Cisco SDN 解决方案 ACI 的基本概念

Similar documents
The Next Opportunity in the Data Centre

APPLICATION CENTRIC INFRASTRUCTURE

Get Your Datacenter SDN Ready. Ahmad Chehime Cisco ACI Strategic Product Sales Specialist SPSS Emerging Region

Hybrid Cloud Solutions

Cisco Enterprise Cloud Suite Overview Cisco and/or its affiliates. All rights reserved.

Building Private Cloud Infrastructure

Cisco Unified Data Center Strategy

Data Center and Cloud Automation

Driving Business Outcomes: Cisco Data Center Innovation and Solutions

Cisco Application Centric Infrastructure

Cisco Application Centric Infrastructure and Microsoft SCVMM and Azure Pack

DELL EMC VSCALE FABRIC

Automation of Application Centric Infrastructure (ACI) with Cisco UCS Director

DATACENTER POWER SESSION: UNIFYING THE DATACENTER

Cisco Cloud Architecture with Microsoft Cloud Platform Peter Lackey Technical Solutions Architect PSOSPG-1002

2018 Cisco and/or its affiliates. All rights reserved.

DevNet Technical Breakout: Introduction to ACI Programming and APIs.

Cisco CloudCenter Solution with Cisco ACI: Common Use Cases

Enabling Fast IT. In the IoE era. Alberto Degradi DCV Sales Leader. November 2014

Title DC Automation: It s a MARVEL!

PSOACI Why ACI: An overview and a customer (BBVA) perspective. Technology Officer DC EMEAR Cisco

Huawei CloudFabric and VMware Collaboration Innovation Solution in Data Centers

ACI Terminology. This chapter contains the following sections: ACI Terminology, on page 1. Cisco ACI Term. (Approximation)

Cisco Powered Cloud Solutions. Vladimir Joshevski

Cisco Application Centric Infrastructure (ACI) Simulator

Evolution of Data Center Security Automated Security for Today s Dynamic Data Centers

2018 Cisco and/or its affiliates. All rights reserved. Cisco Public

Cisco ACI vpod. One intent: Any workload, Any location, Any cloud. Introduction

Orchestrating the Cloud Infrastructure using Cisco Intelligent Automation for Cloud

Intuit Application Centric ACI Deployment Case Study

Efficience de l IT & croissance?

Automate Application Deployment with F5 Local Traffic Manager and Cisco Application Centric Infrastructure

Cisco Solution for Private Cloud

Cisco Application Policy Infrastructure Controller Data Center Policy Model

Taming the Multi-Cloud With Simplicity and Openness. Minh Dang Cisco Systems Vietnam 2018 January

Segmentation. Threat Defense. Visibility

Cisco ACI Terminology ACI Terminology 2

Migration from Classic DC Network to Application Centric Infrastructure

Modelos de Negócio na Era das Clouds. André Rodrigues, Cloud Systems Engineer

Build application-centric data centers to meet modern business user needs

DC: Le Converged Infrastructure per Software Defined e Cloud Cisco NetApp - Softway. Luigi MARCOCCHIA SOFTWAY

believe in more SDN for Datacenter A Simple Approach

Building NFV Solutions with OpenStack and Cisco ACI

Cisco Unified Computing System Delivering on Cisco's Unified Computing Vision

OpFlex: An Open Policy Protocol

MidoNet Scalability Report

Weiterentwicklung von OpenStack Netzen 25G/50G/100G, FW-Integration, umfassende Einbindung. Alexei Agueev, Systems Engineer

Cisco Application Centric Infrastructure (ACI) - Endpoint Groups (EPG) Usage and Design

Cisco Tetration Analytics Demo. Ing. Guenter Herold Area Manager Datacenter Cisco Austria GmbH

Cisco HyperFlex Systems

Deploy Microsoft SQL Server 2014 on a Cisco Application Centric Infrastructure Policy Framework

Application Centric Infrastructure

BROCADE CLOUD-OPTIMIZED NETWORKING: THE BLUEPRINT FOR THE SOFTWARE-DEFINED NETWORK

SDN Security BRKSEC Alok Mittal Security Business Group, Cisco

The threat landscape is constantly

Cisco UCS: Choosing the Best Architecture for Your Citrix XenDesktop and XenApp Implementations

Orchestration: Accelerate Deployments and Reduce Operational Risk. Nathan Pearce, Product Development SA Programmability & Orchestration Team

Self-driving Datacenter: Analytics

Data Centar trends and evolution

Cisco UCS Director and ACI Advanced Deployment Lab

Disclaimer This presentation may contain product features that are currently under development. This overview of new technology represents no commitme

F5 Reference Architecture for Cisco ACI

HOW CISCO AND VCE ARE EXTENDING INFRASTRUCTURE MARKET LEADERSHIP THROUGH THE VBLOCK SYSTEM

Automate Datacenter Service Delivery

Cisco Cloud Application Centric Infrastructure

MODERNIZE INFRASTRUCTURE

5 days lecture course and hands-on lab $3,295 USD 33 Digital Version

Cisco ACI Virtual Machine Networking


Trends and challenges Managing the performance of a large-scale network was challenging enough when the infrastructure was fairly static. Now, with Ci

The Need In today s fast-paced world, the growing demand to support a variety of applications across the data center and help ensure the compliance an

Cisco ONE Enterprise Cloud Suite

Cisco Virtual Networking Solution Nexus 1000v and Virtual Services. Abhishek Mande Engineer

THE NETWORK. INTUITIVE. Powered by intent, informed by context. Rajinder Singh Product Sales Specialist - ASEAN August 2017

Converged Platforms and Solutions. Business Update and Portfolio Overview

Powering Transformation With Cisco

Modernize Your IT with FlexPod. NetApp & Schneider Electric

Cisco ACI App Center. One Platform, Many Applications. Overview

Multi-Site Use Cases. Cisco ACI Multi-Site Service Integration. Supported Use Cases. East-West Intra-VRF/Non-Shared Service

Service Insertion with ACI using F5 iworkflow

Transition Your Windows Server 2003 Infrastructure to a Modern Cisco and Microsoft Solution

Evolution with End-to-End Data Center Virtualization

Intel Open Network Platform. Recep Ozdag Intel Networking Division May 8, 2013

Integration of Hypervisors and L4-7 Services into an ACI Fabric. Azeem Suleman, Principal Engineer, Insieme Business Unit

MAKING THE CLOUD A SECURE EXTENSION OF YOUR DATACENTER

Cisco Nexus Data Broker

Design Guide for Cisco ACI with Avi Vantage

White Paper. OCP Enabled Switching. SDN Solutions Guide

STRATEGIC WHITE PAPER. Securing cloud environments with Nuage Networks VSP: Policy-based security automation and microsegmentation overview

Build Converged Infrastructures With True Systems Management

Digital Network Architecture

Policy Driven Data Centre with ACI

BUILDING AN ON-PREM APPLICATION-AWARE CLOUD

Cisco Application Centric Infrastructure Roadshow. Wednesday, 2. April 14

Integrating NetScaler ADCs with Cisco ACI

Real World ACI Deployment and Migration

Deploying Cloud Network Services Prime Network Services Controller (formerly VNMC)

VxRack FLEX Technical Deep Dive: Building Hyper-converged Solutions at Rackscale. Kiewiet Kritzinger DELL EMC CPSD Snr varchitect

ACI Multi-Site Architecture and Deployment. Max Ardica Principal Engineer - INSBU

The Why, What, and How of Cisco Tetration

Transcription:

Cisco SDN 解决方案 ACI 的基本概念 Presented by: Shangxin Du(@shdu)-Solution Support Engineer, Cisco TAC Aug 26 th, 2015 2013 Cisco and/or its affiliates. All rights reserved. 1

Type Consumption Delivery Big data, distributed, mobile Cloud public, private, hybrid Any where, any time, any device 78 % Network is even more critical to delivering applications than a year ago* * Cisco Global IT Impact Survey 2013 Cisco and/or its affiliates. All rights reserved. 2

New Server Platforms Enabling Higher I/0 Throughput Virtual Machine Density Driving I/0 Performance Big Data Increasing East-West Traffic VM VM VM VM VM VM HYPERVISOR 10G LOM/FlexLoM Shipping *4 Intel Haswell (2 Sockets x 12 Cores) *2 24 VMs/ Server *1 DATA CENTER IP TRAFFIC GROWTH 25% CAGR (2012-2017) *3 *2 Intel Xeon E5 Spec *4http://h30507.www3.hp.com/t5/Coffee-Coaching-HPand-Microsoft/HP-FlexibleLOM-for-Gen8/ba-p/108515 Faster SERVER Refresh Cycle 2-3 YRS 2.5 YEARS 5 YEARS NETWORK refresh cycle of 5 yrs. should cover two server refresh cycles *1 IDC Worldwide Virtual Machine 2013-2017 Forecast *3 Cisco Global Cloud Index: Forecast (2012-2017) 2013 Cisco and/or its affiliates. All rights reserved. 3

Networks are complex! They are the next silo to experience major shift 1 st Gen SDN solutions look to meet the new technical challenges. 2013 Cisco and/or its affiliates. All rights reserved. 4

APIC App Agility Simplification/ Abstraction Deliver New Revenue Streams Faster Risk and OpEx Reduction Centralized Provisioning & Visibility Lowered OpEx Automation & Programmability Reduced Risk Reduced CapEx 2013 Cisco and/or its affiliates. All rights reserved. 5

APPLICATION LANGUAGE NETWORK LANGUAGE Application Tier Policy and Dependencies Security Requirements Service Level Agreement Application Performance Compliance Geo Dependencies Tenants? VLAN IP Address Subnets Firewalls Quality of Service Load Balancer Access Lists 2013 Cisco and/or its affiliates. All rights reserved. 6

SIM Card Identity for a Phone Service Profile Identity for a Server Application Profile Identity for the Network UCS Service Profile Unified Device Management Network Policy Storage Policy Server Policy 2013 Cisco and/or its affiliates. All rights reserved. 7

Group Policy Model Topology/ Service Graph GROUP 1 GROUP 2 GROUP 3 WAN LB to Group 2 Connect to Group 2 Firewall Connect to 3 High Priority PRODUCTION POD DMZ 10s of Profiles VLAN 1 VXLAN 2 1000s of Profiles SHARED SERVICES DEV TEST VLAN 3 WEB APP 1 Profile PROD 100s of Profiles DB Level of Segmentation/ Isolation/ Visibility 2013 Cisco and/or its affiliates. All rights reserved. 8

EXISTING 3-TIER DESIGNS PROGRAMMABLE SDN OVERLAY MODEL APPLICATION PROFILES & POLICIES APIC DC Core DC PODs Existing 2-Tier & 3-Tier Designs Open API: Programmability Modernized Operating System Nexus OS VXLAN Bridging & Routing Integrated Network Virtualization OpenFlow Support Application Centric Infrastructure No VM Tax: Any Hypervisor Physical & Virtual Open API s & Controller 2013 Cisco and/or its affiliates. All rights reserved. 9

OPEN SOURCE OPEN STANDARDS NSH VXLAN OpFlex OPEN INTERFACES JSON XML REST OpFlex 2013 Cisco and/or its affiliates. All rights reserved. 10

OPFLEX PROTOCOL + ECOSYSTEM APIC OPFLEX OPEN SOURCE Open source OpFlex agent will be available to anyone OPEN STANDARD Co-authors for IETF submission P/V SWITCH ROUTERS L4-7 SERVICES OPEN ECOSYSTEM Broad, growing support including from hypervisor, network, and L4-7 vendors 2013 Cisco and/or its affiliates. All rights reserved. 11

Security Expressed in Application Language Lifecycle Management Policies Track Workloads Visibility, Analytics, Forensics Automate Compliance, Centralized Audit Distributed Security Across Physical and Virtual Centrally Managed & Fully Automated 2013 Cisco and/or its affiliates. All rights reserved. 12

ESX Bare Metal Linux Container ACI Integrated Security - Open, Flexible, Policy Driven F/W ADC WEB ADC APP DB MGMT VMOTION Consistent Audit, Logging, & Visibility FIPS / CC / PCI / RBAC 2013 Cisco and/or its affiliates. All rights reserved. 13

APIC NOV 6 th 2013 THE JOURNEY BEGAN ON THE NORTHBOUND 2013 Cisco and/or its affiliates. All rights reserved. 14

1. Leverage Existing Nexus/ IP Network 2. Deploy ACI: New Pods For Cloud Build Outs 3. Extend ACI Model. Preserve - IP networks, L4-7 Services, Hypervisors Existing Network PoDs (Nexus, etc.) Nexus 7000 DCI Augment with Nexus 9300 PROFILE Nexus 9300 Nexus 9500 / 9300 ACI Fabric Nexus 9300 ESX Hyper-V OVS Bare Metal AVS ACI POLICY ESX Bare Metal Hyper-V AVS OVS 2013 Cisco and/or its affiliates. All rights reserved. 15

SOLUTION ACI + VNOMICS + SAP BW ON SAP HANA SAP STACKS FOR VBLOCK, FLEXPOD, VSPEX SAP BW on SAP HANA SAP BW on SAP HANA Application Models SAP BW on SAP HANA Deployed on Cisco ACI EXTEND ACI TO 20 DIFFERENT SAP APPLICATIONS APPLICATION NETWORK PROFILE BWHANA BENEFITS ACCELERATE DEPLOYMENT OF SAP BW ON SAP HANA + CISCO ACI SAP Business Warehouse Infrastructure Models Policies BWCITier BWCITier BWCITier HANA StorageTie r HANADBTier HANAStorageBWDITier BWCITierPublicBW RAPID ANALYSIS, TROUBLESHOOTING OF SAP LANDSCAPE HANA HANA HANA SapHanaSql NfsUdp SapBW SapBWCI Contracts SCALE SAP APPLICATION CAPACITY WITHOUT COMPLEXITY MONITORING AND AUTOMATIC REMEDIATION 2013 Cisco and/or its affiliates. All rights reserved. 16

$100K STARTING STARTING AT 200 PORTS SCALING TO 100K+ PORTS 8K MULTICAST GROUPS (PER LEAF) 1M IPV4 / IPV6 END POINTS 64K TENANTS 576 40G PORTS WIRE-RATE (PER SPINE) BUILT FOR THE GROWING COMMERCIAL ENTERPRISE TO THE LARGEST SERVICE PROVIDERS 60 TBPS CAPACITY (PER SPINE) 2013 Cisco and/or its affiliates. All rights reserved. 17

It s critical that we are able to deliver hundreds of thousands of transactions per second, so latency and 40G throughput is a number one concern. After evaluating numerous vendor solutions, Cisco's Nexus 9000 switching platform provided us with the best performance to support our evolving data centers, while protecting existing IT investments." Bob Hammond, CTO, Millennial Media Symantec is an early adopter of Cisco's ACI, leveraging the technology within our own Agile Data Center. Cisco ACI brings the scalability and efficiency we need while enabling us to truly bring next generation networking capabilities to our customers. Jon Sanchez, Director of Data Center Services, Symantec 2013 Cisco and/or its affiliates. All rights reserved. 18

Greater Business Agility Lower Capital Expenses Reduced Costs/ Complexity Lower Operating Cost Resource Optimization 58% Reduce Network Provisioning 25% CAPEX Reduction 21% Reduce Management Costs 45% Reduce Power and Cooling Costs 10 20% Compute and Storage Optimization 2013 Cisco and/or its affiliates. All rights reserved. 19

Tenant Customer/ BU/ Group Private Network Private Network Context /VRF Bridge Domain Bridge Domain Bridge Domain L2 Boundary Subnet A Subnet B Subnet D Subnet B Subnet F IP Space(s) A B C A C B End Point Groups 2013 Cisco and/or its affiliates. All rights reserved. 20

Tenant 1:n one to many n:n many to many Direct Relationship Indirect Relationship/Link 1 1 1 1 1 1 n n n n n n Outside Network Application Profile 1 n n Endpoint Group 1 n Bridge Domain Subnet 1 n Private Network n Contract 1 n Subject n Filter n 2013 Cisco and/or its affiliates. All rights reserved. 21

Logical Representation 2013 Cisco and/or its affiliates. All rights reserved. 22

The bridge domain is not a VLAN, although it can act similar to a VLAN; you instead should think of it as a distributed switch. On each leaf VLANs will be translated with local significance. The bridge domain references a VRF instance called a Private Network. The subnets and gateways for the workloads are defined as part of the bridge domain. 23 2013 Cisco and/or its affiliates. All rights reserved. 23

Tenant Application A Private Network Application B Application B Application C Policy Policy 2013 Cisco and/or its affiliates. All rights reserved. 24

WebServices_ HTTPS Service HTTPS Service HTTPS Service HTTP Service HTTP Service HTTPS Service HTTP Service HTTP Service s are a grouping of application or application components independent of other network constructs. 2013 Cisco and/or its affiliates. All rights reserved. 25

A Policy/Security enforcement occurs at the level HTTPS Service HTTPS Service HTTPS Service HTTPS Service 10.10.11.x HTTP Service HTTP Service 10.10.10.x HTTP Service HTTP Service s separate the addressing of an application from it s mapping and policy enforcement on the network. 2013 Cisco and/or its affiliates. All rights reserved. 26

Application Profile Inbound/Outbound Policies (Contracts) Inbound/Outbound Policies (Contracts) Application Network profiles are a group of s and the policies that define the communication between them. 2013 Cisco and/or its affiliates. All rights reserved. 27

Contracts define what an exposes to other s and how Contracts are reusable for multiple s and s can inherit multiple contracts Tenant Application Profile C Web C App C DB Contracts Group of Subjects. Scope Definition (Global, Tenant, AP) Subjects Filters Group of Filters. Unidirectional / Bi-direction, QoS & Service Graph Insertion Point Lowest Level ACL 2013 Cisco and/or its affiliates. All rights reserved. 28 28

Thank you.

2024 © technodocbox.com Privacy Policy | Terms of Service | Feedback