Successfully reported this slideshow.
We use your LinkedIn profile and activity data to personalize ads and to show you more relevant ads. You can change your ad preferences anytime.

CisCon 2018 - SDN, complessità e TCO: non c’è un modo più semplice?

29 views

Published on

Relatore: Andrea Dainese, Network & Security Architect, speaker, advisor, Cisco CCIE #38620
E’ un dato di fatto che oggi le infrastrutture stanno diventando sempre più complesse e difficili da mantenere. Ed è ancora più difficile e costoso trovare risorse in grado di operare e far evolvere correttamente reti e datacenter.
Vedremo assieme come e perchè siamo arrivati a dover introdurre tecnologie complesse, quali scelte abbiamo per approcciare consapevolemtne il problema e come sta evolvendo la professione del networker, in senso lato.
Concluderemo con una panoramica sulle soluzioni disponibili nel mercato, focalizzandoci sulle peculiarità di Cisco ACI, in modo da poterla valutare e paragonare correttamente.

Published in: Technology
  • Be the first to comment

CisCon 2018 - SDN, complessità e TCO: non c’è un modo più semplice?

  1. 1. SDN, complexity and TCO: looking for an easy way 07.11.2018 | Milano, Andrea Dainese
  2. 2. @adainese andrea.dainese@gmail.com www.linkedin.com/in/adainese ANDREA DAINESE - SENIOR SYSTEMS ENGINEERABOUT ■ Network and Security Architect (15+ years’ exp.) ■ Security Evangelist (Blue Team) ■ Automation Addicted/Developer (UNetLab) ■ Cisco CCIE #38620/VMware VCP/Red Hat RHCE
  3. 3. COMPLEXITY
  4. 4. Legacy Data Center (Yesterday)COMPLEXITY
  5. 5. New Generation Data CenterCOMPLEXITY
  6. 6. New Generation Data Center (Underlay)COMPLEXITY
  7. 7. New Generation Data Center (Overlay)COMPLEXITY
  8. 8. HOW DO WE GET TO THIS?
  9. 9. ■ Designed “to work” not “to scale” ■ Low Latency between components ■ Installed on (hopefully) lossless network ■ L2 adjacency for clustered components ■ Sometimes relies on single components Characteristics of Legacy ApplicationsCOMPLEXITY
  10. 10. ■ Security: ● Intra application (secure the application itself) ● Inter applications (avoid lateral movement) ■ Scalability ■ High Availability: ● Local ● Geographic ■ Disaster Recovery Today’s RequirementsCOMPLEXITY
  11. 11. Application’s Constraints ■ Source code not available ■ Documentation not available ■ Original developers not available ■ Based on legacy and non-upgradeable frameworks False Application’s Constraints ■ Too complex to change ■ Too expensive to change COMPLEXITY
  12. 12. ■ Security: ● Intra application ➤ Web Application Firewall ● Inter applications ➤ Microsegmentation ■ Scalability ➤ Load Balancers* ■ High Availability: ● Local ➤ Hypervisor HA and VMware FT ● Geographic ➤ GSLB* ■ Disaster Recovery ➤ Replicators with orchestrator * Sometimes application cannot support load balancers Remapping Today’s RequirementsCOMPLEXITY
  13. 13. WE’RE SOLVING APPLICATION LIMITS IN OTHER LAYERS
  14. 14. “(6) It is easier to move a problem around (for example, by moving the problem to a different part of the overall network architecture) than it is to solve it. (6a) (corollary). It is always possible to add another level of indirection.” Complexity is like entropy: moving a problem around, increase overall complexity. The Twelve Networking Truths (RFC1925)COMPLEXITY
  15. 15. WE’RE INCREASING OVERALL COMPLEXITY AND COST
  16. 16. A. Design scalable applications B. L2 Extensions C. Stretched Data Centers Proposed SolutionsCOMPLEXITY
  17. 17. CISCO ACI
  18. 18. ■ A scalable IP fabric ■ A huge firewall ■ A multi tenant platform ■ An automatable network infrastructure ■ A stretchable data center ■ A data center ecosystem ■ A single management point for the data center ■ A SDN solution ■ ... What is Cisco ACI?CISCOACI
  19. 19. ■ up to 200 leaf switches ■ up to 24 spine switches (max 6 per POD) ■ up to 3000 tenants ■ up to 3000 VRFs ■ up to 15000 BDs ■ up to 10ms RTT for stretched fabric ■ up to 50ms RTT for multi-POD ■ up to 300ms RTT for remote leaf ■ up to 1s RTT for multi-site LimitsCISCOACI
  20. 20. Topologies: FabricCISCOACI
  21. 21. Topologies: Stretched FabricCISCOACI
  22. 22. Topologies: Remote LeafCISCOACI
  23. 23. Topologies: Multi PODCISCOACI
  24. 24. Topologies: Multi SiteCISCOACI
  25. 25. NETWORKERS TODAY
  26. 26. Scalability VS ComplexityCISCOACI
  27. 27. Piano di razionalizzazione delle risorse ICT (AGID) ■ SPC Cloud ■ Poli strategici nazionali ■ Infrastrutture Gruppo A ➤ “non potranno essere effettuati investimenti” ■ Infrastrutture Gruppo B ➤ “dovranno essere rapidamente consolidate” https://pianotriennale-ict.readthedocs.io/it/latest/doc/0 3_infrastrutture-fisiche.html Less but more complex Data CentersNETWORKERS
  28. 28. ■ Strong understanding of Linux/UNIX systems ■ Practical knowledge of shell scripting and programming. ■ Deep experience with configuration management systems. ■ Experience building and managing containerized applications. ■ Familiarity with automating distributed infrastructure and cloud services. Required Skills Today (real example)NETWORKER
  29. 29. QUESTIONS?
  30. 30. THANK YOU

×