vmware vcloud director and nexus 1000v / workload mobility

1. Journey to the Cloud with the Cisco Nexus 1000VSal Lopez Technical Marketing EngineerJake Howering Product Manager Cisco Confidential N1KV TDM 2011 Cisco and/or its affiliates. All rights reserved. Cisco Confidential 1

2. J o o e L S e N u c n x r u g u e e n r s y D i 1 s V 0 o t t a D 0 I 0 n t e c V e h w i v a F t 2011 Cisco and/or its affiliates. All rights reserved. h C l o M o m e N i y l u t x o i d u v O s n w e 1 / (vPath, NAM, vWAAS) 0 v r N 0 e i 1 0 Virtual Network Services K V w : V a & v n V C S l o d G p U u d d a D i e t e r c o t Virtual Security Gateway Introduction r & V e N e N e N e N v O i e r t x x x x v r u u u u u a s s s s e i l 1 1 1 1 e S 0 0 0 0 w 1 0 0 0 c 0 0 0 0 u r V V V v O i y e t e T K e N o r y v r Nexus 1000V Public Webinar Series G a u e i w e F b e t e F e l a a w t s w a t u & h o y e r u o e r e B e s T t s i s a t c n h g P n a r n d i c I a c t n l i s e c t a v O l e s l a v r t o i e i Cisco Confidential n w 2

3. Todays Agenda Nexus 1000V Architecture Joe Dillon vCloud Director Integration Sal Lopez Virtualized Workload Mobility (vMotion) Jake Howering Q &A 2011 Cisco and/or its affiliates. All rights reserved. Cisco Confidential 3

5. Comparison to a Physical Switch Modular Switch Supervisor-1 Supervisor-2 Back Plane Linecard-1 Linecard-2 Linecard-NServer 1 Server 2 Server 3 2011 Cisco and/or its affiliates. All rights reserved. Cisco Confidential 5

6. Moving to a Virtual Environment Modular Switch Supervisor-1 Supervisor-2 Back Plane Linecard-1 Linecard-2 Linecard-N ESX ESX ESX 2011 Cisco and/or its affiliates. All rights reserved. Cisco Confidential 6

7. Supervisors Virtual Supervisor Modules (VSMs) Virtual Appliance VSM1 VSM2 Modular Switch Supervisor-1 Supervisor-2 Back Plane Linecard-1 Linecard-2 Linecard-N ESX ESX ESX 2011 Cisco and/or its affiliates. All rights reserved. Cisco Confidential 7

8. Linecards Virtual Ethernet Modules (VEMs) Virtual Appliance VSM1 VSM2 Modular Switch Supervisor-1 Supervisor-2 Back Plane Linecard-1 Linecard-2 Linecard-N VEM-1 VEM-2 VEM-N ESX ESX ESX 2011 Cisco and/or its affiliates. All rights reserved. Cisco Confidential 8

9. VSM + VEMs = Nexus 1000V Virtual Chassis Virtual Appliance VSM1 VSM2 64 VEMs per 1000V (connected by L2 or L3) 200+ vEth ports per VEM L2 Mode L3 Mode 2K vEths per 1000V Multiple 1000Vs can be created per vCenter VEM-1 VEM-2 VEM-N ESX ESX ESXVSM: Virtual Supervisor ModuleVEM: Virtual Ethernet Module 2011 Cisco and/or its affiliates. All rights reserved. Cisco Confidential 9

10. Customer Request: Host VSMs on a Physical Appliance Virtual Appliance Physical Appliance? VSM1 VSM2 L2 Mode L3 Mode 200+ vEth ports per VEM VEM-1 VEM-2 VEM-N 64 VEMs per 1000V 2K vEths per 1000V Multiple 1000Vs can be created per vCenter ESX ESX ESXVSM: Virtual Supervisor ModuleVEM: Virtual Ethernet Module 2011 Cisco and/or its affiliates. All rights reserved. Cisco Confidential 10

11. VSMs hosted on a Physical Appliance: Nexus 1010 Virtual Appliance Nexus 1010 VSM-A1 VSM-A4 Up to 4 VSMs per Nexus 1010 VSM-B1 VSM-B4 Nexus 1010s deployed in redundant pair L2 Mode L3 Mode 200+ vEth ports per VEM VEM-1 VEM-2 VEM-N 64 VEMs per 1000V 2K vEths per 1000V Multiple 1000Vs can be created per vCenter ESX ESX ESXVSM: Virtual Supervisor ModuleVEM: Virtual Ethernet Module 2011 Cisco and/or its affiliates. All rights reserved. Cisco Confidential 11

12. vPath Virtual Service Datapath Virtual Appliance vWAAS VSG VSM vPath Virtual Service Datapath L2 Mode L3 Mode VSG Virtual Security Gateway for 1000v vWAAS vPath Virtual WAAS Traffic Steering VEM-1 VEM-2 Fast -Path Offload vPath vPath ESX ESX Nexus 1000V ver 1.4 & above 2011 Cisco and/or its affiliates. All rights reserved. Cisco Confidential 12

13. Virtual Appliance Nexus 1010 vWAAS VSG VSM-A1 VSM-A4 NAM VSM-B1 VSM-B4 NAM vPath Virtual Service Datapath L2 Mode L3 Mode VSG Virtual Security Gateway for 1000v vWAAS Virtual WAAS VEM-1 VEM-2 vPath vPath ESX ESX *VSG on 1010 target: 2Q CY11 2011 Cisco and/or its affiliates. All rights reserved. Cisco Confidential 13

14. Cisco Nexus 1000V and VMware vCloudDirector InteroperabilitySal LopezTechnical Marketing EngineerSAVBU

15. Builds on vSphere VMware vCloud Director Creates and Manages User Portals Catalogs Security Virtual Data Centers Secures Clouds Virtual Datacenter 1 (Gold) VMware vShield Virtual Datacenter n (Silver) Provides self-service Isolates users into organizations VMware VMware Provides portability and vCenter Server vCenter Server programmability for control VMware vSphere VMware vSphere 2011 Cisco and/or its affiliates. All rights reserved. Cisco Confidential 15

16. Nexus 1000V: IEEE 802.1Q standard-based distributed virtual switch Deployed with VMware vSphere 4.0 and 4.1 Deployable with VMwares Desktop and Cloud products When deployed with vCloud Director, Nexus 1000V continues to provide: Rich NX-OS based networking features Operational and feature consistency with Cisco Nexus 7K/5K/2K switches Administrative segregation across server and network teams 2011 Cisco and/or its affiliates. All rights reserved. Cisco Confidential 16

17. vCloud Director Functionality Nexus 1000V Support vCloud Director has three layers of Networks: Nexus 1000V supports all three Provider networks vCloud Director networks Organization networks vApp networks Nexus 1000V supports L2/VLAN isolation through Portgroup-backed vCloud Director leverages network network pools pools to allow for self-service isolated network provisioning by Nexus 1000V does not support end-users/tenants vCloud Network Isolation (VCNI), a VMware technology Nexus 1000V supports vShield vShield Edge for security functions Edge * Maintains IEEE 802.1Q frame format; physical network 2011 Cisco and/or its affiliates. All rights reserved. continues to provide ACL/security, monitoring, Confidential Cisco etc. 17

18. Both Cisco and VMware consider Cisco Nexus 1000V an integral component of VMwares vSphere and vCloud product lines Cisco and VMware are working together on a jointly supportable network isolation solution Both companies are committed to delivering interoperable solutions for current and future versions of these products 2011 Cisco and/or its affiliates. All rights reserved. Cisco Confidential 18

19. Organization A Organization B Organization C vApp vApp vApp vApp vApp vApp V V V V V V MV VM VM MV VM MV MV VM CloudVM MV VM MV MV VM VM MV VM MV M M M M M M Cisco Nexus 1000V VEM Cisco Nexus 1000V VEM Cisco Nexus 1000V VSM Traffic Classification, Bandwidth Reservation, Rate Limiting, QoS Statistics 2011 Cisco and/or its affiliates. All rights reserved. Cisco Confidential 19

20. Organization A vApp MySQL DB WebServer Client Cloud Cisco Nexus 1000V VEM Port-Mirroring Across L3 Boundaries Using ERSPAN Cisco NAM VSB Cisco Nexus 1000V VSM Cisco Nexus 1010 2011 Cisco and/or its affiliates. All rights reserved. Cisco Confidential 20

21. VMware vCloud Director provides 2 mechanisms for this VLAN based isolation 802.1Q Standards based with port-group backed or VLAN backed network pools VLAN isolation has major benefits, as in physical networks like QoS, monitoring and security Nexus 1000V supports VLAN based isolation with port-group backed pools ETYPE = DA SA 802.1Q VLAN ID Payload 0x8100 vCloud Director Network Isolation (VCNI) VMware technology to be used with vSphere vDS 2011 Cisco and/or its affiliates. All rights reserved. Cisco Confidential 21

22. Cloud Provider Organization A Organization B Org A vDC Org B vDC vApp 1 vApp 2 vApp 3 vApp 4 VM1A VM1B VM2A VM2B VM2C VM3A VM3B VM4A VM4B N1K 3 A2.3 VSE1 VSE2 VSE3 Network Type Label Nexus 1000V Port-Profile vApp Internal Network N1KV_vApp_VLAN301 N1KV_vApp_VLAN300 Organization Directly Connected External Connected to N1KV_Provider_Ext Network Organization Routed Network N1KV_Org_VLAN200, N1KV_Org_VLAN201 Provider External Network N1KV_Provider_VLAN170 2011 Cisco and/or its affiliates. All rights reserved. Cisco Confidential 22

23. vApps use vEthernet interfaces Static Fixed DVPort ID throughout life of vNIC, even after VM reboot Allocated from reserved port group pool Port groups with Static binding have limited number of ports, defined by max-port Ephemeral New DVPort ID each time vNIC is connected/disconnected and changes each time VM is rebooted Not allocated by port group pool reservation Usage based on max limit of DVS, not max-port setting Recommended for dynamic/automated environments such as vCD 2011 Cisco and/or its affiliates. All rights reserved. Cisco Confidential 23

24. VSM must be present on vCenter to be used with vCloud Predefine port-profiles prior to vCloud networks definition Allocate a range of VLAN IDs to use for vCloud deployment and associate each to a unique port-profile Use descriptive port-profile names that include type of network and/or customer information VLAN ID vApp, Organization or Provider part of name Use these when creating port-group backed network pools from vCloud Director interface Will eventually be assigned to a VM by vCloud Director, so can use QoS and security within port-profile 2011 Cisco and/or its affiliates. All rights reserved. Cisco Confidential 24

25. Create an network pools to be used by an Organization Specifically to be used: External Organization Network and Organization Networks Use VLANs 170, 200 and 300 vApps and networks similar to the following diagram 2011 Cisco and/or its affiliates. All rights reserved. Cisco Confidential 25

26. Org A vApp VSE1 VSE2 VM1A VM2A VM2B VM2C N1KV_vApp_VLAN301 Direct Connected N1KV_vApp_VLAN300 N1KV_Org_VLAN200 N1KV_Provider_VLAN170 Port-Profile Network to Provider Port-Profile Port-Profile Port-Profile VEM VEM VEM Nexus 1000V VEM Nexus 1000V VEM Nexus 1000V VEM ESXi ESXi ESXi Data Center Network vCenter Server Nexus 1000V VSM 26 2011 Cisco and/or its affiliates. All rights reserved. vCloud Director Confidential Cisco

27. Define a range of VLANs and conventions vlan 170 name Provider_Infra_VLAN170 vlan 200 name Org_VLAN200 Descriptive Names vlan 300 name vApp_VLAN300 2011 Cisco and/or its affiliates. All rights reserved. Cisco Confidential 27

28. Port-profile configuration on VSM port-profile type vethernet N1KV_Provider_VLAN170 vmware port-group port-binding ephemeral switchport mode access switchport access vlan 170 Descriptive Port-Profile no shutdown state enabled name with VLAN ID port-profile type vethernet N1KV_Org_VLAN200 vmware port-group port-binding ephemeral switchport mode access switchport access vlan 200 no shutdown Use of ephemeral state enabled port binding port-profile type vethernet N1KV_vApp_VLAN300 vmware port-group service-policy input platinum_in_mark port-binding ephemeral switchport mode access Provide QoS Policy switchport access vlan 300 no shutdown for vApp state enabled 2011 Cisco and/or its affiliates. All rights reserved. Cisco Confidential 28

31. Nexus 1000V and vCloud Director Interopability Technical White Paper https://communities.cisco.com/docs/DOC-21111 Nexus 1000V Configuration Guides www.cisco.com/go/nexus1000V vCloud Director Administrators Guide www.vmware.com/products/vcloud 2011 Cisco and/or its affiliates. All rights reserved. Cisco Confidential 31

32. VirtualizedWorkload Mobility Data Center Strategyin Data CenterInterconnectJake Howering, Product ManagerCisco Systems Architecture and Strategy Unit (SASU)May 2011 2008 Cisco Systems, Inc. All rights reserved. Cisco Confidential 33

33. Virtualized Workload MobilityA New Validated Design with the Nexus 1000vTodays TopicsSystems Architecture and Strategy UnitData Center InterconnectVirtualized Workload Mobility Cisco Confidential 34

34. Systems Architecture and Strategy UnitEnabling execution Partner Integration Implementation Application Networking & Data Center Switching TG Switching TG Service Systems Architecture and Provider Strategy Unit Integration Ethernet Cloud Services Switching TG & Switching TG Implementation Enterprise Integration Implementation Cisco Confidential 35

35. Systems Architecture and Strategy UnitProgram overview Mission Provide scalable flexible Data Center and Borderless solutions, which focus on real-world challenges, provide dramatic differentiation and result in significant reduction in implementation/integration. Scope Data Center Interconnect (DCI) Cloud Computing Data Center POD Interconnect Borderless Network Cisco Products & 3rd party productsDeliverables Design and Implementation Guide (DIG) Master Verification Publication (MVP) Transfer of Information (TOI) Focused Launch and Marketing Campaign Cisco Confidential 36

36. Systems Architecture and Strategy Unit Process and deliverablesProcess Information Architecture design Test plan Design verification collection development development & integration Phase 1 Phase 2 Phase 3 Phase 4Deliverables Systems Systems Master Design & Requirements Architecture Verification Implementation Documentation Specification Plan Guide (SRD) (SAS) (MVP) (DIG) Cisco Confidential 37

37. Data Center VirtualizationDriving Application Mobility and Resource Optimization Server Virtualization Consolidation of physical servers as virtual servers to reduce management, power and cooling, etc Hypervisors such as vSphere with VMware VMotion enable application mobility Storage Virtualization Consolidation of physical storage assets to logical storage assets + Network Virtualization Creating pools of network ports that are isolated, but which reside on the same physical infrastructure + Data Center Interconnect for the Virtualized Data Center Cisco Confidential 38

38. Data Center InterconnectMany Good Reasons to have Multiple Data CenterLocationsBusiness Driver IT Solutions Workload Mobility Virtual Machine Cost of Real Estate, Power, Cooling Mobility Server Clustering Cloud Computing Business Models Data Center Maintenance/migration/consolidation Cisco Confidential 39

39. Virtualized Data CenterOne Virtual Data Center, distributed locations Data Center Interconnect SAN LAN SAN LAN Cisco Confidential 40

40. Virtual Machine Mobility Across Data CentersData Center 1 Data Center 2 Data Center Interconnect VMware vCenter Nexus Nexus 1000V 1000V vSphere vSphere Cisco Confidential 41

41. Data Center Interconnect (DCI)ComponentsDCI Purpose EcosystemComponentsVirtualization Server Virtualization is a baseline requirement, preparing virtualNetwork and machines for application mobilityServer Network Virtualization is a baseline requirement to enable virtual network connectivityLAN Extensions Extend same VLAN across Data Centers to enable Layer 2 connectivity between Virtual MachinesStorage Providing applications access to storage locally, as well asExtensions remotely with desirable storage attributesRouting Routing users to the data center where the application residesOptimization while keeping symmetrical routing in consideration for IP services (e.g. Firewall) Cisco Confidential 42

42. Virtualized Workload Mobility DCI Phase 4 Scheduled Release July 10, 2011 Virtualized Workload Mobility Virtualized Workload Mobility enables: Data Center Virtualized Server Disaster Planning consolidation Resource strategies, including and/or expansion distribution over Disaster Avoidance over distance distance capabilities Virtualized Workload Mobility Cisco Confidential 43

43. Virtualized Workload Mobility Main Goals *CVD Validate Nexus 1000v in DCI Define Architecture Constraints and address customer concerns Define a DCI Architecture that supports workload mobility * Cisco Validated Design Cisco Confidential 44

44. Virtualized Workload Mobility DCI Phase 4 Solution Components Virtualization Nexus 1000v VMware vSphere LAN Extension Overlay Transport Virtualization Virtual Port Channels Storage Extension Synchronous Replication with Fibre Channel Share Storage Model Netapp FlexCache EMC VPLEX Routing Optimization Egress the Virtual Data Center - HSRP Localization Ingress the Virtual Data Center ACE/GSS integration with vCenter Cisco Confidential 45

45. Virtualized Workload Mobility Constraints and Concerns Virtualized Workload Mobility Constraints Concerns Storage Synchronous VMware 5 ms Service System Replication RTT Performance Integration Fibre Channel Theoretical: Which storage Will Nexus distance ~ 100 2.5 ms one model to 1000v port km way ~ 750 km choose profile migrate Optimize with Optics: 2.5 ms Which storage Will application storage one way ~ 500 products to performance extensions km use degrade Distance at 100 km Multiple Test Iterations Cisco Confidential 46

46. Nexus 1000v Deployment Model Stretching the Cluster to 100km apartNexus 1000v VSM Pair VNMC Layer 2 Extension V S M V S M C t v e n e r ( ) ( d b ) ( ) A t i S t A t i c e v a n y c e v S h S h S h S h v p e e r v p e e r v p e e r v p e e r i l i d

vmware vcloud director and nexus 1000v / workload mobility

Technology