Upload
cisco-data-center-sdn
View
564
Download
4
Tags:
Embed Size (px)
Citation preview
© 2013 Cisco and/or its affiliates. All rights reserved. Cisco Public
Cloud Network Automation and Automation In the Data CenterMichel Gaillard
© 2013 Cisco and/or its affiliates. All rights reserved. Cisco Public
On-Demand, Self-Service Provisioning of IT Resources
Easiest to Use and Deploy, Delivers Faster Time to Value
Optimized for Cisco Architectures, Complements Existing IT Systems and Management Tools
Policy-Based, Model-Driven Approach Reduces TCO
Automation
Intelligence
Flexibility
Policy-BasedNetwork
Infrastructure Resource Mgmt
UCS Manager
Cisco Cloud Portal
Cisco Process Orchestrator
Cisco Intelligent Automation for CloudIT as a Service Requires a New Management Approach
Network
Compute
Storage
Cisco Network Services Manager/VNMC
© 2013 Cisco and/or its affiliates. All rights reserved. Cisco Public 33
NSM - Customer Problems Solved
1. Automates and virtualizes E-2-E IaaS network infrastructure provisioning
2. API accessible abstraction layer simplifies platform configuration
3. Provides policies that define and control behavior of the Cloud
4. Enables administrators to define the logical constructs of the Cloud (access/security, tiers of service, resources and constraints)
5. Faster cloud setup time and dynamic, fluid network service evolution
© 2013 Cisco and/or its affiliates. All rights reserved. Cisco Public
Virtual Network Management Center
Virtual Appliance
VSM
VEM-1vPath
VEM-2vPath
Hypervisor Hypervisor
vWAAS VSG
ASA 1000v Cloud Services RouterVNMC
• Single integrated access to manage Cisco virtual services
• VM lifecycle and service feature configuration
• Common UX and operational flows
• Tenant and provider views
• Integral part of the N1K architecture
• Common model to enable federated development
• XML APIs to enable third-party management and orchestration tool integration
VNMC
© 2013 Cisco and/or its affiliates. All rights reserved. Cisco Public
Tenant with VSG & ASA 1000v
Tenant A HQ
VSG ASA 1000v
Internet
VNMC
Webserver192.168.100.11
DB server192.168.100.12
App server192.168.100.10
192.168.100.20
172.25.108.86
192.168.200.15
192.168.100.15
172.25.108.87
© 2013 Cisco and/or its affiliates. All rights reserved. Cisco Public 66
Direct Access Two Tiered with FWThis use case describes a tenant of an Enterprise or Service provider that has Internet routable space with:
• Virtual machines may be deployed on one or more VLANs in public address space
• Virtual machines may be deployed on one or more VLANs behind a firewall with internal addresses
© 2013 Cisco and/or its affiliates. All rights reserved. Cisco Public
Securing the Tenant Intra Domain and Edge
• Proven Cisco® security: virtualized physical and virtual consistency
• Collaborative security model
E Cisco Virtual Secure Gateway (VSG) for intra-tenant secure zones
E Cisco ASA 1000V for tenant edge controls
• Transparent integration
E With Cisco Nexus® 1000V Switch and Cisco vPath
• Scale flexibility to meet cloud demand
E Multi-instance deployment for scale-out deployment across the data center
Tenant BTenant AVDC
vApp
vApp
HypervisorCisco Nexus® 1000V
Cisco vPath
VDC
Cisco® Virtual Network Management Center (VNMC)
Cisco VSG Cisco
VSGCisco VSG
Cisco ASA1000V
Cisco ASA 1000V
Cisco VSG
© 2013 Cisco and/or its affiliates. All rights reserved. Cisco Public
Pod
ComputeStorage
Network
Pod
ComputeStorage
Network
Controller
Pod
ComputeStorage
Network
Controller
JMS Transport
Cloud Operational Model Services and Topology Model
Business Model
Tenant Network ContainerTenant Network Container
Network Container (Zone)
Network Container
EnterpriseNetwork
MPLSNetwork
Network Container
(App-Zone)
Network Container (DB-
Zone)
Internet
Network Container
(Web-Zone)
FW/LB
FW FW
Cisco Network Services Manager Container Model
Engine
APIREST
Network Container
Tenant Network Container
Network Container (Zone)
Network Container
Network Container
Controller
Tenant BTenant A
© 2013 Cisco and/or its affiliates. All rights reserved. Cisco Public
Typical Supported Use Cases
Tenant Remote Access – Direct Connect
Internet – Public Unprotected Zone
MPLS – Private Unprotected Zone
Direct Access – Two tiered FW
MPLS Access – Two tiered FW
L3 Routed, L3 NATed, L2 Unrouted VLAN
Four Zone Model
Zone with one armed LB
© 2013 Cisco and/or its affiliates. All rights reserved. Cisco Public
Common abstraction layer
Standardized API (contribution to OpenStack)
Flexible, easily consumable interface (partnering with subscriber manager
vendors)
Helps ensure that network remains viable part of cloud solution framework
Fastest deployment and lowest operating costs for cloud
Why NSM and VNMC are mandatory
OrchestrationModule
Automation Module
Service Catalog Service Portal
Cisco® Network Services Manager
SP VMDC PodEnterprise VMDC
Pod
Open REST APIAbstraction Layer
VNMC