© 2007 Cisco Systems, Inc. All rights reserved. Cisco Public BRKDCT-2708 13929_06_2007_c2 1 End-to-End Virtualization and Management Sid Nag Global Enterprise Architect
© 2007 Cisco Systems, Inc. All rights reserved. Cisco PublicBRKDCT-270813929_06_2007_c2 1
End-to-End Virtualization and Management
Sid NagGlobal Enterprise Architect
© 2007 Cisco Systems, Inc. All rights reserved. Cisco PublicBRKDCT-270813929_06_2007_c2 2
Agenda
Virtualization—Introduction
OS Virtualization
Server Virtualization
Storage Virtualization
Network Virtualization
End-to-End (E2E) Virtualization
Virtualization and Environment
Conclusion
© 2007 Cisco Systems, Inc. All rights reserved. Cisco PublicBRKDCT-270813929_06_2007_c2 3
Virtualization—Introduction
© 2007 Cisco Systems, Inc. All rights reserved. Cisco PublicBRKDCT-270813929_06_2007_c2 4
Virtualization—Introduction
Virtualization allows entities to share physical resources in an effective way
Virtual Machines (VM) sharing computer hardware (HW) resources
VLANs/VSANs sharing a physical port
VPNs sharing a physical network1
1, 2, 3
2 3
© 2007 Cisco Systems, Inc. All rights reserved. Cisco PublicBRKDCT-270813929_06_2007_c2 5
Virtualization—Introduction
Virtualization isolates entities from each other
A VM isolated from others from crash/security threat
VLAN/VSAN/VPN traffic isolated from each other
Virtualization isolates layer N (upper layer) from layer N-1 (lower layer)
Layer N unaffected when Layer N-1 replaced or modified
ISO/OSI Layering
Virtualization and abstraction can be synonymous Virtualization requires abstraction
Virtualization hides details of virtualized resources
1
1, 2, 3
2 3
© 2007 Cisco Systems, Inc. All rights reserved. Cisco PublicBRKDCT-270813929_06_2007_c2 6
Virtualization Motivation—Today’s Data Center
MailServer
Windows
Hardware
WebServer
Linux 2.4
Hardware
DBServer
Linux 2.6
Hardware
Server SprawlSingle application per serverLonger deployment timeManagement complexityPower, cooling, weight significant factorLonger maintenance window
Cost of downtime/hrTravel Industry: 330,654Media Industry: 340,432Professional Services: 532,510Health Care Industries: 636,030Transportation: 668,856Consumer Products: 785,719Banking: 996,802Pharmaceuticals: 1,082,252Retail: 1,107,274Insurance: 1,202,444Financial Institutions:1,495,134Manufacturing: 1,610,654Telecom: 2,066,245Energy: 2,817,846
Source: Meta group:IT Performance Engineering and measurement
strategies: quantifying performance loss, 10/2000
High OPEX: Complexity and Overhead caused by redundant DC ComponentsHigh CapEX: Resources are only 20% utilized
Source: Gartner
© 2007 Cisco Systems, Inc. All rights reserved. Cisco PublicBRKDCT-270813929_06_2007_c2 7
Virtualization—Benefits
Physical resource sharingHW resource consolidationIT optimizationManagement simplifiedLower CAPEX and OPEX costDowntime on the order of few milliseconds to few minutes (not hours or days)
10 2P Xeon servers to 2 4P Xeon serversHardware savings = $38kOperational Savings = $76k
Source: VMWare
© 2007 Cisco Systems, Inc. All rights reserved. Cisco PublicBRKDCT-270813929_06_2007_c2 8
Virtualization—The “Virtual” Part! ☺
How about virtualizing regular and decaf? ☺
© 2007 Cisco Systems, Inc. All rights reserved. Cisco PublicBRKDCT-270813929_06_2007_c2 9
OS Virtualization
© 2007 Cisco Systems, Inc. All rights reserved. Cisco PublicBRKDCT-270813929_06_2007_c2 10
Agenda
OS Virtualization Benefits of OS VirtualizationOS Virtualization Types
Native/Full VirtualizationPara VirtualizationContainer/OS-based VirtualizationHost-based Virtualization
OS Virtualization Performance IssuesOS Virtualization in x86 Hardware (HW)
© 2007 Cisco Systems, Inc. All rights reserved. Cisco PublicBRKDCT-270813929_06_2007_c2 11
OS Virtualization—Introduction
Virtualization applied to computer and OS domains
A typical OS virtualizes computer hardware components to certain extent
Virtual CPU: Processes time-sharing a CPU
Virtual Memory: Processes having its own memory span independent from physical memory
OS Virtualization goes further allowing multiple OSs and their applications run on a single physical hardware
OS is now a Guest OS
OS+Applications: Virtual Machine (VM)
A Hypervisor or Virtual Machine Monitor (VMM) controls the hardware resources
Guest OS no longer has full control over HW
© 2007 Cisco Systems, Inc. All rights reserved. Cisco PublicBRKDCT-270813929_06_2007_c2 12
OS Virtualization—Benefits
HW resource consolidation
Physical resource sharing
Given that average server utilization is ~20%, OS Virtualization can be a viable solution for consolidation and IT/DC optimization
MailServer
Windows
Hardware
Av. load 20%
WebServer
Linux 2.4
Hardware
DBServer
Linux 2.6
Hardware
Av. load 40% Av. load 10%
3 Hardware: Same class & Spec
MailServer
Windows
WebServer
Linux 2.4
DBServer
Linux 2.6
Hardware
VMM
Av. load 70%
© 2007 Cisco Systems, Inc. All rights reserved. Cisco PublicBRKDCT-270813929_06_2007_c2 13
OS Virtualization—Benefits
Migration to new softwareKeep old version and access to it
Certain applications with new OS may not be available yet
Appl 1
Appl 2
XP
Appl 1
Vista
Hardware
VMM
© 2007 Cisco Systems, Inc. All rights reserved. Cisco PublicBRKDCT-270813929_06_2007_c2 14
OS Virtualization—Benefits
Live migration from machine to machine while VM is running
Downtime on the order of few milliseconds to few minutes, not hours or daysLoad-balancingMaintenance without application shutdownHigh-availability
VM 1
Applications
Guest OS 1
Hardware
VMM
Hardware
VMM
Network
© 2007 Cisco Systems, Inc. All rights reserved. Cisco PublicBRKDCT-270813929_06_2007_c2 15
Virtual Machine Monitor (VMM) or Hypervisor
The main component of OS virtualization is a VMM or Hypervisor
A thin layer of software controlling and managing bare hardware resources
Facilitates virtualization of HW resources
Arbitrates guest OS access to HW
Manages VMs (create, Destroy, etc.)
© 2007 Cisco Systems, Inc. All rights reserved. Cisco PublicBRKDCT-270813929_06_2007_c2 16
OS Virtualization Types—Native/Full
VMM runs on bare machineVMM virtualizes (emulates) hardware
Virtualizes x86 ISA (Instruction Set Architecture)
Guest OS unmodifiedVMs: Guest OS+Applications run under the control of VMMSystems
VMware ESX ServerIBM z/VMLinux KVM (Kernel VM)
© 2007 Cisco Systems, Inc. All rights reserved. Cisco PublicBRKDCT-270813929_06_2007_c2 17
OS Virtualization Types—Container-Based
VMM inside a Host OS (Kernel)
VMs (also known as Virtual Private Server) fully isolated
Host OS modified to isolate different VMsExample: Kernel data structure changed to add context ID to differentiate between identical uids between different VMs
Thus VMs isolated from each other in kernel
No Guest OS
Fault isolation not possible (OS crash)
Applications/users see container VM as a virtual host/server
VMs can be booted/shut down like regular OS
SystemsLinux VServer
PrivilegedVM Admin
Host VM
HardwareCPU Memory IO Disk
Applications
Shared Host OS ImageVMM
VM 1 VM n
Applications
© 2007 Cisco Systems, Inc. All rights reserved. Cisco PublicBRKDCT-270813929_06_2007_c2 18
OS Virtualization Types—Host-Based
Like Native, but based on a Host OSVMM inside a Host OS
Kernel-mode driver
Multiple Guest OS supportVMM emulates hardware for guest OSsSystems
Microsoft Virtual ServerHost OS: XP, 2003Guest OS: NT, 2000, 2003, Linux
Application
OS 1 OS 2
Hardware
VMMHost OS
Application
© 2007 Cisco Systems, Inc. All rights reserved. Cisco PublicBRKDCT-270813929_06_2007_c2 19
OS Virtualization Types—Para-Virtualization
VMM runs on bare machinesGuest OS modified to make calls (hypercall) to or receive events from VMM
Example, OS hypercalls into VMM when it updates hardware data structures like page table or initiates a DMA operation
Support of arbitrary guest OS not possible because of OS modification
Unmodified guest OS can be supported with Virtualization support in hardware architecture (Intel VT-x, AMD Pacifica)
Few thousand lines of code change (relative to 6 million lines in Linux)Application Binary Interface (ABI) remains intact, hence application binaries run unmodified within VMOpen-source OS modification easySystems
XenGuest OS: XenoLinux, NetBSD, FreeBSD, Solaris 10, Windows (in progress)
VM 1 VM 2
Applications
ModifiedGuest OS 1
Hardware
VMM
Applications
ModifiedGuest OS n
CPU Memory IO Disk
© 2007 Cisco Systems, Inc. All rights reserved. Cisco PublicBRKDCT-270813929_06_2007_c2 20
VM Migration ExampleShows live migration of a Web Server VM with only 201ms of downtime
While the server was being migrated to another machine, it was still processing requests
SPECweb99 is the SPEC benchmark for evaluating the performance of WWW Servers
The Standard Performance Evaluation Corporation (SPEC) is a non-profit corporation formed to establish, maintain and endorse a standardized set of relevant benchmarks that can be applied to the newest generation of high-performance computers
Source and destination machines have to be compatible
Xen
© 2007 Cisco Systems, Inc. All rights reserved. Cisco PublicBRKDCT-270813929_06_2007_c2 21
Performance issues Network Intensive Applications:
Send/Receive over TCP connections CPU intensive applications
Memory intensive applications
Native: Windows Server 2003 Enterprise Edition R2 (32-bit); Guest OS: Windows Server 2003HW: IBM x3550 server with two VTenabled dual-core 2GHz Intel Xeon 5130 CPUs for a total of four CPU coresStorage: 2 73GB SAS disk drives; NIC: 1 Gbps; Two clients (Dell 1950) running Windows 2003 R2Clients connect to server with LinkSys SR2016 GE switchXenEnterprise with Xen HVM support (HVM supports Intel VT and AMD-v)
Source: XenSource
© 2007 Cisco Systems, Inc. All rights reserved. Cisco PublicBRKDCT-270813929_06_2007_c2 22
OS Virtualization—Conclusion
May have to pay performance penalties depending on Application types
CPU bound
Memory bound
IO bound
HW support may reduce penalties, but penalties will remain Multiple levels of indirections, traps, context switches
HW support will not eliminate VMMVMM needed for controlling multiple VMs
New VM management support neededVM resource allocation, sizing
VM migration management
VM amd VMM performance monitoring
VM management integrated with Server and Network Management in DC
© 2007 Cisco Systems, Inc. All rights reserved. Cisco PublicBRKDCT-270813929_06_2007_c2 23
Server Virtualization
© 2007 Cisco Systems, Inc. All rights reserved. Cisco PublicBRKDCT-270813929_06_2007_c2 24
Server Virtualization—Introduction
Application Servers not tied to a hardware
Servers for applications allocated from available server pool
Facilitated by OS Virtualization
Facilitated by Grid Technology
Server virtualization may depend on OS virtualization, but not necessarily
OS Virtualization scope is a single server HW or a few of them in case of VM migration
Server virtualization scope can be whole IT/DC distributed over LAN/MAN/WAN
© 2007 Cisco Systems, Inc. All rights reserved. Cisco PublicBRKDCT-270813929_06_2007_c2 25
Virtualizing Server Resources
Detach Application Servers from server Hardware
Virtual Server from multiple pooled servers (VM or no VM support)
DBServer
Linux 2.6
Hardware
MailServer
Windows
Hardware
WebServer
Linux 2.4
Hardware2Ghz, 3GB, 700 Mbps
Virtual Server
Application deployment requirement2Ghz, 3GB, 500 Mbps
Av. load 20% Av. load 40% Av. load 10%
3 Hardware: Same class & Spec
MailServer
Windows
WebServer
Linux 2.4
DBServer
Linux 2.6
Hardware
VMM
WebServer
Linux 2.4
Hardware
WebServer
Linux 2.4
Hardware
DBServer
2GB,600 Mbps
Linux 2.4
Hardware1Ghz, 2GB100 Mbps
2Ghz, 2GB100 Mbps
2Ghz, 4GB1 Gbps
WebServer
Av. load 70%
© 2007 Cisco Systems, Inc. All rights reserved. Cisco PublicBRKDCT-270813929_06_2007_c2 26
Virtual Servers Across Wider Network
CE3
Customer/RemoteSite1
P1
PE2
PE1 P2PE3
P3PE4
MAN/WAN[G]MPLSNetwork
Switch
Campus/LAN
Firewall
StorageSwitch
CE1
CE4
CE2
Cluster Switch
IB
DC (Data Center) 1
DC 2
Customer/Remote Site 2
FE/GbE
Virtual servers by pooling resources (in a Grid) across LAN, MAN and WAN
Servers/Clusters
FE/GbE: Fast/Gig EthernetIB: InfiniBandFC: Fiber Channel
Pooled Servers
LoadBalancer
SAN FC
LANLAN
MAN/WANDC LAN
10Ghz, 10GB 2Ghz, 5GBVirtual Server
FCFC
DC LAN
© 2007 Cisco Systems, Inc. All rights reserved. Cisco PublicBRKDCT-270813929_06_2007_c2 27
Grid Technology for Virtual Servers
Grid Middleware and systems (Globus GT4, LSF, etc.) can be used to pool servers Pooled servers can be offered as virtual serversA Virtual server mapped to multiple servers via schedulers
Job Q
LJS 1 Head Node
Site 1 LJS Pool 1
LJS Pool 2
Not Part of any LJS Pool
LJS 2 Head Node
Site 2
Global Scheduler
LJS
Job Q
LJS
LJS: Local Job Scheduler
© 2007 Cisco Systems, Inc. All rights reserved. Cisco PublicBRKDCT-270813929_06_2007_c2 28
Storage Virtualization
© 2007 Cisco Systems, Inc. All rights reserved. Cisco PublicBRKDCT-270813929_06_2007_c2 29
Storage Virtualization—Introduction
What is virtualizedBlock
Disk
Tape
File System
Where virtualizedHost/Server
Network
Storage Device/subsystem
© 2007 Cisco Systems, Inc. All rights reserved. Cisco PublicBRKDCT-270813929_06_2007_c2 30
No Virtualization
Physical storage
Applications
LUN1 LUN2
LUNs (Logical Unit Number) assigned directly to hosts
No dynamic allocation of physical disk space
Changes in physical configuration impact hosts/applications
Unused space cannot be re-assigned to another host
© 2007 Cisco Systems, Inc. All rights reserved. Cisco PublicBRKDCT-270813929_06_2007_c2 31
Storage Virtualization
Virtual volumes
VirtualizationController
Physical storage
LUNs mapped to virtual volumes (VV)
Hosts/applications see VV
© 2007 Cisco Systems, Inc. All rights reserved. Cisco PublicBRKDCT-270813929_06_2007_c2 32
Storage Virtualization—Network-Based: Benefits
Non-disruptive volume movements, replication across heterogeneous storage
Physical storage
Data
Virtualvolume
Data
Activevolume
Physical storage
Virtualvolume
Activevolume
DataClone Clone Clone
© 2007 Cisco Systems, Inc. All rights reserved. Cisco PublicBRKDCT-270813929_06_2007_c2 33
Network Virtualization
© 2007 Cisco Systems, Inc. All rights reserved. Cisco PublicBRKDCT-270813929_06_2007_c2 34
Network Virtualization—Introduction
Physical or Logical network entities are virtualized
VLAN
VSAN
VPNL2 VPN
L3 VPN
Virtual Network ServicesVirtual Firewall (FW)
VPN
Virtual Router
© 2007 Cisco Systems, Inc. All rights reserved. Cisco PublicBRKDCT-270813929_06_2007_c2 35
SAN Virtualization— VSANApplication
Servers Department #1
VSAN
SAN Island forDepartment #2
Department #3
VSAN
Collapsed Fabric with VSANs
Cisco MDS 9000 Family
SAN Island forDepartment #3
SAN Island forDepartment #1
DiskArrays
Department #2
VSAN
Common Storage Pool
Shared Amongst VSANs
Separate physical fabricsOver-provisioning ports on each islandHigh number of switches to manage
Common redundant physical infrastructureLess over-provisioning required—lower $$Fewer switches to manageMove unused ports non-disruptivelyAnalogous to Ethernet VLANs
© 2007 Cisco Systems, Inc. All rights reserved. Cisco PublicBRKDCT-270813929_06_2007_c2 36
SAN Virtualization—VSAN
VSAN header is added at ingress point indicating
membership
No special support required
by end nodes
Trunking E_Port(TE_Port)
Trunking E_Port(TE_Port)
VSAN header is removed at
egress point
Enhanced ISL (EISL) Trunk
carries tagged traffic from
multiple VSANs
Fibre ChannelServices for Blue VSAN
Fibre ChannelServices for Red VSAN
Fibre ChannelServices for Blue VSAN
Fibre ChannelServices for Red VSAN
© 2007 Cisco Systems, Inc. All rights reserved. Cisco PublicBRKDCT-270813929_06_2007_c2 37
Layer 2 and 3 VPN
Point to Point Multipoint
Layer 2
Ethernet over MPLS
ATM/Frame Relay over MPLS
HDLC and PPP over MPLS
L2TPv3
VPLS
(Virtual Private LAN Service)
Layer 3GRE
IPSecMPLS L3 VPN
© 2007 Cisco Systems, Inc. All rights reserved. Cisco PublicBRKDCT-270813929_06_2007_c2 38
MPLS VPN
VPN 1 VPN 2VPN 1
VPN 1
MPLS
802.1Q
Customer 2
CE
PE
Customer 1
Routing in each individual VPN sites (such as Green VPN) is isolated from others via Virtual Routing Forwarding (VRF) tablesRouting not allowed between different VPNs (unless explicitly configured)VRF is a virtual routing instance in a physical routerSeparate Global RT is used for global or Internet routingVRF can be extended to CE and called the VRF-Lite or Multi-VRF
Multi-tenant buildingMPLS VPN extended toEnterprise or DC core
X
XVRFG1 VRF
R1
VRFG3
VRFG4
VRFR2
VRFG2
VPN 2
VPN 1
© 2007 Cisco Systems, Inc. All rights reserved. Cisco PublicBRKDCT-270813929_06_2007_c2 39
VPLS: Virtual Private LAN Service
Network virtualized as an L2 switch
© 2007 Cisco Systems, Inc. All rights reserved. Cisco PublicBRKDCT-270813929_06_2007_c2 40
VPLS: Virtual Private LAN Service
PE
PE
PECE
CE
CE
Attachment VC
Emulated VC
Emulated Tunnel(Pseudowire-based)
VFI
VFI
VFI
MAC table instances per customer and per Customer VLAN on PE
Virtual Forwarding Instance (VFI)
Like a MAC bridge
© 2007 Cisco Systems, Inc. All rights reserved. Cisco PublicBRKDCT-270813929_06_2007_c2 41
Virtual Firewall
VPN 1 VPN 2VPN 1
VPN 1
MPLS
802.1Q
Customer 2
CE
PE
Customer 1
Catalyst FWSM Virtual Firewall (VFW)
FW per Context
context example: particular customer or VPN
MPLS VPN VRF associated with VFW for VPN-based firewalls
Ctxt Red
Vlan 10
Ctxt Green
OutsideVLAN 510
OutsideVLAN 520
Vlan 20Sup720
VRFG2
VRFG1 VRF
R1
VRFG3
VPN 2
VPN 1
VRFG4
VRFR2VFW
R2
VFWG2
© 2007 Cisco Systems, Inc. All rights reserved. Cisco PublicBRKDCT-270813929_06_2007_c2 42
Virtual L4-L7 Network ServicesCatalyst 6500 ACE (Application Control Engine)
ACE ModuleVirtual
Partition A
VirtualPartition
B
HR Domain
CRM Domain
ACCT Domain
OPS Domain
AdminContext
PartitionDefinition
ResourceAllocation
AdminManagement
Config
Management Station
Security
Monitor
Application
Server
Network
Administration
Custom
Roles
Virtual partitions definable by CustomerBusiness organizationApplicationApplication tier
All L4-L7 services available to each virtual partition
Role-based Access Control for each partition
Guaranteed resources for each partition
By performance
By network
By management
© 2007 Cisco Systems, Inc. All rights reserved. Cisco PublicBRKDCT-270813929_06_2007_c2 43
ACE Virtualization Benefits – Multi-tier DC Consolidation
EnterpriseNetwork
EnterpriseNetwork
FirewallsFront-endFirewallsLB
Front-endservers
DataBaseservers
DataBaseservers
Applicationservers
Front-endservers
FE virtualcontext
APP virtualcontext
DB virtualcontext
LB
Applicationservers
LB
© 2007 Cisco Systems, Inc. All rights reserved. Cisco PublicBRKDCT-270813929_06_2007_c2 44
ACE Virtualization Benefits – Service Velocity
Adding a New Application in the Data-Center with ACE…
CASE# 1202
SecOps AddFirewall Rules
The Application Team Can NowProceed to Verify the Cofigurations, Fine-tune the L5 Rules, Verify ACL Counters, and Much More!
New Partition
Network Role
Application Role
Security Role NetOps CreatesVirtual Partition
CASE# 1201
Applications Team GivesSpecs to SysAdmin,NetOp and SecOp…SysAdmin Installs Servers
ACE benefits delivered to Cisco IT:
• Up to 70% reduction in number of devices
• Up to 66% increase in service velocity (66% decrease in time-to-deployment)
© 2007 Cisco Systems, Inc. All rights reserved. Cisco PublicBRKDCT-270813929_06_2007_c2 45
Virtual Router
P1
PE2
PE1 P2PE3
P3
PE4
CE1
CE2
CE3
CE4
MAN/WANCRS-1CRS-2
CRS-3
PE2
PE3
PE4CE2
CE3
MAN/WANCRS-1CRS-2
CRS-3
PE1
PE4
CE1
CE4
MAN/WANCRS-1
CRS-3
Customer #2 Virtual Network
CE5
CE5
Customer #1 Virtual Network
Virtual Router (VR) similar to OS VMMultiple VRs sharing physical HWCisco CRS-1
© 2007 Cisco Systems, Inc. All rights reserved. Cisco PublicBRKDCT-270813929_06_2007_c2 46
E2E Virtualization
© 2007 Cisco Systems, Inc. All rights reserved. Cisco PublicBRKDCT-270813929_06_2007_c2 47
All Encompassing Virtualization ☺
Virtualize all the Virtuals and keep the Virtual University open☺
© 2007 Cisco Systems, Inc. All rights reserved. Cisco PublicBRKDCT-270813929_06_2007_c2 48
E2E Virtualization—Introduction
Combine all or any combination of virtualizationOS VM + Virtual Storage + Virtual NetworkDeploy an App VM with associated virtualized storage, VSAN and the Virtual Network that the App belongs to (App traffic crosses to)
E2EVM
E2EVM detached from physical entities (HW, storage, Network)E2EVM requires support from Network/Service Management Systems (N/SMS)
E2EVM elements (virtualized storage and network entities) distributed over the networkRequires E2E configuration, provisioning, and other management supportCisco N/SMS: VFrame, ANA (Active Network Abstraction)
Application
OS
E2EVM
VS VN
VS: Virtual StorageVN: Virtual Network
(VLAN+VSAN+VPN+Virtual FW)
© 2007 Cisco Systems, Inc. All rights reserved. Cisco PublicBRKDCT-270813929_06_2007_c2 49
E2E Virtualization—Example
Web and associated backend DB server served as Virtualized App/DB Server (App VM)Server HW served from Virtual Server (from server pool)
Dept 1
Server Pool
WebServer
Linux 2.4
DBServer
Linux 2.6
Hardware
VMM
Dept 2
WebServer
Linux 2.4
DBServer
Linux 2.6
Hardware
VMM
© 2007 Cisco Systems, Inc. All rights reserved. Cisco PublicBRKDCT-270813929_06_2007_c2 50
E2E Virtualization—Example
Virtual Storage served from virtualized SAN storageVirtual SAN associated with Server HW or App VMApp VM connects to Virtual Storage via VSAN
SAN
WebServer
Linux 2.4
DBServer
Linux 2.6
Hardware
VMM
Dept 2
Dept 1
WebServer
Linux 2.4
DBServer
Linux 2.6
Hardware
VMMVSAN 2
VSAN 1
© 2007 Cisco Systems, Inc. All rights reserved. Cisco PublicBRKDCT-270813929_06_2007_c2 51
E2E Virtualization—Example
VPN 1 VPN 2VPN 1
VPN 1
VRFG3
VRFG1VRF
G2
VRFG4
VRFR2
VRFR1MPLS
802.1Q
CE
PE
Dept 1Site 1
VFWR2
VFWG2
VLAN 2
VLAN 1
Dept 1Site 2
Dept 2Site 1
SAN
WebServer
Linux 2.4
DBServer
Linux 2.6
Hardware
VMM
Dept 2
Dept 1
WebServer
Linux 2.4
DBServer
Linux 2.6
Hardware
VMMVSAN 2
VSAN 1
Departments/remote sites/branches connect to App VMs in DC via Virtual Network Virtual Network served as VLAN + Virtual FW + MPLS VPN
© 2007 Cisco Systems, Inc. All rights reserved. Cisco PublicBRKDCT-270813929_06_2007_c2 52
Virtualization and Environment
© 2007 Cisco Systems, Inc. All rights reserved. Cisco PublicBRKDCT-270813929_06_2007_c2 53
Virtualization Is Green?
Pacific Gas and Electric this week announced a plan to pay as much as 50% of the setup costs—a maximum $4 million per customer—for its customers who opt to use virtualization software to reduce server counts and power and cooling costs in their data centers.
Network World, 11/09/06
© 2007 Cisco Systems, Inc. All rights reserved. Cisco PublicBRKDCT-270813929_06_2007_c2 54
Cisco SAN Virtualization—Impact
© 2007 Cisco Systems, Inc. All rights reserved. Cisco PublicBRKDCT-270813929_06_2007_c2 55
Conclusion
© 2007 Cisco Systems, Inc. All rights reserved. Cisco PublicBRKDCT-270813929_06_2007_c2 56
Conclusion
In a networked world virtualization has to be looked into from all levels and E2E
Not just from OS and server virtualization perspective
E2E Virtualization has the potential to facilitate Effective IT optimization
Server and network element consolidation
Optimization in the DC and across LAN, MAN and WAN
Effective deployment of networked applications and services (A&S)
By detaching A&S from underlying devices (HW) and network
Because of its E2E reach in the network, Cisco and partners are in a unique position to support effectively E2E networked virtualization
Cisco tools: VFrame, Cisco Active Network Abstraction (ANA)
© 2007 Cisco Systems, Inc. All rights reserved. Cisco PublicBRKDCT-270813929_06_2007_c2 57
Conclusion
Challenges in virtualization that should beaddressed in an effective way
What and how to virtualize
How E2E aspect can be effectively virtualized
How performance can be improved
Security issues
Software licensing issues