5 cisco open_stack
Upcoming SlideShare
Loading in...5
×
 

Like this? Share it with your network

Share

5 cisco open_stack

on

  • 3,374 views

 

Statistics

Views

Total Views
3,374
Views on SlideShare
3,362
Embed Views
12

Actions

Likes
5
Downloads
204
Comments
0

1 Embed 12

https://twitter.com 12

Accessibility

Categories

Upload Details

Uploaded via as Adobe PDF

Usage Rights

© All Rights Reserved

Report content

Flagged as inappropriate Flag as inappropriate
Flag as inappropriate

Select your reason for flagging this presentation as inappropriate.

Cancel
  • Full Name Full Name Comment goes here.
    Are you sure you want to
    Your message goes here
    Processing…
Post Comment
Edit your comment

5 cisco open_stack Presentation Transcript

  • 1. 1© 2013 Cisco and/or its affiliates. All rights reserved. Srinivas Kavuri Sr. Director, Engineering Sept 21, 2013
  • 2. © 2013 Cisco and/or its affiliates. All rights reserved. 22© 2013 Cisco and/or its affiliates. All rights reserved. FORWARD-LOOKING STATEMENTS This presentation contains projections and other forward-looking statements regarding future events or the future financial performance of Cisco, including future operating results. These projections and statements are only predictions. Actual events or results may differ materially from those in the projections or other forward-looking statements. Please see Cisco’s filings with the SEC, including its most recent filings on Form 10-K and 10-Q, for a discussion of important risk factors that could cause actual events or results to differ materially from those in the projections or other forward-looking statements
  • 3. 3© 2013 Cisco and/or its affiliates. All rights reserved. Build Point Solutions Build Infrastructure Offering Emergence of Public/Private Clouds Business Need Silo Silo Silo Applications Servers Network Storage Ethernet, FC, Ip Manual Project- based Vertical solutions Business Need Virtualization- Aware Network Automation Applications IT Service Holistic Solution Virtualized Shared Resource Pool Storage Cisco UCS Cisco Nexus IT as a Service Model ….
  • 4. © 2013 Cisco and/or its affiliates. All rights reserved. 4 PHYSICAL WORKLOAD VIRTUAL WORKLOAD CLOUD WORKLOAD • One app per Server • Static • Manual provisioning • Many apps per Server • Mobile • Dynamic provisioning • Multi-tenant per Server • Elastic • Automated Scaling HYPERVISOR VDC-1 VDC-2 CONSISTENCY: Policy, Features, Security, Management Nexus 1000V, VM-FEX Virtual WAAS, VSG*, ASA 1000V** UCS for Virtualized Workloads Nexus 7K/5K/3K/2K WAAS, ASA, NAM UCS for Bare Metal * Virtual only, ** Announced Cloud Services Router (CSR)ASR Switching Routing Services Compute
  • 5. © 2013 Cisco and/or its affiliates. All rights reserved. 5 System Center Open Source vCloud Director/ DynamicOps Cisco Multi-Hypervisor and Multi-Orchestrator Strategy Cloud Infrastructure Stacks Supported Hypervisor Virtualized Infrastructure CIAC vSphere, Hyper-V, Xen, KVM Integrated Stacks COMPUTE NETWORK STORAGE UCS Blades UCS Racks Nexus 1K Nexus 2/3/5/6/7K MDS Partner Products (EMC, NetApp) NSM Nexus 1KV vPath vSphere NSM Nexus 1KV vPath Hyper-V NSM Nexus 1KV vPath Open Source (Xen, KVM) NSM Nexus 1KV vPath Virtual Network Infrastructure Cloud Management
  • 6. © 2013 Cisco and/or its affiliates. All rights reserved. 6 • IT organizations choose OpenStack to avoid vendor lock-in • Ideal for Internal Software teams • Almost all major IT companies participating • More than 180 companies, 6000 individuals • Foundational element of a Software Defined Infrastructure • Extends Software Defined Networks in to the cloud Open source software that allows anyone to build a public or private cloud • Cisco is a board member • Cisco’s Cloud CTO, Lew Tucker is Vice-Chair SDI
  • 7. © 2013 Cisco and/or its affiliates. All rights reserved. 7 OpenStack Compute (Nova) Software to provision virtual machines on server hardware at massive scale OpenStack Object Storage (Swift) Software to reliably store billions of objects distributed across locally attached storage OpenStack Image Service (Glance) Services for discovering, registering, and retrieving virtual machine images
  • 8. © 2013 Cisco and/or its affiliates. All rights reserved. 8 OpenStack Dashboard (Horizon) A self-service web portal to allow administrators and users to manage OpenStack resources OpenStack Identity (Keystone) Provides “unified authentication” across all OpenStack projects and integrates with 3rd party authentication systems OpenStack Network Service (Neutron) Provides “network connectivity as a service” between devices managed by other OpenStack services
  • 9. © 2013 Cisco and/or its affiliates. All rights reserved. 9 Innovation in Cloud Computing through OpenStack’s Network Service and Cisco’s Open Network Environment (SDN) OpenStack Compute (Nova) OpenStack Networking (Neutron) OpenStack Storage (Swift) a Controllers and Agents Cisco ONE Controller SW Openflow Agents Virtual Overlays VXLAN Gateway, Openstack, Service Chaining CSR 1KV Platform APIs One Platform Kit (onePK) on ISR G2, ASR 1K Applications each see their own logical DC API-driven Open Cloud Platform Programmable Infrastructure VM VM VM VM VM VM VM
  • 10. © 2013 Cisco and/or its affiliates. All rights reserved. 10 • Public/private clouds • Extend cloud model for rapid provisioning of network services • Drive innovation through real-world use cases Cisco Engineering Customers Community Participation • Cisco OpenStack Installer • Plug-ins for Cisco networking technology • Plugins for Cisco Virtual Networking and Services • UCS systems • Cisco Intelligent Automation/orchestration • Cross Cisco collaborations • OpenStack Foundation Board member • Neutron Core Community Member • Focus on Network Service, Compute Service and Dashboard • HA and automation for large scale production
  • 11. © 2013 Cisco and/or its affiliates. All rights reserved. 11 Cisco Nexus 1000v Neutron plugin Neutron Client Port and Policy profile extensions Horizon support for Cisco N1Kv plugin N1Kv Cisco Neutron plugin multi segment/trunk support VXLAN and LISP support to OpenvSwitch Plugin OpenStack TOR L3 Networking using Cisco Nexus plugin (SVI) Cisco plugin Provider Network support Modular layer 2 (ML2) plugin mechanism driver for Nexus Modular layer 2 (ML2) plugin type driver for VXLAN support Firewall as a Service (FWaaS) Agent Layer 3 routing agent for routers VPNaaS Documentation
  • 12. 12© 2013 Cisco and/or its affiliates. All rights reserved.
  • 13. © 2013 Cisco and/or its affiliates. All rights reserved. 13 • In simple terms, it’s an installer that allows you to quickly set up a manageable OpenStack cloud. • Includes not only all OpenStack core components, but also tools to help you manage and monitor your cloud. • Capable of handling bring-up all the way from bare metal. • Simple installation procedure for novices, full Puppet code available for tweaking/addition by advanced users. • A solution validated by Cisco testing.
  • 14. © 2013 Cisco and/or its affiliates. All rights reserved. 14 Administrator Horizon dashboard Neutron (network as a service) Compute-Node • Nova-compute • Neutron plugin Agent Glance (Image repository for VMs) Build-node • Cobbler • Puppet • NTP server • Monitoring server (Nagios, collectd, Graphite) Openstack Cluster Compute-Node • Nova-compute • Neutron Plugin Agent Controller-Node • Neutron-server • Nova-api • Nova-scheduler • Keystone • RobbitMQ • MySQL
  • 15. © 2013 Cisco and/or its affiliates. All rights reserved. 15 • A delivery vehicle that allows us to provide OpenStack, features & software to customers and app developers • A reference platform for how to deploy OpenStack in the real world • An easy way to get started with OpenStack • A way for customers to learn from our real-world OpenStack experiences • A way to get: • OpenStack installation automated by Puppet • Monitoring tools to help manage your cloud (Nagios, Collectd, Graphite) • Configuration management via Puppet • Neutron-enabled multi-node installation tested on Cisco hardware • New features before an upstream release
  • 16. © 2013 Cisco and/or its affiliates. All rights reserved. 16 NOT • An OpenStack “distribution” • TAC-supported software • SKU-able, sellable software • A version of OpenStack that contains Cisco proprietary add-ons • A direct competitor to Red Hat RDO, Ubuntu, Rackspace Alamo, etc • What you should install if you’re developing new OpenStack features (use DevStack for that)
  • 17. © 2013 Cisco and/or its affiliates. All rights reserved. 17 For more Information please visit: http://docwiki.cisco.com/wiki/OpenStack
  • 18. 18© 2013 Cisco and/or its affiliates. All rights reserved.
  • 19. © 2013 Cisco and/or its affiliates. All rights reserved. 19 Clients Neutron Service Backend Networks Physical and Virtual
  • 20. © 2013 Cisco and/or its affiliates. All rights reserved. 20
  • 21. © 2013 Cisco and/or its affiliates. All rights reserved. 21 • Cisco Nexus plugin amongst the first plugins to be available in OpenStack Networking • Cisco Nexus Openstack Networking plugin – in Grizzly OpenStack release • Features: Orchestration with OpenStack dashboard – Horizon Works with Nexus 3k/5k/6k/7k Configures multiple physical Nexus switches Dynamic VLAN provisioning Efficient allocation of VLAN resource VLAN features on Nexus used by plugin (Creation, Deletion Update) • Datasheet • Nexus Plugin Installation instructions • Cisco OpenStack Website
  • 22. 22© 2013 Cisco and/or its affiliates. All rights reserved.
  • 23. © 2013 Cisco and/or its affiliates. All rights reserved. 23 Host Host Network Admin Server Admin Host Host The rest of the network… vSwitch vSwitch vSwitch vSwitch VMs on Wrong VLANs! No Network Visibility or Control! Unchaperoned VM- to-VM communication! No Policy and VLAN control! Server Admin must handle network configuration
  • 24. © 2013 Cisco and/or its affiliates. All rights reserved. 24 Host Host Network Admin Server Admin Host Host Distributed Switch managed by Network Admin Server Admin freed from networking configuration Clear Configuration Boundaries Transparent Monitoring Boundaries
  • 25. © 2013 Cisco and/or its affiliates. All rights reserved. 25 1. When VMs move across physical ports—the network policy must follow them (across racks, PODS, DCs) 2. Must view or apply network/security policy to locally switched traffic 3. Need to maintain segregation of duties while ensuring non-disruptive operations Port Group Server Admin Network Admin Security Admin
  • 26. © 2013 Cisco and/or its affiliates. All rights reserved. 26 Modular Switch … Linecard-N Supervisor-1 Supervisor-2 Linecard-1 Linecard-2 BackPlane Server 1 Server 2 Server 3 Comparison to a Physical Switch Network Admin Server Admin
  • 27. © 2013 Cisco and/or its affiliates. All rights reserved. 27 Modular Switch … Linecard-N Supervisor-1 Supervisor-2 Linecard-1 Linecard-2 BackPlane Moving to a Virtual Environment Network Admin Server Admin Hypervisor Hypervisor Hypervisor
  • 28. © 2013 Cisco and/or its affiliates. All rights reserved. 28 Hypervisor Hypervisor Hypervisor Modular Switch … Linecard-N Supervisor-1 Supervisor-2 Linecard-1 Linecard-2 BackPlane Supervisors Virtual Supervisor Modules (VSMs) VSM1 VSM2 Virtual Appliance VSM: Virtual Supervisor Module Network Admin Server Admin
  • 29. © 2013 Cisco and/or its affiliates. All rights reserved. 29 Hypervisor Hypervisor Hypervisor Modular Switch … Linecard-N Supervisor-1 Supervisor-2 Linecard-1 Linecard-2 BackPlane Linecards Virtual Ethernet Modules (VEMs) VEM-NVEM-1 VEM-2 VSM: Virtual Supervisor Module VEM: Virtual Ethernet Module VSM1 VSM2 Virtual Appliance Network Admin Server Admin
  • 30. © 2013 Cisco and/or its affiliates. All rights reserved. 30 Hypervisor Hypervisor Hypervisor VSM + VEMs = Nexus 1000 Virtual Chassis VEM-NVEM-1 VEM-2 VSM: Virtual Supervisor Module VEM: Virtual Ethernet Module vEth: Virtual Ethernet port • 300+ vEth ports per VEM • 6K vEths per N1K domain • 128 VEMs per N1K domain (connected by L2 or L3) L2Mode L3Mode VSM1 VSM2 Virtual Appliance
  • 31. © 2013 Cisco and/or its affiliates. All rights reserved. 31 WAN Router Servers Tenant A ASA 1000V Cloud Firewall Nexus 1000VPhysical Infrastructure Virtualized/Cloud Data Center vWAAS Cisco Virtual Security Gateway Switches Cloud Network Services Citrix NetScaler VPX Imperva SecureSphere WAF Cloud Services Router 1000V Zone A Zone B vPath VXLAN Multi-Hypervisor (VMware, Microsoft, RedHat*, Citrix*) Nexus 1000V (Dist. Virtual Switch) • Distributed switch • NX-OS consistency VSG (Zone-based FW) • VM-level controls • Zone-based FW ASA 1000V (Cloud FW) • Edge firewall, VPN • Protocol Inspection vWAAS (WAN Optimization) • WAN optimization • Application traffic 8500+ Customers Available Now Available Now Available Now CSR 1000V (Cloud Router) • WAN L3 gateway • Routing and VPN Available Now Ecosystem Services • Citrix NetScaler VPX virtual ADC • Imperva Web App. FW Available 2H 2013 vNAM (Network Analytics) • App Visibility (L2-L7) • Overlay Intelligence (OTV, VXLAN, FP**) PoC: 1H 2013 Network Analysis Module (vNAM)
  • 32. © 2013 Cisco and/or its affiliates. All rights reserved. 32 • Dedicated NX-OS appliance for hosting virtual services Two form factors: 1110-S, 1110-X Up to 10 virtual services can be hosted • Simplifies lifecycle management of virtual services Network/security team can deploy, upgrade, manage • Virtual services currently supported Nexus 1000V virtual supervisor modules (VSMs), Network Analysis Module (NAM) Virtual Security Gateway (VSG), Data Center Network Manager (DCNM) Nexus 1110: UCS C220/M3 Physical Appliance: • CPU: 2 * Intel Sandy Bridge, 16 cores total • RAM: 32 or 64 GB • HDD: 2 or 4 TB • Network I/O: 6 x 1 GbE or 6 x 1 GbE + 2 x 10 GbE VSM VSM VSM VSG NAM DCNM Nexus 1100 Series Announcement: Sept 13th, 2012 (FAQ, Blog, Nexus 1010 EoL notice) Availability: Later in Nov (Due to component lead issues)
  • 33. © 2013 Cisco and/or its affiliates. All rights reserved. 33 • VEM on KVM Hypervisor • VSM can run as VM on KVM or on N1110. • Leverages OVS (open vSwitch) for flow-based traffic switching • Openstack for creating, managing Virtual Machines • Puppet for installing VEMs • VXLAN-VLAN Gateway : to bridge traditional networks to virtual networks
  • 34. © 2013 Cisco and/or its affiliates. All rights reserved. 34 Quantum VM-Network (PortID) OpenStack Neutron Admin Port is created in VSM VLAN 1-4095 VLAN 100 VLAN 100 Policy Profile (VSM) Project/Tenant A Compute Node + VEM Nexus 1000V – VSM VM-Network 192.168.10.0/24 for VLAN 100 Create Network Profile Type VXLAN | VLAN (Pool created and assigned to tenant) Create Network (Tenant Self Create) Create Subnet (Assign IP Pool) Create Port using network and policy (Created when VM is instantiated)
  • 35. 35© 2013 Cisco and/or its affiliates. All rights reserved.
  • 36. © 2013 Cisco and/or its affiliates. All rights reserved. 36 • Allows YOU to define the “to-be” server, NOT settle for the “as is” server • Configure once then reuse • Templates as Best practices • Created through Cisco UCS Manager NIC MACs HBA WWNs Server UUID VLAN Assignments VLAN Tagging FC Fabrics Assignments FC Boot Parameters Number of vNICs Boot order PXE settings IPMI Settings Number of vHBAs QoS Call Home Template Association Org & Sub Org Assoc. Server Pool Association Statistic Thresholds BIOS scrub actions Disk scrub actions BIOS firmware Adapter firmware BMC firmware RAID settings Advanced NIC settings Serial over LAN settings BIOS Settings More…. SERVICE PROFILE LAN SAN
  • 37. © 2013 Cisco and/or its affiliates. All rights reserved. 37 C-Series Rack Optimized Servers B-Series Blade Servers Service Profile: HR_App1 VNIC1 MAC: 08:00:69:02:01:2E HR_WEB_VLAN (ID=50) VNIC2 MAC: 08:00:69:02:01:2F HR_DB_VLAN (ID=210) HBA 1 and 2 WWN: 5080020000075740 WWN: 5080020000075741 VSAN ID: 12 Boot Order: SAN BIOS Settings: Turbo On HyperThreading On UCS Service Profile Unified Device Management Network Policy Storage Policy Server Policy UCS Manager Policy Driven Compute Provisioning + Open XML API
  • 38. © 2013 Cisco and/or its affiliates. All rights reserved. 38 Chassis/Server Discovery Service Profile Association PXE boot devices deployed Cobbler database update Register NodesProvision UCS Servers Updates the newly added node info in puppet Puppet apply Add hosts/system in OpenStack Event Listener PXE boot for initial OS install RHEL 6.4 installation on bare-metal servers Sync all the plugins from Puppet Master Host OS Install Inventory of nova nodes on controller VM Provisioning OpenStack Services Deployment OpenStack Handover Hostname / IP address Logical credentials Resource allocation preferences Only Point of User Touch Pre-configure UCS
  • 39. © 2013 Cisco and/or its affiliates. All rights reserved. 39 4. PXE Boot 5. Puppet sync 1. Read conf file 2. Apply policies 3. Update Puppet/Cobbler DB Build Node Control Node Compute Nodes (nova- compute, libvirtd) (glance, scheduler, API-deamons)
  • 40. © 2013 Cisco and/or its affiliates. All rights reserved. 40 Policy Driven, Automated bare metal bring up of OpenStack setup Seamless integration with existing UCSM tools Scripted configuration of OpenStack components using UCSM Python SDK Puppet, Cobbler driven configuration of OpenStack services Easy deployment of multi-node OpenStack systems across UCS chassis Dynamic provisioning of compute nodes via UCSM based Event Listener Physical and Virtual Network Services with Nexus More information at www.cisco.com/go/OpenStack
  • 41. 41© 2013 Cisco and/or its affiliates. All rights reserved.