cisco cloud computing deploying openstack
TRANSCRIPT
Presentation Title (option 1)
Deploying OpenStack with Cisco Compute, Network and StorageMike Cohen, Director of Product ManagementDuane DeCapite, OpenStack Product ManagerMay 14, 2014
#
Student Guide & Workshop & Internal Training & Confidential Update Dailyhttps://goo.gl/VVmVZ0
#Legal DisclaimerMany of the products and features described herein remain in varying stages of development and will be offered on a when-and-if-available basis. This roadmap is subject to change at the sole discretion of Cisco, and Cisco will have no liability for delay in the delivery or failure to deliver any of the products or features set forth in this document.
#3
OpenStack @ CiscoCOMMUNITY PARTICIPATIONCode Contributions and blueprints across Core servicesNetworking model, Compute Service and Dashboard, HA, Scheduling, OpenStack Foundation Board memberCISCO OPENSTACK ENGINEERINGAutomation (Puppet) and architectures (HA) for production deployment and operational supportQuantum/Neutron/Nova Plug-ins for Cisco product lines UCS, Nexus, CSR1000VScalable networking services FWaaS, LBaaS, VPNaaSCUSTOMERSPrivate, PublicExtend cloud model for rapid provisioning of network services, bare-metal, intelligent workload placementDrive innovation through real-world use cases
#
OpenStack is a set of loosely coupled services making up a cloud platformEach service is driven by a community project with contributions from many companiesQuantum allows applications to program the network; Enables two-way conversation between applications and the infrastructureCisco is driving development of OpenStack enabled cloud infrastructure.There is huge momentum behind OpenStack with 165 member companies, more than 8200 individual members from 100 countries, and more than 230 average monthly contributors4
OpenStack PlatformSUSE Cloud
Ubuntu OpenStack
UCS and Nexus
Cisco support in Leading Commercial Distributions of OpenStack
1. Source: IDC
#November 4th AvailabilityWe are also announcing that we are partnering with leading OpenStack distribution providers Canonical, Red Hat, and SUSE to provide integrated support for UCS servers and Cisco Nexus switches in commercially supported releases of the leading Linux OpenStack distributions.
Through close collaboration with our technology partners, Cisco will integrate OpenStack software distributions with Cisco OpenStack configurations for UCS and Nexus to enable our customers to have choices for rapidly deploying on-demand IT services with a variety of OpenStack alternatives. The following ecosystem partner OpenStack distributions provide integrated support for UCS and the Cisco drivers for OpenStack:Red Hat Enterprise Linux OpenStack PlatformSUSE CloudCanonical Ubuntu OpenStack
5
Lighthouse Customers with Cisco OpenStack Solutions
Comprehensive Cisco Integrated Solution for OpenStackOperational efficiency with UCS and Nexus with OpenStackPre-defined reference configurations and performance optimized solutions
#
6
Compute and Storage
#
7
As of February 2014, there are over 30,000 unique UCS customers which represents 53% Y/Y growthMore than 75% of all Fortune 500 customers have invested in UCS As of Q2FY14 we have over 14,000 repeat customers which represents 63% Y/Y growth Over 3,850 Channel Partners are actively selling UCS worldwide and over 1900 UCS specialized partnersAs of CY13 Q1 Cisco is one of the Top 5 Server Vendors based on Worldwide Revenue Share1 90 World Record Performance Benchmarks to date
Source: 1 IDC Worldwide Quarterly Server Tracker, Q1 2013, May 2013, Revenue Share
*Data Center Revenue is defined as Cisco UCS and Nexus 1000V
UCS with Intel Xeon processor
#As of Q2FY14, Data Center revenue was 605M, achieving a 10% growth rate Y/Y UCS order growth rates were in the mid 30s for Q2FY12As of Q2FY14, we have over 30,000 UCS customers, which represents 53% Y/Y We now have over 14,000 repeat customers which represents 63% Y/Y growth As of Q2FY14 over 1800 customers have purchased over 500K in UCS solutions and 900 have purchased over 1M We now have over 1900 specialized partners selling UCS and over 3850 active partners*
8
Unified Management Blade and Rack Servers Managed a Cohesive Resource Pool
UCS Manager
C-Series Rack Optimized Servers
B-Series Blade Servers
Service Profile: HR_App1VNIC1 MAC: 08:00:69:02:01:2EHR_WEB_VLAN (ID=50)VNIC2MAC: 08:00:69:02:01:2FHR_DB_VLAN (ID=210)HBA 1 and 2WWN: 5080020000075740WWN: 5080020000075741VSAN ID: 12Boot Order: SANBIOS Settings: Turbo OnHyperThreading On
UCS Service ProfileUnified Device ManagementNetwork PolicyStorage PolicyServer Policy
UNIFIED MANAGEMENT A SINGLE UNIFIED SYSTEM FOR BLADE AND RACK SERVERS
A Major Market Transformation in Unified Server ManagementBenefits of UCS Manager and Service Profiles for Both Blade and Rack-Optimized ServersAdd Capacity Without Complexity
#Multi-tier architectures across one resource poolOnly vendor on the planet to provide management parity across both blade and rack form factor9
Chassis/Server Discovery
Service Profile Association
PXE boot devices deployed
Cobbler database update
Register Nodes Provision UCS ServersStep 1 : Configuring Nodes using Python SDK
Updates the newly added node info in puppet
Puppet apply
Add hosts/system in OpenStack
Event Listener
PXE boot for initial OS install
RHEL 6.4 installation on bare-metal servers
Sync all the plugins from Puppet Master
Host OS Install
Inventory of nova nodes on controller
VM Provisioning
OpenStack Services Deployment
OpenStack Handover
Hostname / IP address
Logical credentials
Resource allocation preferences Only Point of User Touch
Pre-configure UCSStep 2 : Cobbler/Puppet based Node SubscriptionDeployment automation of openstack on UCS
#Build Node , Controller Node & Compute UCS nodes
Integration of bare metal bring up and the subsequent setup Applications (like Openstack, cobbler, etc). 2 stages:1. Apply configuration of the UCS baremetal using the Python SDK2. Start the event listener that listens for the change events of service-profile. Based on the event type, automatically update OR remove the host details in integration application
The integration script quickly configures UCS Manager with required policies so that it automatically discovers chassis, servers and creates and associates service profiles with the servers. This script also starts the event listener program in the integration application. The event listener automatically adds the UCS servers to application cluster after it receives the association complete event from UCS Manager.1) If the Application is Openstack, Then it also does puppet apply with the updated conf file.2) If the Application is Cobbler, Then it also does cobbler sync to reflect new configuration changes. So the servers can automatically PXE boot from the Host (Build-node in case of Openstack, or DHCP server used with Cobbler setup).10
Nova Blueprints
#
11
Networking
#
12
LAN/SANLANCisco Unified Fabric Innovations
CISCO NX-OS: From Hypervisor to Core CISCO DCNM: Single Pane of Management
DELIVERING TO YOUR DATA CENTER NEEDSResilient, High Performance, Scalable Fabric Operational EfficiencyWorkload Mobility Within/ Across DCs
Secure Separation/ MultitenancyLAN+SAN ConvergenceCisco Nexus 1000V
Cisco Nexus 1010
CiscoNexus 4000
CiscoNexus 5000
CiscoNexus 3000CiscoNexus 2000CiscoNexus 7000
CiscoNexus 6000
CiscoNexus 9000
#The Cisco Unified Fabric Switching portfolio offers one of the broadest data center LAN and SAN switching portfolios in the industry spanning from the Hypervisor to the data center core. Cisco Unified Fabric provides the flexibility of high-performance, highly available, highly-scalable networks to serve diverse data centers needs including the lossless requirements to carry diverser storage traffic (FC, FCoE, iSCSI, NAS) over a simplified infrastructure based on 10Gb Ethernet.
All platforms in the portfolio run on a common operating system - NX-OS. Having a single operating system across every element of the data center network, provides operational and functional consistency with tight integration across the unified fabric significantly simplifying operations and providing a foundation for accelerated innovations.
Management is an integral part of the product line as well. We have a single pane of management for Nexus and MDS families with Data Center Network Manager (DCNM) for simplified operations and control. 13
Omar Sultan (os) - Add "ideal for" call out--pull from prior slide
Innovations in Software, Hardware, ASICs and Systems
Nexus 9500PricePower EfficiencyProgrammabilityPort DensityPERFORMANCEPRICECOST STRUCTURE for 1G to 1/10GT and 10G to 40G migration 50% less ASICSPERFORMANCE INDUSTRY LEADING PRICE / LINE CARD BANDWITH1.92 Tbps per slot100G readyPORT DENSITY20% HIGHER Non-blocking DensityPROGRAMMABILITYJSON/XML APILinux Container for customer appsPOWER EFFICIENCYSTATE OF THE ART BACKPLANE FREE DESIGN15% greater power and cooling efficiencyMERCHANT+ ASIC APPROACHInnovation in Cisco ASICs
#
14
Cisco Nexus Plugins for Neutron BenefitsAutomated VLAN ProvisioningConfigure VLANs on the Nexus switch Layer 3 GatewayMap Nexus Switch Virtual Interface (SVI) to tenant VLANScalability with Top of Rack (ToR) Nexus as default Layer 3 GatewayEliminates configuration and bottleneck of host-based software L3 forwarding AgentMulti-Homed Host DeploymentsVirtual Port Channel (vPC) for High Availability (HA) and link optimization to multiple Nexus switchesHardware and Software-based NetworkingPerformance benefits of hardware-based ToR switch (Nexus 3000, 5000, 6000, 7000)Flexibility of software-defined Networking with Nexus 1000V
http://docwiki.cisco.com/wiki/OpenStack:Grizzly-Nexus-Plugin
#
15
Service Chaining with Nexus 1000VAPI Network is typically routable to enable public accessCloud Controller Nodenova-schedulermysql, rabbit...nova-apineutron-serverkeystoneCompute Nodenova-compute*-plugin-agentCompute Nodenova-compute*-plugin-agentCompute Nodenova-compute*-plugin-agentCompute Nodenova-compute*-plugin-agentNetwork Nodedhcp-agent*-plugin-agentl3-agentNetwork Nodedhcp-agent*-plugin-agentl3-agentNetwork Nodedhcp-agent*-plugin-agentl3-agent
Management NetworkAPI NetworkData NetworkExternal NetworkInternetN1000VFoundation of Virtual Services ArchitecturevPath Service Insertion/ChainingNetwork Function Virtualization (NFV)VXLAN Overlay Networking
VSM/N1000V
#
16
Network Nodedhcp-agent*-plugin-agentCSR 1000V RoutingAPI Network is typically routable to enable public accessCloud Controller Nodenova-schedulermysql, rabbit...nova-apiquantum-serverkeystoneCompute Nodenova-compute*-plugin-agentCompute Nodenova-compute*-plugin-agentCompute Nodenova-compute*-plugin-agentCompute Nodenova-compute*-plugin-agent
Management NetworkAPI NetworkData NetworkExternal NetworkInternetN1000VCSR 1000VNetwork or Compute node(s) hosts CSRVSM/N1000VCSR Provides per tenant isolation and full IOS capabilities including VPN, BGP, OSFP, MPLS, etc.
#
17
Neutron Blueprints
#
18
Neutron Blueprints
#
19
Cisco ACI
#
20
OPEN RESTFUL APISCENTRALIZED POLICY MODELOPEN SOURCECONTROLLER
APIC
Aci building blocksnext generation nexusTRADITIONAL NETWORKS
POLICY MODEL
ACI
BUILT-IN LINE RATE END POINT DIRECTORYINTEGRATED OVERLAY40G NON-BLOCKING FABRIC
SIMPLE, SECURE
>_>_
50% SIMPLER CODE BASE FUTURE PROOF UPGRADABLE TO ACI
PROGRAMMABILITY AND AUTOMATION
NETWORK VIRTUALIZATION SUPPORT
RESILIENCY: IN SERVICE PATCHING, UPGRADE, FAST RESTART
Aci building blocksFuture proofSoftware upgradable to ACINEXUS 9500 and 9300innovations In software hardware and system designPricePower EfficiencyProgrammabilityPort DensityPERFORMANCEOPTIMIZED NX-OSSCALE OUT WITHOUT COMPROMISECOMMON BUILDING BLOCKS - ACCESS AND CORE
APIC
#Nx-os:These switches incldue a hw platform optimzed for perforamcne, port density, and power efficeincy. - Optmied hardware platform for - Also includes unique features such as VXLAN routing, which are not present on any other platform
Highly power efficient backplane free design - Rich programmability features
- Optimized hardware platform - backplane free design for power efficiency - non-blocking port density - support for VXLAN bridging and routing
21
An innovative new Approach to Policy
ConnectivitySecurityQoSL4-7 ServicesAPPLICATION NETWORK PROFILEContractContractContract
OUTSIDE
db
app
WEB
ADC
f/wADCWhat is an application policy?Group: A set of VMs / servers with the same policy1.Contracts: A set of rules governing communication between groups2.Service Chains: A set of network services between groups3.
#
22
Policy in the Open Source CommunityGroup-Policy Information ModelOpFlex Agent Framework
OpFlex Agent
Group Policy API
Contributors
Group Policy APIContributors
OpFlex Southbound Plugin
123
Contributors
#Lock-inTransparentCommunity-based23
APIC
Opflex: AN OPEN, extensible policy protocolOPFLEX WAS DESIGNED TO OFFER:Policies:Who can talk to whomWhat aboutOps requirements
Abstract policies rather than device-specific configuration1.Flexible, extensible definition of using XML / JSON2.Support for any device including virtual switches, physical switches, network services with strong interoperability across vendors3.Open, standardized API with an open source reference implementation4.
Opflex Proxy
Opflex Agent
Opflex Agent
Opflex Agent
Hypervisor SwitchADCFirewall
#Change adc icon!24
TELEMETRY 3WHY CISCO ACI + OPENSTACK
PHYSICAL + VIRTUAL NETWORKINGADVANCED CAPABILITIES
Zero-touch operationsPerformance at scalePhysical server, multi-hypervisorHealth MetricsVisibility / TelemetryTroubleshootingService chainingApp Acceleration
1Easy for app developersSelf-documenting / automationAPPLICATION-CENTRIC POLICY MODEL
24
#
2009, Cisco Systems, Inc. All rights reserved.Presentation_ID.scr25
OpenStack ACI Integration
Neutron ROUTer
SECURITY Group
WebWebWebWebAppApp
DBDB
HYPERVISOR
HYPERVISOR
HYPERVISOR
Neutron network
APIC
ContractContractContract
db
app
WEB
ADC
f/wADC
APIC
APIC PluginAPIC PluginOVS Plugin
NeutronNetworking
APIC PluginGroup Policy PluginOVS Plugin
NeutronNetworkingAPIC PLUGINGROUP POLICY PLUGIN
WebWebWebWebAppApp
DBDB
HYPERVISOR
HYPERVISOR
HYPERVISOR
#DemonstrationACI and OpenStackMay 2014
#TopologyUbuntu Servers running KVM and Real Physical Environment!ACI FabricAPICOpenStack
KVM10.10.1.1KVM10.10.2.1
ApicApicApicApic
APIC PluginAPIC DriverOVS Driver
NeutronNetworking
#Summary and Next Steps
Cisco offers a complete Compute, Networking and Storage Solution for OpenStack
ACI provides network simplification with leaf-and-spine architecture and group policy abstraction
Cisco provides Advanced and Technical Services to help migrate from Pilot to Production
Please let us know how we can help you with OpenStack by contacting us at [email protected]
More information can be found at www.cisco.com/go/OpenStack and www.cisco.com/go/aci
APIC
#
29
AppendixCohen, DeCapiteMay 2014
#Cisco UCS: Many Server Form Factors, One SystemIndustry-Leading Compute Without Compromise
UCS Compute PortfolioPerformance Optimized for Bare Metal, Virtualized, and Cloud ApplicationsUCS C220 M3Versatile, General Purpose Enterprise Infrastructure, and Application Server Enterprise PerformanceUCS C240 M3Ideal Platform for Big Data, ERP, and Database ApplicationsUCS B200 M3Optimal Choice for VDI, Private Cloud, or Dense Virtualization/ Consolidation Workloads
Intensive / Mission CriticalUCS B420 M3Enterprise Class, 4-Socket Blade for Large, Memory-Intensive Bare Metal and Virtualized ApplicationsUCS C420 M3Enterprise Class, 4-Socket Server for Large, Memory-Intensive Bare Metal, and Virtualized Applications
UCS C24 M3Entry, Expandable Rack Server for Storage Intensive WorkloadsUCS C22 M3Entry Rack Server for Distributed and Web Infrastructure ApplicationsUCS B22 M3Entry Blade Server for IT Infrastructure and Web ApplicationsScale OutRackBlade
UCS C260 M2Mission-Critical, 2-Socket Extended Memory Server for Large, Memory-Intensive ApplicationsUCS C460 M4Mission-Critical, 2/4-Socket Server for Large, CPU-Intensive ApplicationsUCS B440 M2Mission-Critical, 4-Socket Blade for Large, CPU-Intensive Bare Metal and Virtualized ApplicationsUCS B230 M2Density-optimized CPU andMemory-Intensive 2-Socket Blade for Bare Metal and Virtualized Applications
#
31
The policy endpoint interprets the policy and maps it to its hardware capabilities
How Opflex works
POLICY
APIC
A policy authority such as the APIC manages a logical model of desired state
Hardware
Ports, vlans, interfacesSubset of Policy
4IMPLICIT RENDER POLICY UPDATEPOLICY RESOLUTION
321Rendering can leverage any low level programming API including OVSDB, OpenFlow or device-specific API
#Simplified version for analyst deck.
Just show model, transfer, and render.32
Two Options for OpenStack APIs
Neutron ROUTer
SECURITY Group
Neutron networkNeutron APIGroup Policy API
Neutron networkPortPort
Tenant
TenantUse Existing Neutron APIs with APIC and Cisco ACI
ContractGroup
Service ChainGroup
Group Policy introduces a new API that maps to the ACI policy model
#
Trunk Cabling(100m)Patch panelJumper Cable10G Optical LinkPatch panelJumper Cable
40G BiDi Optics Preserve Existing 10G CablingSignificant Transceiver Savings$4,059 SAVINGS (LIST) PER 40G LINKTraditional 40G Optical LinkComplete Replacement
40G BiDi Optical LinkReuse all 10G Cabling/Patch Panels
+$2,200*Source: Corning OM3 Cable & Patch Panel list prices, Cisco 40G BiDi list price, Competitors 40G SR4 list price
+$6,259*
#
34
BUILT AROUND OPEN APIS
APIC
Open REST APIs Support Integration With Any SoftwareOpFlex: Open Fabric Attached Device API Supports Integration with Any Network Device Automation Enterprise Monitoring
SystemsManagementOrchestrationFrameworks
OVMHypervisor Management
Applications
NORTHBOUND PROGRAMMABILITY LAYERSOUTHBOUND PROGRAMMABILITY LAYER
#
----- Meeting Notes (1/22/14 13:10) -----say that we have strong support for the product
say "fabric attached" device API. 35
Compute-intensive
Mixed-use(2) UCS 96-Port 6296 Fabric Interconnect(2) Nexus 2232 PP(6) UCS C220 M3 Servers w/ dual Intel Xeon E5-2665 2.4 GHz Processors, 192GB of Memory, Mega RAID, 4 x 900GB 10K SAS HDDs
(2) UCS 96-Port 6296 Fabric Interconnect(2) Nexus 2232 PP(6) UCS C220 M3 Servers w/ dual Xeon E5-2665 2.7 GHz Proc, 192GB of Memory, Mega RAID, 4 x 600GB 10K SAS HDDs(2) UCS C240 M3 Servers w/ dual Intel Xeon E5-2665 2.4 GHz Proc, 192GB of Memory, 1 x Mega RAID, 24 x 900GB 10K SAS HDDs
Storage-intensive(2) UCS 96-Port 6296 Fabric Interconnect(2) Nexus 2232 PP(8) UCS C240 M3 Servers w/ dual Intel Xeon E5-2665 2.4 GHz Proc, 192GB of Memory, 1 x Mega RAID, 24 x 900GB 10K SAS HDDs
Cisco UCS OpenSTack ACCelerator Paks
#Virtualization and cloud software is a critical element of a public, private, or hybrid cloud deployment. Cisco UCS Solution Accelerator Paks for cloud infrastructure support solutions from Citrix, Microsoft, and VMware as well as OpenStack distributions, providing choice and flexibility in cloud software infrastructure deployment.Accelerate Cloud Deployment: Cisco Unified Computing System (Cisco UCS) Solution Accelerator Paks provide a fast and easy approach to buying and deploying infrastructure.
Deploy the Cloud You Need: Cisco UCS Solution Accelerator Paks configurations can be used to build public, private, and hybrid cloud infrastructure that supports application, service, and storage hosting.
Install OpenStack Quickly: The Cisco UCS OpenStack Installer provides a validated installation for an active-active, highly scalable architecture for OpenStack services.
Scale on Demand: The Cisco UCS architecture makes it easy to add computing and storage resources as demand rises.
Provision Cloud Infrastructure Faster: Built-in automation enables configurations to be deployed quickly, easily, and accurately.
Eliminate Network Sprawl and Complexity: Cisco UCS provides greater network density with less cabling and complexity.
Simplify Management: End-to-end management provides visibility and enables the monitoring and automated remediation of physical servers, storage, and network devices.
36
Cisco Unified FabricContinuous Market Leadership Cisco FabricPath CustomersCisco FEX Customers
Cisco NX-OS CustomersDC TECHNOLOGY LEADER
1,500+
11,000+
40,000+
11M+*Source: Infonetics, Q3 2012 DC Network Equipment Report, December 2012 **Source: DellOro, SAN Switching, November 2012Data current as of December 2012. Subject to change without notice.DATA CENTER SWITCHING LEADER#Market share by revenue in Q3 2012 for DC Ethernet Switching at 71.7%*1#Market share by revenue in Q3 2012 for FCoE SAN Switching at 87.3%**110GE Ports Shipped
#That leadership comes from continuously listening to our customers and investing in R&D to meet their needs. We have seen strong adoption of Cisco Unified Fabric and our continuing market share leadership shows strong adoption by customers.
37
Separating Tenant Policies from Operations2
ACI Admin(Manages Network Operations and Infrastructure)
l/b
EPG app
EPG dbf/wl/b
EPG WEB
Application Network ProfileCreate Application Policy35ACI Fabric
Push Policy
APIC
OpenStack Tenant(Manages Tenant and Application State only)Instantiate VMs
WebWebWebWebAppApp4Create Application Network Profile
1DBDB
HYPERVISOR
HYPERVISOR
HYPERVISOR
NOVA
NEUTRON
Automatically Push Network Profiles to AFC
l/b
EPG app
EPG dbf/wl/b
EPG WEB
Application Network Profile
#