cisco dynamic fabric automation · cisco® dynamic fabric automation (dfa) represents an evolution...
TRANSCRIPT
Cisco Dynamic Fabric Automation
At-A-Glance
© 2014 Cisco and/or its affiliates. All rights reserved. Cisco and the Cisco logo are trademarks or registered trademarks of Cisco and/or its affiliates in the U.S. and other countries. To view a list of Cisco trademarks, go to this URL: www.cisco.com/go/trademarks. Third-party trademarks mentioned are the property of their respective owners. The use of the word partner does not imply a partnership relationship between Cisco and any other company. (1110R)
OverviewCisco® Dynamic Fabric Automation (DFA) represents an evolution of the Cisco Unified Fabric. It simplifies the deployment of data center fabric and automates consumption of network services. It provides a scale-out architecture without congestion points in the network while providing optimized forwarding for all types of applications. It consists of four modular building blocks, shown in Figure 1, that can be deployed independently or in combination.
Figure 1. Cisco DFA Building Blocks
Virtual FabricsWorkloadAutomation
Optimized Networking
FabricManagement
Cisco DFA attributes and features include the following:
• Transparent integration with existing Cisco Nexus® 5000, 6000, and 7000 Series Switches deployments and strong investment protection
• Flexible topologies and optimized traffic forwarding
• Interoperation with existing data center networks and data center fabrics
• Secure multitenancy at scale
• Central point of management (CPOM) to enforce policies for physical servers and virtual machines
• Open northbound APIs from the Cisco Prime™ Data Center Network Manager (DCNM) CPOM and the data center fabric
• Fabric, host, and tenant visibility
• Integration with third-party Layer 4 through 7 services, virtualization, and management
Simplified Fabric ManagementCisco DFA uses the Cisco Prime DCNM CPOM to provide an easy way to deploy, provision, and manage data center fabric. It provides zero-touch deployment of fabric nodes and automates configuration of these fabric nodes,. It discovers the data center fabric topology and can verify the cabling of the fabric against a cable plan provided by the operator. It provides a simple presence-based messaging interface to group an arbitrary set of nodes and manage them as a logical element. It can provide visibility into the location of a workload in the fabric and simplify troubleshooting of data center fabric and tenant virtual networks (Figure 2).
Figure 2. Simplified Fabric Management for Ease of Operations
AutomatedNetwork Provisioning
Common Point ofFabric Access
Host, Network and Tenant MonitoringVisibility
Cisco PrimeDCNM CPOM
REST APIs
Cisco and Third-Party ISV Applications
OpenStack, VMware vCD, and Cisco UCS® Director Management
and Orchestration
VM VM MANFW
The Cisco Prime DCNM CPOM provides an open Representational State Transfer (REST) API that can be used by customers to integrate custom-developed management tools and other third-party management tools.
At-A-Glance
© 2014 Cisco and/or its affiliates. All rights reserved. Cisco and the Cisco logo are trademarks or registered trademarks of Cisco and/or its affiliates in the U.S. and other countries. To view a list of Cisco trademarks, go to this URL: www.cisco.com/go/trademarks. Third-party trademarks mentioned are the property of their respective owners. The use of the word partner does not imply a partnership relationship between Cisco and any other company. (1110R)
Workload AutomationCisco DFA workload automation refers to the ability to manage data center resources dynamically on demand. It offers a framework to automate workload life-cycle. Cisco DFA automates the provisioning of port profiles associated with a virtual machine or physical server. Port profiles can be configured through the Cisco Prime DCNM CPOM GUI or using the REST API provided by the Cisco Prime DCNM CPOM. The Cisco Prime DCNM CPOM is also integrated with cloud stack tools such as Cisco UCS Director OpenStack and VMware vCloud Director (vCD) to learn tenant network configurations (Figure 3). Automation of virtual and physical services (L4-L7) are handled by Cisco PNSC in a similar manner.
Figure 3. Workload Automation
ServerAdministratorNetwork
Administrator
SubnetQoS andSecurity-BasedRouting
VM VMMANWAN
Network administratorde�nes port pro�le template for virtual machines
1 Port pro�les are automatically created in Cisco Prime DCNM CPOM when a server administrator provisions a virtual machine
2 When a virtual machine is detected, the port pro�le is applied to the port
3 When a virtual machine moves, the port pro�le is automatically applied to the new port
4
FW
When a virtual machine is provisioned, the Cisco DFA leaf node autodetects the virtual machine, pulls and applies the policies associated with the virtual machine, on the connected port. The fabric tracks a virtual machine and moves these port profiles within the fabric automatically. The Cisco DFA fabric is capable of applying this automation workflow to a physical server alike.
Optimized NetworkingCisco DFA fabric uses a standard control-plane protocol to distribute the gateway functions, thereby providing a scale-out architecture that limits the fault domain and increases the resiliency of the fabric (Figure 4).
Figure 4. Optimized Fabric
EnhancedForwarding
DistributedControl Plane
Integrated Virtual& Physical
Transparent Mobility
VM VM MAN/WAN
ExtensibleResiliency Smaller Failure Domains
MultitenantScale
10,000 Networks at First Customer Shipment (FCS)
Virtual Machine MobilityNetwork Extensibility
AnyNetwork
Anywhere
FW
Cisco DFA fabric enables a tenant to extend their private network anywhere within and/or across fabrics. To simplify the data center fabric while providing a scale-out architecture, Cisco DFA uses a fabric encapsulation.
Virtual FabricsCisco DFA allows creation of tenant-specific virtual fabrics and allows these virtual fabrics to be extended anywhere within the physical data center fabric. It uses a 24-bit (16 million) segment identifier to support a large-scale virtual fabric that can scale beyond the traditional 4000 VLANs (Figure 5).
Figure 5. Virtual Fabrics
Human Resources
Manufacturing
Finance
Sales
Multi-tenantScale
Scalable Secure Virtual FabricsRouting and SwitchingSegmentation
GranularVisibility
Rapid Virtual FabricDeploymentNo Sub-Networks
AnyWorkloadAnywhere
Virtual Fabric Tenant VisibilityWorkload Name-BasedSearch
At-A-Glance
© 2014 Cisco and/or its affiliates. All rights reserved. Cisco and the Cisco logo are trademarks or registered trademarks of Cisco and/or its affiliates in the U.S. and other countries. To view a list of Cisco trademarks, go to this URL: www.cisco.com/go/trademarks. Third-party trademarks mentioned are the property of their respective owners. The use of the word partner does not imply a partnership relationship between Cisco and any other company. (1110R)
This virtual fabric provides transparent integration of both physical and virtual hosts. The virtual fabric also supports integration of tenant-specific Layer 4 through Layer 7 services – physical and virtual - such as firewalls and application delivery controllers (ADCs).
Cisco DFA Components and Platform SupportFigure 6 shows the essential components of Cisco DFA:
• Cisco DFA leaf nodes provide connectivity to computing and service appliances such as firewalls and ADCs.
• Cisco DFA border leaf nodes provide connectivity to external networks and can optionally provide data center interconnect (DCI) and WAN services.
• Spine nodes provide backplane connectivity to all leaf and border leaf nodes.
• The Cisco Prime DCNM CPOM provides integrated management for the entire fabric.
Figure 6. Cisco DFA Components
LeafIntegrated Management
Spine
Border Leaf
Note that you are not tied to a particular topology with this architecture. Even though Cisco recommends a Clos or fat-tree topology, customers can deploy any topology that meets their application needs.
Benefits of Cisco DFACisco DFA offers many benefits:
• Management simplicity: Central point of management with customizable workflow automation.(Figure 7).
Figure 7. Cisco DFA Offers Management Simplicity
5
• Simpli�ed Operations
• Physical and Virtual Integration
• Application Consistency
Cisco DFAApproach
Create TenantPro�le
CreateWorkloads
Network IsAutoprovisioned
Today
Point toConsider WhenProvisioning aTenant
1 2
1 2
3 4 6
Subnet VLANSpace
Layer 2 orLayer 3
Connections
IPv4 or IPv6 MulticastNeeds
LatencyNeeds
7 8 9 10
Layer 4-7Requirements
WorkloadMobility
Requirements
Virtual andPhysical
Communication
OverprovisioningFuture Growth
QoS andSecurityPolicies
At-A-Glance
© 2014 Cisco and/or its affiliates. All rights reserved. Cisco and the Cisco logo are trademarks or registered trademarks of Cisco and/or its affiliates in the U.S. and other countries. To view a list of Cisco trademarks, go to this URL: www.cisco.com/go/trademarks. Third-party trademarks mentioned are the property of their respective owners. The use of the word partner does not imply a partnership relationship between Cisco and any other company. (1110R) C45-731012-00 04/14
• Flexible workload placement and mobility: Enables virtual machines to be deployed and moved across the fabric on demand within and across data centers.
• Massive scalability on demand: Cisco DFA provides a nonblocking fabric capable of more than 240 terabits per second (Tbps) of bandwidth supporting more than 50,000 edge ports at FCS. Cisco DFA fabric scales seamlessly from a few 100s of servers to more than 100,000 servers, with a plan to scale up to 1 million physical and virtual servers,. Data center capacity can be incrementally added, with high bisectional bandwidth, high availability, with predictable latency.
• Multitenancy: Cisco DFA uses a fabric header that can support up to 16 million segments theoretically. The initial release, will support 10,000 tenants.
ConclusionCisco DFA is a culmination of Cisco’s experience, innovation, and product leadership in the data center market. Cisco DFA evolves the data center from traditional architecture to a streamlined workload lifecycle management framework. It brings simplification, automation, and optimization to data centers transparently, which helps to lower your TCO.
Customers can use Cisco Services to migrate to Cisco DFA or deploy Cisco DFA in a completely new (greenfield) environment. With Cisco Services, you’ll know more, save more, and innovate more. You can rely on us because we’re a worldwide leader in IT, helping companies seize the opportunities of tomorrow. We have more than 28 years of experience, 50 million installed devices, and 6 million customer interactions each year. Delivered by Cisco and our Cisco Certified Partners, service engagements result in measurable business gains for our customers, who have achieved benefits such as 15 to 20 percent faster time to revenue, 30 percent lower infrastructure costs, 50 percent faster disaster recovery, and 90 percent reduction in deployment time. For information about Cisco Services, visit www.cisco.com/go/services.
For More Informationhttp://www.cisco.com/go/dfa