5 cisco open_stack

1© 2013 Cisco and/or its affiliates. All rights reserved.
Srinivas Kavuri
Sr. Director, Engineering
Sept 21, 2013

© 2013 Cisco and/or its affiliates. All rights reserved. 22© 2013 Cisco and/or its affiliates. All rights reserved.
FORWARD-LOOKING STATEMENTS
This presentation contains projections and other forward-looking statements regarding future
events or the future financial performance of Cisco, including future operating results. These
projections and statements are only predictions. Actual events or results may differ materially
from those in the projections or other forward-looking statements. Please see Cisco’s filings
with the SEC, including its most recent filings on Form 10-K and 10-Q, for a discussion of
important risk factors that could cause actual events or results to differ materially from those in
the projections or other forward-looking statements

Build Point Solutions Build Infrastructure Offering
Emergence of Public/Private Clouds
Business Need
Silo Silo Silo
Applications
Servers
Network
Storage
Ethernet,
FC, Ip
Manual
Project-
based
Vertical
solutions
Business Need
Virtualization-
Aware Network
Automation
Applications
IT Service
Holistic Solution
Virtualized Shared Resource Pool
Storage
Cisco UCS
Cisco Nexus
IT as a Service Model ….

© 2013 Cisco and/or its affiliates. All rights reserved. 4
PHYSICAL
WORKLOAD
VIRTUAL
WORKLOAD
CLOUD
WORKLOAD
• One app per Server
• Static
• Manual provisioning
• Many apps per Server
• Mobile
• Dynamic provisioning
• Multi-tenant per Server
• Elastic
• Automated Scaling
HYPERVISOR
VDC-1 VDC-2
CONSISTENCY: Policy, Features, Security, Management
Nexus 1000V, VM-FEX
Virtual WAAS, VSG*, ASA 1000V**
UCS for Virtualized Workloads
Nexus 7K/5K/3K/2K
WAAS, ASA, NAM
UCS for Bare Metal
* Virtual only, ** Announced
Cloud Services Router (CSR)ASR
Switching
Routing
Services
Compute

System Center Open Source
vCloud Director/
DynamicOps
Cisco Multi-Hypervisor and Multi-Orchestrator Strategy
Cloud Infrastructure Stacks Supported
Hypervisor
Virtualized
Infrastructure
CIAC
vSphere, Hyper-V,
Xen, KVM
Integrated Stacks
COMPUTE NETWORK STORAGE
UCS Blades
UCS Racks
Nexus 1K
Nexus 2/3/5/6/7K
MDS
Partner Products (EMC,
NetApp)
NSM
Nexus 1KV
vPath
vSphere
NSM
Nexus 1KV
vPath
Hyper-V
NSM
Nexus 1KV
vPath
Open Source
(Xen, KVM)
NSM
Nexus 1KV
vPath
Virtual Network
Infrastructure
Cloud
Management

• IT organizations choose OpenStack to avoid vendor lock-in
• Ideal for Internal Software teams
• Almost all major IT companies participating
• More than 180 companies, 6000 individuals
• Foundational element of a Software Defined Infrastructure
• Extends Software Defined Networks in to the cloud
Open source software that allows anyone to build a public or private cloud
• Cisco is a board member
• Cisco’s Cloud CTO, Lew Tucker is Vice-Chair
SDI

OpenStack Compute (Nova)
Software to provision virtual machines on server hardware
at massive scale
OpenStack Object Storage (Swift)
Software to reliably store billions of objects distributed across
locally attached storage
OpenStack Image Service (Glance)
Services for discovering, registering, and retrieving virtual machine
images

OpenStack Dashboard (Horizon)
A self-service web portal to allow administrators and users to manage OpenStack
resources
OpenStack Identity (Keystone)
Provides “unified authentication” across all OpenStack projects and integrates with 3rd
party authentication systems
OpenStack Network Service (Neutron)
Provides “network connectivity as a service” between devices managed by other
OpenStack services

Innovation in Cloud Computing through OpenStack’s Network
Service and Cisco’s Open Network Environment (SDN)
OpenStack
Compute
(Nova)
OpenStack
Networking
(Neutron)
OpenStack
Storage
(Swift)
a
Controllers
and Agents
Cisco ONE Controller SW
Openflow Agents
Virtual
Overlays
VXLAN Gateway, Openstack,
Service Chaining
CSR 1KV
Platform
APIs
One Platform Kit (onePK)
on ISR G2, ASR 1K
Applications each see
their own logical DC
API-driven
Open Cloud Platform
Programmable
Infrastructure
VM VM
VM
VM VM
VM VM

• Public/private clouds
• Extend cloud model for rapid provisioning of
network services
• Drive innovation through real-world use cases
Cisco Engineering
Customers
Community Participation
• Cisco OpenStack Installer
• Plug-ins for Cisco
networking technology
• Plugins for Cisco Virtual
Networking and Services
• UCS systems
• Cisco Intelligent
Automation/orchestration
• Cross Cisco collaborations
• OpenStack Foundation
Board member
• Neutron Core Community
Member
• Focus on Network
Service, Compute
Service and Dashboard
• HA and automation for
large scale production

Cisco Nexus 1000v Neutron plugin
Neutron Client Port and Policy profile extensions
Horizon support for Cisco N1Kv plugin
N1Kv Cisco Neutron plugin multi segment/trunk support
VXLAN and LISP support to OpenvSwitch Plugin
OpenStack TOR L3 Networking using Cisco Nexus plugin (SVI)
Cisco plugin Provider Network support
Modular layer 2 (ML2) plugin mechanism driver for Nexus
Modular layer 2 (ML2) plugin type driver for VXLAN support
Firewall as a Service (FWaaS) Agent
Layer 3 routing agent for routers
VPNaaS Documentation

• In simple terms, it’s an installer that allows you to quickly set up a manageable
OpenStack cloud.
• Includes not only all OpenStack core components, but also tools to help you manage
and monitor your cloud.
• Capable of handling bring-up all the way from bare metal.
• Simple installation procedure for novices, full Puppet code available for tweaking/addition
by advanced users.
• A solution validated by Cisco testing.

Administrator
Horizon dashboard
Neutron
(network as a service)
Compute-Node
• Nova-compute
• Neutron plugin Agent
Glance
(Image repository for VMs)
Build-node
• Cobbler
• Puppet
• NTP server
• Monitoring server
(Nagios, collectd,
Graphite)
Openstack Cluster
Compute-Node
• Nova-compute
• Neutron Plugin Agent
Controller-Node
• Neutron-server
• Nova-api
• Nova-scheduler
• Keystone
• RobbitMQ
• MySQL

• A delivery vehicle that allows us to provide OpenStack, features & software to customers
and app developers
• A reference platform for how to deploy OpenStack in the real world
• An easy way to get started with OpenStack
• A way for customers to learn from our real-world OpenStack experiences
• A way to get:
• OpenStack installation automated by Puppet
• Monitoring tools to help manage your cloud (Nagios, Collectd, Graphite)
• Configuration management via Puppet
• Neutron-enabled multi-node installation tested on Cisco hardware
• New features before an upstream release

NOT
• An OpenStack “distribution”
• TAC-supported software
• SKU-able, sellable software
• A version of OpenStack that contains Cisco proprietary add-ons
• A direct competitor to Red Hat RDO, Ubuntu, Rackspace Alamo, etc
• What you should install if you’re developing new OpenStack features (use DevStack for
that)

For more Information please visit: http://docwiki.cisco.com/wiki/OpenStack

Clients Neutron Service Backend Networks
Physical and Virtual

• Cisco Nexus plugin amongst the first plugins to be available in OpenStack Networking
• Cisco Nexus Openstack Networking plugin – in Grizzly OpenStack release
• Features:
Orchestration with OpenStack dashboard – Horizon
Works with Nexus 3k/5k/6k/7k
Configures multiple physical Nexus switches
Dynamic VLAN provisioning
Efficient allocation of VLAN resource
VLAN features on Nexus used by plugin (Creation, Deletion Update)
• Datasheet
• Nexus Plugin Installation instructions
• Cisco OpenStack Website

Host Host
Network
Admin
Server
Admin
Host Host
The rest of the network…
vSwitch vSwitch vSwitch vSwitch
VMs on Wrong
VLANs!
No Network Visibility or
Control!
Unchaperoned VM-
to-VM
communication!
No Policy and
VLAN control!
Server Admin
must handle
network
configuration

Host Host
Network
Admin
Server
Admin
Host Host
Distributed Switch managed by
Network Admin
Server Admin
freed from
networking
configuration
Clear Configuration
Boundaries
Transparent Monitoring
Boundaries

1. When VMs move across
physical ports—the network
policy must follow them
(across racks, PODS, DCs)
2. Must view or apply
network/security policy to
locally switched traffic
3. Need to maintain segregation
of duties while ensuring
non-disruptive operations
Port
Group
Server Admin
Network Admin
Security
Admin

Modular Switch
…
Linecard-N
Supervisor-1
Supervisor-2
Linecard-1
Linecard-2
BackPlane
Server 1 Server 2 Server 3
Comparison to a Physical Switch
Network
Admin
Server
Admin

Modular Switch
…
Linecard-N
Supervisor-1
Supervisor-2
Linecard-1
Linecard-2
BackPlane
Moving to a Virtual Environment
Network
Admin
Server
Admin
Hypervisor Hypervisor Hypervisor

Modular Switch
…
Linecard-N
Supervisor-1
Supervisor-2
Linecard-1
Linecard-2
BackPlane
Supervisors Virtual Supervisor Modules (VSMs)
VSM1
VSM2
Virtual Appliance
VSM: Virtual Supervisor Module
Network
Admin
Server
Admin

Modular Switch
…
Linecard-N
Supervisor-1
Supervisor-2
Linecard-1
Linecard-2
BackPlane
Linecards Virtual Ethernet Modules (VEMs)
VEM-NVEM-1 VEM-2
VEM: Virtual Ethernet Module
VSM1
VSM2
Virtual Appliance
Network
Admin
Server
Admin

VSM + VEMs = Nexus 1000 Virtual Chassis
VEM-NVEM-1 VEM-2
VEM: Virtual Ethernet Module
vEth: Virtual Ethernet port
• 300+ vEth ports per VEM
• 6K vEths per N1K domain
• 128 VEMs per N1K domain
(connected by L2 or L3)
L2Mode
L3Mode
VSM1
VSM2
Virtual Appliance

WAN
Router
Servers
Tenant A
ASA 1000V
Cloud
Firewall
Nexus 1000VPhysical Infrastructure
Virtualized/Cloud
Data Center
vWAAS
Cisco Virtual
Security
Gateway
Switches
Cloud Network Services
Citrix
NetScaler
VPX
Imperva
SecureSphere
WAF
Cloud
Services
Router 1000V
Zone A
Zone B
vPath VXLAN
Multi-Hypervisor (VMware, Microsoft, RedHat*, Citrix*)
Nexus 1000V
(Dist. Virtual Switch)
• Distributed switch
• NX-OS consistency
VSG
(Zone-based FW)
• VM-level controls
• Zone-based FW
ASA 1000V
(Cloud FW)
• Edge firewall, VPN
• Protocol Inspection
vWAAS
(WAN Optimization)
• WAN optimization
• Application traffic
8500+ Customers Available Now Available Now Available Now
CSR 1000V
(Cloud Router)
• WAN L3 gateway
• Routing and VPN
Available Now
Ecosystem
Services
• Citrix NetScaler VPX
virtual ADC
• Imperva Web App. FW
Available 2H 2013
vNAM
(Network Analytics)
• App Visibility (L2-L7)
• Overlay Intelligence
(OTV, VXLAN, FP**)
PoC: 1H 2013
Network
Analysis
Module
(vNAM)

• Dedicated NX-OS appliance for hosting virtual services
Two form factors: 1110-S, 1110-X
Up to 10 virtual services can be hosted
• Simplifies lifecycle management of virtual services
Network/security team can deploy, upgrade, manage
• Virtual services currently supported
Nexus 1000V virtual supervisor modules (VSMs), Network Analysis Module (NAM)
Virtual Security Gateway (VSG), Data Center Network Manager (DCNM)
Nexus 1110: UCS C220/M3 Physical Appliance:
• CPU: 2 * Intel Sandy Bridge, 16 cores total
• RAM: 32 or 64 GB
• HDD: 2 or 4 TB
• Network I/O: 6 x 1 GbE or
6 x 1 GbE + 2 x 10 GbE
VSM
VSM
VSM
VSG NAM
DCNM
Nexus 1100 Series Announcement: Sept 13th, 2012 (FAQ, Blog, Nexus 1010 EoL notice)
Availability: Later in Nov
(Due to component lead issues)

• VEM on KVM Hypervisor
• VSM can run as VM on KVM or on N1110.
• Leverages OVS (open vSwitch) for flow-based traffic switching
• Openstack for creating, managing Virtual Machines
• Puppet for installing VEMs
• VXLAN-VLAN Gateway : to bridge traditional networks to virtual networks

Quantum VM-Network (PortID)
OpenStack Neutron
Admin
Port is created in VSM
VLAN 1-4095
VLAN 100
VLAN 100 Policy
Profile
(VSM)
Project/Tenant A
Compute Node + VEM
Nexus 1000V – VSM
VM-Network
192.168.10.0/24 for
VLAN 100
Create Network Profile Type
VXLAN | VLAN
(Pool created and
assigned to tenant)
Create Network
(Tenant Self Create)
Create Subnet
(Assign IP Pool)
Create Port using network and
policy
(Created when VM
is instantiated)

• Allows YOU to define the “to-be” server, NOT settle for the “as is” server
• Configure once then reuse
• Templates as Best practices
• Created through Cisco UCS Manager
NIC MACs
HBA WWNs
Server UUID
VLAN Assignments
VLAN Tagging
FC Fabrics Assignments
FC Boot Parameters
Number of vNICs
Boot order
PXE settings
IPMI Settings
Number of vHBAs
QoS
Call Home
Template Association
Org & Sub Org Assoc.
Server Pool Association
Statistic Thresholds
BIOS scrub actions
Disk scrub actions
BIOS firmware
Adapter firmware
BMC firmware
RAID settings
Advanced NIC settings
Serial over LAN settings
BIOS Settings
More….
SERVICE PROFILE
LAN
SAN

C-Series Rack Optimized
Servers
B-Series Blade Servers
Service Profile: HR_App1
VNIC1
MAC: 08:00:69:02:01:2E
HR_WEB_VLAN (ID=50)
VNIC2
MAC: 08:00:69:02:01:2F
HR_DB_VLAN (ID=210)
HBA 1 and 2
WWN: 5080020000075740
WWN: 5080020000075741
VSAN ID: 12
Boot Order: SAN
BIOS Settings:
Turbo On
HyperThreading On
UCS Service Profile
Unified Device Management
Network Policy
Storage Policy
Server Policy
UCS Manager
Policy Driven Compute Provisioning + Open XML API

Chassis/Server Discovery
Service Profile Association
PXE boot devices deployed
Cobbler database update
Register NodesProvision UCS Servers
Updates the newly added node
info in puppet
Puppet apply
Add hosts/system in OpenStack
Event Listener
PXE boot for initial OS install
RHEL 6.4 installation on bare-metal
servers
Sync all the plugins from Puppet
Master
Host OS Install
Inventory of nova nodes on
controller
VM Provisioning
OpenStack Services Deployment
OpenStack Handover
Hostname / IP address
Logical credentials
Resource allocation preferences
Only Point of User Touch
Pre-configure UCS

4. PXE Boot
5. Puppet sync
1. Read conf file
2. Apply policies
3. Update Puppet/Cobbler DB
Build Node
Control
Node
Compute Nodes (nova-
compute, libvirtd)
(glance, scheduler,
API-deamons)

Policy Driven, Automated bare metal bring up of OpenStack setup
Seamless integration with existing UCSM tools
Scripted configuration of OpenStack components using UCSM Python SDK
Puppet, Cobbler driven configuration of OpenStack services
Easy deployment of multi-node OpenStack systems across UCS chassis
Dynamic provisioning of compute nodes via UCSM based Event Listener
Physical and Virtual Network Services with Nexus
More information at www.cisco.com/go/OpenStack

5 cisco open_stack

More Related Content

What's hot

Similar to 5 cisco open_stack

More from openstackindia

Recently uploaded

5 cisco open_stack