Embed Size (px)
DESCRIPTION
Citation preview
Cisco Nexus 1000V for Hyper-V
Appaji MallaSr. Product Marketing ManagerData Center Group (DCG)
© 2010 Cisco and/or its affiliates. All rights reserved. Cisco Confidential 2
Legal Disclaimer
Many of the products and features described herein remain in varying stages of development and will be offered on a when-and-if-available basis. This roadmap is subject to change at the sole discretion of Cisco, and Cisco will have no liability for delay in the delivery or failure to deliver any of the products or features set forth in this document.
© 2010 Cisco and/or its affiliates. All rights reserved. Cisco Confidential 3
Agenda• Cisco Virtual Networking Solutions
• Cisco Nexus 1000V Overview
• Integration with Microsoft SCVMM
• Virtual Services
© 2010 Cisco and/or its affiliates. All rights reserved. Cisco Confidential 4
Physical Virtual Cloud JourneyPHYSICAL
WORKLOADVIRTUAL
WORKLOADCLOUD
WORKLOAD
• One app per Server• Static• Manual provisioning
• Many apps per Server• Mobile• Dynamic provisioning
• Multi-tenant per Server• Elastic• Automated Scaling
HYPERVISORVDC-1 VDC-2
CONSISTENCY: Policy, Features, Security, Scale, Management
Nexus 1000V, VM-FEX
vWAAS, VSG*, ASA 1000V
UCS for Virtualized Workloads
Nexus 7K/5K/3K/2K
WAAS, ASA, NAM, ACE
UCS for Bare Metal
* Virtual only
© 2010 Cisco and/or its affiliates. All rights reserved. Cisco Confidential 5
Server Virtualization Issues
1. Live Migration moves VMs across physical ports—the network policy must follow VM Movement
2. Must view or apply network/security policy to locally switched traffic
3. Need to maintain segregation of duties while ensuring non-disruptive operations
PortProfile
Hypervisor
Hypervisor
Server Admin
Network Admin
SecurityAdmin
© 2010 Cisco and/or its affiliates. All rights reserved. Cisco Confidential 6
Cisco Nexus 1000V ArchitectureNetwork team manages virtual & physical Networks
WS 2012 Hyper-V
Modular Switch
…Linecard-N
Supervisor-1 (Active)
Supervisor-2 (StandBy)
Linecard-1
Linecard-2
Bac
k P
lane
VEM-NVEM-1 VEM-2
VSM: Virtual Supervisor ModuleVEM: Virtual Ethernet Module
VSM-1 (active)
VSM-2 (standby)
Virtual Appliance
NetworkAdmin
ServerAdmin
NX-OSControl Plane
NX-OSData Plane
WS 2012 Hyper-V WS 2012 Hyper-V
Cisco Confidential© 2010 Cisco and/or its affiliates. All rights reserved. 7
System Center Virtual Machine Manager
CiscoNexus1000V VEM
CiscoNexus1000V VEM
Cisco Nexus1000V VEM
VM VM VM VMVM VM VM VMVM VM VM VM
Cisco Nexus 1000V VSM
Virtual Supervisor Module (VSM)• Virtual or Physical appliance running
Cisco NXOS (supports Hi-availability)
• Performs management, monitoring, and configuration
• Tight integration with management platforms
Virtual Ethernet Module (VEM)• Enables advanced networking
capability on the hypervisor
• Provides each virtual machine with dedicated “switch port”
• Collection of VEMs : 1 virtual network Distributed Switch
WS 2012 Hyper-V WS 2012 Hyper-VWS 2012 Hyper-V
Server Server Server
Cisco Nexus 1000V Architecture
© 2010 Cisco and/or its affiliates. All rights reserved. Cisco Confidential 8
Virtual Appliance Nexus 1010
VSM
NAM VSG
PrimaryVSM
NAM VSGSecondary
VSM
L3 C
onne
ctiv
ity
VEM-1 VEM-2
vPath vPath
WS 2012 Hyper-V WS 2012 Hyper-V
VSM: Virtual Supervisor Module
VEM: Virtual Ethernet Module
vPath: Virtual Service Data-path
VSG: Virtual Security Gateway
vWAAS: Virtual WAAS
ASA1000V: Tenant-edge security
Virtual BladesVirtual Supervisor Module (VSM)
Network Analysis Module (NAM)
Virtual Security Gateway (VSG)
Entire portfolio of switching, integrated network services and management tools in physical and virtual form-factors will be available for WS2012 Hyper-V
vWAAS VSGASA1000V
Cisco Nexus 1000V Portfolio
vPath• Service Binding
(Traffic Steering)• Fast-Path Offload
Cisco Confidential© 2010 Cisco and/or its affiliates. All rights reserved. 9
Switching L2 Switching, 802.1Q Tagging, Rate Limiting (TX) IGMP Snooping, QoS Marking (COS & DSCP)
Security Policy Mobility, Private VLANs w/ local PVLAN Enforcement Access Control Lists (L2–4 w/ Redirect), Port Security Dynamic ARP inspection, IP Source Guard, DHCP Snooping
Provisioning
Visibility Live Migration Tracking, NetFlow v.9 w/ NDE, CDP v.2 VM-Level Interface Statistics SPAN & ERSPAN (policy-based)
Management VM Network Provisioning (port-profiles), CiscoWorks, Cisco DCNM Cisco CLI, Radius, TACACs, Syslog, SNMP (v.1, 2, 3) Hitless upgrade, SW Installer
Network Services Virtual Services Datapath (vPath) support for traffic steering & fast-path
off-load [leveraged by Virtual Security Gateway (VSG) and other services]
Full integration with System Center – VM Manager (SCVMM) Faster network policy provisioning through port profiles
Cisco Nexus 1000V Switching Features
© 2010 Cisco and/or its affiliates. All rights reserved. Cisco Confidential 10
Cisco Nexus 1000V for Hyper-VOperational Model with SCVMM
Networks & policies synced to SCVMM
Adds hosts to N1KVConnects VMs (VNICs) to
VM Networks
Configuration data and
policies sent to N1KV VEM
Nexus1000V VEM
Server
Nexus 1000VVSM
Win 8 Hyper-V
SCVMM
NetworkAdmin Create networks and
policies (logical networks, network sites, VMnetworks)
SCVMM manages the placement and live-migration of the VMs based on the constraints between VM networks and the network sites.
VM VM VM VM
ServerAdmin
© 2010 Cisco and/or its affiliates. All rights reserved. Cisco Confidential 11
Virtualization and Cloud Driving New Requirements in Data CenterTraditional Data Center Virtual/Cloud Data Center
FW WANOpt
• Application-specific services
• Form factors:Appliance
Switch module
• Virtual appliance form factor
• Dynamic instantiation/provisioning
• Service transparent to VM mobility
• Support scale-out
• Large scale multitenant operation
Virtual Service Node (VSN)
ADC/SLB
APP
OS
Hypervisor
VDC-1
VDC-2
© 2010 Cisco and/or its affiliates. All rights reserved. Cisco Confidential 12
Hypervisor
Traditional Service Nodes
Virtual Contexts
VLANs
Redirect VM traffic via VLANs to external (physical) firewall
AppServer
DatabaseServer
WebServer
AppServer
DatabaseServer
WebServer
VSN
Virtual Service Nodes
VSN
1 Apply hypervisor-basedvirtual network services2
Hypervisor
Virtual Service Nodes
Services deployment in Virtualized DC
© 2010 Cisco and/or its affiliates. All rights reserved. Cisco Confidential 13
Nexus 1000VDistributed Virtual Switch
VM VM VM
VM VM
VM
VM VM VM
VM
VM
VM VM VM
VM VM VMVM
VM
vPath
Log/AuditInitial Packet Flow
Virtual Security Gateway (VSG)
1Flow Access Control(policy evaluation)
2
DecisionCaching 3
4
Intelligent Traffic Steering with vPath
© 2010 Cisco and/or its affiliates. All rights reserved. Cisco Confidential 14
Nexus 1000VDistributed Virtual Switch
VM VM VM
VM VM
VM
VM VM VM
VM
VM
VM VM VM
VM VM VMVM
VM
vPath
Remaining packets from flow
ACL offloaded to Nexus 1000V
(policy enforcement)
Log/Audit
Virtual Security Gateway (VSG)
Performance Acceleration with vPath
© 2010 Cisco and/or its affiliates. All rights reserved. Cisco Confidential 15
Consistent Network Services
• Leverage existing virtual servicesVirtual Security Gateway, Virtual WAAS, Virtual ASA, NAM on Nexus 1010
• Services can be hosted on Nexus 1010
Consistent Networking Features
• NX-OS feature across multiple hypervisors & across physical
• Advanced NX-OS switching features, including security, visibility, QoS, segmentation, port channel, …
Consistent Operational Model
• NX-OS CLI across multiple hypervisors & across physical
• Separation of duties between network & server admins
• Dynamic provisioning and VM mobility awareness
• Leverage existing monitoring and management tools
Nexus 1000V: Customer Benefits
© 2010 Cisco and/or its affiliates. All rights reserved. Cisco Confidential 16
Additional Resources• Cisco-Microsoft Partnership: http://www.cisco.com/go/microsoft
• Nexus 1000V: http://www.cisco.com/go/nexus1000v
• UCS VM-FEX: http://www.cisco.com/go/vmfex
• Solution Overview: http://www.cisco.com/en/US/solutions/collateral/ns340/ns517/ns224/ns955/ns963/solution_overview_c22-687087.html
• Q&A Doc: http://www.cisco.com/en/US/solutions/collateral/ns340/ns517/ns224/ns955/ns963/faq_c67_687090_ns1154_Networking_Solutions_Q_and_A.html
• Mailer-list: [email protected]
Thank you.
