200 likes | 388 Views
Accelerating Cloud Computing Infrastructure: Cisco Nexus 1000V. Phil Veniot Systems Engineer pveniot@cisco.com. A Shared Vision. The Cisco | VMware Relationship Shared vision for cloud computing infrastructure Proven track record of delivering data center infrastructure solutions
E N D
Accelerating Cloud Computing Infrastructure:Cisco Nexus 1000V Phil Veniot Systems Engineer pveniot@cisco.com
A Shared Vision The Cisco|VMware Relationship Shared vision for cloud computing infrastructure Proven track record of delivering data center infrastructure solutions Complementary roadmap with Cisco Data Center 3.0 and VMware vSphere 4.0 Data center virtualization > private clouds > inter-clouds Unparalleled collaboration—leading to integrated product development Goal: Reducing time to gained benefits from data center transformation
Co-developed with VMware The Nexus 1000V is a Cisco Switch Nexus 1000V was co-developed by Cisco and VMware Nexus 1000V Virtual Ethernet Module embedded in VMware vSphere 4.0 Compatible with Enterprise Plus edition of VMware vSphere (requires vNetwork Distributed Switch feature) Both VMware & Cisco make the Nexus 1000V available via resellers or direct sales On-going technology and solution R&D efforts
Nexus1000V Brings VM Level Granularity VLAN101 Problems: VMotion • VMotion may move VMs across physical ports—policy must follow • Impossible to view or apply policy to locally switched traffic • Cannot correlate traffic on physical links—from multiple VMs • Cisco Nexus 1000V Solution: • Extends network to the VM • Consistent services • Coordinated, coherent management Cisco Switch
Cisco Nexus 1000V Faster VM Deployment Cisco VN-Link: Virtual Network Link Policy-Based VM Connectivity Mobility of Network & Security Properties Non-Disruptive Operational Model VM VM VM VM VM VM VM VM vSphere vSphere Nexus 1000V VEM Nexus 1000V VEM Defined Policies WEB Apps HR DB DMZ VM Connection Policy • Defined in the network • Applied in Virtual Center • Linked to VM UUID Nexus 1000V VSM vCenter
Transparent VMotion Simplified Operational Model Cisco VN-Link: Virtual Network Link Policy-Based VM Connectivity Mobility of Network & Security Properties Non-Disruptive Operational Model VM VM VM VM VM VM VM VM VM VM VM VM VMs Need to Move • VMotion • DRS • SW Upgrade/Patch • Hardware Failure vSphere vSphere Nexus 1000V VEM Nexus 1000V VEM VN-Link Property Mobility • VMotion for the network • Ensures VM security • Maintains connection state Nexus 1000V VSM vCenter
Cisco Nexus 1000V Increased Operational Efficiency Cisco VN-Link: Virtual Network Link Policy-Based VM Connectivity Mobility of Network & Security Properties Non-Disruptive Operational Model VM VM VM VM VM VM VM VM vSphere vSphere VI Admin Benefits • Maintains existing VM mgmt • Reduces deployment time • Improves scalability • Reduces operational workload • Enables VM-level visibility Nexus 1000V VEM Nexus 1000V VEM Network Admin Benefits • Unifies network mgmt and ops • Improves operational security • Enhances VM network features • Ensures policy persistence • Enables VM-level visibility Nexus 1000V VSM vCenter
What are the Nexus 1000V Components? Virtual Ethernet Module (VEM) Located on each server to enable advanced networking capability on the hypervisor Replaces VMware vSwitch functionality in vSphere Free download at cisco.com Virtual Supervisor Module (VSM) Performs management and integrates with vCenter Runs Cisco NX-OS as a virtual or physical appliance Free download at cisco.com CPU Licenses $695(USD) per CPU (socket) Free evaluation at cisco.com for 60 days and 16 CPUs No limit on the number of cores per CPU VM VM VM VM vSphere Nexus 1000V VEM VDS API Nexus 1000V VSM vCenter
Nexus 1000V DVS Cisco Nexus 1000V Components Cisco VSMs Virtual Supervisor Module(VSM) • CLI interface into the Nexus 1000V • Leverages NX-OS 4.04a • Controls multiple VEMs as a single network device Virtual Ethernet Module(VEM) • Replaces Vmware’s virtual switch • Enables advanced switching capability on the hypervisor • Provides each VM with dedicated “switch ports” Cisco VEM Cisco VEM Cisco VEM VM7 VM2 VM3 VM4 VM5 VM10 VM1 VM9 VM7 VM11 VM12 VM6 vCenter Server
Cisco Nexus 1000V Scalability Nexus 1000V • A single Nexus 1000V supports: • 2 Virtual Supervisor modules (HA) • 64 Virtual Ethernet modules • 512 Port Profiles • 512 Active VLANs • 2048 Ports (Eth) • 8192 Veth • 256 Port Channels • A single Virtual Ethernet module supports: • 256 Ports Veths • 32 Physical NICs • 8 Port Channels * Overall system limits are lower than VEM limit x 64 Cisco VEM
What is a Port-Profile? • A port-profile is a container used to define a common set of configuration commands for multiple interfaces • Define once and apply many times • Simplifies management by storing interface configuration • Key to collaborative management of virtual networking resources • Why is it not like a template or SmartPort macro? • Port-profiles are ‘live’ policies • Editing an enabled profile will cause config changes to propagate to all interfaces using that profile (unlike a static one-time macro)
Port Profile Configuration n1000v# show port-profile name WebProfile port-profile WebProfile description: status: enabled capability uplink: no system vlans: port-group: WebProfile config attributes: switchport mode access switchport access vlan 110 no shutdown evaluated config attributes: switchport mode access switchport access vlan 110 no shutdown assigned interfaces: Veth10 • Support Commands Include: • Port management • VLAN • PVLAN • Port-channel • ACL • Netflow • Port Security • QoS
Overriding Port Profile Configuration • Administrators can interact with individual switchports, overriding a port profile • Use to isolating problems with one or two interfaces without changing the port-profile and affecting other ports • Manual configuration always takes precedence over a port profile configuration • The ‘no’ command can remove the override and restore the profile’s config by doing: • n1000v(config)# int vethernet 2 • n1000v(config-if)# switchport access vlan 250 • n1000v(config)# int vethernet 2 • n1000v(config-if)# no switchport access vlan
Port Profile Inheritance • Profile inheritance allows the construction of profile hierarchies • ‘Parent’ profiles pass configuration to ‘child’ profiles • Only the child profiles need to be visible within VC • Updates to the parent filter to the child • Child profiles can be updated independently n1000v(config)# port-profile Web n1000v(config-port-prof)# switchport mode access n1000v(config-port-prof)# switchport access vlan 100 n1000v(config-port-prof)# no shut n1000v(config)# port-profile Web-Gold n1000v(config-port-prof)# inherit port-profile Web n1000v(config-port-prof)# service-policy output Gold n1000v(config-port-prof)# vmware port-group Web-Gold n1000v(config)# port-profile Web-Silver n1000v(config-port-prof)# inherit port-profile Web n1000v(config-port-prof)# service-policy output Silver n1000v(config-port-prof)# vmware port-group Web-Silver Effective Port Profile – Web-Silver Access Port VLAN100 SilverQoS Policy Effective Port Profile – Web-Gold Access Port VLAN100 GoldQoS Policy
VMware Administrator View • Consistent Workflow: Continue to select Port Groups when configuring a VM in VMware Virtual Infrastructure Client
Nexus 1000V Deployment Options Rack Optimized Servers All types of servers 1G & 10G NICs Any type of physical switch (Cisco & other vendors) Requires External Management Appliance (VSM) which can be a virtual or physical appliance Requires VMware vSphere 4.0 Enterprise Plus License Network stats, interface state, flow stats maintained in VEM, exposed through VSM Blade Servers Nexus 1000V VSM vCenter
Available May 21, 2009 Free evaluation for vSphere Enterprise Plus All Features Supported 60 days & 16 CPUs www.cisco.com/go/1000v www.vmware.com/download/vsphere/drivers_tools.html Nexus 1000V Free Evaluation VM VM VM VM vSphere Nexus 1000V VEM Nexus 1000V VSM vCenter