2. Растущая нагрузка в ЦОД
Сеть
Месяцы на развертывание
новых сервисов1
СХД
40% рост данных ежегодно
90% неструктурированого3
Сервера
Средняя утилизация <50%
несмотря на виртуализацию4
Новые проблемы впереди…
1: Источник: оценки Intel IT; 2: 3: IDC’s Digital Universe Study, sponsored by EMC, December 2012; 4: IDC Server Virtualization and The Cloud 2012
2
4. Мы менялись и раньше…
Выделенные сервера
Низкая утилизация
Растущее энергопотребление
и занимаемое пространство
ПО привязано к аппаратной части
Виртуальные
сервера
Разделяемая, гибкая аппаратная часть
Снижение стоимости владения
Управление инфраструктурой проще
Инновации Intel для Виртуализации
Source: Intel Analysis
4
5. SDN: Вершина Айсберга
SDN в ЦОД
SDN + NFV
Сервиспровайдера
Серверы, Коммутаторы,
Маршрутизаторы
Доступ:
Базовые станции LTE
Облачный RAN
Граница:
Пограничный сетевой шлюз
Медиа шлюз
Ядро:
Evolved packet core
6. NFV и SDN движут изменением архитектуры
От этого…
Firewall
VPN
К этому…
Intrusion
Detection
System
VM:
Firewall
VM:
VPN
VM:
Intrusion
Detection
System
SDN
ASIC, DSP, FPGA,ASSP
6
TEM/OEM
специализированная ОС
Стандартный
процессор
Сетевая Ускоритель
Ядро
Linux
карта
обработки Коммутатора
7. Программно-конфигурируемые сети в Intel
OpenStack*
Управление
Программное
обеспечение
Сетевые
приложения
SDI
South Bound API
Определяют
маршруты
Конфигурируют
(вирт.)
коммутаторы
7
Контролле
р
Контролле
р
Узел
Узел
Узел
Узел
Узел
Узел
Top of Rack
Switch
Server Pool
Micro
Servers
RSA
Virtual
Servers
NFV
8. Требования к маршрутизации
Открытый API для управления
Физическая маршрутизация
VM
VM
VM
Виртуальный
маршрутизатор
Сервер
8
VM
VM
VM
Виртуальная маршрутизация
Виртуальный
маршрутизатор
Сервер
Гибридная маршрутизация
10. Преобразование Сети: Элементы Intel
Строительные блоки
Архитектура Intel®
Ускорение обработки
Intel Communications
Chipset
Intel VT-X
Intel VT-d
Поддержка экосистемы
Intel Open Network Platform
Server Reference Design
Intel® Network Builders
Intel® Ethernet
ONP w/Alta
Intel NIC
Switch
Intel VT-c
Программное
обеспечение
QuickAssist API
Высокая
Производительность
Открытые стандарты
Открытые
компоненты и API
12. Intel DPDK
DPDK = Data Plane
Development Kit
http://intel.com/go/dpdk/
• Intel DPDK – это набор библиотек и драйверов
для быстрой обработки пакетов на платформах
Intel.
• Использование больших виртуальных страниц
(huge pages 2mb/1gb).
• Размещение объектов равномерно по всем
каналам оперативной памяти.
• Адресное пространство карточки доступно из
userspace.
• Неблокирующие очереди для передачи пакетов.
• Нет прерываний в драйверах DPDK – активный
цикл.
• Активное использование SSE инструкций для
обработки пакетов.
• Выделение целых ядер процессоров под задачи.
13. • Open vSwitch - это виртуальный программный
коммутатор, который обеспечивает соединение
между виртуальными машинами и физическими
интерфейсами.
• Поддерживает обычную Ethernet коммутацию с
VLAN, SPAN, RSPAN, GRE, sFlow, Netflow.
• Частичная поддержка OpenFlow 1.2.
13
15. Результаты
Open vSwitch
PHY-toPHY
1.1 Mpps
Open vSwitch +
DPDK
10 Mpps
VM-toPHY
VM-to-VM
0.3 Mpps
4 Mpps
0.3 Mpps
2 Mpps
* на 10 Gb канале
** на udp пакетах, 64 байта (самый сложный
сценарий)
*** теоретический максимум 15 Mpps
15
16. Open Networking Summit 2013
Intel announced new reference architectures
(Sunrise Trail and accelerated Open vSwitch)
16
17. Итог: платформа виртуализации
Подробнее:
• Написано на Intel
DPDK
• Многопоточная и
многоядерная
архитектура
• Высокоскоростное
взаимодействие с VM
• Управляется OVS
17
18. Carrier Edge Network with NFV
CPE-Func
CG-NAT
CPE-Func
CG-NAT
CPE
CPE-Func
DPI
BRAS
DPI
CPE-Func
BRAS
BRAS
DPI
BRAS
Standard High Volume
Network Function-VMs
Servers/Storage/Switches
Firewall
Monitor
Monitor
Carrier Grade
CG-NAT
NAT
CPE-Func
CPE-Func
Monitor
Edge
DPI
Core
Monitor
WAN Accelerator
CDN
Monitor
CPE-Func
CPE-Func
WAN-Accl
CDN
BRAS
CPE-Func
CDN
BRAS
CPE-Func
OLT
CG-NAT
CDN
WAN-Accl
DSLAM
5/31/2013
CDN
BRAS
CPE-Func
CDN
BRAS
CPE-Func
CDN
WAN-Accl
Access
CDN
WAN-Accl
DSLAM
CDN
DPI
Syrcose2013
18
19. NFV with the SDN Control Plane
BRAS
BRAS
WAN-Accel
DPI
VM + Network Orchestration
Load
Balancer
VM Mgmt
NF-VM
SDN Controller
NF-VM
NF-VM
CG-NAT
NF-VM
NF-VM
Firewall
NF-VM
NF-VM
NF-VM
NF-VM
NF-VM
NF-VM
NF-VM
NF-VM
NF-VM
NF-VM
NF-VM
NF-VM
NF-VM
Core
Edge
5/31/2013
Syrcose2013
Access
19
Editor's Notes
we understand some of the constraints the datacenter is facing. You’re required to increase your storage capacity almost without limit, taking away budget from what could allow you to provide new services such as cloud-like capabilities or improving efficiencies to be parity with the best practices in the industry. Then let’s talk about the time – that storage capacity you purchased isn’t useful if it isn’t installed and provisioned. How do you connect it? Getting the network connections provisioned is not automated – you have to touch each vendor specific CLI. That’s not cheap either – how many of you have an entire team whose primary expertise is how to work the ins and outs of a vendor’s CLI? Intel IT has over a hundred in our shop ….so storage is taking space, budget & power. Networking is taking your time. How do you possibly get out of this spiral?
Today, how do services get provisioned? Somebody has an idea for a service and then they have to call IT. A number of people in IT go ahead and scope their needs. IT sharpens their pencils, they look at what the requirements are for reliability, for capacity, how much web services access do they need? Then they balance that against the rest of the infrastructure and all of the user demands.They're having to look at profitability, they're looking at cost, they're looking at the capacity that they know they have based on their archives and databases, to give them a paper estimate of the capacity they really have installed. Once they've got that in place, and procure the needed equipment, they have to manually configure it.Manually configuring a device means you touch everyone. Whether it is having to actually physically plug in an Ethernet plug and make the connection between different boxes, or whether it's simply having to touch the command line interface of every single box to configure and provision it appropriately there is a human touch at every point along the way. Once those are connected and configured, then they actually have to set up service. This pulls together the server and the storage and the data store so that the service is actually running and allows the original service requestor to develop the software and services they had in mind in the first place Then and only then do you have the service running. The service is available & ready for customers to do business. The time to provision there is months, minimally speaking, about eight weeks according to the Intel IT internal estimates. What should we be moving to? The end state of the future, the vision of re-architecting the data center and the result is something called software-defined infrastructure. Once there's an idea for a service, the LOB customer can pull together very quickly from private or, public, cloud services, or from their own internal capabilities, using a self-service portal that orchestrates the services they need from an online catalog. Things like location, security, online payments can be pulled together automatically –then the customer can assemble the software components from a list that's available to them, whether from their internal IT department or a repository like GitHub. The service level agreement that the orchestrator creates tells the infrastructure orchestrator what resources do I need? What kind of availability do I need? How much storage do I need? How fast of a connection do I need between the compute and the storage? Then, how do I manage power and how do I manage temperature demands if I'm in a particularly intense workload? All of this happens automatically. After the services are orchestrated, the infrastructure is orchestrated, the service is running. The time to provision a new service is minutes. Depending on how quickly somebody can put the software together, it should be push button - done
This all sounds very challenging – but we’ve been here before as an industry. Look at how Servers have evolved even in the last 5 or 10 years We started out with a server dedicated to a workload – or even a department. This resulted in fairly low utilization on each server, which drove increased power and space demands in the datacenter. The software was dedicated and loaded directly on the hardware, making upgrades and regular maintenance labor intensive and slowIn the case of virtualization, it’s had a huge impact on the datacenter – annual energy cost savings of ~86%. TCO savings of 70% and a 1/10th the number of servers in the server footprintDue to virtualization, SW and HW are decoupled, allowing SW to be upgraded without changing hardware – and allowing HW maintenance or upgrades to occur without having to disrupt the software
There are a lot of companies talking about “software defined” – there is general recognition in the industry that the only effective path forward towards new levels of service agility and capacity is rearchitecting the current datacenter to be software defined.
Call for more information (9/16/13)ONP Switch/Ethernet/Alta/Red Rock Canyon: Steve SchultzIntel communications chipset: Frank Schapfel Intel Network Builders: Renu NavaleQuickAssist and DPDK: Frank Schapfel and Jim St. LegerSDN: Rene TorresIntel offers a number of building blocks to start the journey towards transformation of the network: 10GbE Adapters (X520/X54010/40 Switch Chips (Alta)ONP Switch Platform10/40 GbE Adapters coming in ‘14/’15 (Fortville)Red Rock Canyon (‘15 RSA Compute Fabric)SDN with Open Flow 1.3Intel Infrastructure Builders Software: Intel is offering the Quick Assist APIs to provide seamless interfaces to any implementation of a networking workload – software and HW accelerated. These interfaces sit on top of bothQuickAssist accelerated HW as well as SW libraries such as the dataplane development kit (DPDK)Dataplane development kit offers a set of software libraries to accelerate packet movement and IO on an Intel architecture processor