Running RHV integrated with Cisco ACI. JuanLage Principal Engineer - Cisco May 2018

Similar documents
PSOACI Why ACI: An overview and a customer (BBVA) perspective. Technology Officer DC EMEAR Cisco

Virtual Machine Manager Domains

Cisco ACI for Red Hat Virtualization Environments

Cisco UCS Director and ACI Advanced Deployment Lab

Cisco ACI with Red Hat Virtualization 2

ACI Multi-Site Architecture and Deployment. Max Ardica Principal Engineer - INSBU

MP-BGP VxLAN, ACI & Demo. Brian Kvisgaard System Engineer, CCIE SP #41039 November 2017

ACI Terminology. This chapter contains the following sections: ACI Terminology, on page 1. Cisco ACI Term. (Approximation)

Networking Domains. Physical domain profiles (physdomp) are typically used for bare metal server attachment and management access.

5 days lecture course and hands-on lab $3,295 USD 33 Digital Version

2018 Cisco and/or its affiliates. All rights reserved.

Cisco ACI App Center. One Platform, Many Applications. Overview

Cisco ACI Virtual Machine Networking

Cisco ACI Virtual Machine Networking

Cisco Application Centric Infrastructure

Configuring Cisco Nexus 9000 Series Switches in ACI Mode (DCAC9K) v3.0

Modeling an Application with Cisco ACI Multi-Site Policy Manager

Cisco ACI Terminology ACI Terminology 2

Implementing Container Application Platforms with Cisco ACI

Virtualization Design

Cisco VTS. Enabling the Software Defined Data Center. Jim Triestman CSE Datacenter USSP Cisco Virtual Topology System

Practical Applications of Cisco ACI Micro Segmentation

Cisco ACI Simulator VM Installation Guide

Quick Start Guide (SDN)

Design Guide to run VMware NSX for vsphere with Cisco ACI

Cisco HyperFlex Systems

Intuit Application Centric ACI Deployment Case Study

Data Center and Cloud Automation

Cisco ACI with Cisco AVS

Building NFV Solutions with OpenStack and Cisco ACI

Using Network Virtualization in DevOps environments Yves Fauser, 22. March 2016 (Technical Product Manager VMware NSBU)

Cisco ACI Multi-Site Fundamentals Guide

Cisco Application Centric Infrastructure and Microsoft SCVMM and Azure Pack

Cisco Application Centric Infrastructure (ACI) - Endpoint Groups (EPG) Usage and Design

believe in more SDN for Datacenter A Simple Approach

Quick Start Guide (SDN)

Cisco ACI Virtual Machine Networking

Integration of Hypervisors and L4-7 Services into an ACI Fabric. Azeem Suleman, Principal Engineer, Insieme Business Unit

Layer 4 to Layer 7 Design

Segmentation. Threat Defense. Visibility

DELL EMC TECHNICAL SOLUTION BRIEF

Orchestration: Accelerate Deployments and Reduce Operational Risk. Nathan Pearce, Product Development SA Programmability & Orchestration Team

Microsegmentation with Cisco ACI

Hybrid Cloud Solutions

Cisco CloudCenter Solution with Cisco ACI: Common Use Cases

Cisco ACI Multi-Pod/Multi-Site Deployment Options Max Ardica Principal Engineer BRKACI-2003

Application Centric Infrastructure

Manage Hybrid Clouds with a Cisco CloudCenter, Cisco Application Centric Infrastructure, and Cisco UCS Director Solution

Design Guide for Cisco ACI with Avi Vantage

Cisco Cloud Application Centric Infrastructure

Intra-EPG Isolation Enforcement and Cisco ACI

Cisco ACI vpod. One intent: Any workload, Any location, Any cloud. Introduction

Multi-Site Use Cases. Cisco ACI Multi-Site Service Integration. Supported Use Cases. East-West Intra-VRF/Non-Shared Service

Huawei CloudFabric and VMware Collaboration Innovation Solution in Data Centers

Brocade and VMware Strategic Partners. Kyle Creason Brocade Systems Engineer

Cisco ACI Simulator Release Notes, Release 1.1(1j)

F5 Demystifying Network Service Orchestration and Insertion in Application Centric and Programmable Network Architectures

Cisco ACI and Cisco AVS

Automate Application Deployment with F5 Local Traffic Manager and Cisco Application Centric Infrastructure

Deploy Microsoft SQL Server 2014 on a Cisco Application Centric Infrastructure Policy Framework

Introduction to Cisco Virtual Topology System DP Ayyadevara, Product Manager, Cloud Virtualization Cisco PSOSDN-1050

Provisioning Overlay Networks

Migration from Classic DC Network to Application Centric Infrastructure

Cisco Virtual Topology System Release Service Provider Data Center Cisco Knowledge Network. Phil Lowden (plowden) October 9, 2018

The Next Opportunity in the Data Centre

Taming the Multi-Cloud With Simplicity and Openness. Minh Dang Cisco Systems Vietnam 2018 January

SharkFest 16. Cisco ACI and Wireshark. Karsten Hecker Senior Technical Instructor Fast Lane Germany. Getting Back Our Data

Cisco Enterprise Cloud Suite Overview Cisco and/or its affiliates. All rights reserved.

Cisco Cloud Architecture with Microsoft Cloud Platform Peter Lackey Technical Solutions Architect PSOSPG-1002

Microsegmentation with Cisco ACI

CONTRAIL SECURITY. Contrail Cloud Networking & Security

Real World ACI Deployment and Migration Kannan Ponnuswamy, Solutions Architect BRKACI-2601

Pluribus Adaptive Cloud Fabric

Cisco ACI Virtual Machine Networking

Cisco ACI Virtual Machine Networking

Title DC Automation: It s a MARVEL!

with ACI Any workload anywhere.

Cisco SDN 解决方案 ACI 的基本概念

Next-Generation Data Center Interconnect Powered by the Adaptive Cloud Fabric

Disclaimer This presentation may contain product features that are currently under development. This overview of new technology represents no commitme

Integrating Cisco UCS with Cisco ACI

CONTAINERS AND MICROSERVICES WITH CONTRAIL

Cisco Application Centric Infrastructure (ACI) Simulator

Cisco ACI Simulator Release Notes, Release 2.2(3)

Cisco Container Platform

Policy Driven Data Centre with ACI

Cisco ACI and Pivotal Cloud Foundry Integration 2

VMware Cloud on AWS. A Closer Look. Frank Denneman Senior Staff Architect Cloud Platform BU

HPE HELION CLOUDSYSTEM 9.0. Copyright 2015 Hewlett Packard Enterprise Development LP

Cisco IT Compute at Scale on Cisco ACI

DevNet Technical Breakout: Introduction to ACI Programming and APIs.

Cisco ACI Unified Plug-in for OpenStack Architectural Overview

Question No: 3 Which configuration is needed to extend the EPG out of the Cisco ACI fabric?

Cisco Virtual Networking Solution for OpenStack

OpFlex: An Open Policy Protocol

Real World ACI Deployment and Migration

Intra-EPG Isolation Enforcement and Cisco ACI

F5 Networks in the Software Defined DataCenter Era. Paolo Pambianco System Engineer CSP

BUILDING AN ON-PREM APPLICATION-AWARE CLOUD

Tenant Onboarding. Tenant Onboarding Overview. Tenant Onboarding with Virtual Data Centers

Transcription:

Running RHV integrated with Cisco ACI JuanLage Principal Engineer - Cisco May 2018

Agenda Why we need SDN on the Data Center What problem are we solving? Introduction to Cisco Application Centric Infrastructure (ACI) ACI and Red Hat Virtualization integration ACI and RHV Designs Q&A

Creating a Virtual Machine on RHV takes minutes GUI, CLI Server admin DevOps - name: clone the from template ovirt_vms: auth: "{{ ovirt_auth }}" state: present name: my-vm-{{ item }}" cluster: CLUSTER-01" memory: "1024MiB" memory_guaranteed: "512MiB" operating_system: "other_linux" storage_domain: NFS-DC1" clone: True template: centos7-4 with_sequence: count=6 Virtualization Manager RHV CLUSTER-01

But to make a Virtual Machine useful It needs to connect to a network The network needs VLAN, Subnets, routing policies Security rules must be applied etc, 4

Traditionally this means (manual) box-by-box configurations by the network admin, and then on RH

Every new network requires many provisioning touch points on the network, and on RH 1. Assign VLAN, subnets, routing, and configure them on each and every device and on every required port. Every new Logical Network requires touching all network elements and knowledge of every port required for clusters. VLAN10 (NFS) VLAN40 (App-01) Fabric Admin VLAN50 (App-02) Virtualization Manager NFS (vlan20) vpc Pairs APP-01 (vlan40) Server Admin APP-02 (vlan50) Storage (NFS, iscsi, etc.) RHV Cluster 2. Configure Logical Networks with given VLANs, and assign them to the NICs on each and every host in the Cluster 6

Lot s of repetitive tasks that are prone to errors and can be complicated to automate at scale 1. Assign VLAN, subnets, routing, and configure them on each and every device and on every required port. Every new Logical Network requires touching all network elements and knowledge of every port required for clusters. VLAN10 (NFS) VLAN40 (App-01) Fabric Admin Virtualization Manager VLAN50 (App-02) NFS (vlan20) vpc Pairs APP-01 (vlan40) Server Admin APP-02 (vlan50) Storage (NFS, iscsi, etc.) RHV Cluster 2. Configure Logical Networks with given VLANs, and assign them to the NICs on each and every host in the Cluster 7

Introducing Cisco ACI

Application Centric Infrastructure DC Fabric with a Single Point of Management with full FCAPS Network Virtualization Integrated Security Distributed L2/L3 across the fabric, across different sites Distributed Programmable L2-L4 security Policies Seamless networking for bare metal, storage, s and Containers Micro Segmentation L4-7 Service Chaining Virtual Switch Virtualization Integration Virtualization Managers: ware vcenter, Microsoft SCM, Red Hat Virtualization OpenStack EXT Ecosystem Cisco ACI App Center +65 Ecosystem Partners Cloud Management Integration Kubernetes, OpenShift, Cloud Foundry 9

Application Centric Infrastructure Seamless Services across data centers ACI POD 1 Up to 200 Leafs Per ACI Pod Consistent Policy Up to 7 APICs per Cluster IP Network IP Network ACI POD 2 ACI POD 4 Single Management and Policy Domain Across Multiple ACI PODs Centralized Management Isolated Fault Domain By Pod Up to 400 Leafs per APIC Cluster Scalability With Simplicity 10

ACI provides network virtualization and policy for any type of endpoint

Networks are abstracted as EndPoint Groups (EPG).

EPGs can group endpoints based on encapsulation, IP, MAC, attributes, containers annotations, etc.

APIC provides a single point of management for all network configuration and operations Create EPG for NFS Fabric Admin DC1 POD1 EPG - NFS EXT 14

ACI provides automatic network extension leveraging its VXLAN integrated overlay Extend NFS EPG to DCn Inter-Pod IP Network Fabric Admin DCn PODn DC1 POD1 EPG - NFS EPG - NFS EXT EXT VXLAN Scope 15

ACI also enables distributed network security Restrict traffic to NFS only Inter-Pod IP Network Fabric Admin DCn PODn DC1 POD1 EPG - NFS EXT EXT Allow-NFS EPG - NFS permit udp/111,1039, 1047, 1048,2049. permit tcp/111,1039,1047,1048,2049. 16

Cisco ACI Industry Leadership 5,000+ ACI Customers 50+% ACI Attach Rate 65+ Ecosystem Partners Ecosystem Partners 17

ACI with M Domain for Red Hat Virtualization (since ACI 3.1 & RHV 4.1.7)

Cisco ACI and Red Hat Virtualization Integration Key Benefits RHV Admin Fabric Admin Automate and accelerate provisioning APIC to provision Logical Networks API Virtualization Manager Enhance operations and team collaboration APIC visibility into RHV Domains Enhanced security and segmentation ACI to implement distributed network policy RHV Cluster Simplify Migration from proprietary hypervisors RHV Cluster 19

APIC leverages RH Inventory for Virtual/Physical Correlation Inventory and status of per hypervisor Identify all hypervisors under RH administration.

APIC automatically creates Logical Networks Fabric Admin 1. Create EPGs on APIC: Web, App, and DB 2. Map EPGs to RHV M Domain (and other domains too if required) APIC automatically configures the Web, App and DB Logical Networks with a dynamically assigned VLANs

ACI RHV M Domain Workflow with APIC 3.1 An ACI M Domain associates with one RHV Data Center object Multiple Data Centers are possible using different M Domains An ACI EPG maps to a RH Logical Network The integration is supported with RHV networking using Linux bridge or Open vswitch (OVS) When an EPG is associated with a RHV M Domain, APIC creates a corresponding Logical Network and associates it with all clusters in the RH Data Center

ACI performs distributed switching, routing and security between Logical Networks

Better network operations: the fabric admin can find RHV objects easily Look for a hypervisor, or for a by its name, find where they are connected, etc. Verify IP, MAC, status and find EPG where it is connected

ACI M-POD and RHV Cluster Design Options

The fabric implements distributed routing, switching and security within and across DCs No bottlenecks. 10/25GE line rate communication for all paths: - to - Node to Storage - to Storage POD1 - to BareDC1 Metal Create EPG Green and Purple Inter-Pod IP Network Fabric Admin DCn PODn EPG - DataBase EPG - DataBase EPG-Green EPG-Purple EXT Virtualization Manager RHV Cluster 01 Logical Networks can be L2/ extended automatically across L3 multiple clusters within and between different data centers. RHV Cluster 02 Server Admin 26

ACI Multi-POD facilitates running stretched RHV Clusters Inter-Pod IP Network Inter-Pod IP Network DCn PODn DC1 POD1 EPG-MIGRATION EPG-FRONTEND EPG-WEB EXT Virtualization Manager EXT Live Migration RHV Cluster Customers can deploy stretched clusters (assuming storage solution support) 27

RHV and ACI Multi-POD Independent RHV Managers Inter-Pod IP Network Inter-Pod IP Network DCn PODn DC1 POD1 EPG-FRONTEND EPG-WEB EXT Virtualization Manager EXT RHV Cluster Virtualization Manager RHV Cluster Customers can deploy workloads to the same networks on both RHV Managers. This scenario probably lends itself better to Multi-Site to match network and virtualization availability domains. 28

ACI native Ansible support

There are 50+ Ansible modules for ACI http://docs.ansible.com/ansible/latest/scenario_guides/guide_aci.html

Creating a network now takes less time than creating a Virtual Machine - name: map EPG to RHV M Aci_epg_to_domain: hostname: apic-01 private_key: /usr/me/admin.key tenant: RHSummit ap: MyApp epg: {{ item }} domain_type: vmm vm_provider: redhat domain: RHV-M-01 with_items: - Green - Purple - name: clone the from template ovirt_vms: auth: "{{ ovirt_auth }}" state: present name: my-vm-{{ item }}" cluster: CLUSTER-01" memory: "1024MiB" memory_guaranteed: "512MiB" operating_system: "other_linux" storage_domain: NFS-DC1" clone: True template: centos7-4 with_sequence: count=6 Virtualization Manager RHV CLUSTER-01

ACI and RHV M Domain Summary

Why ACI and Red Hat Virtualization Automate and accelerate provisioning APIC automatically provisions Logical Networks and physical fabric. Line rate at 10/25GE for all server communications Extend networks to any cluster, any Data Center Implement APIC Programmable, Distributed Network Security visibility into RHV Domains to facilitate operations and team collaboration

Review online demos ACI with RHV Intro - https://youtu.be/hpfaypgmaqi ACI with RHV and Ansible - https://youtu.be/w1ovzv8irsk Simplify migrating from vcenter to RHV - https://youtu.be/3qsi1g3hjmm

Where to find more information ACI and Red Hat Virtualization White Paper: https://www.cisco.com/c/en/us/solutions/collateral/data-center-virtualization/application-centric-i nfrastructure/white-paper-c11-740535.html ACI Loves K and Red Hat Virtualization (Cisco Blog): https://blogs.cisco.com/datacenter/aci-loves-kvm-and-red-hat-virtualization Cisco ACI and Red Hat Virtualization Configuration Guide: https://www.cisco.com/c/en/us/td/docs/switches/datacenter/aci/apic/sw/kb/b_cisco_aci_red_h at_virtualization.html

Session Abstract Cisco ACI is a comprehensive SDN solution that provides integrated VXLAN overlays delivering network virtualization and distributed security policies for virtual and physical workloads. Cisco ACI integrates with many Red Hat technologies, including Red Hat Virtualization (RHV), OpenShift, and OpenStack. Red Hat Virtualization allows customers to virtualize mission-critical workloads while building a future foundation for cloud-native and container-based workloads. In this session, attendees will learn the benefits of deploying RHV with Cisco ACI, including: - Scalable network virtualization - Distributed security policies - Micro-segmentation - Automating Cisco ACI with RHV using Ansible Join Dominik Holler of Red Hat and Juan Lage of Cisco as they present the current and future integration of Cisco ACI with Red Hat Virtualization and how it benefits customers.

2024 © technodocbox.com Privacy Policy | Terms of Service | Feedback