believe in more SDN for Datacenter A Simple Approach 1
Agenda ACI Overview Fabric Policy Constructs Hypervisor Support A migra>on scenario One management umbrella: UCS Director Q&A 2
Applica,on Language Barriers Applica>ons Networking Applica>on Tiers VLANs Subnets Provider / Consumer Rela>onships Protocols Ports Developer and infrastructure teams must translate between disparate languages. 3
Cisco ACI Logical Network Provisioning of Stateless Hardware Web Outside (Tenant VRF) App DB QoS QoS QoS Filter Service Filter APIC ACI Fabric Applica>on Policy Infrastructure Controller Stateless Penalty Free Fabric & Overlay 4
Network Profile rules of how application communicates to the external private or public networks a set of network requirements specifying how application components communicate with Access Control QoS each other Contract Network Services app Network Profile VM VM VM The Outside db VM VM applica>on- centric etwork policy VM network à Virtual n Patch Panel a collection of endpoints connecting to the network VMs, physical compute, 5 application web Component Tier End Point Group
End Points à Things that connect to the fabric and use it to interface with other things à A compute, storage or service instance attaching to a fabric NIC vnic... end-points [ EP ] ACI Fabric 6
End Points à Things that connect to the fabric and use it to interface with other things à A compute, storage or service instance attaching to a fabric EP EP EP... A collection of end-points with identical network behaviour form a End Point Group (EPG) 7
End Points Group (EPG) EPG APP SERVER Allows to specify rules and policies on groups of physical or virtual end-points without understanding of specific identifiers and regardless of physical location. policies EPG WEB EP EP EP.. Can flexibly map into à application tier of multi-tier app à segmentation construct (ala VLAN) à a security construct à ESX port group à end-point group [ EPG ] 8
Tenant L2, L3 isola,on EPG subnet outside Tenant self- contained tenant defini>on representable as a recursive structured text document EPG APP SERVER BD network profile EPG WEB EP EP.. subnet subnet BD With or without flooding seman>cs L3 context (isolated tenant VRF)
Example: 3- Tier Applica,on infra shared services Outside consume consume consume EPG WEB EPG APP EPG DB consume consume NW Public NW Private subnet consume web bundle provide java bundle provide sql bundle provide subnet provide provide provide mgmt bundle L3 context bd bd bd 10
Mul,- Hypervisor- Ready Fabric Virtual Integra>on APIC Network Admin APIC ACI Fabric Integrated gateway for VLAN, VxLAN, and NVGRE networks from virtual to physical Normalisa>on for NVGRE, VXLAN, and VLAN networks VLAN VXLAN VLAN NVGRE ESX Hyper- V KVM VLAN VXLAN VLAN Customer not restricted by a choice of hypervisor Fabric is ready for mul>- hypervisor Applica>on Admin VMware Microsoi Red Hat XenServer Hypervisor Management VMware Microsoi Red Hat PHYSICAL SERVER 11
An example for migra>on to ACI 12
A simple deployment Classic mode APIC Equivalent ACI Fabric 1.1.1.0/30 Vlan 10,11 1.1.1.12/30 Blue Tenant and Context BD Blue_1 (10.10.10.1/24) EPG blue_1 BD Blue_2 (10.10.11.1/24) EPG blue_2 Policies Exchange Routes (Blue) External EPG VLAN 10 (10.10.10.0/24) Tag 10 Classic Access Tag 11 1.1.1.0/30 1.1.1.12/30 VLAN 11 (10.10.11.0/24) 13
Migra,ng to ACI Layer 3 Rou>ng Sta>c, OSPF, BGP APIC Vlan 10,11 MigraRon Layer 2 vpc Trunk Blue Tenant and Context L2_ Out BD Blue_1 EPG blue_1 BD Blue_2 10.10.11.1/24 EPG blue_2 Policies L2_ Out External EPG.101 VLAN 10 (10.10.10.0/24) VLAN 11 (10.10.11.0/24).102 STP comparbility with Classic Network VLAN 10 maps to BD Blue_1 VLAN 11 maps to BD Blue_2 Classic Devices are srll the Default Gateway Equally applicable to L4-7 services (FW/LB) in the Classic Network Flooding enabled on ACI BDs during migraron Once migraron completed, insert needed services and move Default Gateway ACI BDs Access Tag 100 Tag 101 Tag could be VLAN ID or VNID.
UCS Director 15
Cisco UCS Director Turn- Key Solu,on Secure Cloud Container Network Compute VMs Policy- Driven Provisioning UCS Director Storage Single Pane of Glass End- to- End AutomaRon and Lifecycle Management On- Demand Automated Delivery Domain Managers OS and Virtual Machines VM Bare Metal Virtualized and Bare- Metal Compute Compute and Hypervisor Network A B C Network and Services Storage 16 VM Tenant Tenant Tenant A B C
Cisco UCS Director Agility and Simplicity for Virtualized and Bare- Metal IT Services Open API for IntegraRon End Users IT Admins IT OperaRons Self Service Console Admin Console Dashboard UCS Director OS & VM Deployment Policy Manager Resource Pools Virtual Infrastructure Physical Infrastructure Cisco UCS Cisco Nexus Centralized Lifecycle Management of Physical and VirtualizaRon Infrastructure 17
UCS Director Focus Infrastructure Mgmt Portals (Self- Service and Admin) Infrastructure API Applica>on Soiware Bare- Metal UCS Director Bare- Metal Bare-Metal Web App Web Web DB Hyper- V HYPERVISOR HYPERVISOR = UCS Network (ACI or Standalone) Storage Virtualiza>on L4-7 Services 18
Cisco UCS So]ware Por^olio UCS Manager, Central, APIC and UCS Director UCS Director UCS Central APIC APIC & DFA UCS Manager Manage Single UCS domain Embedded Mgmt of all UCS s/w and h/w components Manage mul>ple UCS Domains Deliver global policies, service profiles, ID pools, and templates 19 Manage Compute, Storage, Embedded Management Network, ACI and Virtualiza>on for ACI Manages ACI Fabric Manage FlexPod, VSPEX, Vblock L4-7 Management Support for 3rd party Policies: Connec>vity, heterogeneous Security & QoS, infrastructure Compute & Storage*
APIC vcenter Integra,on DEMO Meet you at Datanet Booth 17,4m Primavera room Silver Sponsor Gold Sponsor Riverbed Asseco S&T 3,6m 3,6m 3,6m 3,6m Primavera Bar EMC Pillar 4,4m Global Sponsor Vmware Corridor 20 Gold Sponsor Avnet 4,4m Service 9,2m Silver Sponsor Bar 4,4m Global Sponsor Lenovo 3,6m Gold Sponsor Datanet Terrace
Q&A Pentru informatii suplimentare vizitati 21