Application Centric Infrastructure - 思科Cisco学习官 … Centric Infrastructure 许玉善思科合作伙伴事业部工程师 CCIE Data Center / Service Provider / Security

Cisco Confidential © 2013 Cisco and/or its affiliates. All rights reserved. 1

Application Centric Infrastructure 许玉善

思科合作伙伴事业部工程师

CCIE Data Center / Service Provider / Security / R&S

[email protected]

© 2013 Cisco and/or its affiliates. All rights reserved. Cisco Confidential 2

Insieme Networks Introduction

ACI Overview

Nexus 9000 Switch Standalone Introduction


Training and Enablement throughout Q2

October 9 Internal Launch

October 9-

October 29: Internal Launch recording available via Show and Share

October 29: Presentation & Sales Materials available on CEC

November 6 External Launch in New York & Virtual

November 7 Partner Launch

Updated Date from IPTV Broadcast


Cisco Product Company Acquire Time Price

Catalyst 5000/6500 Crescend

o

1993 94M

MDS 9000 Andiamo 2003 750M

UCS/N5K2K(SAVBU

)

Nuova 2009 658M

ACI&Nexus 9000 Insieme 2013/10 1B



ACI Overview



Web Economy

On-Prem IT Services

IT as a Service

Development vs. Operations

Box-Centric

App Economy

Cloud Services

Applications as a Service

DevOps

App/Service Centric

Any application any where Velocity and Visibility

Virtual, Physical, Cloud Common Policy

Scale with Security

Open, Automation

Systems Approach


Network Virtualization

Control Plane

Data Plane

Programmability

http://www.google.com/url?sa=i&rct=j&q=&esrc=s&frm=1&source=images&cd=&cad=rja&docid=zXKHaUlwq6ypxM&tbnid=_lHgZnJphEHpHM:&ved=0CAUQjRw&url=http://wisepac.blogspot.com/2012/07/wisepac-is-leading-way-to-bring-new-but.html&ei=DXrwUZDEIoqgiALw34HQAg&bvm=bv.49784469,d.cGE&psig=AFQjCNHiuX9vPhFFjTBWgkhDBPKkyK87ZQ&ust=1374800776197577

http://www.google.com/url?sa=i&rct=j&q=&esrc=s&frm=1&source=images&cd=&cad=rja&docid=rFwjI3IG7sYSvM&tbnid=-2SueF66UZNbNM:&ved=0CAUQjRw&url=http://www.marketwire.com/press-release/network-virtualization-innovator-midokura-secures-173-million-in-series-a-funding-1773871.htm&ei=gXrwUa_rAuntiQLCwoGgCg&bvm=bv.49784469,d.cGE&psig=AFQjCNFq5QKwwpXNCAOtdfB9Y1bvWlRYig&ust=1374800893772122

http://www.google.com/url?sa=i&rct=j&q=&esrc=s&frm=1&source=images&cd=&cad=rja&docid=H6LmRlm3r34OLM&tbnid=u_2jAneXlTz7VM:&ved=0CAUQjRw&url=http://www.cimdata.com/plm/supplier_profiles/nuage.html&ei=23rwUbi6DbDxiQLzqoGYBw&bvm=bv.49784469,d.cGE&psig=AFQjCNHwwtHpU-n_dwjTi3OaMkRyceLfCw&ust=1374800977648955

http://www.google.com/url?sa=i&rct=j&q=&esrc=s&frm=1&source=images&cd=&cad=rja&docid=SoAlXl8NMCAB8M&tbnid=fFTqegtgNRqpVM:&ved=0CAUQjRw&url=http://hire.jobvite.com/companyjobs/careers.aspx?c=qFi9VfwL&v=1&page=Job+Description&j=o4cRWfwN&ei=0XvwUcG9BaaaiAL5t4CQCg&bvm=bv.49784469,d.cGE&psig=AFQjCNHq2CLkyZshreIo9DAIktqEKvlQww&ust=1374801229721729

http://www.google.com/url?sa=i&rct=j&q=&esrc=s&frm=1&source=images&cd=&cad=rja&docid=t6z2MLW725cusM&tbnid=pjpKhuVY1bfdUM:&ved=0CAUQjRw&url=http://networkstatic.net/openvswitch-and-openflow-lab-preparation/&ei=VKn1UeGLOoiXiAK054DYCA&bvm=bv.49784469,d.cGE&psig=AFQjCNFpxiBt9upPD2tLiHgZhXUpkoeXhQ&ust=1375140560414012

http://www.google.com/url?sa=i&rct=j&q=&esrc=s&frm=1&source=images&cd=&cad=rja&docid=wImIIdO06bNzrM&tbnid=PcD9ZWeHomwETM:&ved=0CAUQjRw&url=http://googleenterprise.blogspot.com/2010/05/three-tips-for-start-ups-considering.html&ei=qqv1Uc6vBoaOigK-nIFo&bvm=bv.49784469,d.cGE&psig=AFQjCNGK2lnVb7wDdGRytWZ6vgSXqGeJNA&ust=1375141155158414

http://www.google.com/url?sa=i&rct=j&q=&esrc=s&frm=1&source=images&cd=&cad=rja&docid=IU6NQh9UypZ4zM&tbnid=xYWjFM2jMAaaNM:&ved=0CAUQjRw&url=http://opennetworkingusergroup.com/sponsors/&ei=zKv1UYnYA6S6iwLf2oDYBQ&bvm=bv.49784469,d.cGE&psig=AFQjCNH2JJ2TdDGR8-6ksF9v5kIN_vsJjg&ust=1375141188005876


Designed from Its Foundation to Be Application-Centric

Application / Workload Orchestration and Scheduler

Unified Information Model and API

Policy Controller Compute Policy Controller Storage Policy Controller Network Fabric

Endpoint Group

(EPG)

Endpoint Group (EPG)

Application Graph

(EP, EPG, graph

edges)

Application Profile Compute Service Profile Network Profile Storage Service Profile = + +


• Applications fully use clustered and

replicated controller (N+1, N+2, etc.)

• Any node is able to service any user for any

operation

• Seamless APIC node adds and deletes

• Fully automated APIC software cluster

upgrade with redundancy during upgrade

• Cluster size driven by transaction rate

requirements

• APIC is not in the data path

Single Point of Management Without a Single Point of Failure

See What’s Inside

APIC Cluster Distributed, Synchronized, Replicated

APIC


universe

Port Stats Fabric1

Sw itch1 Sw itch2 Sw itch3

LC2 LC1

Port1 PortN-1 PortN

Infrastructure Tenant Network Profiles, EPGs, and EPs

Netw ork Profile Peps i

Endpoint

Group Pepsi-DB

Netw ork Profile Coke

Shared Policies

QoS Policy

Access Policy

Network

Pepsi-Net

L3 Network

PepsiL3Net L2 Network

PepsiL2Net

Named ref: QoS Policy

Endpoints

User: admin

Domain: all

Role: infra-admin

User: pepsi_admin

Domain: pepsi

Role: admin

User: pepsi_operations

Domain: pepsi

Roles: ep-stats, ep-events


Object-Oriented

Centralized Automation

RESTful XML / JSON

Open Ecosystem

Framework

Comprehensive

Programmability and

System Access

Northbound API

• Rapid integration with existing

management frameworks

• OpenStack

• Tenant- and application-aware

Southbound API

• Publish data model

• Open source

• Enables application portability

*Only straight chains supported at FCS

System

Management

Hypervisor

Management

Automation

Tools

Orchestration

Frameworks

http://www.hsvsummit.com/images/sponsor_logos/CA_Technologies.JPG

http://www.siia.net/codies/2009/finalists/logos/2-SolarWinds_Logo.JPG


Actions:

No new hosts or VMs

Evacuate hypervisors

Re-balance clusters

PetStore Event

PetStore Dev • Leaf 1 and 2

• Spine 1 – 3

• Atomic counters

PetStore Prod • Leaf 2 and 3

• Spine 1 – 2

• Atomic counters

PetStore QA • Leaf 3 and 4

• Spine 2 – 3

• Atomic counters

VXLAN

Per-Hop Visibility

Physical and

Virtual as One

ACI Fabric provides the next generation

of analytic capabilities

Per application, tenants, and

infrastructure:

• Health scores

• Latency

• Atomic counters

• Resource consumption

Integrate with workload placement or

migration

Triggered Events

or Queries

APIC


ap

plic

ation

More than just a VM

Interconnected components

VM

VM

…

web

VM

VM

…

app

VM

VM

…

db

internet

External Private

Network

How do we define the network for the

application?

?


VM

VM

…

VM

VM

…

VM

VM

…

web app db

ap

plic

atio

n

The Outside

a collection of end-points

connecting to

the network… VMs, physical

compute, …

Component

Tier

End Point Group Or VMware Port Group

a set of network requirements specifying how application components communicate with each other

Contract Access Control QoS Network Services

rules of how application communicates to the external private or public networks

Network Profile application-centric network policy

network Virtual Patch Panel


• ACI提供了一种崭新的操作模式，利用应用的语言部署网络的架构。 • ACI模型使得在网络环境中部署应用系统具备更大的灵活性和可扩展性。

• ACI模型通过用基于应用模型的逻辑化配置文件部署网络的架构及访问策略。

• ACI的多租户模式满足中小企业直至大型云业务供应商的部署需求。 • 通过使用Context(VRF)概念支持在一个Tenant中的多个私有网络及IP地址重叠。

• 应用配置文件中定义多个EGP最小程序层级，然后定义Contract来控制不同业务层级直接的访问策略和L4-L7层服务。


Q3CY13

Aug

Q4CY13

Dec

Q2CY14

Apr-Jun FUTURE

N7K / N6K

N5K / N3K

N2K

Commit to BOTH

Operational

Model Change &

HW replacement

DFA-A

FabricPath

Deployed ?

N7K / N6K

N5K / N2K

Nexus 9000

NO

YES

• Based on FabricPath encap.

• Requires Operational Model change (Enhanced Forwarding)

• Workload & Network Automation

• iNX-OS & iFC • New / Greenfield DCs / PODs

• New Operational Model • VXLAN encap

• Services Insertion / WAN

• Extension to Compute &

Storage

• Expanding Open Source

and Ecosystem

• Federated Policy

N7K: Gibraltar 7.0

release (Q2CY14)

N6K: Iluka

6.0(2)N3(1) release

(Q1CY14)

Q1CY14

Mar

DFA-B

• Adds support to

IP encapsulation

• VXLAN encap.

• DCI

• Serv ice Orchestration

“Vinci Lite” (CPoM, PoAP,

XMPP, etc.)

(but still targeting DC Fabric)

OR

ACI Only



ACI Overview



NEXUS 9500

PRICE POWER EFFICIENCY PROGRAMMABILITY PORT DENSITY PERFORMANCE

PRICE COST STRUCTURE

for 1G to 1/10GT and 10G to 40G migration 50% less ASICS

PERFORMANCE INDUSTRY LEADING PRICE /

LINE CARD BANDWITH 1.92 Tbps per slot 100G ready

PORT DENSITY 20% HIGHER Non-blocking Density

PROGRAMMABILITY JSON/XML API

Linux Container for customer apps

POWER EFFICIENCY STATE OF THE ART

BACKPLANE FREE DESIGN 15% greater power and cooling efficiency

MERCHANT+ ASIC APPROACH Innovation in Cisco ASICs


APPLICATION CENTRIC INFRASTRUCTURE

APIC

Q2 2014

NX-OS

Q4 2013

Existing Network Model

PROGRAMABILITY—40 GigE—PRICE/PERFORMANCE


• NXOS, Upgradable to iNXOS and ACI

* 80 Plus Platinum is equivalent to Climate Saver/ Green Grid

Platinum rating

• 3, 6 Fabric Card + Common Equipment Bundles

• 4, 8, 16 Slot chassis

• Redundant Power Supplies and Dual Sups

• 36 port 40G QSFP+ (16 slot future)

• Future: 48 40G QSFP+

• 48 SFP+ + 4 QSFP+

• 48 1/10GT + 4 QSFP+

• NXOS Only

• 36 port 40G QSFP+ (24 line rate)

• 8/12 port 40G QSFP+ GEM

• 36 port 40G QSFP+

Application Centric Infrastructure (ACI) Standalone

T2

Alpine

North Star


All common components are the same across Access, Aggregation and Spine

8-slot Modular Chassis

Designed for Power & Cooling Efficiency Designed for Reliability Designed for Future Scale

8 Line Card Slots

Max 3.84 Tbps/Slot duplex

Redundant

Supervisor Engines

3 or 6 Fabric Modules

(behind fan trays)

3 Fan Trays

Redundant System

Controller Cards

No Mid-plane for

LC to FM connectivity

3000W AC Pow er Supplies

2+0, 2+1, 2+2 Redundancy

Support up to 8 Pow er supports

Nexus 9508 Front View Nexus 9508 Rear View


Overview

• High Port Density

288x 40Gbps/Nexus 9508 or 576x 40Gbps/ Nexus 9516

1152x 10Gbps/Nexus 9508 or 2304x 10Gbps/ Nexus 9516

• L2 & L3 Line-Rate Performance on All Ports & All Packet Sizes

• Low Latency

Up to 3.5 usec on the 36x 40GE QSFP line card (N9K-X9636PQ)

• Power Efficiency

Platinum rated power supplies, 90-94% power efficiency across all workloads

3.5W/ 10Gbps Port

14W/ 40Gbps Port

1st modular chassis without a mid-plane

Unobstructed front-back airflow

VxLAN Bridging/Gateway/Routing*

Highly integrated switch and buffer functionality

Only 2 to 4 ASICs per line card

No buffer bloat

Mix of 28nm Cisco and 40nm Broadcom ASICs


商业芯片的好处：性价比好、缩短开发周期专用芯片的好处：功能、性能强大、Fix Bug速度快、稳定


Uplink Module Nexus 9396PQ

• 48 port 10G SFP+ & 12 port 40G QSFP+

• 2 RU

• FAN1

• 100-240V (650W AC)

Nexus 93128TX

• 96 port 1/10G-T & 8 port 40G QSFP+

• 3 RU

• FAN2

• 100-120V (800W AC), 200-240V (1200W AC)

Nexus 9300 - Common

• Redundant FAN (3) and Power Supply (2)

• Front-to-back and Back-to-Front airflow

• Dual or Quad Core CPU with default 64GB SDD

• 12 port 40G QSFP+

• Additional 40MB buffer • Full VXLAN Bridging & Routing Capability


• 2RU height

• 48 1G SFP/10Gbps SFP+ ports

• 12 40Gbps-QSFP ports (on GEM module)

• 1 100/1000baseT management port

• 1 RS232 console port

• 2 USB 2.0 ports

• Front to back and back to front airflow options

• 1+1 redundant power supply options.

• 2+1 redundant fans

• No-blocking architecture with line-rate performance on all ports for all packet sizes

Nexus 9396PX

Console

Management Port

USB Ports

48 1Gbps SFP/ 10Gbps SFP+ ports

GEM Module w ith 12 40Gbps QSFP+ ports

Pow er supply Pow er supply (2+1) Fan Trays


Nexus 93128TX

Pow er supply Pow er supply (2+1) Fan Trays

Console

Management Port

USB Ports 96 1GBaseT/ 10GBaseT ports

GEM Module w ith 12 40Gbps QSFP+ ports (8 active

uplinks)

• 3RU height

• 96 1/10GbpsBastT ports

• 8 40Gbps-QSFP ports (on GEM module)

• 1 100/1000baseT management port

• 1 RS232 console port

• 2 USB 2.0 ports

• Front to back and back to front airflow options

• 1+1 redundant power supply options.

• 2+1 redundant fans


Problem

• 40G Optics are significant portion of CAPEX • 40G Optics require new cabling

Solution

• Re-use existing 10G MMF cabling infrastructure • Re-use patch cables (same LC connector)

Cisco 40G SR-BiDi QSFP

• QSFP pluggable, MSA compliant • Dual LC Connector

• Support for 100m on OM3 and 125m+ on OM4 • TX/RX on 2 wavelength @ 20G each

Available end of CY13 and supported across all Cisco QSFP ports


Presented by Paul Kolesar, CommScope, IEEE 802.3 Next Gen Optics Study Group, Sep 2011

(41m)

>100m

<100m

100m

90% of deployed trunks are <100m


SNMP (v1, v2, v3), Syslog, NETCONF, RMON, CLI

Programmable

• NX-API

• JSON-RPC

• XML/JSON

• Python scripting

• Customizable CLIs

• BASH access

• Broadcom shell access

• Linux containers

• OpenFlow support

• Cisco onePK™

Automation and Orchestration

• Puppet

• Chef

• OpenStack network plugin

• XMPP support

• OpenDaylight integration

Visibility

• Dynamic buffer monitoring

• Enhanced Ethanalyzer

• SMTP email “pipe” output

• Embedded Event Manager (EEM)

• Flow monitoring

• vTracker

Thank you.

Documents

Application Centric Infrastructure - 思科Cisco学习官 … Centric Infrastructure 许玉善 思科合作伙伴事业部工程师 CCIE Data Center / Service Provider / Security

Application Centric Infrastructure - 思科Cisco学习官 … Centric Infrastructure 许玉善思科合作伙伴事业部工程师 CCIE Data Center / Service Provider / Security