www.ciscoday.com

31. 3. 2016.

Hotel Crowne Plaza

Beograd, Srbija

Cisco dan

• Tom Cof

• Product Sales specialist

• 31. mart 2016

XR u svetu virtualizacije

Cisco Router OS Evolution

Router OS Enhancement with Modularity

Monolithic

Application

Micro Kernel

App Admin

Kernel Kernel

Hypervisor

1990s 2000s 2010s

Cisco Router OS Evolution

Virtualized IOS-XR

Proven Cisco® IOS-XR in a Virtualized Environment

Virtualized IOS-XR

Intelligent Design

ZPL/ZTL Upgrade

nLight

Scalable

Fault Management

Programmability

Carrier Class Routing OS

Cisco Router OS Evolution Software Architecture Evolution: Cisco IOS-XR IOS-XR / Spirit

IOS XR

IOS-XR

IOS XR

QNX

QNX

Hypervisor

Hypervisor

IOS-XR

Routing Apps

System Admin

Routing Apps

Linux

Syst

em

Ad

min

Linux

IOS-XR

Linux

Syst

em

A

dm

in

Linux

NPUs

Virtualized IOS-XR

Common between IOS-XR and Spirit XR

• Proven XR applications

• Consistent user interface

CLI/XML/MIB

Admin Plane Separation from XR for Fault Isolation

Linux Kernel for Scale and Performance

Virtualization for ISSU and Fault Isolation

RP

Li

ne

Car

d

QFA

Cisco Router OS Evolution Benefits of Virtualization

Benefits of Virtualization with Cisco® IOS-XR

Hypervisor

XR1 XR2 Mobility Video

• Multiple, highly secure and isolated app containers

• Co-existence of multiple XR versions per SDR

• Zero topology and packet loss upgrade

• Improved system reliability with separate admin and application virtual machines (VMs)

• Flexible XR/service VM placement on dedicated compute device

Service Integration

In-Service Software Upgrade (ISSU)

Reliability Control Plane

Expansion

Cisco Router OS Evolution Scalability with Distributed Architecture

Flexible Scalable Design with Virtualized Architecture

XR

Admin

XR

Admin

XR

Admin

XR

Admin

Cisco UCS® for Control Expansion

Single Chassis Multi-chassis

Distributed System Design

• Separate control and data path

• Nodes connected through control Ethernet

• System as a “network”- managed as a single entity

• Distributed and consistent decision-making

LCC LCC

System Topology

Management

In-Service Software Upgrade (ISSU) Building Blocks

Hardware- and Software-Based Infrastructure for ISSU

Zero Packet Loss / Zero Topology Loss Upgrade

ISSU

Multi-Hop Upgrades

• Non-Stop Routing (NSR)

• Virtual Machines

• Fault Isolation

• Hardware Data Structures

• CPU Resources

• Memory Components

Virtualized IOS-XR

ISSU Architecture

• Multiple, highly secure and isolated application containers

• Co-existence of multiple versions of XR

• Synchronization between versions using NSR mechanisms

• Dedicated CPU, Memory and NPU resources to support ZPL/ZTL ISSU

• Multi-hop upgrades and downgrades

Hypervisor

RP

XR1 XR2 System Admin

ISSU Window

Hypervisor

LC

XRv1 XRv2

uCode FIB/ Feat

uCode FIB/ Feat

In-Service Software Upgrade (ISSU)

Virtualized IOS-XR ISSU Operation: Normal Load/Run Switch/Commit

RP0 RP1

Standby IOS-XR v1

Line Card (LC)

LC CPU

Active IOS-XR v1

Slice

V1

V1

Active IOS-XR v1

RP0 RP1

Line Card (LC)

LC CPU

Slice

Active IOS-XR v2

New IOS-XR v2

RP0 RP1

Line Card (LC)

LC CPU

Active IOS-XR v1

Active IOS-XR v1

Slice

V1

V1

V2

V2

Active IOS-XR v2

Standby IOS-XR v1

New IOS-XR v2

Standby IOS-XR v2

Active IOS-XR v1

V2

V2

In-Service Software Upgrade (ISSU)

Virtualized IOS-XR

Summary

Scalability • Distributed system architecture • Flexible VM placement • 64-bit Linux kernel

High Availability

• ISSU ZPL/ZTL • Independent SDR • Fault Management Framework

IP-Based Services

• Common service framework • Routing XR, NPS, video, mobility,

and transport VM • Add flexibility and value to the

network

Converged Platform

• Packet-OTN-DWDM system

• Service velocity

• Lambda utilization

Cisco NCS 6000

IOS-XRv 9000

Overview

HV

LXC

UVF DP

LXC

XR CP

LXC Admi

n

Data Plane Controller

LINU

X

VM

TenG

igE 0

/0/0

Gig

E 0

/0/1

GigE 0

/0/2

Mgm

tEth

0/0

/1

vswitch

• Based on Virtualized IOS-XR (Flex-XR)

Codebase

• Admin/Routing/control plane

sharing/leveraging the existing HW

platform.

• High performance x86 data plane

• CP/DP separation Data Plane Referred to as Virtual Forwarder (VF)

XR Combined RP+LC functionality

DPA

Nomenclature • Data Plane Controller – DPC • Data Plane Agent – DPA • Virtual Forwarder - UVF

XR based Virtual Router –

IOS-XRv 9000

• Common Hardware platform

(x86)

• Widely deployed IOS-XR

with rich features and high

availability.

• Install and launch IOS-XRv

9000 through orchestration

in minutes

• Wide range of applications

• Pilot programs

• Mainly target SP/XR-based

franchises who require high

performance vRouter

The benefit and applications

of IOS-XRv 9000

Service Provider Edge

Access / Aggregation Core

3rd Party / Internet

Service Provider Data Center

Customer Premise

IOS XR vRouter Enterprise WAN Edge

IOS XR vRouter Virtual DCI

IOS XR vRouter Virtual L3 VPN PE

IOS XR vRouter Virtual L2 VPN PE 64bit VRR

Rapid Creation and Deployment of new Services

Common x86 Hardware Familiar IOS XR

Live-Migration Cloud Orchestrated Single Tenant or Multi-Tenant

Common NBIs for Virtual & Physical

IOS XR based vRouter (IOS-XRv 9000) Sweetspot

Complementing the XR Edge Portfolio

2

8

32

128

512

2048

8192

32768

Gbps

Virtual XR DP

IOS-XRv 9000 ASR 9001 ASR 9006

ASR 9904

ASR 9010

ASR 9912 ASR 9922

Introduction

to

IOS-XR 6.0

… coming to a platform closer

to you

Q4 CY15 Q2 CY16 Q4 CY16

NCS5508

NCS5001

NCS5002

NCS1002

NCS5502

NCS5011

ASR9000(*)

NCS1002 w/ macsec

NCS 6000

In development

Not committed yet

NCS5501

* On ASR9k, 32-bit QNX images and 64-bit linux images will be supported

Guiding Principles for IOS-XR operational enhancements

Bring Your own Application

• Provide a platform on which customers can host their apps (3rd party apps, customer apps, cisco apps)

Automatable interfaces

• Provide visibility into the device through machine friendly interfaces

Open architecture Decrease tool chain variance

• Fit into customer’s operational workflow

Pillars of IOS-XR operational enhancements

Evolved Programmability

Flexible Platform and Packaging

Application Hosting

• Data accessible via published model driven interfaces • Machine friendly • Enables automation @ scale

• Packages can be inspected on box using standard tool chain (RPM tools) • Automated package dependency checkers • Open Bootloaders (iPXE) and end-to-end auto-provision

• Ability to run 3rd party off the shelf applications built with Linux tool chains • Run custom applications inside an LXC container on the 64-bit Linux host

Visibility & Telemetry

• Operational Data, Deep analytical hooks • Policy-based, flexible, Push Model

Software

Architecture

• 64-bit OpenEmbedded Linux

support.

Processes containerization.

Brings in standard Linux toolchain.

Third-Party Applications Support.

• NCS 5500, NCS 5000 and

NCS1002 will support only 64-bit

Linux

• ASR 9000 will still have 32-bit QNX

support

IOS XR 6.0 introduces a new software

infrastructure offering

X86 Hardware

64 bit Linux

Control Admin

NPU

System Admin

System

Control

Classic XR XR 6.0

32 bit QNX

• LXC (LinuX Containers) let you run a Linux system within another Linux system.

• A container is a group of processes on a Linux machine.

• Those processes form an isolated environment.

• Inside the container, it looks like a Virtual Machine.

• Outside the container, it looks like normal processes running on the system.

• Containers look like Virtual Machines, but are more efficient.

Introduction to Containers

X86 Hardware

Operating System

Hypervisor

Traditional Virtualization

App

Lib

OS

…

…

App

Lib

OS

App

Lib

OS

App

Lib

OS

X86 Hardware

Operating System

Containers

• They are Fast Deploy and Boot in less than one Second vs Minutes for Virtual Machines

• They are Lightweight Only a few MB of Disk Space per Container vs several hundred MB

for traditional Virtual Machines.

• They provide Similar Services as VMs Each container has:

Why Containers?

• Its own network interfaces

- Can be bridged, routed... just like with KVM.

• Its own filesystem

- e.g.: RedHat host can run Debian container.

• Isolation (security)

- Two containers can't harm (or even see) each other.

• Isolation (resource usage)

- Soft & Hard quotas for RAM, CPU, I/O. X86 Hardware

Operating System

… App

Lib

OS

App

Lib

OS

LXC1 LXC2

IOS-XR Container Roles:

Third Party

24

• Runs any 64-bit Linux distribution.

• Launched from the XR container using virsh and libvirtd.

• Access Network Interface through the Third Party Network Name Space (TPNNS).

Routing Processor

64-bit Host OS

Control Plane

Admin Plane

Third Party

Application

Hosting

• Enable hosting third-party apps and customer built apps – Allows your own language, library, packages, middleware of choice

• Enable apps to – use available resources (compute, memory, disk)

– perform networking operations (packet i/o) through XR’s interfaces

– Access XR functionality (example: M2M, Telemetry, FIB interaction)

• Motto is to ‘not get in the customer’s way’ – Allows to run apps to run unmodified or with minimal modifications

• Two app-hosting models – Native: apps share name-space with XR

– Container: apps have independent namespace. Allows more freedom

Third-party App hosting

Third Party Network Name Space

• Provide visibility of fabric attached interfaces outside of XR CLI.

• Available to processes in the XR containers or Third Party containers.

• Requires that the interface is Up with a valid IP address.

• Routing handled by XR.

27

Routing Processor

Control Plane Admin Plane Third Party

TPNNS TPNNS

64-bit Host OS TPNNS

Mgmt

Gig

TenGig

HunGig

Mgmt

Gig

TenGig

HunGig

Internal

IPC Interfaces

[xr-vm_node0_RP0_CPU0:~]$ip netns exec tpnns bash

RPM: XR New Package Format

• RPM Package Manager is the new Package format starting with IOS-XR 6.0.

• Packages are placed in a reachable repository and accessed via FTP/SFTP/SCP/TFTP or HTTP or pre-staged on the box

• Third Party packages are installed with RPM or YUM inside the Shell.

• IOS-XR packages are installed with “install update/upgrade”.

• Install commands are a wrapper around YUM to provide multi-arch support.

• Both YUM and install commands provide dependency verification/resolution.

Configuration,

Monitoring and

Troubleshooting

Individual Transfer Mechanisms

Have Problems

sensing & measurement

Where Data Is Created Where Data Is Useful

syslog

SNMP

CLI

storage & analysis

Streaming Telemetry Design Vision

• Get as much data off the box as quickly as possible Performance

• Grant full access to all operational data on the box Coverage

• Serialize the data in a flexible, efficient way that fits customers automated tools Automation

Instruction on: • What data to collect • With what cadence • And send to where

Router Receiving

unit Table 3 Table 2

Interface ifInErrors ifOutErrors ifHCOutOctets …

HundredGigabitEthernet 0/1/0/2 10 0 123456789 …

Bundle-Ether 42

3 0 234567890 …

… … … … …

Table 1

Ultra-high level picture

“I am the interface counters table”

Programmability

Network Configuration Protocol

(NETCONF)

SSH Clients

SSH

RPC calls are divided in 4 groups of methods: Retrieve, Configure, Copy, and Delete. Additional methods can be supported

Networking Device

• NETCONF provides mechanisms to install, manipulate, and delete device configuration.

• It uses an XML based data encoding for the configuration data as well as the protocol messages.

• NETCONF protocol operations are realized as remote procedure calls (RPCs) over SSH.

Retrieve, Configure, Copy, and Delete

Programmatic Interface

XR YANG

SSHd XR

Programmatic Interface

SSH Proxy Server

NETCONF Agent

YANG Framework

RESTCONF Agent

Web Server

SysDB Client

Library

SysDB

Backend Apps

Configuration Manager

Secure Transport

Connection

Oriented

RPC-based communication

model

Negotiate

Capabilities

REpresentational State Transfer (REST) is an API architecture style that can use HTTP

to send messages between a client and server, piggyback on existing HTTP Internet

What is REST?

Perl

Python

C#

Java

Server REST API

Applications HTTP Packets

Svr

.

Ap

p

• Using REST, applications can Create/Read/Update/Delete

• A REST service is platform-independent, language-independent

• App can be browser-based or standalone

Restconf and Netconf Agents

• The Restconf agent provides a programmatic interface to access XR platforms by implementing the Restconf API.

• The Restconf API is defined by the IETF (currently in draft version 4). – The data model is YANG.

• In XR the Restconf agent leverages the same underlying infrastructure as the Netconf agent. – Supports the same YANG models as Netconf agent

• A web server front-ends the Restconf agent providing transport security TLS and HTTP authentication.

From device-centric to network-as-platform

Orchestration

SDN Controller

Orchestration Orchestration

SDN Controller

Centralized service provisioning

Work with existing network devices

On Device Minimal but sufficient

AN: Autonomic Networking SR: Segment Routing VPN services: eVPN + static PW

Network as Platform Fully programmable

Device is PnP component

NSO NSO

WAE

NSO

XRv+ODL WAE

Next: ACE Network-as-Platform Now

NSO: Network Service Orchestrator WAE: Wan Automation Engine ODL: Open Daylight

Key Takeaway

• No Change in traditional CLI Operation

• In 6.0, available on NCS-5500, NCS-5000 and NCS1000 Platform

• In 6.1.1, available on ASR9k (traditional 32-bit QNX offering will still be

supported)

• Operational enhancement for Automated Operations

• Operating System change for Open Source tooling

IOS XR 6.0 Operational

Enhancements

Vis

ibili

ty &

Tel

emet

ry

Evo

lved

pro

gram

mab

ility

Ap

plic

atio

n H

ost

ing

Flex

ible

Pla

tfo

rm &

Pac

kagi

ng

IOS XR 6.0