Upload
voanh
View
259
Download
6
Embed Size (px)
Citation preview
Cisco Confidential © 2013 Cisco and/or its affiliates. All rights reserved. 1
Application Centric Infrastructure 许玉善
思科合作伙伴事业部工程师
CCIE Data Center / Service Provider / Security / R&S
© 2013 Cisco and/or its affiliates. All rights reserved. Cisco Confidential 2
Insieme Networks Introduction
ACI Overview
Nexus 9000 Switch Standalone Introduction
© 2013 Cisco and/or its affiliates. All rights reserved. Cisco Confidential 3
Training and Enablement throughout Q2
October 9 Internal Launch
October 9-
October 29: Internal Launch recording available via Show and Share
October 29: Presentation & Sales Materials available on CEC
November 6 External Launch in New York & Virtual
November 7 Partner Launch
Updated Date from IPTV Broadcast
© 2013 Cisco and/or its affiliates. All rights reserved. Cisco Confidential 4
Cisco Product Company Acquire Time Price
Catalyst 5000/6500 Crescend
o
1993 94M
MDS 9000 Andiamo 2003 750M
UCS/N5K2K(SAVBU
)
Nuova 2009 658M
ACI&Nexus 9000 Insieme 2013/10 1B
© 2013 Cisco and/or its affiliates. All rights reserved. Cisco Confidential 5
Insieme Networks Introduction
ACI Overview
Nexus 9000 Switch Standalone Introduction
© 2013 Cisco and/or its affiliates. All rights reserved. Cisco Confidential 6
Web Economy
On-Prem IT Services
IT as a Service
Development vs. Operations
Box-Centric
App Economy
Cloud Services
Applications as a Service
DevOps
App/Service Centric
Any application any where Velocity and Visibility
Virtual, Physical, Cloud Common Policy
Scale with Security
Open, Automation
Systems Approach
© 2013 Cisco and/or its affiliates. All rights reserved. Cisco Confidential 7
Network Virtualization
Control Plane
Data Plane
Programmability
© 2013 Cisco and/or its affiliates. All rights reserved. Cisco Confidential 8
Designed from Its Foundation to Be Application-Centric
Application / Workload Orchestration and Scheduler
Unified Information Model and API
Policy Controller Compute Policy Controller Storage Policy Controller Network Fabric
Endpoint Group
(EPG)
Endpoint Group (EPG)
Application Graph
(EP, EPG, graph
edges)
Application Profile Compute Service Profile Network Profile Storage Service Profile = + +
© 2013 Cisco and/or its affiliates. All rights reserved. Cisco Confidential 9
• Applications fully use clustered and
replicated controller (N+1, N+2, etc.)
• Any node is able to service any user for any
operation
• Seamless APIC node adds and deletes
• Fully automated APIC software cluster
upgrade with redundancy during upgrade
• Cluster size driven by transaction rate
requirements
• APIC is not in the data path
Single Point of Management Without a Single Point of Failure
See What’s Inside
APIC Cluster Distributed, Synchronized, Replicated
APIC
© 2013 Cisco and/or its affiliates. All rights reserved. Cisco Confidential 10
universe
Port Stats Fabric1
Sw itch1 Sw itch2 Sw itch3
LC2 LC1
Port1 PortN-1 PortN
Infrastructure Tenant Network Profiles, EPGs, and EPs
Netw ork Profile Peps i
Endpoint
Group Pepsi-DB
Netw ork Profile Coke
Shared Policies
QoS Policy
Access Policy
Network
Pepsi-Net
L3 Network
PepsiL3Net L2 Network
PepsiL2Net
Named ref: QoS Policy
Endpoints
User: admin
Domain: all
Role: infra-admin
User: pepsi_admin
Domain: pepsi
Role: admin
User: pepsi_operations
Domain: pepsi
Roles: ep-stats, ep-events
© 2013 Cisco and/or its affiliates. All rights reserved. Cisco Confidential 11
Object-Oriented
Centralized Automation
RESTful XML / JSON
Open Ecosystem
Framework
Comprehensive
Programmability and
System Access
Northbound API
• Rapid integration with existing
management frameworks
• OpenStack
• Tenant- and application-aware
Southbound API
• Publish data model
• Open source
• Enables application portability
*Only straight chains supported at FCS
System
Management
Hypervisor
Management
Automation
Tools
Orchestration
Frameworks
© 2013 Cisco and/or its affiliates. All rights reserved. Cisco Confidential 12
Actions:
No new hosts or VMs
Evacuate hypervisors
Re-balance clusters
PetStore Event
PetStore Dev • Leaf 1 and 2
• Spine 1 – 3
• Atomic counters
PetStore Prod • Leaf 2 and 3
• Spine 1 – 2
• Atomic counters
PetStore QA • Leaf 3 and 4
• Spine 2 – 3
• Atomic counters
VXLAN
Per-Hop Visibility
Physical and
Virtual as One
ACI Fabric provides the next generation
of analytic capabilities
Per application, tenants, and
infrastructure:
• Health scores
• Latency
• Atomic counters
• Resource consumption
Integrate with workload placement or
migration
Triggered Events
or Queries
APIC
© 2013 Cisco and/or its affiliates. All rights reserved. Cisco Confidential 13
ap
plic
ation
More than just a VM
Interconnected components
VM
VM
…
web
VM
VM
…
app
VM
VM
…
db
internet
External Private
Network
How do we define the network for the
application?
?
© 2013 Cisco and/or its affiliates. All rights reserved. Cisco Confidential 14
VM
VM
…
VM
VM
…
VM
VM
…
web app db
ap
plic
atio
n
The Outside
a collection of end-points
connecting to
the network… VMs, physical
compute, …
Component
Tier
End Point Group Or VMware Port Group
a set of network requirements specifying how application components communicate with each other
Contract Access Control QoS Network Services
rules of how application communicates to the external private or public networks
Network Profile application-centric network policy
network Virtual Patch Panel
© 2013 Cisco and/or its affiliates. All rights reserved. Cisco Confidential 15
• ACI提供了一种崭新的操作模式,利用应用的语言部署网络的架构。 • ACI模型使得在网络环境中部署应用系统具备更大的灵活性和可扩展性。
• ACI模型通过用基于应用模型的逻辑化配置文件部署网络的架构及访问策略。
• ACI的多租户模式满足中小企业直至大型云业务供应商的部署需求。 • 通过使用Context(VRF)概念支持在一个Tenant中的多个私有网络及IP地址重叠。
• 应用配置文件中定义多个EGP最小程序层级,然后定义Contract来控制不同业务层级直接的访问策略和L4-L7层服务。
© 2013 Cisco and/or its affiliates. All rights reserved. Cisco Confidential 16
Q3CY13
Aug
Q4CY13
Dec
Q2CY14
Apr-Jun FUTURE
N7K / N6K
N5K / N3K
N2K
Commit to BOTH
Operational
Model Change &
HW replacement
DFA-A
FabricPath
Deployed ?
N7K / N6K
N5K / N2K
Nexus 9000
NO
YES
• Based on FabricPath encap.
• Requires Operational Model change (Enhanced Forwarding)
• Workload & Network Automation
• iNX-OS & iFC • New / Greenfield DCs / PODs
• New Operational Model • VXLAN encap
• Services Insertion / WAN
• Extension to Compute &
Storage
• Expanding Open Source
and Ecosystem
• Federated Policy
N7K: Gibraltar 7.0
release (Q2CY14)
N6K: Iluka
6.0(2)N3(1) release
(Q1CY14)
Q1CY14
Mar
DFA-B
• Adds support to
IP encapsulation
• VXLAN encap.
• DCI
• Serv ice Orchestration
“Vinci Lite” (CPoM, PoAP,
XMPP, etc.)
(but still targeting DC Fabric)
OR
ACI Only
© 2013 Cisco and/or its affiliates. All rights reserved. Cisco Confidential 17
Insieme Networks Introduction
ACI Overview
Nexus 9000 Switch Standalone Introduction
© 2013 Cisco and/or its affiliates. All rights reserved. Cisco Confidential 18
NEXUS 9500
PRICE POWER EFFICIENCY PROGRAMMABILITY PORT DENSITY PERFORMANCE
PRICE COST STRUCTURE
for 1G to 1/10GT and 10G to 40G migration 50% less ASICS
PERFORMANCE INDUSTRY LEADING PRICE /
LINE CARD BANDWITH 1.92 Tbps per slot 100G ready
PORT DENSITY 20% HIGHER Non-blocking Density
PROGRAMMABILITY JSON/XML API
Linux Container for customer apps
POWER EFFICIENCY STATE OF THE ART
BACKPLANE FREE DESIGN 15% greater power and cooling efficiency
MERCHANT+ ASIC APPROACH Innovation in Cisco ASICs
© 2013 Cisco and/or its affiliates. All rights reserved. Cisco Confidential 19
APPLICATION CENTRIC INFRASTRUCTURE
APIC
Q2 2014
NX-OS
Q4 2013
Existing Network Model
PROGRAMABILITY—40 GigE—PRICE/PERFORMANCE
© 2013 Cisco and/or its affiliates. All rights reserved. Cisco Confidential 20
• NXOS, Upgradable to iNXOS and ACI
* 80 Plus Platinum is equivalent to Climate Saver/ Green Grid
Platinum rating
• 3, 6 Fabric Card + Common Equipment Bundles
• 4, 8, 16 Slot chassis
• Redundant Power Supplies and Dual Sups
• 36 port 40G QSFP+ (16 slot future)
• Future: 48 40G QSFP+
• 48 SFP+ + 4 QSFP+
• 48 1/10GT + 4 QSFP+
• NXOS Only
• 36 port 40G QSFP+ (24 line rate)
• 8/12 port 40G QSFP+ GEM
• 36 port 40G QSFP+
Application Centric Infrastructure (ACI) Standalone
T2
Alpine
North Star
© 2013 Cisco and/or its affiliates. All rights reserved. Cisco Confidential 21
All common components are the same across Access, Aggregation and Spine
8-slot Modular Chassis
Designed for Power & Cooling Efficiency Designed for Reliability Designed for Future Scale
8 Line Card Slots
Max 3.84 Tbps/Slot duplex
Redundant
Supervisor Engines
3 or 6 Fabric Modules
(behind fan trays)
3 Fan Trays
Redundant System
Controller Cards
No Mid-plane for
LC to FM connectivity
3000W AC Pow er Supplies
2+0, 2+1, 2+2 Redundancy
Support up to 8 Pow er supports
Nexus 9508 Front View Nexus 9508 Rear View
© 2013 Cisco and/or its affiliates. All rights reserved. Cisco Confidential 22
Overview
• High Port Density
288x 40Gbps/Nexus 9508 or 576x 40Gbps/ Nexus 9516
1152x 10Gbps/Nexus 9508 or 2304x 10Gbps/ Nexus 9516
• L2 & L3 Line-Rate Performance on All Ports & All Packet Sizes
• Low Latency
Up to 3.5 usec on the 36x 40GE QSFP line card (N9K-X9636PQ)
• Power Efficiency
Platinum rated power supplies, 90-94% power efficiency across all workloads
3.5W/ 10Gbps Port
14W/ 40Gbps Port
1st modular chassis without a mid-plane
Unobstructed front-back airflow
VxLAN Bridging/Gateway/Routing*
Highly integrated switch and buffer functionality
Only 2 to 4 ASICs per line card
No buffer bloat
Mix of 28nm Cisco and 40nm Broadcom ASICs
© 2013 Cisco and/or its affiliates. All rights reserved. Cisco Confidential 23
商业芯片的好处: 性价比好、缩短开发周期 专用芯片的好处: 功能、性能强大、Fix Bug速度快、稳定
© 2013 Cisco and/or its affiliates. All rights reserved. Cisco Confidential 24
Uplink Module Nexus 9396PQ
• 48 port 10G SFP+ & 12 port 40G QSFP+
• 2 RU
• FAN1
• 100-240V (650W AC)
Nexus 93128TX
• 96 port 1/10G-T & 8 port 40G QSFP+
• 3 RU
• FAN2
• 100-120V (800W AC), 200-240V (1200W AC)
Nexus 9300 - Common
• Redundant FAN (3) and Power Supply (2)
• Front-to-back and Back-to-Front airflow
• Dual or Quad Core CPU with default 64GB SDD
• 12 port 40G QSFP+
• Additional 40MB buffer • Full VXLAN Bridging & Routing Capability
© 2013 Cisco and/or its affiliates. All rights reserved. Cisco Confidential 25
• 2RU height
• 48 1G SFP/10Gbps SFP+ ports
• 12 40Gbps-QSFP ports (on GEM module)
• 1 100/1000baseT management port
• 1 RS232 console port
• 2 USB 2.0 ports
• Front to back and back to front airflow options
• 1+1 redundant power supply options.
• 2+1 redundant fans
• No-blocking architecture with line-rate performance on all ports for all packet sizes
Nexus 9396PX
Console
Management Port
USB Ports
48 1Gbps SFP/ 10Gbps SFP+ ports
GEM Module w ith 12 40Gbps QSFP+ ports
Pow er supply Pow er supply (2+1) Fan Trays
© 2013 Cisco and/or its affiliates. All rights reserved. Cisco Confidential 26
Nexus 93128TX
Pow er supply Pow er supply (2+1) Fan Trays
Console
Management Port
USB Ports 96 1GBaseT/ 10GBaseT ports
GEM Module w ith 12 40Gbps QSFP+ ports (8 active
uplinks)
• 3RU height
• 96 1/10GbpsBastT ports
• 8 40Gbps-QSFP ports (on GEM module)
• 1 100/1000baseT management port
• 1 RS232 console port
• 2 USB 2.0 ports
• Front to back and back to front airflow options
• 1+1 redundant power supply options.
• 2+1 redundant fans
© 2013 Cisco and/or its affiliates. All rights reserved. Cisco Confidential 27
Problem
• 40G Optics are significant portion of CAPEX • 40G Optics require new cabling
Solution
• Re-use existing 10G MMF cabling infrastructure • Re-use patch cables (same LC connector)
Cisco 40G SR-BiDi QSFP
• QSFP pluggable, MSA compliant • Dual LC Connector
• Support for 100m on OM3 and 125m+ on OM4 • TX/RX on 2 wavelength @ 20G each
Available end of CY13 and supported across all Cisco QSFP ports
© 2013 Cisco and/or its affiliates. All rights reserved. Cisco Confidential 28
Presented by Paul Kolesar, CommScope, IEEE 802.3 Next Gen Optics Study Group, Sep 2011
(41m)
>100m
<100m
100m
90% of deployed trunks are <100m
© 2013 Cisco and/or its affiliates. All rights reserved. Cisco Confidential 29
SNMP (v1, v2, v3), Syslog, NETCONF, RMON, CLI
Programmable
• NX-API
• JSON-RPC
• XML/JSON
• Python scripting
• Customizable CLIs
• BASH access
• Broadcom shell access
• Linux containers
• OpenFlow support
• Cisco onePK™
Automation and Orchestration
• Puppet
• Chef
• OpenStack network plugin
• XMPP support
• OpenDaylight integration
Visibility
• Dynamic buffer monitoring
• Enhanced Ethanalyzer
• SMTP email “pipe” output
• Embedded Event Manager (EEM)
• Flow monitoring
• vTracker
Thank you.