xr u svetu virtualizacije tom cof - global home page...ios-xr routing apps system admin routing apps...
TRANSCRIPT
www.ciscoday.com
31. 3. 2016.
Hotel Crowne Plaza
Beograd, Srbija
Cisco dan
• Tom Cof
• Product Sales specialist
• 31. mart 2016
XR u svetu virtualizacije
Cisco Router OS Evolution
Router OS Enhancement with Modularity
Monolithic
Application
Micro Kernel
App Admin
Kernel Kernel
Hypervisor
1990s 2000s 2010s
Cisco Router OS Evolution
Virtualized IOS-XR
Proven Cisco® IOS-XR in a Virtualized Environment
Virtualized IOS-XR
Intelligent Design
ZPL/ZTL Upgrade
nLight
Scalable
Fault Management
Programmability
Carrier Class Routing OS
Cisco Router OS Evolution Software Architecture Evolution: Cisco IOS-XR IOS-XR / Spirit
IOS XR
IOS-XR
IOS XR
QNX
QNX
Hypervisor
Hypervisor
IOS-XR
Routing Apps
System Admin
Routing Apps
Linux
Syst
em
Ad
min
Linux
IOS-XR
Linux
Syst
em
A
dm
in
Linux
NPUs
Virtualized IOS-XR
Common between IOS-XR and Spirit XR
• Proven XR applications
• Consistent user interface
CLI/XML/MIB
Admin Plane Separation from XR for Fault Isolation
Linux Kernel for Scale and Performance
Virtualization for ISSU and Fault Isolation
RP
Li
ne
Car
d
QFA
Cisco Router OS Evolution Benefits of Virtualization
Benefits of Virtualization with Cisco® IOS-XR
Hypervisor
XR1 XR2 Mobility Video
• Multiple, highly secure and isolated app containers
• Co-existence of multiple XR versions per SDR
• Zero topology and packet loss upgrade
• Improved system reliability with separate admin and application virtual machines (VMs)
• Flexible XR/service VM placement on dedicated compute device
Service Integration
In-Service Software Upgrade (ISSU)
Reliability Control Plane
Expansion
Cisco Router OS Evolution Scalability with Distributed Architecture
Flexible Scalable Design with Virtualized Architecture
XR
Admin
XR
Admin
XR
Admin
XR
Admin
Cisco UCS® for Control Expansion
Single Chassis Multi-chassis
Distributed System Design
• Separate control and data path
• Nodes connected through control Ethernet
• System as a “network”- managed as a single entity
• Distributed and consistent decision-making
LCC LCC
System Topology
Management
In-Service Software Upgrade (ISSU) Building Blocks
Hardware- and Software-Based Infrastructure for ISSU
Zero Packet Loss / Zero Topology Loss Upgrade
ISSU
Multi-Hop Upgrades
• Non-Stop Routing (NSR)
• Virtual Machines
• Fault Isolation
• Hardware Data Structures
• CPU Resources
• Memory Components
Virtualized IOS-XR
ISSU Architecture
• Multiple, highly secure and isolated application containers
• Co-existence of multiple versions of XR
• Synchronization between versions using NSR mechanisms
• Dedicated CPU, Memory and NPU resources to support ZPL/ZTL ISSU
• Multi-hop upgrades and downgrades
Hypervisor
RP
XR1 XR2 System Admin
ISSU Window
Hypervisor
LC
XRv1 XRv2
uCode FIB/ Feat
uCode FIB/ Feat
In-Service Software Upgrade (ISSU)
Virtualized IOS-XR ISSU Operation: Normal Load/Run Switch/Commit
RP0 RP1
Standby IOS-XR v1
Line Card (LC)
LC CPU
Active IOS-XR v1
Slice
V1
V1
Active IOS-XR v1
RP0 RP1
Line Card (LC)
LC CPU
Slice
Active IOS-XR v2
New IOS-XR v2
RP0 RP1
Line Card (LC)
LC CPU
Active IOS-XR v1
Active IOS-XR v1
Slice
V1
V1
V2
V2
Active IOS-XR v2
Standby IOS-XR v1
New IOS-XR v2
Standby IOS-XR v2
Active IOS-XR v1
V2
V2
In-Service Software Upgrade (ISSU)
Virtualized IOS-XR
Summary
Scalability • Distributed system architecture • Flexible VM placement • 64-bit Linux kernel
High Availability
• ISSU ZPL/ZTL • Independent SDR • Fault Management Framework
IP-Based Services
• Common service framework • Routing XR, NPS, video, mobility,
and transport VM • Add flexibility and value to the
network
Converged Platform
• Packet-OTN-DWDM system
• Service velocity
• Lambda utilization
Cisco NCS 6000
IOS-XRv 9000
Overview
HV
LXC
UVF DP
LXC
XR CP
LXC Admi
n
Data Plane Controller
LINU
X
VM
TenG
igE 0
/0/0
Gig
E 0
/0/1
GigE 0
/0/2
Mgm
tEth
0/0
/1
vswitch
• Based on Virtualized IOS-XR (Flex-XR)
Codebase
• Admin/Routing/control plane
sharing/leveraging the existing HW
platform.
• High performance x86 data plane
• CP/DP separation Data Plane Referred to as Virtual Forwarder (VF)
XR Combined RP+LC functionality
DPA
Nomenclature • Data Plane Controller – DPC • Data Plane Agent – DPA • Virtual Forwarder - UVF
XR based Virtual Router –
IOS-XRv 9000
• Common Hardware platform
(x86)
• Widely deployed IOS-XR
with rich features and high
availability.
• Install and launch IOS-XRv
9000 through orchestration
in minutes
• Wide range of applications
• Pilot programs
• Mainly target SP/XR-based
franchises who require high
performance vRouter
The benefit and applications
of IOS-XRv 9000
Service Provider Edge
Access / Aggregation Core
3rd Party / Internet
Service Provider Data Center
Customer Premise
IOS XR vRouter Enterprise WAN Edge
IOS XR vRouter Virtual DCI
IOS XR vRouter Virtual L3 VPN PE
IOS XR vRouter Virtual L2 VPN PE 64bit VRR
Rapid Creation and Deployment of new Services
Common x86 Hardware Familiar IOS XR
Live-Migration Cloud Orchestrated Single Tenant or Multi-Tenant
Common NBIs for Virtual & Physical
IOS XR based vRouter (IOS-XRv 9000) Sweetspot
Complementing the XR Edge Portfolio
2
8
32
128
512
2048
8192
32768
Gbps
Virtual XR DP
IOS-XRv 9000 ASR 9001 ASR 9006
ASR 9904
ASR 9010
ASR 9912 ASR 9922
Introduction
to
IOS-XR 6.0
… coming to a platform closer
to you
Q4 CY15 Q2 CY16 Q4 CY16
NCS5508
NCS5001
NCS5002
NCS1002
NCS5502
NCS5011
ASR9000(*)
NCS1002 w/ macsec
NCS 6000
In development
Not committed yet
NCS5501
* On ASR9k, 32-bit QNX images and 64-bit linux images will be supported
Guiding Principles for IOS-XR operational enhancements
Bring Your own Application
• Provide a platform on which customers can host their apps (3rd party apps, customer apps, cisco apps)
Automatable interfaces
• Provide visibility into the device through machine friendly interfaces
Open architecture Decrease tool chain variance
• Fit into customer’s operational workflow
Pillars of IOS-XR operational enhancements
Evolved Programmability
Flexible Platform and Packaging
Application Hosting
• Data accessible via published model driven interfaces • Machine friendly • Enables automation @ scale
• Packages can be inspected on box using standard tool chain (RPM tools) • Automated package dependency checkers • Open Bootloaders (iPXE) and end-to-end auto-provision
• Ability to run 3rd party off the shelf applications built with Linux tool chains • Run custom applications inside an LXC container on the 64-bit Linux host
Visibility & Telemetry
• Operational Data, Deep analytical hooks • Policy-based, flexible, Push Model
Software
Architecture
• 64-bit OpenEmbedded Linux
support.
Processes containerization.
Brings in standard Linux toolchain.
Third-Party Applications Support.
• NCS 5500, NCS 5000 and
NCS1002 will support only 64-bit
Linux
• ASR 9000 will still have 32-bit QNX
support
IOS XR 6.0 introduces a new software
infrastructure offering
X86 Hardware
64 bit Linux
Control Admin
NPU
System Admin
System
Control
Classic XR XR 6.0
32 bit QNX
• LXC (LinuX Containers) let you run a Linux system within another Linux system.
• A container is a group of processes on a Linux machine.
• Those processes form an isolated environment.
• Inside the container, it looks like a Virtual Machine.
• Outside the container, it looks like normal processes running on the system.
• Containers look like Virtual Machines, but are more efficient.
Introduction to Containers
X86 Hardware
Operating System
Hypervisor
Traditional Virtualization
App
Lib
OS
…
…
App
Lib
OS
App
Lib
OS
App
Lib
OS
X86 Hardware
Operating System
Containers
• They are Fast Deploy and Boot in less than one Second vs Minutes for Virtual Machines
• They are Lightweight Only a few MB of Disk Space per Container vs several hundred MB
for traditional Virtual Machines.
• They provide Similar Services as VMs Each container has:
Why Containers?
• Its own network interfaces
- Can be bridged, routed... just like with KVM.
• Its own filesystem
- e.g.: RedHat host can run Debian container.
• Isolation (security)
- Two containers can't harm (or even see) each other.
• Isolation (resource usage)
- Soft & Hard quotas for RAM, CPU, I/O. X86 Hardware
Operating System
… App
Lib
OS
App
Lib
OS
LXC1 LXC2
IOS-XR Container Roles:
Third Party
24
• Runs any 64-bit Linux distribution.
• Launched from the XR container using virsh and libvirtd.
• Access Network Interface through the Third Party Network Name Space (TPNNS).
Routing Processor
64-bit Host OS
Control Plane
Admin Plane
Third Party
Application
Hosting
• Enable hosting third-party apps and customer built apps – Allows your own language, library, packages, middleware of choice
• Enable apps to – use available resources (compute, memory, disk)
– perform networking operations (packet i/o) through XR’s interfaces
– Access XR functionality (example: M2M, Telemetry, FIB interaction)
• Motto is to ‘not get in the customer’s way’ – Allows to run apps to run unmodified or with minimal modifications
• Two app-hosting models – Native: apps share name-space with XR
– Container: apps have independent namespace. Allows more freedom
Third-party App hosting
Third Party Network Name Space
• Provide visibility of fabric attached interfaces outside of XR CLI.
• Available to processes in the XR containers or Third Party containers.
• Requires that the interface is Up with a valid IP address.
• Routing handled by XR.
27
Routing Processor
Control Plane Admin Plane Third Party
TPNNS TPNNS
64-bit Host OS TPNNS
Mgmt
Gig
TenGig
HunGig
Mgmt
Gig
TenGig
HunGig
Internal
IPC Interfaces
[xr-vm_node0_RP0_CPU0:~]$ip netns exec tpnns bash
RPM: XR New Package Format
• RPM Package Manager is the new Package format starting with IOS-XR 6.0.
• Packages are placed in a reachable repository and accessed via FTP/SFTP/SCP/TFTP or HTTP or pre-staged on the box
• Third Party packages are installed with RPM or YUM inside the Shell.
• IOS-XR packages are installed with “install update/upgrade”.
• Install commands are a wrapper around YUM to provide multi-arch support.
• Both YUM and install commands provide dependency verification/resolution.
Configuration,
Monitoring and
Troubleshooting
Individual Transfer Mechanisms
Have Problems
sensing & measurement
Where Data Is Created Where Data Is Useful
syslog
SNMP
CLI
storage & analysis
Streaming Telemetry Design Vision
• Get as much data off the box as quickly as possible Performance
• Grant full access to all operational data on the box Coverage
• Serialize the data in a flexible, efficient way that fits customers automated tools Automation
Instruction on: • What data to collect • With what cadence • And send to where
Router Receiving
unit Table 3 Table 2
Interface ifInErrors ifOutErrors ifHCOutOctets …
HundredGigabitEthernet 0/1/0/2 10 0 123456789 …
Bundle-Ether 42
3 0 234567890 …
… … … … …
Table 1
Ultra-high level picture
“I am the interface counters table”
Programmability
Network Configuration Protocol
(NETCONF)
SSH Clients
SSH
RPC calls are divided in 4 groups of methods: Retrieve, Configure, Copy, and Delete. Additional methods can be supported
Networking Device
• NETCONF provides mechanisms to install, manipulate, and delete device configuration.
• It uses an XML based data encoding for the configuration data as well as the protocol messages.
• NETCONF protocol operations are realized as remote procedure calls (RPCs) over SSH.
Retrieve, Configure, Copy, and Delete
Programmatic Interface
XR YANG
SSHd XR
Programmatic Interface
SSH Proxy Server
NETCONF Agent
YANG Framework
RESTCONF Agent
Web Server
SysDB Client
Library
SysDB
Backend Apps
Configuration Manager
Secure Transport
Connection
Oriented
RPC-based communication
model
Negotiate
Capabilities
REpresentational State Transfer (REST) is an API architecture style that can use HTTP
to send messages between a client and server, piggyback on existing HTTP Internet
What is REST?
Perl
Python
C#
Java
Server REST API
Applications HTTP Packets
Svr
.
Ap
p
• Using REST, applications can Create/Read/Update/Delete
• A REST service is platform-independent, language-independent
• App can be browser-based or standalone
Restconf and Netconf Agents
• The Restconf agent provides a programmatic interface to access XR platforms by implementing the Restconf API.
• The Restconf API is defined by the IETF (currently in draft version 4). – The data model is YANG.
• In XR the Restconf agent leverages the same underlying infrastructure as the Netconf agent. – Supports the same YANG models as Netconf agent
• A web server front-ends the Restconf agent providing transport security TLS and HTTP authentication.
From device-centric to network-as-platform
Orchestration
SDN Controller
Orchestration Orchestration
SDN Controller
Centralized service provisioning
Work with existing network devices
On Device Minimal but sufficient
AN: Autonomic Networking SR: Segment Routing VPN services: eVPN + static PW
Network as Platform Fully programmable
Device is PnP component
NSO NSO
WAE
NSO
XRv+ODL WAE
Next: ACE Network-as-Platform Now
NSO: Network Service Orchestrator WAE: Wan Automation Engine ODL: Open Daylight
Key Takeaway
• No Change in traditional CLI Operation
• In 6.0, available on NCS-5500, NCS-5000 and NCS1000 Platform
• In 6.1.1, available on ASR9k (traditional 32-bit QNX offering will still be
supported)
• Operational enhancement for Automated Operations
• Operating System change for Open Source tooling
IOS XR 6.0 Operational
Enhancements
Vis
ibili
ty &
Tel
emet
ry
Evo
lved
pro
gram
mab
ility
Ap
plic
atio
n H
ost
ing
Flex
ible
Pla
tfo
rm &
Pac
kagi
ng
IOS XR 6.0