TWIPD – Cloud Computing
Part I - Introduction
台灣思科網路學會議評會
Mar-22-2013
© 2010 Cisco and/or its affiliates. All rights reserved.
Cisco Confidential
1
• Motivation & Training
Schedule
• Why Cloud Computing
• Cloud Computing Overview
• Key Technologies
• Evolution of the Data Centre -
Emerging Trends and
Observations
• Q&A
© 2010 Cisco and/or its affiliates. All rights reserved.
Cisco Confidential
2
© 2010 Cisco and/or its affiliates. All rights reserved.
Cisco Confidential
3
 Improving technical skills
 Topics election
 Clouding Computing
 IPv6
 Wireless
 IP Telephony
 Security
 Cabling
 etc.....
© 2010 Cisco and/or its affiliates. All rights reserved.
Cisco Confidential
4
© 2010 Cisco and/or its affiliates. All rights reserved.
Cisco Confidential
5
© 2010 Cisco and/or its affiliates. All rights reserved.
Cisco Confidential
6
• Cisco Associate Certifications
CCDA
CCNA
CCNA Security
CCNA Video
CCNA Voice
CCNA Wireless
CCNA Data Center
640-911 DCICN
640-916 DCICT
CCNA Service Provider
CCNA Service Provider Operations
© 2010 Cisco and/or its affiliates. All rights reserved.
Cisco Confidential
7
15 hours training including in-person lectures, webinar sessions and Labs / Case Study
In-Person
Session Part II
In-Person
Session Part I
2013/Jan
2013/Feb
2013/Mar
2013/Apr
2013/May
2013/Jun
2 Webinar
Sessions
© 2010 Cisco and/or its affiliates. All rights reserved.
Cisco Confidential
8
• Part 1 – Introduction
What is Cloud Computing
• Part 2 – Virtualization
Virtualization and products
• Part 3 – Cloud Apps
AWS, Azure, App Engine…
• Part 4 – Cloud Computing in Data Center
OpenFlow, SDN and Cisco One
• Labs / Case Study
Cloud environment in IVE, HK
Cisco CloudLab
© 2010 Cisco and/or its affiliates. All rights reserved.
Cisco Confidential
9
© 2010 Cisco and/or its affiliates. All rights reserved.
Cisco Confidential
10
© 2010 Cisco and/or its affiliates. All rights reserved.
Cisco Confidential
11
“I need to achieve greater cost
efficiency and increased IT
agility…
an elusive combination…”
“… need a solution that
enables us to respond to
customers within hours
instead of days”
“At the end of the day, I just want to
simply, confidently say “yes” to my
business.”
Cisco
Public
TECDCT-2001
© 2012 quotes
Cisco and/or its
affiliates. from
All rights reserved.
CIO,
Fortune 500 company
taken
global focus groups
executed
in June 2010
12
• Google processes 20 PB a day (2008)
• Wayback Machine has 3 PB + 100
TB/month (3/2009)
• Facebook has 2.5 PB of user data + 15
640K ought to be
enough for anybody.
TB/day (4/2009)
• eBay has 6.5 PB of user data + 50 TB/day
(5/2009)
• CERN’s Large Hydron Collider (LHC)
generates 15 PB a year
© 2010 Cisco and/or its affiliates. All rights reserved.
Cisco Confidential
13
• Global data center traffic:
Annual global data center IP traffic will reach 6.6 zettabytes by the end of 2016
By 2016, global data center IP traffic will reach 554 exabytes per month
Global data center IP traffic will nearly quadruple over the next 5 years
• Data center virtualization and cloud computing transition:
The number of workloads per installed traditional server will increase from 1.5 in 2011 to 2.0 by 2016.
The number of workloads per installed cloud server will increase from 4.2 in 2011 to 8.5 by 2016.
By 2016, nearly two-thirds of all workloads will be processed in the cloud.
• Global cloud traffic:
Annual global cloud IP traffic will reach 4.3 zettabytes by the end of 2016
By 2016, global cloud IP traffic will reach 355 exabytes per month
Global cloud IP traffic will increase six-fold over the next 5 years
Global cloud IP traffic will account for nearly two-thirds of total data center traffic by 2016.
Source: http://www.cisco.com/en/US/solutions/collateral/ns341/ns525/ns537/ns705/ns1175/Cloud_Index_White_Paper.html
© 2010 Cisco and/or its affiliates. All rights reserved.
Cisco Confidential
14
• 282 U.S. IT decision-makers
More than one-half (62 percent) of respondents currently store at least 100 TB of data
Nearly one-third (32 percent) expect the amount of data they store to double in the next two to three
years
Respondents expect an average of 37 percent growth in data during the next two to three years
Respondents reported an average of 38 percent of their current data as unstructured
Nearly 9 in 10 (89 percent) already have a dedicated budget for a big data solution
51 percent of companies surveyed are in the middle stages of planning a big data solution, whereas 13
percent have fully deployed their solution
Nearly three-quarters (72 percent) have begun the planning process but have not yet tested or deployed
a solution
Of that 72 percent, more than three-quarters (76 percent) plan to have their solution implemented in less
than one year
Most (62 percent) said developing near-real-time predictive analytics or data-mining capabilities during
the next 24 months is extremely important, 58 percent rated expanding data storage infrastructure and
resources as extremely important, and 53 percent rated increased amounts of unstructured data to analyze
as extremely important
© 2010 Cisco and/or its affiliates. All rights reserved.
Cisco Confidential
15
• Reduced Cost - Cost is a clear benefit of cloud computing, both in terms of CapEx
(capital expenses) and OpEx (operating expenses).
• Flexibility - Flexibility benefits derive from rapid provisioning of new capacity and rapid
relocation or migration of workloads
• Improved Automation - Cloud computing is based on the premise that services can not
only be provisioned, but also de-provisioned in a highly automated fashion
• Focus on Core Competency - Government agencies can reap the benefits of cloud
computing in order to focus on its core mission and core objectives and leverage IT
resources as a means to provide services to citizens
• Sustainability - The poor energy efficiency of most existing data centers, due to poor
design or poor asset utilization, is now understood to be environmentally and
economically unsustainable. Through leveraging economies of scale and the capacity to
manage assets more efficiently, cloud computing consumes far less energy and other
resources than a traditional IT data center
© 2010 Cisco and/or its affiliates. All rights reserved.
Cisco Confidential
16
© 2010 Cisco and/or its affiliates. All rights reserved.
Cisco Confidential
17
IT resources and services
that are
abstracted from the underlying infrastructure
and provided
on demand and at scale
in a
multi-tenant and elastic environment
© 2010 Cisco and/or its affiliates. All rights reserved.
Cisco Confidential
18
Visual Model of NIST’s Working Definition of Cloud Computing
Essential
Characteristic
s
Service
Models
Measured Service
On-Demand
Self Service
Software as a
Service (SaaS)
Rapid Elasticity
Broad Network
Access
Platform as a
Service (PaaS)
1. On-demand self-service
隨需自助服務
Resource
Pooling
Infrastructure as a
Service (IaaS)
2. Broad network access
隨時隨地用任何網路裝置存取
3. Resource pooling
多人共享資源池
Deployment
Models
Public
Private
Hybrid
Community
http://www.csrc.nist.gov/groups/SNS/cloud-computing/index.html
A Style of Computing Where Massively Scalable IT-Enabled Capabilities Are
Delivered “as a Service” to Multiple External Customers Using Internet Technologies
Source: Gartner 2008
4. Rapid elasticity
快速重新佈署靈活度
5. Measured service
可被監控與量測的服務
IT Resources and Services that Are Abstracted from the
Underlying Infrastructure and Are Provided “On-Demand” and “At Scale”
© 2010 Cisco and/or its affiliates. All rights reserved.
Cisco Confidential
19
• NIST defines cloud
computing by:
5 essential
characteristics
3 cloud service models
4 cloud deployment
models
© 2010 Cisco and/or its affiliates. All rights reserved.
Cisco Confidential
20
• On-demand service
Get computing capabilities as needed
automatically
• Broad Network Access
Services available over the net using desktop,
laptop, PDA, mobile phone
• Resource pooling
Provider resources pooled to server multiple
clients
• Rapid Elasticity
Ability to quickly scale in/out service
• Measured service
control, optimize services based on metering
© 2010 Cisco and/or its affiliates. All rights reserved.
Cisco Confidential
21
• Software as a Service (SaaS) -
Business Management, Vertical Apps,
Tools, Cloud Security, CRM
• Platform as a Service (PaaS) -
Development & Testing, Integration,
Database, Application Platform,
General
• Infrastructure as a Service (IaaS) -
Cloud Management, Storage,
Virtualization, Content Delivery
Networks, Networking, Computing
© 2010 Cisco and/or its affiliates. All rights reserved.
Cisco Confidential
22
• Cloud Software as a Service (SaaS).
The capability provided to the consumer is to use the provider’s
applications running on a cloud infrastructure. The applications are
accessible from various client devices through a thin client interface
such as a web browser (e.g., web-based email). The consumer does
not manage or control the underlying cloud infrastructure including
network, servers, operating systems, storage, or even individual
application capabilities, with the possible exception of limited userspecific application configuration settings.
© 2010 Cisco and/or its affiliates. All rights reserved.
Cisco Confidential
23
• Cloud Platform as a Service (PaaS).
The capability provided to the consumer is to deploy onto the cloud
infrastructure consumer-created or acquired applications created
using programming languages and tools supported by the provider.
The consumer does not manage or control the underlying cloud
infrastructure including network, servers, operating systems, or
storage, but has control over the deployed applications and possibly
application hosting environment configurations.
© 2010 Cisco and/or its affiliates. All rights reserved.
Cisco Confidential
24
• Cloud Infrastructure as a Service (IaaS).
The capability provided to the consumer is to provision processing,
storage, networks, and other fundamental computing resources
where the consumer is able to deploy and run arbitrary software,
which can include operating systems and applications. The
consumer does not manage or control the underlying cloud
infrastructure but has control over operating systems, storage,
deployed applications, and possibly limited control of select
networking components (e.g., host firewalls).
© 2010 Cisco and/or its affiliates. All rights reserved.
Cisco Confidential
25
Source:
CloudTimes
© 2010 Cisco and/or its affiliates. All rights reserved.
Cisco Confidential
26
• AaaS Architecture as a Service
• IaaS Infrastructure or Integration as a Service
• BaaS Business as a Service
• IDaaS Identity as a Service
• CaaS Computing as a Service
• LaaS Lending as a Service
• DaaS Data as a Service
• MaaS Mashups as a Service
• DBaaS Database as a Service
• OaaS Organization or Operations as a Service
• EaaS Ethernet as a Service
• SaaS Software or Storage as a Service
• FaaS Frameworks as a Service
• PaaS Platform as a Service
• GaaS Globalization or Governance as a Service
• TaaS Technology or Testing as a Service
• HaaS Hardware as a Service
• VaaS Voice as a Service
• IMaaS Information as a Service
© 2010 Cisco and/or its affiliates. All rights reserved.
Cisco Confidential
27
• Public
Cloud infrastructure is available to the general public, owned by org selling
cloud services
• Private
Cloud infrastructure for single org only, may be managed by the org or a 3rd
party, on or off premise
• Community
Cloud infrastructure shared by several orgs that have shared concerns,
managed by org or 3rd party
• Hybrid
Combo of >=2 clouds bound by standard or proprietary technology
© 2010 Cisco and/or its affiliates. All rights reserved.
Cisco Confidential
28
Private, Public, Hybrid
Private Cloud
Private Cloud
Open Cloud
Private Cloud
Private Cloud
Virtual
Private Cloud
InterCloud
Stand-Alone
Data Centers
Public Cloud
PRESENT
29
© 2010 Cisco and/or its affiliates. All rights reserved.
© 2009 Cisco Systems, Inc. All rights reserved.
Public Cloud
Enterprise
Extension
Hybrid Cloud
Public Cloud
#1
Public Cloud
#2
Cisco Confidential
29
Ownership
Control
© 2010 Cisco and/or its affiliates. All rights reserved.
All cloud
resources
owned by or
dedicated to
enterprise
All cloud
resources
owned by
providers;
used by many
customers
Internal Resources
External Resources
Private Cloud
Public Cloud
Cloud
definition/
governance
controlled by
enterprise
Cloud
definition/
governance
controlled by
provider
Cisco Confidential
30
Interoperability
and Portability
Between Public
and Private
Cloud Systems
Hybrid Cloud
© 2010 Cisco and/or its affiliates. All rights reserved.
Cisco Confidential
31
Evolution of IT + Business Agility
Consolidation
(Reduce Costs)
Virtualization
(Improve Agility)
Automation
(Transform IT)
Platinum
Gold
IT Infrastructure
© 2010 Cisco and/or its affiliates. All rights reserved.
Business Applications
IT-as-a-Service
Cisco Confidential
32
Evolution of IT + Business Agility
Consolidation
Automation
Virtualization
•
Standardize LAN/SAN
infrastructure
•
Virtualized Switching
Fabric
•
Reduce points of
management
•
Reduce number of
Network Operating
Systems
•
Virtualized Network
Services
•
Enable Stateless
Computing
•
Improved VM Security
•
•
Additional Tenant
Models
Enable Policy-Based
provisioning
•
Simplify overall IT
operations
•
Reduce cabling
•
Increase application
bandwidth 10x
•
© 2010 Cisco and/or its affiliates. All rights reserved.
Enable dynamic QoS
•
Enable VM-aware
security
Cisco Confidential
33
Applications to the Public Cloud (SaaS)
Public Cloud
SaaS
Virtual Private
Cloud
Private Cloud
Phase 1: Emerging
SaaS Happens – with or
without IT sanction
Embrace: Endorse apps which help people do their jobs
Visibility: Monitor who is using which SaaS apps – endorsed and unendorsed
Control: Technical enforcement of key policies
© 2010 Cisco and/or its affiliates. All rights reserved.
Cisco Confidential
34
Moving Infrastructure to the Cloud (IaaS)
Most Enterprises
Are Here Today
Public Cloud
SaaS
SaaS
Virtual Private
Cloud
IaaS
Private Cloud
Phase 1: Emerging
Phase 2: Exploring
SaaS Happens – with or
without IT sanction
Service delivery via private
cloud
Performance: Cloud-optimized security performance
Management: Consistent physical-to-virtual span
Integrate: Security in workloads to prepare for Public cloud migration
© 2010 Cisco and/or its affiliates. All rights reserved.
Cisco Confidential
35
Moving IaaS and PaaS to the Virtual Private and Public Cloud
Public Cloud
SaaS
SaaS
SaaS
PaaS
Virtual Private
Cloud
IaaS
PaaS
IaaS
Private Cloud
IaaS
Phase 1: Emerging
Phase 2: Exploring
Phase 3: Embracing
SaaS Happens – with or
without IT sanction
Service delivery via Private
cloud
Extend to VPC and PaaS
Elasticity: Securely extend the network to the virtual private cloud
Scale: On-demand workload mobility to the public cloud
Automation: Enabling IT to deliver ready-platforms instead of DIY VMs
© 2010 Cisco and/or its affiliates. All rights reserved.
Cisco Confidential
36
High Scale, Multi-tenant
Highly Complex Environments
Established Market Position
Today
CLM
World Class Cloud Portal &
Self Service
Integration of apps for
Private Cloud / Large
Enterprises
Today
Multi-Vendor stack
API configuration
Modular Components integrated
with existing stacks
Today
Others like OpenStack
Leveraging Open source &
partner assets
Trend
CIAC
COMMON TECHNOLOGY
Network Services Manager
HiCloud
© 2010 Cisco and/or its affiliates. All rights reserved.
CITEIS
HP/IBM/VMWare
Rackspace
Cisco Confidential
37
-37%
Average
TCO
Cisco IT Cloud Journey
-27%
Average
TCO
Speed of delivery
6-8 Weeks
Speed of Delivery
Average
TCO
2-3 Weeks
Speed of Delivery
15 Minutes
IT Maint / Innovation
IT Maint / Innovation
IT Maint / Innovation
70%/30%
60%/40%
40%/60%
Legacy Computer Platform
100% Physical
Legacy Computer Platform
46% Physical : 54% Virtual
Virtualization
Unified Computing Platform
25% Physical : 75% Virtual
100% Automated
Unified Infrastructure
and Automation
CITEIS (Cisco IT Elastic Infrastructure Services)
http://www.youtube.com/watch?feature=player_embedded&v=Gsmt717OCKc
© 2010 Cisco and/or its affiliates. All rights reserved.
Cisco Confidential
38
Service Unit
VMware ESX/ESXi
Network Virtualization
Unified
Infrastructure
Virtualization
Cisco
Nexus
Cost
OVF
VM 2x4 – Silver
$
Bare-metal 8x64
$$$
Service Catalog
Show/chargeback
Automation
Cisco Intelligent
Automation for Cloud
OVF*
Self-service
OVF
Image Repository
PaaS Integration (API)
Workload Mobility
Multi-tenancy
Elasticity
Logical Segmentation
Control, Security
and Fault
Isolation
Cisco
UCS x86
*OVF = Open Virtualization Format
© 2010 Cisco and/or its affiliates. All rights reserved.
Cisco Confidential
39
© 2010 Cisco and/or its affiliates. All rights reserved.
Cisco Confidential
40
© 2010 Cisco and/or its affiliates. All rights reserved.
Cisco Confidential
41
© 2010 Cisco and/or its affiliates. All rights reserved.
Cisco Confidential
53
• Server Virtualization
Virtual Machine
• Network Visualization
OpenFlow
Software Define Network
Cisco ONE
• Distributed Storage
Hadoop HDFS
Big data: The next frontier for innovation, competition, and productivity
McKinsey Global Institute 2011
© 2010 Cisco and/or its affiliates. All rights reserved.
Cisco Confidential
54
App
App
App
Operating System
Hardware
Traditional Stack
© 2010 Cisco and/or its affiliates. All rights reserved.
App
OS
App
App
OS
OS
Hypervisor
Hardware
Virtualized Stack
Cisco Confidential
55
© 2010 Cisco and/or its affiliates. All rights reserved.
Cisco Confidential
56
• Pros
Easy to conceptualize
• Cons
Fairly easy to deploy
Expensive to acquire and maintain
hardware
Easy to backup
Not very scalable
Virtually any application/service can be
run from this type of setup
Difficult to replicate
Redundancy is difficult to implement
Vulnerable to hardware outages
In many cases, processor is under-utilized
© 2010 Cisco and/or its affiliates. All rights reserved.
Cisco Confidential
57
• Pros
• Cons
Resource pooling
Slightly harder to conceptualize
Highly redundant
Slightly more costly (must buy hardware,
OS, Apps, and now the abstraction layer)
Highly available
Rapidly deploy new servers
Easy to deploy
Reconfigurable while services are running
Optimizes physical resources by doing
more with less
© 2010 Cisco and/or its affiliates. All rights reserved.
Cisco Confidential
58
• VMware
vSphere 5
Hypervisor : ESXi
• Microsoft
SCVMM ( Microsoft System Center Virtual Machine Manager )
Hypervisor : Hyper-V、ESXi、Xen …
• Citrix
XenCenter
Hypervisor : XenServer
• Linux
OpenNebula、Eucalyptus…
Hypervisor : KVM、Xen、ESXi…
© 2010 Cisco and/or its affiliates. All rights reserved.
Cisco Confidential
59
Source: iThome：http://www.ithome.com.tw/itadm/article.php?c=69634&s=
© 2010 Cisco and/or its affiliates. All rights reserved.
Cisco Confidential
60
• Spec. available at http://www.openflow.org
• Developed by Stanford University in 2008
• Create programmable networks
Source:OpenFlow Specification v1.1
© 2010 Cisco and/or its affiliates. All rights reserved.
Cisco Confidential
61
© 2010 Cisco and/or its affiliates. All rights reserved.
Cisco Confidential
62
sw
hw
Standard
Network
Processing
Userdefined
Processing
Experimenter writes
experimental code
on switch/router
Source:OpenFlow White Paper
© 2010 Cisco and/or its affiliates. All rights reserved.
Cisco Confidential
63
Controller
OpenFlow Switch specification
OpenFlow Switch
sw
Secure
Channel
hw
Flow
Table
PC
Source:OpenFlow White Paper
© 2010 Cisco and/or its affiliates. All rights reserved.
Cisco Confidential
64
Rule
Action
Stats
Packet + byte counters
1.
2.
3.
4.
Switch
Port
+ mask
MAC
src
MAC
dst
Forward packet to port(s)
Encapsulate and forward to controller
Drop packet
Send to normal processing pipeline
Eth
type
VLAN
ID
IP
Src
IP
Dst
IP
Prot
TCP
sport
TCP
dport
Source:OpenFlow White Paper
© 2010 Cisco and/or its affiliates. All rights reserved.
Cisco Confidential
65
• Hadoop is a framework for running applications on large clusters built of
commodity hardware
• The Hadoop framework transparently provides applications both reliability and
data motion
• Hadoop implements a computational paradigm named Map/Reduce, where the
application is divided into many small fragments of work, each of which may be
executed or reexecuted on any node in the cluster. In addition, it provides a
distributed file system (HDFS) that stores data on the compute nodes, providing
very high aggregate bandwidth across the cluster
• Both Map/Reduce and the distributed file system are designed so that node
failures are automatically handled by the framework
© 2010 Cisco and/or its affiliates. All rights reserved.
Cisco Confidential
66
• Highly fault-tolerant
• High throughput
• Suitable for applications
with large data sets
• Streaming access to file
system data
• Can be built out of
commodity hardware
© 2010 Cisco and/or its affiliates. All rights reserved.
Cisco Confidential
67
© 2010 Cisco and/or its affiliates. All rights reserved.
Cisco Confidential
68
Life used to be easy (well relatively easy)
Images credit: IBM
TECDCT-2001
© 2010 Cisco and/or its affiliates. All rights reserved.
© 2012 Cisco and/or its affiliates. All rights reserved.
Cisco Public
Cisco Confidential
69
Life used to be easy (well relatively easy)
 The Data Centre Switching Design was
based on the hierarchical switching we
used everywhere
 Three tiers: Access, Aggregation and
Core
 L2/L3 boundary at the aggregation
Core
Layer 3
Layer 2
Aggregation
 Add in services and you were done
 What has changed? Most everything 
 New Layer 2 fabrics based on routinglike protocols
Services
 Storage and LAN unification
 Pervasive Virtualization
 Cloud bursting
TECDCT-2001
© 2010 Cisco and/or its affiliates. All rights reserved.
© 2012 Cisco and/or its affiliates. All rights reserved.
Access
Cisco Public
Cisco Confidential
70
Flexibility & Provisioning
• Partitioning
• Clustering
• Physical devices partitioned into
• Applications distributed across multiple
virtual devices
Virtual Machines
servers
App
App
App
OS
OS
OS
App
OS
OS
App
OS
OS
Physical Servers
TECDCT-2001
© 2010 Cisco and/or its affiliates. All rights reserved.
© 2012 Cisco and/or its affiliates. All rights reserved.
Cisco Public
Cisco Confidential
71
The race past ZERO
Microsecond
1.000
Nanosecond
0.001
What is next? Picosecond
0.000001
Not for a long time.....
Quick Note:
Intel x86 server DDR3 memory access times are typically 60 – 150 nanoseconds
TECDCT-2001
© 2010 Cisco and/or its affiliates. All rights reserved.
© 2012 Cisco and/or its affiliates. All rights reserved.
Cisco Public
Cisco Confidential
72
Big Data – Hadoop, NoSQL & HDFS
Click
Streams
Application
Virtualized,
Bare-Metal, Cloud
Event
Data
Social
Media
Sensor
Data
Mobility
Trends
Logs
Fabric
Traditional
Database
Storage
“Big Data”
“Big Data”
NoSQL
RDBMS
SAN/NAS
Real-Time Capture,
Read & Update
Store And Analyze
HDFS - Hadoop Distributed File System
TECDCT-2001
© 2010 Cisco and/or its affiliates. All rights reserved.
© 2012 Cisco and/or its affiliates. All rights reserved.
Cisco Public
Cisco Confidential
73
Operational Extremes
 Scaling to the Extreme’s
Thousands of Racks, Thousands of Switches and
10’s of Thousands of Servers
 Topologies deepening and spreading wider
 Oversubscription & Buffering (non-blocking in the
extreme case)
 Workload Traffic Pattern Changes (East-West)
 Availability (moving to N + 1 models)
 Automation and Programmability
Thousands of Switches and
Ten’s of thousands of
servers
TECDCT-2001
© 2012 Cisco and/or its affiliates. All rights reserved.
Cisco Public
74
Compound Growth Rates
Data Created Since Jan 1 2010
1,240,036,374,697,152,065,225 Bytes
(And this number is very out of date!!)
© 2010 Cisco and/or its affiliates. All rights reserved.
Cisco Confidential
75
For most of us this means a hybrid mix of application types
Cloud?
ASP/SaaS
Client Server
Minicomputer/PC
Mainframe
1960
1970
TECDCT-2001
1980
1990
© 2012 Cisco and/or its affiliates. All rights reserved.
2000
Cisco Public
76
What talks to what and when
client-to-server
client-to-server
Aggregation
Aggregation
L3
Service processing
Service processing
srv-to-srv or vm-to-vm
Access
Access
L2
srv-to-srv or vm-to-vm
srv-to-srv
Virtual Access
srv-to-srv
Virtual Access
L2
VM-to-VM
srv-to-srv
srv-to-srv
srv-to-srv
Srv-to-client
srv-to-srv or vm-to-vm
srv-to-srv
srv-to-srv
Srv-to-client
VM-to-VM
srv-to-srv
•Traffic Patterns Changing:
More server to server traffic, and more L2 server to server traffic. Apps such as VM mobility, clustering, intra-Tier
and larger subnets
Client to server traffic to same subnet instances across DCs: increase of /32 from DC out
Virtual Server Environments could perform a fair degree of local switching
© 2010 Cisco and/or its affiliates. All rights reserved.
Cisco Confidential
77
OpenFlow Version 1.1
OpenFlow Swit ch Specificat ion
Version 1.1.0 I mplement ed
OpenFlow Switch
Packet
In
Ingress
port
Action
Set = {}
Table
0
Packet +
ingress port +
metadata
Action
Set
Table
1
...
Table
n
Packet
Action
Set
Execute
Action
Set
Packet
Out
(a) Packet s are mat ched against mul t iple t ables in t he pipeline
Find highest
- priorit y
+Multicast, +ECMP, +Anycast,
+MPLS
Match fields:
Match fields:
Ingress port +
metadata +
pkt hdrs
Ingress port +
metadata +
pkt hdrs
m at ching fl ow ent ry
Apply inst ruct ions:
i. Modif y pack et & updat e m at ch fi elds
Google
will be buying SDN enabled networks
theinst
major
vendors
Flow
(applyfrom
act ions
ruct ion)
Table
ii. Updat e act ion set (clear act ions and/ or
Action set
Action set in 2013/2014 writ e act ions inst ruct ions)
© 2010 Cisco and/or its affiliates. All rights reserved.
iii. Updat e m et adat a
Cisco Confidential
78
There is no ‘single design’ anymore
Spectrum of Design Evolution
blade1
slot 1
blade2
slot 2
blade3
slot 3
blade4
slot 4
blade5
slot 5
blade6
slot 6
blade7
slot 7
blade8
slot 8
blade1
slot 1
blade2
slot 2
blade3
slot 3
blade4
slot 4
blade5
slot 5
blade6
slot 6
blade7
slot 7
blade8
slot 8
blade1
slot 1
blade2
slot 2
blade3
slot 3
blade4
slot 4
blade5
slot 5
blade6
slot 6
blade7
slot 7
blade8
slot 8
blade1
slot 1
blade2
slot 2
blade3
slot 3
blade4
slot 4
blade5
slot 5
blade6
slot 6
blade7
slot 7
blade8
slot 8
blade1
slot 1
blade2
slot 2
blade3
slot 3
blade4
slot 4
blade5
slot 5
blade6
slot 6
blade7
slot 7
blade8
slot 8
blade1
slot
1
blade2
slot 2
blade3
slot 3
blade4
slot 4
blade5
slot 5
blade6
slot 6
blade7
slot 7
blade8
slot 8
blade1
slot 1
blade2
slot 2
blade3
slot 3
blade4
slot 4
blade5
slot 5
blade6
slot 6
blade7
slot 7
blade8
slot 8
blade1
slot
1
blade2
slot 2
blade3
slot 3
blade4
slot 4
blade5
slot 5
blade6
slot 6
blade7
slot 7
blade8
slot 8
blade1
slot 1
blade2
slot 2
blade3
slot 3
blade4
slot 4
blade5
slot 5
blade6
slot 6
blade7
slot 7
blade8
slot 8
blade1
slot 1
blade2
slot 2
blade3
slot 3
blade4
slot 4
blade5
slot 5
blade6
slot 6
blade7
slot 7
blade8
slot 8
blade1
slot 1
blade2
slot 2
blade3
slot 3
blade4
slot 4
blade5
slot 5
blade6
slot 6
blade7
slot 7
blade8
slot 8
blade1
slot 1
blade2
slot 2
blade3
slot 3
blade4
slot 4
blade5
slot 5
blade6
slot 6
blade7
slot 7
blade8
slot 8
Ultra Low Latency
HPC/GRID
Virtualized Data Center
MSDC
• High Frequency Trading
• Layer 3 & Multicast
• No Virtualization
• Limited Physical Scale
• Nexus 3000 & UCS
• 10G edge moving to 40G
• Layer 3 & Layer 2
• No Virtualization
• iWARP & RCoE
• Nexus 2000, 3000, 5500,
7000 & UCS
• 10G moving to 40G
• SP and Enterprise
• Hypervisor Virtualization
• Shared infrastructure
Heterogenous
• 1G Edge moving to 10G
• Nexus 1000v, 2000, 5500, 7000
& UCS
• Layer 3 Edge (iBGP, ISIS)
• 1000’s of racks
• Homogeneous Environment
• No Hypervisor virtualization
• 1G edge moving to 10G
• Nexus 2000, 3000, 5500, 7000 &
79
UCSCisco Confidential
© 2010 Cisco and/or its affiliates. All rights reserved.
Data Center
http://www.cisco.com/go/datacenter
Cloud Computing
http://www.cisco.com/web/solutions/trends/cloud/index.html
CloudVerse
http://www.cisco.com/go/cloudverse
TheCloud
http://www.cisco.com/web/about/ent/cloud/index.html
Network Fabric
http://www.cisco.com/en/US/netsol/ns725/index.html
Cloud Lab
http://cloudlab.cisco.com/
Youtube Resource
http://www.youtube.com/user/CiscoDataCenter
© 2010 Cisco and/or its affiliates. All rights reserved.
Cisco Confidential
80
© 2010 Cisco and/or its affiliates. All rights reserved.
Cisco Confidential
81
Thank you.
• Threat #1: Abuse and Nefarious Use of Cloud Computing
• Threat #2: Insecure Interfaces and APIs
• Threat #3: Malicious Insiders
• Threat #4: Shared Technology Issues
• Threat #5: Data Loss or Leakage
• Threat #6: Account or Service Hijacking
• Threat #7: Unknown Risk Profile
© 2010 Cisco and/or its affiliates. All rights reserved.
Cisco Confidential
83