Transcript PRESENTATION TITLE/SIZE 30 - Institut Teknologi Bandung

Cisco
Data Center Network Architecture
Ivan S Chandra
Systems Engineer Manager
[email protected]
Business Ready Data Center
Architecture
© 2005 Cisco Systems, Inc. All rights reserved.
Cisco Public
1
Agenda
• Data Center Challenges
• Cisco Data Center Network Architecture
• Summary
Business Ready Data Center
Architecture
© 2005 Cisco Systems, Inc. All rights reserved.
Cisco Public
2
Data Center Architecture Today—
Dedicated Infrastructure
Challenges
• Low utilization of
compute and storage
resources
USERS
APPLICATION 1...N
• Multiple points of
management
• Inconsistent security
policies
DEDICATED
COMPUTING
DEDICATED
STORAGE
• Too costly to scale
DEDICATED NETWORK
Reference: Cisco Internet Business
Solutions Group, 2004
Business Ready Data Center
Architecture
© 2005 Cisco Systems, Inc. All rights reserved.
Cisco Public
3
Data Center Architecture Evolving—Dedicated
Infrastructure to Service Oriented Infrastructure
Benefits
• Much better utilization
• Lower administration
costs
USERS
APPLICATION 1...N
• Reduction in assets
• Increased service
availability
• Faster deployment
of new services
POOLED
COMPUTING
POOLED
STORAGE
INTELLIGENT INFORMATION NETWORK
VIRTUALIZATION
Reference: Cisco Internet Business
Solutions Group, 2004
Business Ready Data Center
Architecture
© 2005 Cisco Systems, Inc. All rights reserved.
Cisco Public
4
Evolution of the Data Center Infrastructure
Phased Approach
Data
Network
LAN
WAN
MAN
Enterprise
Applications
Server
Storage Fabric
Network Network
SAN
HPC
Cluster
GRID
Intelligent
Information
Network
Dynamic Provisioning and
Information Lifecycle
Management (ILM) to Enable
Business Agility
VIRTUALIZATION
Management of Resources
Independent of Underlying
Physical Infrastructure to
Increase Utilization,
Efficiency and Flexibility
Business Ready Data Center
Architecture
Business Policies
On-Demand
Service Oriented
Compute
Network
CONSOLIDATION
Centralization and
Standardization to
Lower Costs, Improve
Efficiency and Uptime
AUTOMATION
Storage
Compute Network Storage
© 2005 Cisco Systems, Inc. All rights reserved.
Cisco Public
5
Agenda
• Data Center Challenges and Trends
• Cisco Data Center Network Architecture
• Summary
Business Ready Data Center
Architecture
© 2005 Cisco Systems, Inc. All rights reserved.
Cisco Public
6
Cisco Data Center Network Architecture
Framework
PLM
HCM
CRM
Business
Procurement
Applications
ERP
Instant
Messaging
SCM
IPCC
Unified
Meeting
Place
Video
Delivery
Collaboration
Messaging
IP Phone
Applications
Traditional Architecture / Service Oriented Architecture
WAAS, App Acceleration,
Application
Delivery
Services
Optimization,
Security
and Server
Offload
Infrastructure Enhancing Services
Firewalls, Intrusion Protection,
Security
Services
Security
Agents
Infrastructure
Enhancing
Services
RDMA,
Virtualization,
Replication,
Compute Services
Storage
Fabric
Services
Virtual
Fabrics
Low Latency Clustering
Network Infrastructure Virtualization
Adaptive Management
Services
Application
Services
ApplicationNetworking
Networking Services
Services
Virtualization
Services Management
INTERACTIVE
SERVICES
LAYER
Advanced Analytics and Decision Support
NETWORKED
INFRASTRUCTURE
LAYER
Infrastructure Management
Business Ready Data Center
Architecture
Storage Network
Compute Network
Network Virtualization Services
Storage
Data Center
Server
Server
Switching
Interconnect
Fabric
Switching
Data
Enterprise
Campus
Branch
WAN/MAN Teleworker
Places
in
the
Network
Center
Edge
Modular
DWDM,
Director
Infiniband
Switching
Server
SFS Family
Rack
Blade
Fabric
Storage
Catalyst Family
© 2005 Cisco Systems, Inc. All rights reserved.
MDS Family
SONET,
SDH, FCIP
Clients
ONS Family
Cisco Public
7
Data Center Services
Where?
Application
Control Engine
SSL Off-load
Server
Load Balancing
Application
Message Services
EMBEDDED APPLICATION NETWORK SERVICES
High Performance
Compute (HPC) Clusters
Catalyst
AVS
SERVER
FABRIC
Management and Provisioning
Framework
WAAS
Internet
MPLS VPN
IPSEC/SSL VPN
SFS
7000
SERVER
SWITCHING
Blade Servers UNIX/NT Servers
Mainframes
DDOS Guard
Firewall Services
Intrusion
Prevention
Secure Virtual
Fabrics
EMBEDDED SECURITY SERVICES
Enterprise Applications
EMPLOYEE / PARTNER / CUSTOMER
ACCESS NETWORK
ONS 15000
SONET/SDH
xWDM
Metro Ethernet
FCIP
MDS 9500
STORAGE
SWITCHING
Storage & Tape Arrays
Business Ready Data Center
Architecture
DATA CENTER
INTERCONNECT
Fabric Hosted
Applications
Storage
Virtualization
Fabric Assisted
Applications
Data Replication
Services
EMBEDDED STORAGE SERVICES
© 2005 Cisco Systems, Inc. All rights reserved.
Fibre Channel
Infiniband
GE / 10GE
FICON
Cisco Public
8
DC Network Topology
Layers
Firewall Services
Core
Intrusion Detection
Server Virtualization
Network Analysis
V
Virtual I/O
File Caching
Aggregation
VPN Termination
Compute Fabric Services
Remote DMA Services
Server Balancing
Clustering Services
SSL Offloading
Access
DOS Protection
Fabric Gateway Services
Content Caching
Server Farms
Server Clusters
Edge
Virtual Fabrics (VSANs)
Storage Virtualization
Data Replication Svcs
Fabric Routing Services
Core
Fabric Gateway Services
Storage/Tape Farms
Business Ready Data Center
Architecture
© 2005 Cisco Systems, Inc. All rights reserved.
Cisco Public
9
DC Server Network
Layers
Firewall Services
Core
Intrusion Detection
Server Virtualization
Network Analysis
V
Virtual I/O
File Caching
Aggregation
VPN Termination
Compute Fabric Services
Remote DMA Services
Server Balancing
Clustering Services
SSL Offloading
Access
DOS Protection
Fabric Gateway Services
Content Caching
Server Farms
Server Clusters
Edge
Virtual Fabrics (VSANs)
Storage Virtualization
Data Replication Svcs
Fabric Routing Services
Core
Fabric Gateway Services
Storage/Tape Farms
Business Ready Data Center
Architecture
© 2005 Cisco Systems, Inc. All rights reserved.
Cisco Public
10
DC Access Layer
Layer 2, Layer 3 Server & Mainframe Connectivity
•
L2 and L3 requirements
•
Dual and single attached
•
High performance, low
latency L2 switching
•
Mix of oversubscription
requirements
•
Many uplink options
•
STP processing for
configured VLANs only
•
Utilizes services in the
Aggregation Layer
L2 w/clustering &
NIC teaming
Business Ready Data Center
Architecture
Enterprise Core
DC Core
DC Aggregation
Blade Chassis
w/pass thru
© 2005 Cisco Systems, Inc. All rights reserved.
Blade Chassis
w/integrated
switch
Mainframe
w/OSA
L3 Access
DC Access
Cisco Public
11
DC Aggregation Layer
Providing Critical Point for Control and Application Services
•
Aggregates traffic to DC core
•
Large STP Processing load
•
Aggregates advanced application
and security functions
•
Maintains connection and
session state for redundancy
Enterprise Core
•
Layer 4-7 services: FW, SLB, SSL,
IDS
•
High flexibility and Economies of
Scale
L2 w/clustering &
NIC teaming
Business Ready Data Center
Architecture
Blade Chassis
w/pass thru
© 2005 Cisco Systems, Inc. All rights reserved.
Service Modules
Blade Chassis
w/integrated
switch
Mainframe
w/OSA
L3 Access
DC Access
Cisco Public
12
DC Aggregation Layer
Server to Server Communications Path
What types of server to
server traffic will exist?
Multi-tier interaction,
Backup,Replication,
Cluster Messaging, storage
over ip
DC Core
Aggregation
Access
•The Aggregation module may provide the primary communication
path for server to server traffic
•Non traditional traffic emerging
•Driving lower oversubscription and 10GE uplinks
•Servers now ship with PCI-X NIC’s and GE
•Plan bandwidth for future server true capacity
Business Ready Data Center
Architecture
© 2005 Cisco Systems, Inc. All rights reserved.
Cisco Public
13
DC Core Layer
High speed switching fabric for Aggregation Modules
• Interconnects AGG Modules
• Isolates failure domains
• Scales large STP diameters
• Improves 10GE scaling
• Plan & build DC core up front
Enterprise Core
DC Core
Agg Module1
Agg Module2
Aggregation
GE/10GE
GE/10GE
Access
N x 100 Servers
Business Ready Data Center
Architecture
© 2005 Cisco Systems, Inc. All rights reserved.
N x 100 Servers
Cisco Public
14
Service Integration and Virtualization
Evolving towards Virtual Network Services
Dedicated
Cust
1
Shared
Cust
1
Cust
2
High CapEx & OpEx
Business Ready Data Center
Architecture
Cust … Cust
2
N
Quasi Virtualized
Cust
1
Cust …
2
Concerns for privacy &
security
Physical Resource
© 2005 Cisco Systems, Inc. All rights reserved.
Cust
N
Virtualized
Cust
1
Cust
2
… Cust
N
Virtual
Network Service
Service context
Cisco Public
15
DC Consolidated Infrastructure
Integration & Virtualization
Core
Core
Stateful
Firewalls
High
Density
Multilayer
LAN
Switch
Stateful
Firewalls
Content
Caching
Server
Load Balancing
Content
Caching
High
Density
Multilayer
LAN
Switch
Server
Load Balancing
IPS farm
Business Ready Data Center
Architecture
© 2005 Cisco Systems, Inc. All rights reserved.
Cisco Public
16
DC Storage Network
Layers
Firewall Services
Core
Intrusion Detection
Server Virtualization
Network Analysis
V
Virtual I/O
File Caching
Aggregation
VPN Termination
Compute Fabric Services
Remote DMA Services
Server Balancing
Clustering Services
SSL Offloading
Access
DOS Protection
Fabric Gateway Services
Content Caching
Server Farms
Server Clusters
Edge
Virtual Fabrics (VSANs)
Storage Virtualization
Data Replication Svcs
Fabric Routing Services
Core
Fabric Gateway Services
Storage/Tape Farms
Business Ready Data Center
Architecture
© 2005 Cisco Systems, Inc. All rights reserved.
Cisco Public
17
Direct Attach Storage
• Direct Attached Storage
(DAS)
Clients
• Storage is captive ‘behind’
the server, limited mobility
• Limited scalability due to
limited devices
• No storage sharing possible
Application
Servers
LAN
Win2k Linux
Unix Win2k Linux Unix
SCSI
FC
FC
• Costly to scale; complex to
manage
Tape
Direct Attached
Storage
Business Ready Data Center
Architecture
© 2005 Cisco Systems, Inc. All rights reserved.
Cisco Public
18
Storage Area Network
Separation of Storage from
the Server
• Storage is accessed at a
block-level via SCSI protocol
• High performance
interconnect providing high
I/O throughput
• Lower TCO relative to direct
attached storage, storage
can be shared
• Limited vendor
interoperability
• Complex management
Clients
LAN
Database
Servers
Fibre
Channel
SAN
Block
Storage
Devices
Storage Area Network (SAN)
Business Ready Data Center
Architecture
© 2005 Cisco Systems, Inc. All rights reserved.
Cisco Public
19
Virtual SAN (VSAN)
A Virtual SAN (VSAN) provides a
method to allocate ports within a
physical fabric to create virtual
fabrics
•
Analogous to VLANs in Ethernet
•
Virtual fabrics created from larger costeffective redundant physical fabric
•
Reduces wasted ports of island
approach
•
Fabric events are isolated per VSAN –
maintains isolation for HA
•
Hardware-based isolation - traffic is
explicitly tagged across inter-switch
links with VSAN membership info
•
Statistics can be gathered per VSAN
Business Ready Data Center
Architecture
© 2005 Cisco Systems, Inc. All rights reserved.
Physical SAN islands
are virtualized onto
common SAN
infrastructure
Cisco MDS 9000
Family with VSAN Service
Cisco Public
20
DC Interconnect
GE
Campus
Core
DC Interconnect
WAN
Data
Center
Core
Metro
Ethernet
Aggregation
Access
Servers
IBM
SONET/SDH
Network
Access
1/2 Gb
FC/FICON
Core
DWDM
Network
Storage
Business Ready Data Center
Architecture
IBM
GDPS
© 2005 Cisco Systems, Inc. All rights reserved.
Cisco Public
21
Server Fabric
Layers
Firewall Services
Core
Intrusion Detection
Server Virtualization
Network Analysis
V
Virtual I/O
File Caching
Aggregation
VPN Termination
Compute Fabric Services
Remote DMA Services
Server Balancing
Clustering Services
SSL Offloading
Access
DOS Protection
Fabric Gateway Services
Content Caching
Server Farms
Server Clusters
Edge
Virtual Fabrics (VSANs)
Storage Virtualization
Data Replication Svcs
Fabric Routing Services
Core
Fabric Gateway Services
Storage/Tape Farms
Business Ready Data Center
Architecture
© 2005 Cisco Systems, Inc. All rights reserved.
Cisco Public
22
Server Switches
Requirements being addressed
High Performance
Server-to-Server
Interconnect
Virtualization
(I/O, Storage, and CPU)
RDMA
High Bandwidth
Low Latency
InfiniBand today;
PCI-Express and /or
10GigE when ready
Policy-Based
Dynamic
Resource
Shared Resources
Mapping
Across
Entire Cluster
Routing, Aggregation,
Load Balancing
App/OS to CPU
provisioning
Performance and Control
Business Ready Data Center
Architecture
© 2005 Cisco Systems, Inc. All rights reserved.
Cisco Public
23
Server Switch Applications
Why Are Performance and Control Important?
High Performance
Computing (HPC)
“Enterprise-Class” HPC
Database Scalability
Server
Clustering
I/O Consolidation
I/O Aggregation
Server Consolidation
I/O
Virtualization
Applications
Utility or Grid
Computing
Business Ready Data Center
Architecture
© 2005 Cisco Systems, Inc. All rights reserved.
Application Provisioning
Server Re-purposing
Server Migration
Cisco Public
24
Today’s Enterprise Service Provisioning
A Scale-Out Example
NetOps ensures Branch
connectivity/ Routable Subnet
SecOps checks security policy,
expands FW Port Range
SLB Admin Adds Server to
Pool
NetOps connects Ethernet
cabling, configures
VLAN/Port Config
SysAdmin racks new server
Loads O/S and Applications
Assume you just want to add one
server to a web-farm…
The challenge is one of
‘coordination delays’. This type
of simple scale-out of an existing
serve often takes enterprises 90days.
New service turn-ups, after the
application has been developed,
often take 180+ days.
VFrame is designed to eliminate
these delays and automate the
provisioning of services
StorageOps configures LUN,
maps to Server
StorageOps provisions disk
volume and resources
Business Ready Data Center
Architecture
© 2005 Cisco Systems, Inc. All rights reserved.
Cisco Public
25
Data Center Automation
Vframe Data Center 1.0
Data Center
Define application
services and pass
policy to VFrame
Administrator
Policy
VFrame translates
policies to actions
and passes to
infrastructure
Application: SAP
VFrame identifies right
App / OS Image
From storage
Image
VFrame™
Performance
VFrame picks server
with right criteria to
run application and
boots server
Security
Availability
Accounting
NAS
MDS 9500
Catalyst 6500
SAN
CSM Load
Balancer
FWSM
Firewall
Servers
Application Service Provisioned!
Business Ready Data Center
Architecture
© 2005 Cisco Systems, Inc. All rights reserved.
Campus/
WAN/VPN
VFrame gives new
server right VLAN and
LUN info so it can
find/be found by right
clients and storage
VFrame provisions
security policies to
FWSM
VFrame provisions
CSM to add new server
to load balancing pool
Cisco Public
26
Agenda
• Data Center Challenges and Trends
• Cisco Data Center Network Architecture
• Summary
Business Ready Data Center
Architecture
© 2005 Cisco Systems, Inc. All rights reserved.
Cisco Public
27
Data Center Networking Action Plan
• Decide on the end-state data center:
What should the data center be in
five years?
• Identify main immediate challenges
and initiatives:
Consolidation, business continuance,
virtualization, on-demand, etc.
• Develop data center networking
strategy:
Data center and network stakeholders engage
Supports data center short- to long-term goals
and initiatives
• Engage with Cisco and partners:
Plan, design, deploy, implement, operate
and optimize
Business Ready Data Center
Architecture
© 2005 Cisco Systems, Inc. All rights reserved.
Cisco Public
28
Business Ready Data Center
Architecture
© 2005 Cisco Systems, Inc. All rights reserved.
Cisco Public
29