Evolution with End-to-End Data Center Virtualization Yves Louis DC Virtualisation Technical Solution Architect
Agenda Data Center Virtualization Overview Front-End Data Center Virtualization Core Layer Aggregation Layer Networking Services Access Layer Server Virtualization Hypervisors Virtual Access Layer Virtualized Services Server IO Virtualization Back-End Virtualization Virtual HBA & NPV Unified IO & FCoE SAN & Storage Q&A 2011 Cisco and/or its affiliates. All rights reserved. Cisco Public 2
Traditional Data Center Infrastructure (3 Layers) WAN edge Layer Core Layer SAN A SAN Director SAN B 10 GE Core Layer 3 Layer 2-1GE Layer 2-10GE 4/8 Gb FC 10 GE Aggr Aggregation Layer vpc L3 L2 Access Layer Network Services End-of-Row FEX End-of-Row Blade switch End-of-Row Top-of-Rack Blade Chassis Top-of-Rack Blade Chassis Blade Chassis 1 GbE Server Access 4/8Gb FC via dual HBA (SAN A // SAN B) 10 GbE Server Access & 4/8Gb FC via dual HBA (SAN A // SAN B) 10Gb DCB / FCoE Server Access 2011 Cisco and/or its affiliates. All rights reserved. Cisco Public 3
Modern Data Center Infrastructure (3 Layers) WAN edge Layer Core Layer SAN A SAN B 10 GE Core Layer 3 Layer 2-1GE Layer 2-10GE 10 GE FCoE/DCB 4/8 Gb FC 10 GE Aggr Aggregation Layer SAN Core SAN Director vpc L3 L2 Network Services Access Layer SAN Edge End-of-Row FEX End-of-Row Blade switch End-of-Row FEX & FCoE Top-of-Rack UCS FCoE Top-of-Rack FIP-Snoop. IBM Blade Center FEX HP Blade C-class 1 GbE Server Access 4/8Gb FC via dual HBA (SAN A // SAN B) 10 GbE Server Access & 4/8Gb FC via dual HBA (SAN A // SAN B) 10Gb DCB / FCoE Server Access 2011 Cisco and/or its affiliates. All rights reserved. Cisco Public 4
Virtualized Data Center Infrastructure (2 Layers) DR Data Center OTV: Layer 2 Extension Modular Operating System NX-OS common across the DC In-Service Software Upgrade ISSU True non-stop operations Virtual Port-Channel bi-sectional bandwidht use no blocking port no STP loops Virtual Network Services Distribute the security and optimization services to the Hypervisor layer Load Balancer Firewall Fabric Extender Architecture Virtual Port- Channel Virtual Switches And Virtual Network Services (FW, SLB) VM #2 VM #3 VM #4 VDC: Virtual Device Contexts FCoE FC Leaf Layer Virtualized Interfaces Adapter FEX, VM-FEX & FCoE Spine Layer Unified Fabric: Multi-Hop FCoE Unified Ports 1 / 10GE FC Converged FCoE link Dedicated FCoE link 2011 Cisco and/or its affiliates. All rights reserved. Cisco Public 5
Agenda Data Center Virtualization Overview Front-End Data Center Virtualization Core Layer Aggregation Layer Networking Services Access Layer Server Virtualization Hypervisors Virtual Access Layer Virtualized Services Server IO Virtualization Back-End Virtualization Virtual HBA & NPV Unified IO & FCoE SAN & Storage Q&A 2011 Cisco and/or its affiliates. All rights reserved. Cisco Public 6
Front-End: Core Layer Core Layer
Front-End: Aggregation Layer Aggregation Layer
Virtual Port Channel (vpc) Active Active Layer 2 Links L2 Si Si STP vpc Physical Topology Logical Topology Bi-sectional BW with vpc Virtual Port Channel vpc is a Port-channeling concept extending link aggregation to two separate physical switches Allows the creation of resilient L2 topologies based on Link Aggregation. Eliminates the need for STP in the access-distribution Layer Enable seamless VM Mobility, Server HA Clusters Scale Available Layer 2 Bandwidth Dual-homed server operate in active-active mode Simplify Network Design Available on Nexus 7000 and Nexus 5000 / 5500 2011 Cisco and/or its affiliates. All rights reserved. Cisco Public 9
FabricPath or Trill Scaling and Simplifying Layer 2 Ethernet Networks Up to 16 Agg switches 160+ Tbps switching capacity Traditional Spanning Tree Based Network -Blocked Links Cisco FabricPath Network -All Links Active Eliminate Spanning tree limitations Multi-pathing across all links, high cross-sectional bandwidth High resiliency, faster network re-convergence Any VLAN, any where in the fabric eliminate VLAN Scoping 2011 Cisco and/or its affiliates. All rights reserved. Cisco Public 10
Front-End: Network Services Network Services Network Services
Data Center Virtualized Services Combination Example VRF VRF VRF VRF Front-End VRFs (MSFC) v5 1 v6 v7 3 v8 4 Firewall Module Contexts v105 v206 2 v107 v207 3 v108 v208 4 ACE Module Contexts VRF Back-End VRFs (MSFC) BU-1 BU-2 BU-3 BU-4 v105 v206 v207 v2081 v2082 v2083... Server Side VLANs * vx = VLAN X **BU = Business Unit 2011 Cisco and/or its affiliates. All rights reserved. Cisco Public 12
Agenda Data Center Virtualization Overview Front-End Data Center Virtualization Core Layer Aggregation Layer Networking Services Access Layer Server Virtualization Hypervisors Virtual Access Layer Virtualized Services Server IO Virtualization Back-End Virtualization Virtual HBA & NPV Unified IO & FCoE SAN & Storage Q&A 2011 Cisco and/or its affiliates. All rights reserved. Cisco Public 13
Front-End: Server Layer Server Layer
What evolution for the Computing layer Unified Computing System UCS = Unified Computing System Single, scalable integrated system Network + compute Virtualization Dynamic resource provisioning Mgmt LAN SAN A SAN B 2011 Cisco and/or its affiliates. All rights reserved. Cisco Public 15
Unified Compu-ng System Solu-on Mgmt Server Embed management Unify fabrics Op-mize virtualiza-on Remove unnecessary switches, adapters, management modules Less than 1/3rd infrastructure Mgmt Server
The Evolu0on of the Compu0ng Solu0on: Unified Computing System Mgmt Server A single system that encompasses: Network: Unified fabric Compute: Industry standard x86 components Virtualiza-on: hypervisor networking (VN- Link) Efficient Scale Fewer servers with more memory Up to 320 physical servers managed like a single blade chassis Lower cost Fewer servers, switches, adapters, cables Lower power consump-on Fewer points of management Unified management model
Virtual Access Layer @ Virtualized Servers Virtual Access Layer Cisco Nexus 1000v
Current View of the Access Layer with VMs Boundary of network visibility Typically provisioned as trunk to the server running ESX No visibility to individual traffic from each VM Unable to troubleshoot, apply policy, address performance issues 2011 Cisco and/or its affiliates. All rights reserved. Cisco Public 19
Networking for Server Virtualization Problems: Dynamic Migra-on of VMs may move them across physical server ports policy must follow Impossible to view or apply policy to locally switched traffic VLAN 101 Need collabora-on between network and Virtualiza-on admin 2011 Cisco and/or its affiliates. All rights reserved. Cisco Public 20
VN-Link View of the Access Layer Virtual Switching and VN- Link provide visibility to the individual VMs Policy can be configured per-vm Policy is mobile within the ESX cluster Virtual Switching distributed Virtual Switch 2011 Cisco and/or its affiliates. All rights reserved. Cisco Public 21
Virtual Service Nodes @ Virtualized Servers Virtualized Services (VSN) Nexus 1000v vwaas Virtual Service Gateway
Deployment options for VSN (Virtual Service Nodes) 1 Redirect VM traffic via VLANs to external (physical) appliances 2 Apply hypervisor-based network services Web Server App Server Database Server Web Server App Server Database Server Hypervisor Hypervisor VLANs Virtual Contexts VSN VSN Virtual Service Nodes Traditional Service Nodes 2011 Cisco and/or its affiliates. All rights reserved. Cisco Public 23
Agenda Data Center Virtualization Overview Front-End Data Center Virtualization Core Layer Aggregation Layer Networking Services Access Layer Server Virtualization Hypervisors Virtual Access Layer Virtualized Services Server IO Virtualization Back-End Virtualization Virtual HBA & NPV Unified IO & FCoE SAN & Storage Q&A 2011 Cisco and/or its affiliates. All rights reserved. Cisco Public 24
VSAN, NPIV, NPV and Storage Access SAN Edge SAN Core SAN A SAN B SAN & Storage FC SAN A FC SAN B 2011 Cisco and/or its affiliates. All rights reserved. Cisco Public 25
Network Behavior & Characteristics Ethernet is non-deterministic. Flow control is destination-based Relies on TCP drop-retransmission / sliding window Fibre-Channel is deterministic. Flow control is source-based (B2B credits) Services are fabric integrated (no loop concept) 2011 Cisco and/or its affiliates. All rights reserved. Cisco Public 26
Data Center Bridging (DCB) Features PFC Priority-based Flow Control (PFC) Enables lossless Fabrics for each class of service PAUSE sent per virtual lane when buffers limit exceeded Network resources are partitioned between VL s (E.g. input buffer and output queue) The switch behavior is negotiable per VL 2011 Cisco and/or its affiliates. All rights reserved. Cisco Public 27
DCB / FCoE Related Standards Status FCoE is fully defined in the FC-BB-5 standard (since Jun/2009) FCoE works with additional technologies to make I/O Consolidation a reality T11 IEEE 802.1 FCoE DCB FC on FC on other Other network Network media Media PFC ETS DCBX Lossless Ethernet Priority Grouping Configuration Verification FC-BB-5 802.1Qbb 802.1Qaz 802.1Qaz 2011 Cisco and/or its affiliates. All rights reserved. Cisco Public 28
FC over Ethernet (FCoE) at a glance FCoE Benefits Mapping of FC frames over Ethernet Enables FC to run on a lossless Data Center Ethernet network Wire Server Once Fewer cables and adapters Software Provisioning of I/O Interoperates with existing SANs Ethernet No gateway stateless Standard June 3, 2009 Fibre Channel 2011 Cisco and/or its affiliates. All rights reserved. Cisco Public 29
Unified I/O Architecture Consolidation No Consolidated IO I/O Consolidation with FCoE LAN SAN A SAN B LAN SAN A SAN B Nexus 5000 Ethernet FC FCoE 2011 Cisco and/or its affiliates. All rights reserved. Cisco Public 30
Important Technologies to study FCoE 802.1BR FabricPAth/TRILL OTV Overlay Transport Virtualization VXLAN Virtual Extended LAN LISP Locator ID Separation Protocol 2011 Cisco and/or its affiliates. All rights reserved. Cisco Public 31