The Changing Data Center Landscape

The Changing Data Centre
Landscape
Patrick LeMaistre, CCIE
Consulting Systems Engineer
plemaist@cisco.com

Cisco Confidential 3© 2014 Cisco and/or its affiliates. All rights reserved.
New Cloud Principals Here to Stay
Agility Scale
SecurityWorkload Mobility

Business and IT Undergoing Significant Change
Security And
Compliance
CLOUDDEVOPS
Integration
MobilityBig Data And
Analytics
Shifting to an ITaaS Model
CloudDEVOPS
Big Data and
Analytics
Security and
Compliance
Mobility

Connectivity Virtualization Simplification Agility Federation
Big Data IoT Applications
Web 2.0 Applications
Mobile—Cloud Applications
Mission Critical Applications
Application Demands Are Driving Data Center Architectures
TIERED
NETWORKS
FABRIC
ARCHITECTURES
APP-CENTRIC
INFRASTRUCTURE
FEDERATED
CLOUDS
FABRIC
AUTOMATION

The Promise of SDN
Logical Network/Overlay Protocol
Physical Network
10001101000110101
Control & Data Plane
Decoupled
Network
Virtualization
Direct
Programmability
Centralized Management
Simplification
Agility Programmatically Configured
Dynamically
Automated

VIRTUAL
PHYSICAL CLOUD
Rapid deployment of applications onto networks with scale, security and full visibility
Applications—Physical, Virtual and Cloud
Physical
Networking
Hypervisors and
Virtual Networking Compute L4-L7 Services
Multi-DC WAN
and CloudStorage

Typical Three Tier Application
Web Tier
ADC
App Tier Database Tier
• Network Connectivity
• Security Policies
• Quality of Service
• Layer 4 – 7 Application Services
• Storage Policies
• Compute Policies
• Hypervisor Policies
Firewall Firewall
Firewall
ADC

Policy-Based Data Center
IP Fabric
Web Tier
App Tier
DB Tier
• Controller with end-to-end
application awareness
• IP fabric connecting all physical
and virtual workloads and
services
• Application Network Profile
(ANP) pushed to all components
Controller
Profile

Application Centric
Infrastructure (ACI)

Application Centric Infrastructure Components
IP Fabric
Policy Management
Controller
APIC
Application
Network Profiles
End Points
Physical &
Virtual
Physical
Networking
Nexus 2K
Nexus 7K
Hypervisors and
Virtual Networking
Compute L4–L7
Services
Storage Multi DC
WAN and Cloud
Integrated
WAN Edge

Subject Matter
Experts Define
Policies
1
Application Network Profiles
Transformation to Stateless Networking
Network
SME
Security
SME
Application
SME
APIC
2
Policies Used To
Create Application
Network Profile
Templates
3
Automated policy
configuration across the
infrastructure
Life cycle management
for day 1, day 2
operations
4
Physical
Networking
Compute L4–L7
Services
StorageHypervisors
and Virtual
Networking
Multi DC
WAN and
Cloud
Nexus 2K
Nexus 7K
Integrated
WAN Edge

Application Network Profiles
Deeper Look
Stateless definition of application needs
̶ Contained within a multi-tenant model
̶ Application tiering
̶ Connectivity policies
̶ Layer 4 – 7 services
̶ XML/JSON schema
Fully abstracted
̶ Removes dependencies of the infrastructure
̶ Portable across different data center fabrics
## Network Profile: Defines Application Level Metadata
(Pseudo Code Example)
<Network-Profile = Production_Web>
<App-Tier = Web>
<Connected-To = Application_Client>
<Connection-Policy = Secure_Firewall_External>
<Connected-To = Application_Tier>
<Connection-Policy = Secure_Firewall_Internal &
High_Priority>
. . .
<App-Tier = DataBase>
<Connected-To = Storage>
<Connection-Policy = NFS_TCP &
High_BW_Low_Latency> . . .
Application Connectivity Requirements

Application Policy Infrastructure Controller
Centralized Automation and Fabric Management
Layer 4..7 System
Management
Storage
Management
Orchestration
Management
Storage SME Server SME Network SME
Security SME App. SME OS SME
Open RESTful API
Policy-Based
Provisioning
APIC
 Declarative data model based
 Application monitoring, & troubleshooting
 3rd party services integration
 Image management (spine / leaf)
 Fabric inventory
 Single cluster supports 1M+ end points,
200K+ ports, 64K+ tenants
 Centralized access to ALL fabric
information - GUI, CLI and RESTful API’s
 Extensible to compute and storage
management

ACI Lead Networking Platform
1011
0010
Industry Leading Price/Performance, Port Density:
Fastest 10G/40G /100G Platform with Merchant+
Programmability/ Open APIs: Linux Containers,
Python, Power Shell, Puppet, Chef…
Ideal for DevOps!!
15% Better Power & Cooling–2.8X Better Reliability
Innovation Object Model, No Backplane,
No Midplane, Health scores
$ Multi-million Savings 40/100G on Existing
Cables using BiDi Optics. Non disruptive
migration to 40G
Nexus 9000
1/10/40/100G

MORE APPS
IMPROVE
PERFORMANCE
OPTIMIZE
UTILIZATION
Improve Application Performance
with ASIC Innovation
SCALE CAPACITY
WITH FLOWLET
SWITCHING
QUALITY OF SERVICE VIA
DYNAMIC LOAD BALACING
LOWER COST AND
NO OVERBUILD WITH
CONGESTION MANAGEMENT
4x..16x
Increase Flow Bandwidth
80%
Improved Application Flow Completion
60%
Increase Fabric Utilization
60%
90%

Centralized
Compliance and
Auditing
Import / Export Policy via API
(Support for External Policy Engines)
Engineering LegalSales HR Finance Marketing
ACI Benefit: Secure Multi-tenancy at Scale
Complete Isolation with
Full Scalability and
Security
Policy Separated from
Network Forwarding
Policy
Engine
Enabling a Dynamic Enterprise without Compromise
Encrypted Controller
Communication
AdvancedRoleBased
AccessControl
APIC

ACI Benefit: Deep Telemetry — Application and Tenant
APIC
APP
TENANT
Tenant
Tenant 1 Tenant 2
Tenant 3 Tenant 4

OPERATIONAL MODELS
RESTful APIs, Python etc.
OpFlex
1. Scripting/Languages
2. IT Automation
3. OpenSource
4. Integrated ACI Approach
(GUI/CLI)
RICH ECOSYSTEM
Hypervisors
L4-L7 Services
Management
Security
Storage
CLOUD
SECURITYNETWORK
APPLICATION
Automate
ACI Benefit: Delivering on Operational Choice
Operational Choice—Service Provider, Enterprise, Commercial

UCS Director: Unified Infrastructure Management
UCS Director Application Catalog includes compute, network and storage requirements
UCS Manager/Central
APIC
Single tool to provision and manage existing Nexus fabric & ACI fabric
Automated provisioning of Network, Compute, Storage, L4-7 Services, Virtualization
Support for FlexPod, Vblock, VSPEX
NETWORK STORAGE
Web Tier App Tier DB Tier
Storage Storage
COMPUTE
APP DBWEB

Multi-Vendor Hypervisor Support
Network
Admin
Application
Admin
Bare Metal
Server
VLAN
VXLAN
VLAN
NVGRE
VLAN
VXLAN
VLAN
Hypervisor
Management
ACI Fabric
KVM

Policy Coordination with Hypervisor Management
 Network policy coordination
 Automatic virtual end point
detection and policy
placement
 Policies consistently
implemented in virtual and
physical
 Network policy stays sticky
with VM
Hypervisor
Management
Controller
Web App DB
Application Profile
NetworkPolicy
Coordination
PortGroups VM networks
VM
Attach/ Detach
notification
VMmobility
notification

Layer 4 - 7 Service Integration
Centralized, Automated, and Supports Existing Model
• Administrative separation
• Dynamic service insertion
• Fully Automated
• Integrates with existing services
• Endpoint location independence and
mobility
Chain: “Security 5”
Application
Admin
Service
Admin
Service
Graph
begin endStage 1 ….. Stage N
Providers
inst
inst
…
Firewall
inst
inst
…
Load Balancer
……..
ServiceProfile
“Security 5”
ADC
Web Tier
App Tier

ACI Fabric
Based on a Simpler Network
Spine switches
Leaf switches
Fabric is a multistage switching fabric with zero touch startup

ACI Fabric – Mobility
Decoupled Identity, Location & Policy
VTEPVTEPVTEP VTEP VTEP VTEP
 Decouples tenant end-point address (MAC or IP) from location
 Forwarding within Fabric is between VXLAN Tunnel Endpoints (VTEPs)
 Mapping of tenant end-point address to location performed by VTEP (distributed
mapping database)
PayloadIPVXLANVTEP

ACI Fabric – Flexibility
Encapsulation Normalization
Forwarding is ‘not’ limited to nor constrained by the encapsulation type or
encapsulation specific ‘overlay’ network
802.1Q
VLAN 10
VXLAN
VNID = 5789
VXLAN
VNID = 11348
NVGRE
VSID = 7456
Any to Any
802.1Q
VLAN 50
Normalized
Encapsulation
Localized
Encapsulation

ACI Fabric – All Routed
Host Routing at Layer 2 and Layer 3
IP Forwarding
Forwarded using dest IP
address, HW learning of IP
address
10.1.3.11 10.6.3.210.1.3.35 10.6.3.17
MAC Forwarding
Forwarded using DMAC
address, HW learning of
MAC address

ACI Fabric – Load Balancing
Flowlet Switching
H1 H2
TCP flow
• State-of-the-art ECMP hashes
flows (5-tuples)
• Flowlet switching routes bursts
from same flow independently
• No packet re-ordering
Gap ≥ |d1 – d2|
d1 d2

ACI Fabric – QOS
Dynamic Flow Prioritization
Real traffic is a mix of large (elephant) and small (mice) flows.
F1
F2
F3
Standard (single priority):
Large flows severely impact
performance (latency & loss).
for small flows
High
Priority
Dynamic Flow Prioritization:
Fabric automatically gives a
higher priority to small flows.
Standard
Priority
Key Idea:
Fabric detects initial few
flowlets of each flow and
assigns them to a high
priority class.

ACI Key Takeaways
Application-focused Architecture
• End-to-end application requirements
• Network, Compute, Storage, Security, L4-L7 Services
• Any workload, anywhere, full mobility
• Ubiquitous connectivity
• Non-blocking penalty free Overlay
• Decoupled Identity, Location and Policy
• Rapid flexible provisioning without overhead
• Hardware acceleration and feature enablement
• Open Programmable API and Data model
• System, Hypervisor Management, Automation Tools
and Orchestration Framework
Consistency for Virtual, Physical and
Cloud resource integration
Efficient High-Performance Scalable
Fabric
Software flexibility with Hardware
Performance
Open Ecosystem Framework

The Changing Data Center Landscape

The Changing Data Center Landscape

More Related Content

What's hot

Viewers also liked

Similar to The Changing Data Center Landscape

More from Cisco Canada

Recently uploaded

The Changing Data Center Landscape