PSOCLD-1006 Cisco Cloud Architectures on OpenStack - Cisco Live! US 2015 San Diego

1. Cisco Cloud Architectures on OpenStack Duane DeCapite, Director, Product Management PSOCLD-1006 Rohit Agarwalla, Technical Leader

2. • Introduction to OpenStack • Cisco Cloud Architectures • OpenStack on Cisco Infrastructure • Cisco OpenStack Community Involvement • OpenStack on Cisco Product Offerings • Summary/Q&A Agenda

3. Introduction to OpenStack

4. OpenStack Overview Designed for building Public and Private clouds Open Source software developed by community Multi-tenant and Scalable Cloud Operating System

5. Evolving set of open API’s and services for cloud applications OpenStack Software Architecture Compute Service (Nova) Storage Service (Cinder/Sw ift) Network Service (Neutron) Many more Services Applications / Services Physical and Virtualized Infrastructure OpenStack Service APIs, SDK, CLI Infrastructure Plugins

6. OpenStack Projects Compute (Nova) Telemetry (Ceilometer) Key Management (Barbican) Network (Neutron) Orchestration (Heat) DNS (Designate) Object Storage (Swift) Database (Trove) Shared File System (Manila) Block Storage (Cinder) Bare Metal (Ironic) Deployment (Triple O) Dashboard (Horizon) Data Processing (Sahara) Application Catalog (Murano) Image (Glance) Containers (Magnum) Policy (Congress) Identity (KeyStone) Messaging (Zaqar) ….

7. OpenStack IS Ready! • Innovation not cost, saving is the number one business driver • Innovative customers choose Cisco, not commodity vendors #1 Ability to Innovate This is why you pick Cisco 47% • Almost 50% of customers polled in November have OpenStack running in production networks • Private (53%), Public (40%), Hybrid (7%) 46% Production • Most common service is web-services • Not just fringe apps or Dev Ops Apps • These are business-critical, customer-facing Apps Web Services Databases Enterprise Apps 57% Source: Openstack.org community poll http://superuser.openstack.org/articles/openstack-user-survey-insights-november-2014

8. Cisco Cloud Architectures

9. Cisco OpenStack Private Cloud Bundle Architecture Highlights • Self-contained within Availability Zones (AZ) • Multi-tenant environment • OpenStack deployment - Highly Available Controller node services - Optimized Compute node configuration - L2 and L3 Network using Cisco Nexus9000 and ASR1000 - Instance Block Storage - Authentication and Authorization • Enhanced Dashboard • Admin Monitoring and Metrics Availability Zone Physical Infrastructure: Cisco ASR1000 Routers, Cisco UCS C-Series, and Cisco Nexus 9000 Series Service Orchestration Compute Network Storage Identity and Security Private Cloud Management and Orchestration

10. OpenStack Cloud APIs Physical Infrastructure: Cisco UCS C-Series, Cisco UCS Fabric Interconnects, and Cisco Nexus 9000 Series Operating Systems: Red Hat Enterprise Linux 7.0 InktankCeph (BlockStorage) Nova (Computing) Hypervisor (KVM) Neutron (Networking) Heat (Orchestration) Ceilometer (Telemetry) Cinder (Volumes) Keystone (Identity) Red Hat OpenStack Dashboard (Horizon) Red Hat Components Cisco Components Glance (Image) Cisco UCS Integrated Infrastructure for Red Hat Enterprise Linux OpenStack: Starter Edition • OpenStack services on single controller node • Network node and Storage cluster • OpenStack deployment - Packstack installer - Network link level redundancy - Compute cluster can support up to ~500 - m1.small VM’s - Neutron Provider Network Model - Ceph services on controller node and back end block storage for Cinder Volumes and Glance VM Images

11. Cisco Cloud Services Tenant Network Resource View on Cisco Cloud Services Tenant B Network Tenant A Network Tenant A Network Subnet Subnet Subnet VM VM VM Floating IP Floating IP Floating IP Floating IP Floating IP Outside World (Internet) VM VM Public DirectSubnet VM VM Router Unrouted NetworkSubnet VM VM DHCP DHCP DHCP DHCP DHCP LBaaS LBaaS VPNaaS VPNaaS

12. Cisco Intercloud Fabric (ICF) support for OpenStack DC/Private Cloud Provider Clouds vSphere Cisco Intercloud Fabric Director VMware KVM Cisco Intercloud Fabric for Providers (Cisco Cloud Services, Intercloud Partners) OpenStack Cisco Intercloud Fabric Secure Network Extension • Secure Hybrid Cloud enabled using ICF • Layer 2 network extension from VMware private cloud environment to OpenStack based provide clouds • Automatic image conversion from vSphere to KVM and back • REST API based Intercloud Fabric Director (ICFD)

13. OpenStack on Cisco Infrastructure

14. OpenStack integration with Cisco Nexus • Neutron Modular Layer 2 Nexus 1000v Driver • Neutron API Resource extensions for Network and Port • VSM based centralized management using REST API • Driver capabilities include Layer 2 tenant isolation using host based overlay configurations (VXLAN) • Multicast and Unicast modes Virtual Cisco Nexus virtual switch • Neutron Modular Layer 2 Nexus Driver • Works with Neutron core Resources – Network, Port and Subnet • Validated on NXOS based platforms 3k/5k/6k/7k and 9k standalone mode • Driver capabilities include Layer 2 tenant isolation using VLAN and multicast network based overlay configurations (VXLAN) Physical Cisco Nexus hardware

15. Nova HostNova HostNova Host Networking With Neutron Reference Implementation VM1 Controller Host(s) Router Neutron Host(s) API NetworkExternal Network Management Network VM6VM5VM2 VM3 VM4 Internet vSW vSW vSWvSW Data Network Virtual Router Switch Switch Switch trunk port with allowed VLANs. Virtual Switch trunk port. Tenant Networks

16. Issues in Neutron Reference L3 and ASR1K Solutions • NAT for External Connectivity: • Issue - Scale limitation in Linux iptables software NAT. • Solution - ASR1K can scale up to 4 million dynamic NAT entries and 16K static NAT entries. • Tenant Routing: • Issue - Scale limitations in Linux namespaces based software tenant networking. • Solution - ASR1K uses Virtual Routing and Forwarding (VRF) instances for tenant routers. ASR1K can scale up to 4k VRFs (8k in upcoming release). • Tenant Networks: • Issue- Scale limitations in Linux software based interfaces. • Solution - ASR1K plugin maps tenant networks to sub-interfaces on ASR1K. ASR1K supports up to 64k sub-interfaces. • Data Throughput: • Issue - Performance limitations with software packet forwarding and NAT on generic compute hardware. • Solution - ASR1K can perform packet forwarding and NAT at rates upto 230 Gbps.

17. ASR1K Neutron Host(s) Nova HostNova HostNova Host OpenStack Networking With ASR1K L3 Services Plugin VM1 Controller Node(s) Router API NetworkExternal Network Data Network Management Network VM6VM5VM2 VM3 VM4 Internet Switch trunk port with allowed VLANs. vSW vSW vSW Switch Switch ASR1K L3 Plugin VRF with default GW and NAT (to global routing). Virtual Switch trunk port. Virtual Router Tenant Networks

18. ASR1K-2 ASR1K-1 Neutron Host Nova HostNova Host Demo Topology – Physical and Virtual Networks VM-11-A OVS OVSRouter 1 (nrouter- 4d9bc2-pkn) Nexus Switch Nexus Switch Internet VM-22-A VM-11-B VM-33-A Router 2 (nrouter- 4d9bc2-pkn) Gig0/2/0 Gig0/0/1 • UCS C-Series hosts. • ASR 1001/1002. • Nexus 9300 /3500.

19. OpenStack Compute Scheduler • Constraint based PlaceWise Nova Scheduler for both UCS blade and rack-mount servers to meet your OpenStack deployment requirements UCS Manager SR-IOV VM-FEX • Neutron VM-FEX driver to configure Layer 2 tenant VLAN segment • Operations controlled using Port Profiles on UCSM • Ironic PXE driver to manage power operations of Cisco UCS servers • Operations controlled using Service Profiles on UCSM Cisco Unified Computing System (UCS)

20. Cisco Application Centric Infrastructure (ACI) Group Based Policy Model • Automation • Intent-drive Physical + Virtual • Zero-touch performance • Physical server • Multi-hypervisor Fabric Tunnels • Automatic VXLAN • Distributed L2 • Distributed L3 Service Chaining • Service chaining and redirection Telemetry • Health Metrics • Visibility • Troubleshoot

21. OpenStack Group Based Policy Overview Group Policy CLI Horizon Heat Neutron Driver Neutron Any Existing Plugins and ML2 Drivers Native Driver Neutron Driver maps GBP to existing Neutron API and offers compatibility with any existing Neutron Plugin 1 1 2 2 Native Drivers exist for OpenDaylight as well as multiple vendors (Cisco, Nuage Networks, and One Convergence)

22. Community Involvement

23. Cisco is a Leading OpenStack Contributor #1 Contributor to Juno in Neutron Top 6 Total Reviews in Juno Vice Chair 39 Completed Juno Blueprints 90 Engineers Contributed to Kilo 141 Resolved Juno Bugs Top 5 In OpenStack Member 447 Commits #1 Kilo Neutron Blueprints Top 4 in Neutron Kilo Commits

24. Cisco OpenStack on Leading Linux Distros SUSE Cloud Ubuntu OpenStack Planning Design End-to-End Validation Documentation Unit Feature Integration System Customer OpenStack Platform Deploy with confidence and full Cisco Support!

25. OpenStack on Cisco Product Offerings

26. Cisco OpenStack® Private Cloud Design and Architect Platform Installation 24X7 Monitoring Problem Mitigation Maintenance Coordination Platform Updates Capacity Planning Cisco OpenStack® Private Cloud Remote private cloud engineering and operations Delivered “as a service” In your data center, on your hardware (that meets minimum specifications)

27. Network-Centric Ecosystem of Clouds (Marketplace) Enterprise Private Clouds Public Clouds Partner Clouds Cloud Services and ApplicationsIntercloud Fabric APIs Portal APIs APIs OpenStack HCS Microsoft Suite aaS DRaaS PaaS IaaS Meraki Security Analytics vDesktop aaS WebEx HANA aaS IOE aaS Collaboration and Video Big Data and AnalyticsNative Cloud Applications Enterprise Workloads Cisco OpenStack Private Cloud

28. • Cisco validated hardware and software solution for enterprise customers targeting KVM cloud-native workloads on OpenStack • Ability to deploy virtual private data center with tenants and VMs on a Cisco Powered™ cloud  Red Hat OSP 5  Cisco UCS C240 M3 (Ceph storage cluster)  Cisco UCS C220 M3 (computing , OpenStack)  Cisco UCS fabric interconnects and Cisco UCS Manager  Cisco Nexus 9000 Series • Excellent starting point for DevOps deployments • Foundation for advanced and ACI cloud capabilities • Deployment can be facilitated via Cisco Services Virtual Private Data Center Cisco UCS Integrated Infrastructure for OpenStack Starter Edition

29. Summary

30. Relevant, large contributions to open source code Software solution innovation Drive innovation into Cisco products Build WORLD-CLASS global Cisco Cloud Services Programs that enable success for every deployment model

31. Participate in the “My Favorite Speaker” Contest • Promote your favorite speaker through Twitter and you could win $200 of Cisco Press products (@CiscoPress) • Send a tweet and include • Your favorite speaker’s Twitter handle <@DuaneDeCapite and @rohitagarwalla> • Two hashtags: #CLUS #MyFavoriteSpeaker • You can submit an entry for more than one of your “favorite” speakers • Don’t forget to follow @CiscoLive and @CiscoPress • View the official rules at http://bit.ly/CLUSwin Promote Your Favorite Speaker and You Could Be a Winner

32. Complete Your Online Session Evaluation Don’t forget: Cisco Live sessions will be available for viewing on-demand after the event at CiscoLive.com/Online • Give us your feedback to be entered into a Daily Survey Drawing. A daily winner will receive a $750 Amazon gift card. • Complete your session surveys though the Cisco Live mobile app or your computer on Cisco Live Connect.

33. Continue Your Education • Demos in the Cisco campus • Walk-in Self-Paced Labs • Table Topics • Meet the Engineer 1:1 meetings • Related sessions

34. Thank you