Beruflich Dokumente
Kultur Dokumente
Joy ABOIM
Consulting System Engineer
Consolidate
Virtualise
Abstraction of physical resources unified data center comprising network, compute and storage Orchestration and automated provisioning of virtualised (and where appropriate physical) infrastructure A new Target Operating Model (TOM) which is market driven (private or public cloud), outsourced, out-tasked or delivered internally as appropriate.
Automate
Market
2012 Cisco and/or its affiliates. All rights reserved. Cisco Confidential
Application Driven
Cloud
Monitoring Apps
Provisioning Apps
Programmable
Provisionable
Fabric
L2,
Compute Compute Storage Storage Services Services
L3
L2,
Compute Compute Storage Storage Services Services
L3
POLICY
Orchestration
ANALYTICS
Network
2012 Cisco and/or its affiliates. All rights reserved. Cisco Confidential 4
Massively Scalable Data Center Customize with Programmatic APIs to provide deep insight into network traffic
Network Flow Management
Service Providers Policy-based control and analytics to optimize and monetize service delivery
Agile Service Delivery
Diverse Network Programmability Requirements Across Segments: Automation, Monitoring & Flow Programmability
2012 Cisco and/or its affiliates. All rights reserved. Cisco Confidential 5
Basic Definitions
What Is Software Defined Network (SDN)?
In the SDN architecture, the control and data planes are decoupled, network intelligence and state are logically centralized, and the underlying network infrastructure is abstracted from the applications
Note: SDN is not mandatory for network programmability nor automation Source: www.opennetworking.org
What Is OpenFlow?
Open protocol that specifies interactions between decoupled control and data planes
Note: OF is not mandatory for SDN Note: North-bound Controller APIs are vendor-specific
What is OpenStack?
Opensource software for building public and private Clouds; includes Compute (Nova), Networking (Quantum) and Storage (Swift) services.
Note: Applicable to SDN and non-SDN networks Source: www.openstack.org
2012 Cisco and/or its affiliates. All rights reserved. Cisco Confidential
Programmable APIs
Applications
2a
Classic SDN
Applications
2b
Hybrid SDN
Applications
Vendor-specific APIs
Vendor-specific APIs
Vendor-specific APIs
Vendor-specific APIs
Vendor Specific (e.g. onePK) CLI, SNMP, Netflow, OpenFlow Vendor Specific (e.g. onePK)
OpenFlow
Control Plane
Control Plane
Control Plane
Control Plane
Data Plane
Data Plane
Data Plane
Data Plane
Data Plane
Openstack and Network Overlays Apply to All Models (Physical/Virtual) Custom Features Can Be Built
Cisco Confidential
1.
Platform APIs
Network
3.
Virtual Overlays
2. a
Controllers And Agents SDN:
- Controller SW (OpenFlow, onePK) - OpenFlow 1.x support
Cisco Confidential
Cisco Confidential
OpenFlow Agent
Puppet Agent
Prime agent
Custom Agent
Agents
onePK Client
Process boundary
onePK Server
Cisco Network Operating System (IOS, IOS-XE, IOS-XR, NX-OS) (Platform PI Code) Cisco Network Operating System (IOS, IOS-XE, IOS-XR, NX-OS) (Platform PD Code)
Cisco Confidential
10
ONE Controller
Cisco Confidential
11
Applications (Cisco)
Applications (Customer)
Network Slicing
Network Troubleshooting
Examples
Flexible Network Partitioning and Provisioning (Slicing) Network Troubleshooting Custom Routing
Flow Management
Forwarding Logic
onePK API
onePK
onePK
OF
OF
12
Virtual Overlays
Cisco Confidential
13
Multi-Hypervisor
Multi-Services
Multi-Cloud Key component of Cisco Open Networking Environment (Cisco ONE) Build / Partner / Buy strategy Partnership with Citrix announced Acquired 2 startups for tech & talent: Virtuata and vCider
2012 Cisco and/or its affiliates. All rights reserved. Cisco Confidential 14
Tenant A
Cloud Services Router 1000V
Zone A Zone B
Physical Infrastructure
vPath
VXLAN
Nexus 1000V
(Cloud Router)
WAN L3 gateway
Routing and VPN
Services
Citrix NetScaler VPX
virtual ADC
Imperva Web App.
Firewall 2013
15
Shipping
Cisco Confidential
Shipping
Shipping
Cisco-Citrix Alliance Webinar: - Oct 22, 2012 (Webinar, PPT) Imperva WAF update: June 5th, 2012 (Email Annoucement, Imperva FAQ)
Tens of thousands of virtual ports, L2 networks Hundreds of Servers Scalable segmentation: VXLAN
Common APIs
REST API
Nexus 1000V
VXLAN Gateway
ASA 1KV VSG
Any Hypervisor
vWAAS
ASA 55xx
vPath for traffic steering / service chaining Virtual Services VSG, ASA 1000V (cloud-ready security), vWAAS (application acceleration) CSR 1000V (cloud router)
Multi-hypervisor
Tenant 1
Tenant 2
Tenant 3
Virtual Workloads
Physical Workloads
Tenant 1: virtual workloads protected by virtual firewall Tenant 2: virtual workloads protected by physical firewall (via VXLAN GW) Tenant 3: virtual & physical workloads in same L2 domain (via VXLAN GW
16
VXLAN to VLAN GW
2012 Cisco and/or its affiliates. All rights reserved. Cisco Confidential
Tenant B
Secure Hybrid Cloud = Securely Connect Enterprise Private Cloud and Provider Public Cloud
Use Cases
Bursting Disaster recovery/avoidance Upgrade/migration Dev/QA
Workloads
Requirements
Network consistency Security consistency Policy consistency
Cisco Confidential
17
Thank You!