journey to the private cloud: delivering it-as-a-service · confidential under cisco nda dc...
TRANSCRIPT
© 2006 Cisco Systems, Inc. All rights reserved. Cisco Confidential Presentation_ID 1 © 2006 Cisco Systems, Inc. All rights reserved. Cisco Confidential Presentation_ID 1
Scott Manson
DC Leader for KSA, ME, Turkey
Journey to the Private Cloud:
Delivering IT-as-a-Service
© 2006 Cisco Systems, Inc. All rights reserved. Cisco Confidential Presentation_ID 2
What to do with the Cloud? And Why?
Provide a streamlined process for the provisioning of
Infrastructure-as-a-Service (IaaS) and subsequent
development, testing and utilization of Software-as-a-
Service (SaaS) for the deployment of applications
Internally, with subsidiaries and related supply chain
Package hosting, networking, security, and connectivity
together as a service. Available to all Ministries, Partners and
Supply Chain.
Users can acquire server capacity rapidly, for short or long-term
use, using Pay as you grow OPEX funding, without the need for
capital acquisitions.
© 2006 Cisco Systems, Inc. All rights reserved. Cisco Confidential Presentation_ID 3
Cloud Services typical evolution path
© 2006 Cisco Systems, Inc. All rights reserved. Cisco Confidential Presentation_ID 4
Service Retirement
Service Catalogue
Define Service
Customer TIER 1: Self-Service
Portal
Customer X/ System
Integrator/ Service
Provider
Request Service
TIER 3: Resource Management
(Automated Provisioning)
Physical Servers
Virtual Servers
Network
Storage Burst
Capacity
Performance Management
Compliance Management
Op
era
tio
ns
Metering & Chargeback
TIER 4:
TIER 2: Service
Management
Private Cloud Lifecycle Reference Model
© 2006 Cisco Systems, Inc. All rights reserved. Cisco Confidential Presentation_ID 5
IT-as-a-Service: On demand allocation of Services
Internal
Software and
Applications –as-a-
Service
SHARED
INFRA
SERVICES MINISTRIES/
SUPPLY CHAIN
External
Services and applications
delivered on demand and
based on a Service Catalogue
Dynamic allocation of shared
resources across the
Data Center based on priority
Voice/Video-as-a-Service
Storage-as-a-service
Service
Catalogue Infrastructure-as-a-service
Email-as-a-service
DR/Backup-as-a-Services
Virtual Desktop-as-a-Service
Internal
Ministries
Supply
chain
COMPANY
X
© 2006 Cisco Systems, Inc. All rights reserved. Cisco Confidential Presentation_ID 6
© 2006 Cisco Systems, Inc. All rights reserved. Cisco ConfidentialPresentation_ID 1
Typical Services Engagement Model for UCS
Bu
sin
ess V
alu
e
Trusted Advisor
Architecture Solution Deployment
Architecture Strategy &Roadmap
Unified Computing Plan & Design
Unified Fabric
IaaSOptimization
Problem Definition Solution Design Best Practices
Unified Computing Solution
IaaS Plan & Design
Systems Management Integration
IAAS Strategy
Confidential Under Cisco NDA
DC Virtualization
IaaSImplementationPhase 3/4
Deeper Unified Fabric, Automation and APIs
Federation and automation of workload moves across DCs
Infrastructure available for SaaS offerings
Unified Fabric throughout the data center
Automation of DC to network connectivity
Phase 2 Private and Virtual Private Cloud
Integration with 3rd party Cloud Orchestration SW
Scale up / down DC infrastructure
Additional security capabilities
Secure Data Center Interconnect over VPN
Phase 1 Public / Private Cloud Infrastructure
Base Nexus + UCS foundation
Multitenant virtualization
© 2006 Cisco Systems, Inc. All rights reserved. Cisco Confidential Presentation_ID 7
Tier 1
Customer
Voice/Video-as-a-Service
Storage-as-a-service
Service
Catalogue Infrastructure-as-a-service
Email-as-a-service
DR/Backup-as-a-Services
Virtual Desktop-as-a-Service
Self Service Portal Request Service
© 2006 Cisco Systems, Inc. All rights reserved. Cisco Confidential Presentation_ID 8
Tier 2
Voice/Video-as-a-Service
Storage-as-a-service
Service
Catalogue Infrastructure-as-a-service
Email-as-a-service
DR/Backup-as-a-Services
Virtual Desktop-as-a-Service
Self Service Portal Request Service
Customer
Service Management CCP
(Cisco Cloud Process Orchstrator)
© 2006 Cisco Systems, Inc. All rights reserved. Cisco Confidential Presentation_ID 9
Tier 3
Voice/Video-as-a-Service
Storage-as-a-service
Service
Catalogue Infrastructure-as-a-service
Email-as-a-service
DR/Backup-as-a-Services
Virtual Desktop-as-a-Service
Self Service Portal Request Service
Customer
Service Management
Resource Management
CCP (Cisco Cloud Process
Orchestrator)
Cisco Server
Provisioner
Cloud Automation
Packs
© 2006 Cisco Systems, Inc. All rights reserved. Cisco Confidential Presentation_ID 10
Voice/Video-as-a-Service
Storage-as-a-service
Service
Catalogue Infrastructure-as-a-service
Email-as-a-service
DR/Backup-as-a-Services
Virtual Desktop-as-a-Service
Self Service Portal Request Service
Customer
Service Management
Resource Management
Tier 4 Compute Storage Network & Security
CCP (Cisco Cloud Process
Orchestrator)
Cisco Virtual Multi-Tenant Data Center
Cloud
Service
Assurance
Virtualization Charging Solution
Chargeback Solution
Cisco Server
Provisioner
Cloud Automation
Packs
© 2006 Cisco Systems, Inc. All rights reserved. Cisco Confidential Presentation_ID 11
Voice/Video-as-a-Service
Storage-as-a-service
Service
Catalogue Infrastructure-as-a-service
Email-as-a-service
DR/Backup-as-a-Services
Virtual Desktop-as-a-Service
Self Service Portal Request Service
Customer
Service Management
Resource Management
Compute Storage Network & Security
CCP (Cisco Cloud Process
Orchstrator)
Cisco Virtual Multi-Tenant Data Center
Cloud
Service
Assurance
Virtualization Charging Solution
Chargeback Solution
Cisco Server
Provisioner
Cloud Automation
Packs
Tier 4
© 2006 Cisco Systems, Inc. All rights reserved. Cisco Confidential Presentation_ID 12
© 2006 Cisco Systems, Inc. All rights reserved. Cisco Confidential Presentation_ID 13
A Platform to facilitate the Critical Capabilities for Cloud
Services
Cisco
How?
© 2006 Cisco Systems, Inc. All rights reserved. Cisco Confidential Presentation_ID 14
Virtual Infrastructure Provisioning
CMDB
VMware
vCenter
Hyper-V
1- Orchestrator receives request to initiate
provisioning of virtual infrastructure
I would like a new SharePoint
application server running Windows in
a virtual machine and I would like it be
added to my current SharePoint
environment
SERVICE
MANAGEMENT
Automation controls vCenter
Provisioning the new virtual
machine
6- Orchestrator updates
the CMDB with the
provisioned server
details
0- User requests new SharePoint application
server on virtual server from service catalogue via
portal
Disk Array SAN/NAS
Hypervisor Cluster
Software
Load
Balancer
RESOURCE MANAGEMENT
7- User gets notified that virtual
infrastructure is provisioned
RESOURCE
MANAGEMENT
4 Automation deploys a new
Sharepoint application to the
Virtual Machine
5 Automation adds the virtual machine
details in the load balancer configuration
2 – Orchestrator calls
Automation to provision the
new virtual machine
Self Service Portal
© 2006 Cisco Systems, Inc. All rights reserved. Cisco Confidential Presentation_ID 15
Private/Public
Cloud Critical Capabilities
Networking
for Cloud
Network architecture needs to
be flexible, instead of being a
static stumbling block
Network services need to be location
independent: delivered wherever data,
applications, and users are and whenever the
services are needed
Network resources need to be abstracted so
that provisioning can be automated and actions
orchestrated through common interfaces
Cisco Confidential 16 © 2010 Cisco and/or its affiliates. All rights reserved.
Unified Fabric NX-OS Innovations for Cloud and Virtualization
L2 Domain Elasticity: vPC,FabricPath/TRILL OTV LAN extensions
OTV
OTV
Storage Elasticity: FCIP, IO Acceleration Inter-VSAN routing
Compute Resources Are Part of the Cloud, Location Is Transparent to the User
VN-link notifications
VM-awareness: VN-link
Port Profiles Profiles
OTV
OTV
IP Localization: RHI, LISP OTV: allowing Ethernet traffic from a local area network
(LAN) to be tunnelled over an IP network to create a “logical
data center” spanning several data centers in different
locations.
VMware VMotion can now leverage Cisco OTV to
easily and cost-effectively move data center workloads
across long distances, providing customers with
resource flexibility and workload portability that span
across geographically dispersed data centers.
© 2006 Cisco Systems, Inc. All rights reserved. Cisco Confidential Presentation_ID 17
Private/Public
Cloud Critical Capabilities
Multi-Tenant
Architecture
Flexible design to enable
different classes of service
for different tenants
Traffic isolation via dynamic
provisioning of VLANs,
VRFs, ACLs, and Virtual
Data Centers
Mulit-tenant partitioning provided by network container
provisioning, executed with a level of rigor and auditability
that may not be required if the data is not sensitive
© 2006 Cisco Systems, Inc. All rights reserved. Cisco Confidential Presentation_ID 18
VRF Blue VRF Purple
Customer = Virtual Routing and Forwarding
Validated Design for Multi-Tenancy: Path Isolation Each tenant is logically isolated from the others using VRF as
a container
Dedicated logical instances of vrf, vlan, fw, Service Load Balancing etc ..
for each tenant to provide security, privacy, policy compliance
© 2006 Cisco Systems, Inc. All rights reserved. Cisco Confidential Presentation_ID 19 © Copyright 2/19/2013 BMC Software, Inc 19
Leveraging Network Container Architecture
Pods = Physically assigned Resources
Network Containers Virtually and securely isolated by tenant within a Pod Unique Benefit: Logical Multi-tenancy - allows creation of one-to-many zones
Zones – Contain Customized policy-based workloads Key Benefit: Policy driven “placement” makes decision on best resource placement.
Computing System Switching
Platforms Cloud
Lifecycle
Management
Resource Management configures and places services within Network
Containers and Zones
© 2006 Cisco Systems, Inc. All rights reserved. Cisco Confidential Presentation_ID 20
Pre-packaged NW Services as Containers
LB, 1 VLAN
Virtual FW + pVLANs
Shared VMFS, No Data Protection
Bronze
System Configs
Virtual FW + pVLANs
Dedicated VMFS, DP via Snapshots
Multiple VLANs
SLB & SSL offload
System Configs
Virtual FW + pVLANs
Dedicated VMFS, 100% DP, Cloning
Multiple VLANs
SLB & SSL offload
Silver
VPN Offload Firewall
Gold
© 2006 Cisco Systems, Inc. All rights reserved. Cisco Confidential Presentation_ID 21
VMFS LUN/data store
VMDK VMDK VMDK
“Gold”
Application Database Web
Dedicated VMFS Data store and 100% Data protection and recovery with cloning
One VRF and multiple VLANs per customer
SLB & SSL offload
VPN Off load Firewall
“Bronze”
Block based storage
Application Database Web
VMDK VMDK VMDK
VMFS LUN/data store
Shared VMFS data store and no Data protection
One VLAN and VRF per customer
“Silver”
Application Database Web
VMFS LUN/data store
VMDK VMDK VMDK
Dedicated VMFS data store and Data protection and recovery with Snapshoting
SLB & SSL offload
One VRF and multiple VLANs per customer
Out of the box flexible Service Classes
© 2006 Cisco Systems, Inc. All rights reserved. Cisco Confidential Presentation_ID 22
“Pre-validated Cloud computing platform for service providers that combines Cisco’s CRS-1 core Internet router, Nexus 7000 data center switches and its Unified Computing System (UCS), which integrates blade servers with switching, storage access, virtualization and management”
Step 2 & 3: •Bulk VM create
•Individual VM create
Step 2 & 3: •Bulk VM create
•Individual VM create
Step 1: Create
Network Container
Step 1: Create
Network Container
CUSTOMER Backbone
VMDC Topology
Practical Examples: Multi-Tenancy
Customer 2
Customer 1
Step Optional: Load Balancer
Pool Create
Customer 1
Logical Topology
web app db
Step Optional: Load Balancer
Pool Create
Customer 2
Logical Topology
web app db
© 2006 Cisco Systems, Inc. All rights reserved. Cisco Confidential Presentation_ID 23
© 2006 Cisco Systems, Inc. All rights reserved. Cisco ConfidentialPresentation_ID 1
Typical Services Engagement Model for UCS
Bu
sin
ess V
alu
e
Trusted Advisor
Architecture Solution Deployment
Architecture Strategy &Roadmap
Unified Computing Plan & Design
Unified Fabric
IaaSOptimization
Problem Definition Solution Design Best Practices
Unified Computing Solution
IaaS Plan & Design
Systems Management Integration
IAAS Strategy
Confidential Under Cisco NDA
DC Virtualization
IaaSImplementationPhase 3/4
Deeper Unified Fabric, Automation and APIs
Federation and automation of workload moves across DCs
Infrastructure available for SaaS offerings
Unified Fabric throughout the data center
Automation of DC to network connectivity
Phase 2 Private and Virtual Private Cloud
Integration with 3rd party Cloud Orchestration SW
Scale up / down DC infrastructure
Additional security capabilities
Secure Data Center Interconnect over VPN
Phase 1 Public / Private Cloud Infrastructure
Base Nexus + UCS foundation
Multitenant virtualization
© 2010 Cisco Systems, Inc. All rights reserved. Cisco Confidential Emerging Markets 24