academia



Experimental

OpenFlow/SDN

components for

production

networks

Massively Scalable

Data Center



Customize with

Programmatic

APIs to provide

deep insight into

network traffic

Service

Providers



Policy-based

control and

analytics to

optimize and

monetize

service delivery

Enterprise



Virtual workloads,

VDI,

Orchestration of

security profiles

Customer Insights: Network Programmability

Cloud



Automated

provisioning

and

programmable

overlay,

OpenStack

Diverse Network Programmability Requirements Across Segments:

Automation, Monitoring & Flow Programmability

Scalable

Multi-Tenancy

Network Flow

Management

Network

“Slicing”

Agile Service

Delivery

Basic Definitions

What Is Software Defined Network (SDN)?

“…In the SDN architecture, the control and data

planes are decoupled, network intelligence and state

are logically centralized, and the underlying network

infrastructure is abstracted from the applications…”

Source: www.opennetworking.org

What is OpenStack?

Opensource software for building public

and private Clouds; includes Compute (Nova),

Networking (Quantum) and Storage (Swift) services.

Source: www.openstack.org

What is Overlay Network?

Overlay network is created on existing network

infrastructure (physical and/or virtual) using a network

protocol. Examples of overlay network protocol are:

GRE, VPLS, OTV, LISP and VXLAN

What Is OpenFlow?

Open protocol that specifies interactions between

de-coupled control and data planes

Note: OF is not mandatory for SDN

Note: North-bound Controller APIs are vendor-specific

Note: Applicable to SDN and non-SDN networks

Note: Applicable to SDN and non-SDN networks

Note: SDN is not mandatory for network programmability

nor automation

Network Programmability Models

Control Plane

Data Plane

Controller

Data Plane

Applications

Vendor-specific

APIs

OpenFlow

2a

Classic SDN

Vendor

Specific

(e.g. onePK)

Controller

Data Plane

Applications

Vendor-specific

APIs

OpenFlow

Control Plane

2b

Hybrid “SDN”

Applications

Virtual Control Plane

Virtual Data Plane

Overlay

Protocols

(e.g. VXLAN)

Vendor-specific

APIs

3

Network Virtualization/

Virtual Overlays

Control Plane

Data Plane

Vendor-specific

APIs

Applications

1

Programmable APIs

Control Plane

Data Plane

Vendor

Specific

(e.g. onePK)

Vendor

Specific

(e.g. onePK)

Openstack and Network Overlays Apply to All Models (Physical/Virtual)

Custom Features Can Be Built

a

Announcing : Cisco Open Network Environment

The Industry’s Most Comprehensive Networking Portfolio

Hardware + Software

Physical + Virtual

Network + Compute

Network

1.

Platform

APIs

2.

Controllers

And

Agents

3.

Virtual

Overlays

Applications

SDN:

- Controller SW (OpenFlow, onePK)

- OpenFlow 1.x support

Open Clouds with

Nexus 1000V

- Multi-hypervisor

- Multi-service

- Multi-cloud

- Openstack support

One Platform Kit (onePK)

- Programmatic APIs for Network

onePK

Server

onePK

Client

OpenFlow is Built on onePK

Process

boundary

onePK Abstraction APIs

Comm libraries

Interface

Element

Cisco Network Operating System (IOS, IOS-XE, IOS-XR, NX-OS) (Platform PI Code)

Developer

Utilities

Discovery

Policy

Routing

Ext…

Cisco Network Operating System (IOS, IOS-XE, IOS-XR, NX-OS) (Platform PD Code)

Datapath

onePK Presentation APIs (C, Java, Python, ...)

Comm libraries

onePK Mgmt

Apps

ONE Agent Framework (proposed agents)

NETCONF Agent

CIM Agent

OpenFlow

Controllers & Agents: “ONE” Controller

Overview

•

Platform for generic

control functions – state

consolidation across

multiple entities

•

Current Showcase

Examples

Flexible Network Partitioning

and Provisioning (“Slicing”)

Network Troubleshooting

Custom Routing

•

SW product (Java-based)

•

FCS planning underway

(Beta target: 1Q CY13;

FCS target: 3Q CY13)

OF

onePK

onePK

OF

OpenFlow 1.x Protocol

onePK API

Flow Management

Forwarding Logic

Device Management

Network Slicing

Applications (Cisco)

Applications (Customer)

Applications (3

rd

_party)

Northbound API (REST, WebSockets, OSGi)

Controller built-in Applications

Bui

lt

-i

n

G

UI

for

Manag

ement

Apps/Applications

Network Troubleshooting

Controller Core Infrastructure

Southbound APIs (onePK, OneFlow,)

Cisco Virtual Networking Vision

Multi-Cloud

Multi-Services

Multi-Hypervisor

Powered by Nexus 1000V

Key component of Cisco Open Networking Environment (Cisco ONE)

Build / Partner / Buy strategy

• Partnership with Citrix announced

© 2012 Cisco and/or its affiliates. All rights reserved. Cisco Confidential 15

Cisco Virtual Networking and Cloud Network Services

Nexus 1000V

•

Distributed switch

•

NX-OS consistency

VSG

•

VM-level controls

•

Zone-based FW

ASA 1000V

•

Edge firewall, VPN

•

Protocol Inspection

vWAAS

•

WAN optimization

•

Application traffic

WAN

Router

Servers

Tenant A

ASA 1000V

Cloud

Firewall

Nexus 1000V

Physical Infrastructure

Virtualized/Cloud

Data Center

vWAAS

Cisco Virtual

Security

Gateway

6000+ Customers

Shipping

Shipping

Shipping

CSR 1000V

(Cloud Router)

•

WAN L3 gateway

•

Routing and VPN

Full Availability: CQ1’13

Switches

Ecosystem

Services

•

Citrix NetScaler VPX

virtual ADC

•

Imperva Web App.

Firewall

Cloud Network Services

Citrix

NetScaler

VPX

Imperva

SecureSphere

WAF

_Services

Cloud

Router

1000V

Zone A

Zone B

vPath

VXLAN

Multi-Hypervisor (VMware, Microsoft*, RedHat*, Citrix*)

Cisco-Citrix Alliance Webinar: - Oct 22, 2012 (

Webinar

,

PPT

)

© 2012 Cisco and/or its affiliates. All rights reserved. Cisco Confidential 16

Virtual Overlay Networks

Example: Virtual Overlay Networks and Services with Nexus 1000V

•

Scalable Multi-tenancy

Tens of thousands of virtual ports, L2 networks

Hundreds of Servers

Scalable segmentation: VXLAN

•

Common APIs

Incl. OpenStack Quantum API’s

for cloud automation/orchestration

•

Virtual Services

vPath for traffic steering / service chaining

VSG, ASA 1000V (cloud-ready security),

vWAAS (application acceleration)

CSR 1000V (cloud router)

•

Multi-hypervisor

ESX, Hyper-V, OpenSource Hypervisors

(KVM/Xen)

•

Hybrid Use Cases (Physical and Virtual)

VXLAN to VLAN GW

Nexus 1000V

OpenStack

Quantum API

REST API

Any Hypervisor

Tenant 1

Virtual Services

vWAAS

VSG

ASA 1KV

Tenant 3

ASA 55xx

Physical

Workloads

Physical

(VLAN)

Network

VXLAN

Gateway

Virtual

Workloads

Tenant 2

Tenant 1: virtual workloads protected by virtual firewall

Tenant 2: virtual workloads protected by physical firewall (via VXLAN GW)

Tenant 3: virtual & physical workloads in same L2 domain (via VXLAN GW

Cisco’s Vision for Hybrid Cloud - InterCloud

Tenant B

Private Cloud

Secure Hybrid Cloud = Securely Connect Enterprise Private Cloud and Provider Public Cloud

Use Cases

•

Bursting

•

Disaster recovery/avoidance

•

Upgrade/migration

Requirements

•

Network consistency

•

Security consistency

•

Policy consistency

Workloads

•

Dev/QA

•

Intern/Partner VDI

•

Training Apps

•

Initially low-value workloads

Virtual Private Cloud

N1KV Switching

ASA Firewall

IOS Routing

Crypto Secure