Cisco Virtualized Multi-tenant Data Center solution (VMDC) is an architectural approach to IT which delivers a Cloud Ready Infrastructure. The architecture encompasses multiple systems and functions defining a standard framework for an IT organization. Standardization allows the organization to achieve operational efficiencies, reduce risk and achieve cost reductions while offering a consistent platform for business.

1. © 2011 Cisco and/or its affiliates. All rights reserved. Cisco Connect 11© 2012 Cisco and/or its affiliates. All rights reserved.
Toronto, Canada
May 30, 2013
Cisco’s Cloud Ready
Infrastructure
VMDC – Virtualized Multi-service Data
Center
Sunil Cherukuri (sunilc@cisco.com)
Technical Lead, Systems Development Unit

2. Hotels and Data Centers
Question: What do they have in common?

3. © 2012 Cisco and/or its affiliates. All rights reserved. Cisco Connect 3
Hotels and Data Centers
Answer: Both are Shared Infrastructures
Hotel Rooms are expected to have
Secure Separation
Data Centers without Secure Separation look like
hotel rooms with military sleeping quarters
Data Centers Deployed Following VMDC Guidelines Ensures Critical Workloads are Protected

4. © 2012 Cisco and/or its affiliates. All rights reserved. Cisco Connect 4
Acronyms
• VMDC – Virtualized Multi-Service Data Center
• ICS – Integrated Compute Stack
• Vblock – An ICS based on Cisco, EMC & VMWare components
• FlexPod – An ICS based on Cisco, NetApp & VMWare components
• HCS – Hosted Collaboration Solution. A Cisco software solution to provide rich voice &
collaboration software in a cloud environment
• DCI – Data Center Interconnect.
• VPDC – Virtual Private Data Center
• HVD – Hosted Virtual Desktop

5. Agenda
• Cloud Drivers and Introduction
• VMDC System Overview
• VMDC Physical Infrastructure
• VMDC Logical Infrastructure
• VMDC Infrastructure Updates
• VMDC Management and Automation
• VMDC Summary

6. © 2012 Cisco and/or its affiliates. All rights reserved. Cisco Connect 6
Cloud Drivers &
Introduction

7. 31% CAGR 2011–2016
Global Data Center Traffic Growth
Data Center Traffic Nearly Quadruples from 2011 to 2016
0.0
1.0
2.0
3.0
4.0
5.0
6.0
7.0
2011 2012 2013 2014 2015 2016
Zettabytes/Year
6.6 ZB
1.8 ZB
2.6 ZB
3.3 ZB
4.1 ZB
5.2 ZB

8. 0
20
40
60
80
100
120
140
160
180
200
2011 2012 2013 2014 2015 2016
InstalledWorkloadsin
Millions
Cloud Data Center
Traditional Data Center
Workload Shift: Cloud vs. Traditional
Nearly Two-thirds of all Workloads Will Be Cloud-based by 2016
62%
38%
30%
70%
52%
48%
20% CAGR 2011–2016

9. Within
Data Center
76%
Data Center-
to-Data Center
7%
Data Center-
to-User
17%
Global Data Center Traffic by Destination
Most Data Center Traffic Consistently Stays Within the Data Center
Web, email,
internal VoD,
WebEx, et al.
Storage, production
and development data,
authentication
A
B
Within Data Center (76%)
C
Replication,
inter-database
links
Data Center-to- Data Center (7%)
Data Center-to-User (17%)
© 2012 Cisco and/or its affiliates. All rights reserved.

10. The Challenge IT Initiatives
1. Improve IT
efficiency
2. Streamline/improve
business processes
3. Increase IT
resources to drive
business innovation
4. Improve customer
management
capabilities
Business Goals
“Raising the
productivity of
employees whose jobs
can't be automated is
the next great
performance
challenge.”
McKinsey & Company, The 21st
Century Organization, 2005
1. Grow revenue
2. Lower overall
operating costs
3. Acquire/retain
customers
4. Drive new market
offering or business
practices
5. Improve workforce
productivity
Cloud Adoption Drivers

11. Enable cloud services
including people-centric
collaboration and other
applications
Rich Ecosystem of
Integrated Solutions
Enable customers to
deploy tested, best of
breed solutions
Enable customers to
build and operate private,
public or hybrid clouds
Enabling CloudApplications/Services by Uniquely Combining
the Unified Data Center and Cloud Intelligent Network
Tailored Solutions for
Building Clouds
Innovative
Cloud Services
Research In Motion SAMSUNG
Cisco’s Cloud Strategy

12. Cisco IT Case Study – “CITEIS”
Cisco IT Elastic Infrastructure Services (Internal Private Cloud)
Unified Infrastructure
and AutomationVirtualization
100% Physical,
Legacy Computer Platform
Average
TCO
-31%
Speed of delivery
6-8 Weeks Speed of Delivery
2-3 Weeks
Speed of Delivery
15 Minutes
-37%
40% Physical, 60% Virtual,
Legacy Computer Platform
Average
TCO
35% Physical, 65% Virtual,
Unified Computing Platform,
100% Automated
Average
TCOIT Maintenance /
IT Innovation
70/30
IT Maintenance /
IT Innovation
40/60
IT Maintenance /
IT Innovation
60/40

13. Public Private Hybrid CommunityDeployment
Models
Service
Models
Software as a
Service (SaaS)
Platform as a
Service (PaaS)
Infrastructure as a
Service (IaaS)
Essential
Characteristics On-Demand
Self Service
Broad Network
Access
Resource
Pooling
Rapid ElasticityMeasured Service
http://www.csrc.nist.gov/groups/SNS/cloud-computing/index.html
IT Resources and Services that Are Abstracted from the
Underlying Infrastructure and Are Provided “On-Demand” and “At Scale”
Visual Model of NIST’s Working Definition of Cloud Computing
A Style of Computing Where Massively Scalable IT-Enabled Capabilities Are
Delivered “as a Service” to Multiple External Customers Using Internet Technologies
Source: Gartner 2008
What Is Cloud Computing?
Taxonomy Check

14. © 2009 Cisco Systems, Inc. All rights reserved.14
Open Cloud
Private Cloud Private Cloud
Public Cloud
#1
Public Cloud
#2
Inter-Cloud
Stand-Alone
Data Centers
Private Cloud
Public Cloud
PRESENT
Enterprise
Extension
Hybrid Cloud
Virtual
Private Cloud
Private Cloud
Public Cloud
Cloud Deployment Models
Private, Public, Hybrid

15. Consolidation
(Reduce Costs)
Automation
(Transform IT)
Virtualization
(Improve Agility)
Gold
Platinum
IT Infrastructure Business Applications IT-as-a-Service
The Journey to Cloud
Evolution of IT + Business Agility

16. © 2012 Cisco and/or its affiliates. All rights reserved. Cisco Connect 16
VMDC System
Overview

17. Inter-Data
Center Networking
Unified Fabric and
Data Center
Networking
Providing Network
and Services
Virtualization
Unified Computing and
Integrated
Systems
Providing Server
and Application
Virtualization
ComputeNAS SAN
WAN
Access
Services
Network
Fabric
Networking Fabric
VMDC
Cloud Service
Management
Business
Support
Provisioning
Configuration
Portability/
InteroperabilityStorage
Compute
Unified Computing
Multi-Site Connectivity
Virtualized Multiservice Data Center
All Specifications Subject to Change without Notice

18. Cisco Virtualized Multi-Service Data Center (VMDC)
• Cisco® VMDC: A validated reference architecture
– CVD Design & Implementation Guides
– Validated Orchestration & Assurance tools
– Reducing time to deployment
– Reducing risk
– Increasing flexibility
– Improving operational efficiency
• A flexible, modular, scalable and validated architecture that
combines integrated computing stacks, unified data center, and data
center interconnects into an end-to-end architecture – Blueprint for
Cloud
• Multi-service & Multi-tenant
• One-cloud solution for any layer infrastructure, platform, and software
as a service (IaaS and SaaS) and any deployment
(Private, Public, or Hybrid Cloud)
Design the Cloud with Confidence

19. System Development Guidelines
Planning Design End-To-End Validation Documentation
System
Development
Fundamentals System Delivery
Tested and validated designs
Thought Leadership
System level innovations
Product Development
Cross platform collaboration
Key Customer Engagements
Consider end-to-end view
Unit
Feature
Integration
System
Customer
Cisco Validated Design Process
Innovation and Quality Through System Level Design and Validation

20. VMDC Solution Validation Scope
- Synopsis
• Systems Level End to end feature/integration testing to enable service delivery, and multi-tenancy / isolation
Multi-dimensional Scalability (i.e., Tenants, VMs, VLANs, MAC, HSRP, Routes, Contexts, etc.)
3rd party components, including BMC CLM, Zenoss CSA, Vmware vSphere, vCloud Director, EMC , NetApp, Citrix Netscaler, Microsoft,
RedHat
• Service Differentiation Validation of Service Tier offering (network, compute, storage) and DC Services
(VPN, FW, IPS, SLB, GSS etc). Stress/Load tests to validate end-end Service Flows, QoS, reliability, monitor
cpu/memory.
• “Real-World” Simulations Baseline Steady State Traffic and background traffic injection (N-S, E-W, Stateful
+ Stateless)
• HA Focus Failover/Negative tests to validate redundancy designs and technologies end to end (Routing,
vPC/MEC, ECMP, VSS, HSRP, Active-Active service modules, Clustering, SAN, Fabric, UCS blades,
Storage controllers). Analysis and characterization of end to end service restoral.
• Manageability Validation of statistics and monitoring capabilities – SNMP, Sylog, Netflow, I/O statistics, etc.
Validation of Orchestration & Management tools

21. • Cross Architecture Validation – Cloud/DC, Mobility, IPv6, Video, Collaboration
• VMDC 2.2 based architecture – each test overlaid as tenant in multi-tenant cloud
• 70+ 10G IXIA ports, 75+ VRFs/tenants, 600+ VLANs, 1500+ VMs
• 80 Gbps of north-to-south (next-generation network [NGN]
to cloud) traffic: 1 million clients to 50,000 servers
• 300 Gbps of east to west (within data center ) traffic: switched & routed - with Cisco®
FabricPath 2-tier design – showing 15,000 MAC addresses and 256 VLANs
• 67 million NAT64 sessions simulated, at 80Gbps, 4 million/sec
• 1 million residential gateways shown for 6rd, at 80Gbps
• 40Gbps of video streaming – using Cisco CDS Internet streaming appliance, and on a
Cisco ASR 9000 Series Cisco Integrated Services Module (ISM)
• PCRF for throttling mobile subscribers in real time
• Any video format, any device, any where: iPad, Android, PC, etc.
• Cisco VM-FEX in VMDirectPath performance demonstrated:
– VM-FEX compared to software DVS in 4 ways:
iSCSI read-write, L3 IMIX traffic, HTTP traffic, and video encoding
– 20 to 30% performance improvement in throughput, CPU, and IOPS with Cisco Data
Center VM-FEX DirectPath I/O
Cloud Megatest (LightReading / EANTC)
http://www.cisco.com/en/US/solutions/ns341/eantc_cloud.html

22. Challenges in Building and Maintaining Cloud
You need to have a plan!
• Predictably grow the data center
• Scale the data center
• Secure the data center from external and
internal threats
• Protect the DC from HW and SW failures
• Establish virtual containers to be assigned
to consumers with pre-defined service
policy profiles
• Securely separate these virtual containers
• Connect the DC to other DCs
• Provision the DC
• Manage and Monitor the DC
• Cloud Automation
• Provision virtual containers and
assign to consumers
• Manage virtual containers
• Provide differentiated services for
consumers of virtual containers
• Cloud resource management and
assurance

23. © 2012 Cisco and/or its affiliates. All rights reserved. Cisco Connect 23
VMDC Physical
Infrastructure

24. Building a Multi-Service Infrastructure
Architecture Pillars
Service Orchestration
Dynamic application and reuse of resources
Automated service orchestration and fulfillment
Integration with Network Containers
Rapid Self Service IT
High Availability
Carrier Class Availability
Platform/Network/Hardware/Software Resiliency
Minimize the probability and duration of incidents
Focus on your business, not fighting fires
Differentiated Service Support
Design logical models around use cases
Services-oriented framework
Combines compute/storage/network
Resources are applied and tuned to meet needs
Modularity
Pod based design
Scalability framework for manageable increments
Predictable physical and cost characteristics
Streamline Turn-up of New Services
Secure Multi-tenancy
Shared Physical Infrastructure
Tenant Specific Resources
Use Cases
Comply with business policies

25. The Challenge:
How do I scale my data center?
The Solution
• Point of Delivery
(POD)
Integrated Compute Stack
ComputeStorage Network
Integrated Compute Stack
ComputeStorage Network
Service
Appliances
Data
Center
Services
Node
PoD
Point of Delivery (PoD)
Architectural consistency
through a modular approach
• Modular, tiered construct consisting of
groupings of integrated compute stacks
plus storage and networking
infrastructure
• A single Pod can be deployed and
operated by itself or connected together
to other Pods to achieve scale
• VMDC validates 2 styles of Pods:
Compact and Large
Benefits
• Simplified capacity planning
• Ease of new technology adoption
• Consistent and efficient operation
© 2012 Cisco and/or its affiliates. All rights reserved.

26. Enhanced Data
Center Interconnect
Unified
Data Center
Networking
Integrated
Compute Stacks
ComputeNAS SAN
VMDCVMDCVMDC
Data Center
Access
Services
Aggregation
Core
VMDC
Cloud Service
Management
Business
Support
Provisioning
Configuration
Portability/
Interoperability
FlexPod™
Cisco Virtualized Multi-Service Data Center
Scale the Compute with UCS and Integrated Compute Stacks

27. Scalable Compute: VMDC Supported ICS
VCE’S Vblock Family of Cloud Infrastructure Packages
Vblock Series 700
Storage: EMC Symmetrix Vmax
Compute: Cisco UCS
Virtualization: VMware
Orchestration:
Unified Infrastructure
Manager (UIM)
Vblock Series 700
model MX
Vblock Series 300
Storage: EMC VNX
Compute: Cisco UCS
Virtualization: VMware
Orchestration: Unified
Infrastructure Manager (UIM)
Four Models
Pre-Integrated and Supported
Cloud Infrastructure
Focus teams on using infrastructure vs.
assembling and supporting the individual
components
Cloud Service Provider
Operational Model
Provisioning, service delivery, chargeback, etc.
Accelerates the Shift to a Private
Cloud Model
Less time debating, more time using

28. Scalable Compute: VMDC Supported ICS
Cisco and NetApp’s FlexPod Reference Architecture
• Standard, pre-validated, best-in-class
infrastructure building blocks
• Flexible: One platform scales to
fit many environments and
mixed workloads
• Add applications and workload
• Scale up and out
• Simplified management and
repeatable deployments
• Design and sizing guides
• Services: Facilitate deployment of
different environments
Cisco®
UCS B-Series
Blade Servers and
UCS Manager
Cisco Nexus®
5000
Family Switches
NetApp®
FAS
10GE and FCoE

29. Scaling the Infrastructure
Add PoDs to Meet Business Demands
29
PoD
Integrated Compute
Stack
ComputeStorage Network
Integrated Compute
Stack
ComputeStorage Network
Service
Appliances
Data
Center
Services
Node
PoD
Integrated Compute
Stack
ComputeStorage Network
Integrated Compute
Stack
ComputeStorage Network
Service
Appliances
Data
Center
Services
Node
The Solution
• PoD replication
Benefits
• Optimize CAPEX savings while maintaining SLAs
• Predicable performance and scale based on building blocks
• Effective way to add separate application environments
• Pod’s are interconnected at Core or WAN layer
Key Factors to Consider
• L2 Scale - Virtual Machine Density,
VMNics per VM, MAC Address
Capacity,
• Cluster Scale, ARP Table Size,
VLAN scale, Port Capacity, Logical
Failure Domains L2 Control Plane
• L3 Scale – BGP Peering, HRSP
Interfaces, VRF Instances, Routing
Tables and Convergence, Services
• Resource Oversubscription –
Network Compute, and Storage
Oversubscription, Bandwidth per VM
© 2012 Cisco and/or its affiliates. All rights reserved.

30. VMDC 2.2 Topology

31. Pod
max. of 512 servers, 12,000 VMs
200 tenants
DC
max. of 3072 servers, 72,000 VMs
200 tenants
Scale can be increased through tweaking design
- removing Core layer
- reducing cross-connects (ladder)
- reducing BGP peering
- using Static routes instead of BGP
- using different Core or Agg devices
- using MPLS instead of VRF-Lite
Integrated Compute Stack
ComputeStorage Network
Integrated Compute Stack
ComputeStorage Network
Service
Appliances
DataCenter
Services
Node
PoD1
Nexus 7k access
N7k Core
N7k AGG
VMDC 2.2 Scale

32. Network Scale Considerations
PoD Scalability
Network StorageCompute
What Determines the Host Scale in a PoD?
• Aggregation—Number of ICS, Blades
• Work-load domain
• Number of MAC address and VLANs
• Failure Domain
• Features to facilitate L2/L3 Boundary
• Number of vFiler IP
Space
• Number of VLANs
supported
• Number of 10 Gig
NICs
• Number of LUNs,
Ports, Zones, WWNs
• VM Density
• VM Sizing
• MAC per VM
• Logical Ports
• Virtual Switch
• Total number of MAC
Addresses & ARP
entries
• STP logical ports
• Number of VLANs,
Tenants
• Routing Peers,
Adjacencies

33. PoD Sizing Considerations
For Reference
• Network
‒ Traffic throughput
‒ Number of Tenants (VRFs), VLANs
‒ Oversubscription factors
‒ High Availability (redundant links)
‒ Port and Line-card/Chassis density
‒ Platform scalability (VRFs, VLANs, Interfaces)
‒ Ratio of Service Tiers (Gold:Silver:Bronze)
• Security & L4-7 Services
‒ Service Modules or Appliances
‒ Type and Number of Services
‒ Number of Virtual Contexts (Modules)
‒ Number of VLANs tied to service modules
‒ Application throughput
• Storage
‒ SAN/NAS ports/links
‒ Storage throughput, oversubscription, IOPS
‒ Number of VSAN, Zones
‒ Storage Array Density (disks, ports)
‒ Distributed or Centralized Storage
• Compute
‒ Number of VMs per tenant, per VLAN
‒ VM to Core ratio, Memory size per VM
‒ Number of links, oversubscription factors
‒ Ratio of Service Tiers (Gold:Silver:Bronze)
‒ Number of blades in a UCS cluster
‒ Number of blades in a ESX cluster
‒ Number of VMs per blade, per cluster, per Pod
‒ VCenter limits on VM’s, Servers, DataStores, Ports

34. The Challenge:
How do I ensure high availability?
34
The Solution
• End to end HA
architecture
Benefits
• Maximize infrastructure uptime
• Comprehensive end to end architecture
• Focus on your business, not fighting fires
• Redundant links, nodes and
paths, end to end plus:
• L2 Redundancy – ❶vPCs,
❷ MEC, and ❸MAC-
pinning
• L3 Redundancy - ❹HSRP,
Non-stop forwarding, non-
stop routing, LDP sync,
MPLS graceful restart
• Compute Redundancy - ❺
UCS end host mode, others
(N1KV and MAC-pinning,
Active/Standby Redundancy,
Intra-Cluster HA)
• Storage Redundancy –❻FC
port channeling, multi-pathing
software from VMware or
SAN vendor
• Services Redundancy – ❼
ASA, ACE redundancy
• Routing Protocol
Redundancy - BGP, OSPF
ComputeNAS SAN
Access
Resilient Fabric
& Services
❻
❺
❹
❼
❶ ❷
❸
© 2012 Cisco and/or its affiliates. All rights reserved.

35. The Challenge:
How do I enable QoS for SLA Compliance?
35
The Solution
• Quality of Service
Benefits
• Supports applications with differing latency requirements
• Provides end to end QoS
• Supports QoS across hybrid public/private domains
• Define low latency traffic
classes in this new
multimedia service tier (i.e.,
VoIP bearer and video
conference) are
characterized by three
metrics - bandwidth, delay,
and availability.
• Support QoS across hybrid
public/private domains
• Traffic Classification and
Marking - ❶It is a general
best practice to mark traffic at
the source-end system or as
close to the traffic source as
possible in order to simplify
the network design.
• Hierarchical QoS for Multi-
Tenancy
• Queuing, Scheduling, and
Dropping – accounts for
differences in queuing
structures
• Shaping and Policing
ComputeNAS SAN
Data Center
Access
Services
Aggregation
Core
© 2012 Cisco and/or its affiliates. All rights reserved.

36. © 2012 Cisco and/or its affiliates. All rights reserved. Cisco Connect 36
VMDC Logical
Infrastructure

37. Cloud Consumer
Defining the Role
• Cloud consumers use shared infrastructure resources
• Each organization must choose its approach to resource allocation and separation
• These policies define a form of multi-consumer or multi-tenancy
Cloud Consumer
Shared IT Infrastructure
Customers Business Units
DepartmentsApplications

38. VMDC Consumer Models
Deployed as Containers
• Consumer models are logical constructs
instantiated on the VMDC infrastructure
• Consumer models
are customizable
• Consumer models must address application
requirements
• Consumer models should be unaware of
underlying technology
• Models will evolve as new technologies are
introduced
Cloud Consumer “X”

39. VMDC Consumer Models
Addressing Application Requirements
• Network Requirements
• Session persistence
• High Availability
• Scalability
• Latency Mitigation
• Reliable transport
• Security Requirements
• Secure sessions with encryption
may be required
• Each layer of the application stack
authenticates data transport
Cloud Consumer “Z”Cloud Consumer “X” Cloud Consumer “Y”

40. The Challenge:
How do I create tenant (consumer) containers?
40
The Solution
• Pre-defined and
Automated
Virtualized
Containers
Benefits
• Quickly and securely onboard similar consumers
• Covers different levels of network services for a variety of needs
• Addresses varying security, QoS, and other requirements
• Solutions available to automate the process
Tenant 30Tenant 20Tenant 10Tenant 1
Physical Data Center
Components
Resilient
Fabric
Services
ComputeLoad
BalancerFirewall
Virtual
Firewall UCS
Virtualized
Contexts
Zone 1 Zone 2
© 2012 Cisco and/or its affiliates. All rights reserved.

41. VMDC Container Model
Tiered Security in VMDC 2.2
Public/Shared
VRF
vPath
Protected VRF
(control point)
Nexus
1000v VSG
ASA Context
(per tenant)
Public Zone (DMZ) Protected FE Zone 1 Zone 2 Zone 3
Sub-Zone
W
Sub-Zone
X
Sub-Zone
Y
Sub-Zone
Z
Private
(Tenant VRF)
Less Trusted Zones
Front-end Zones Back-end Zones

42. VMDC Sample Network Containers
Differentiated Services – Common Platform
Silver Gold Palladium Expanded GoldBronze
L2
L3
FW
LB
LB
Public Zone
Private Zone
L2
L3
FW
LB
LB
vFW
vFW
FW
Protected
Back-End
Protected
Front-End
L2
L3
L3
vFW
LB
L2
L3
L3
vFW
FW
L2
L3
L3
vFW
LB
• Predefined containers provide examples for different types of deployments
• Automated provisioning and management logic for each container type is pre-defined in the Management
and Orchestration software
• Customers can choose from existing models or define their own customized models – Flexible framework
allows variations© 2012 Cisco and/or its affiliates. All rights reserved.

43. The Challenge:
How do I secure my containers?
43
The Solution
• Container service
abstraction and right
sizing
Benefits
• End to end secure separation across the data center
• Overlapping IP addresses are allowed
• Automation tools to simplify deployment
WAN
L2
L3
L3
L3
Layer 2 Trunks
Layer 2 Trunks
HSRP/L3
Gateway
Web
Data
base
App
Web
Data
base
App
Web
Data
base
App
Core
Aggregation
WAN Edge SiSiSiSi
• Defense in Depth per
consumer (front end ASA,
back end VSG)
• VRF-lite implemented at core
and aggregation layers
provides per tenant isolation
at L3
• Separate dedicated per-
tenant routing and forwarding
tables insuring that no inter-
tenant (server to server)
traffic within the data center
will be allowed, unless
explicitly configured
• VLAN IDs and the 802.1q tag
provide isolation and
identification of tenant traffic
across the L2 domain
• Compute Separation
(vNICs, VLANs, Port Profiles)
• Storage Separation (Cluster
File System Mgmt, VSAN and
FC Zoning, LUN Masking,
vFilers)
• Application Tier (Network
Centric, Logical and Physical
segmentation with L2/L3
firewalling and security
zoning)
© 2012 Cisco and/or its affiliates. All rights reserved.

44. Cisco’s Data Center
Interconnect
• LAN Extentions:
OTV, VPLS, EoMPLS,
• Path Optimization
LISP, GSS
• SAN Extensions
NetApp’s FlexCache,
MetroCluster
EMC’s VPLEX
The Challenge:
How do I achieve efficient Business Resilience and Disaster Recovery?
44
Benefits
• Workload balancing across data centers and clouds
• Proactive response to disruptions – mitigates risks of Approaching disasters, viz. hurricanes,
floods, etc., Power grid maintenance, Data center maintenance and migrations
• Planned events scheduled over a period of time
• Backup and Disaster Recovery aaS
Cisco Catalyst
6500 Series
Cisco Nexus 7000
SeriesCisco Nexus 7000
Series
The Solution:
• Cisco DCI Solution
enables new operational
models for BR, DR and
Multi-site operations
© 2012 Cisco and/or its affiliates. All rights reserved.

45. Data Center Interconnect
• Interconnection Models:
Enterprise to Enterprise (E2E)
Enterprise to Service Provider (E2SP)
Service Provider to Service Provider (SP2SP)
• Overlay-Based Techniques
OTV, LISP, VXLAN
• Suitable for intra-Ent DC interconnect
NGN-Based DCI Solution:
Addresses E2SP for workload migration
Addresses SP2SP for regional or distributed data centres
• Standalone DCI Network
Provides interconnection between main SP DCs
Owned by SP DC team
Addresses SP2SP only
Very high bandwidth—packet/optical solution likely the
most cost effective
SP DC1 SP DC2
Ent DC1 Ent DC2
SP NGN
DCPE
DCPE
DCE
DCE
PE PE
CE CE
Enterprise DCI “back door”
Standalone DCI network
Ethernet (e)TRILL / 802.1ad
MPLS VPLS, A-VPLS, EVPN, EoMPLS
IP OTV, LISP, VXLAN

46. © 2012 Cisco and/or its affiliates. All rights reserved. Cisco Connect 46
VMDC
Infrastructure
Updates

47. VMDC 2.3
• Lower Cost, Higher Tenancy Scale VMDC design
• Based on VMDC 2.2, with some optimizations in the architecture to achieve higher tenancy scale, with
lower cost.
• Increased tenant scale - can support upto 500 mixed tenants in a Pod, and 2000 in a DC
• Lower VM scale per – can support upto 6000 VMs in a Pod, and 24000 in a DC.
• VRF-Lite and vPC based architecture - VMDC 2.x aligned
• Collapsed Core/Aggregation layer – uses smaller Nexus 7004 platform with F2 modules – to reduce
cost. Can use other Nexus 7000 form-factors and modules for higher port-density.
• ASA/ACE appliances directly connected to Nexus 7004 – no 6500-DSN layer
• ASR 1006 as DC-PE. Can use other ASR form factors for higher port-density.
• Architecture works with Vblock, FlexPod or any other integrated compute stacks. For validation, a
FlexPod-aligned topology was used

48. VMDC 2.3 Physical Topology

49. VMDC 2.3 Expanded Gold Container

50. VMDC 2.3 Silver Container

51. VMDC 2.3 Bronze Container

52. VMDC 2.3 Copper Container

53. VMDC 2.3 Scaled Pod

54. VMDC 2.3 Scaled DC

55. Tenant Scale with VMDC 2.3
(as of NX-OS 6.1) ***
Tenancy Model Scale per POD Scale in DC
(4 POD)
All Expanded
Gold
125 500
All Gold 200 800
All Silver 300* 1200*
All Bronze 300 1200
All SMB 500 2000
Mixed * 500 2000
• Mixed = 10 Ext.Gold, 20 Silver, 220 Bronze, 250 SMB per POD
• * Needs multiple pairs of ASA and/or ACE appliances per POD
• *** These numbers will increase 2-3x with NXOS 6.2

56. DC Aggregation/Access
DC Core
DC Access
L3 Boundary
L2
Data Center Perimeter
CLOS based model as a new L2 option for the Data Center
• VMDC 2.x releases validated topology variants (i.e., collapsed core/aggregation, as the L2/L3
boundary)
• VMDC 3.x releases validated with FabricPath based architecture – for intra-POD or inter-POD VM
Mobility
SPINE
FP
SPINE
FP
SPINE
FP
SPINE
FP
FP
LEAF
FP
LEAF
FP
LEAF
FP
LEAF
FP
LEAF
FP
LEAF
L3 Boundary
L2
Multi-Layer L3 Hierarchical Design L2 CLOS Design

57. If needing more Scale..
Scale Factor Change in design Benefit
More than VM per Pod Use M2 linecards instead of F2 on Nexus 7004
Agg
128k MAC on M2, so can get to 50k VMs
More ICS and UCS blades in
Pod
Use N7009 instead of N7004 Can get more port-density – for connecting
more servers, or for more throughput
More Pods in DC Use ASR1013 or ASR9010 instead of ASR1006 Get higher port density and throughput to
connect more Pods.
With ASR9000 get more VRF and BGP scale to
support more Pods and Tenants
Higher Tenant Scale Use MPLS in the DC.
Inter-AS option B or Intra-AS MPLS between
ASR and Nexus7000
Eliminates per-VRF BGP and mitigates control
plane scale limits. Can scale to 1000-2000
tenants per Pod (* with NxOS 6.2)
More Gold/Silver tenants Use multiple ASA/ACE appliances through
N2000 FEX to N7000. Or, use 6500 DSN with
service modules
Support more FW/SLB contexts.
For even lower scale, cost,
footprint
Use Nexus 5500 or Nexus 6000 as Aggregation
layer
1 or 2 RU with 50-100 tenants per Pod.
• Numbers depend on tenancy type and distribution. Will increase with NXOS 6.2
• Not validated as CVD

58. Enhanced DC
Interconnect
Unified
Data Center
Networking
Integrated
Compute Stacks
ComputeNAS SAN
Data Center
Access
Services
Aggregation
Core
VMDC Cloud Ready Infrastructure Kits
Pre-Defined Unified Data Center Networking Scalable Bill of Materials
Securely share common Cloud infrastructure
Based on VMDC Cisco Validated Designs
Secure separation between workloads
Shared network services
Pre-Built Bill of Materials available as CCW templates
VMDC 2.3

59. VMDC Cloud Ready Infrastructure Kit
Pre-defined and Pre-Validated BOMs Sized to Meet Customer Requirements
http://www.cisco.com/en/US/docs/solutions/Enterprise/Data_Center/VMDC/CRI/VMDC_CRI_Kits.html
• Ideal for initial Cloud deployments
Starts small and provides incremental growth
Space Optimized
Pay as You Grow
• Use BoM as Baseline
Pre-Built Bill of Materials available as CCW
templates
Tweak design, platforms, quantity etc based on
deployment requirements
• Does not include ICS
Based on Compute & Storage requirements,
specific Vblock, FlexPod or other ICS types need
to be included
CCW configurations are available from the
Sales Acceleration Center
sac-support@cisco.com
Scalability with Price Performance
CRI-SO-S CRI-PO-S CRI-PO-M CRI-PO-L
Aggregation Switch Nexus 5548UP Nexus 7004 Nexus 7009 Nexus 7018
Network Services
ASA5555-X
ASA5555-X
ASA5555-X
ASA5585-X
DSN + ASA5555-X DSN + ASA5585-X
Starting List Price –
Does not include
service
$300,000 $800,000 $ 1,400,000 $ 1,700,000
VMDC 2.3

60. VMDC 3.0 with FabricPath
New Infrastructure Designs
Simplified Network, Reducing Operating Expenses
 Switch addresses are assigned automatically
 A single control protocol
 Easily expanded in a plug and play manner
 Non-FabricPath switches can still be without STP
Reliability Based on Proven Technology
 Cisco FabricPath is built on top of IS-IS, an industry
 Loop prevention and mitigation is available in the data plane
Efficiency and High Performance
 2.56 terabits per second (Tbps) of bandwidth between
switches
(16-way ECMP combined with 16-port 10-Gbps
PortChannels)
 Lower Latency than Spanning Tree based solution
 Cisco FabricPath enables massive scalability of the L2
domain

61. VMDC 3.0 with FabricPath
Design Options and Criteria
Design criteria included:
 Available FabricPath modules:
‒ M1/F1 mixed VDC
‒ M1/F2 split VDC
 VLAN scale: constrained by HSRP, GLBP
 MAC scale
 ARP learning rate
 Conversational MAC address learning
 Port Density
 Forwarding Paths
 Port-channel vs. single links
 VPC, VPC+ options
 QoS
 Distance (intra-PoD)

62. VMDC 3.0 Tenant Container
VMDC 3.0
Palladium
L2
L3
FW
LB
LB
Public Zone
Private Zone 1
L2
L3
FW
LB
Private Zone 32
vFWvFW
vFW

63. Trend towards Virtualised Services
• Insertion of services {load-balancing, firewalling, tenant routing} within the tenant
container fundamentally drives the logical design (both L2 and L3) within the data center
Services are typically L3
• Industry transition underway from network-based services to virtualised services
• VMDC 4.x focus
Address transition to virtual services
Address tenancy scalability constraints of current solution
Routing as a Service (RaaS) for Cloud providers
Highlight service chaining considerations/issues
Highlight new scalability considerations (virtual appliances in compute tier)

64. CSR1000V as Virtual Router (vCE) inside DC
• Alleviates need to extend L3 VPN natively into
the data centre
E/W L3 via vCE
E/W L2 extension via L2 overlay (VXLAN)
• PAYG solution – virtual CE per tenant follows
same model for tenant routing as for other tenant
services, i.e.. RaaS
Could be multiple vCEs per tenant
• Mirrors branch CE model, i.e. can support same
features and management models
Allows for end-to-end services with enterprise sites (WaaS,
LISP, IPSEC, etc)
• No cross-tenant dependencies, simplifies
management and orchestration
Cisco working through dynamic PE VRF provisioning models
• Requires scalable DC WAN gateway and PE-
vCE segmentation technology
Virtual CE
WAN Edge
(ASR9k)
Aggregation
/ core
(N7k)
Access
(61x0, N5k)
Compute
& Storage
L2 or L3 Fabric
L3VPN
Services
VMs
L3 VPN Edge
(NGN-PE)
Tenant L3
Edge (vCE)

65. Tenant Scale:
2000 per Pod or DC
* Depends on Design
VMDC with Virtual Services - Physical Topology

66. VSG
Public Zone (DMZ) Protected FE Zone 1 Zone 2 Zone 3
Sub-
Zone W
Sub-
Zone X
Sub-
Zone Y
Sub-
Zone Z
Front-end Zones
VMDC 4.x: Virtual Private Cloud Container
L3 VPN
Internet
Back-end Zones
ASA1000v
VPNCSR1000v (vCE)
Nexus 1000v + VPATH
VPXVPXVPX
vWaaS
vNAMvWaaS
Possible Components:
CSR1000V XE 3.9 (IOS FW,
Routing, VPN, ZBF, AppNav
Controller, NBAR2)
Netscaler VPX 10.1
Nexus1000V 2.2
VXLAN on N1kV
VSG
ASA1000V
vWaaS 5.2 (vPath and AppNav
redirection)
vNAM 6.0
IPv6 Dual Stack (TBC)
Hyper-V (TBC)
VXLANs used to extend segmentation scale within tenant containers
Mapping of VXLAN to VLAN occurs on N1kv
Also, mixed Physical + Virtual Containers

67. Sample Container with CSR1000V, VSG, VPX

68. © 2012 Cisco and/or its affiliates. All rights reserved. Cisco Connect 68
VMDC
Management &
Automation

69. The Challenge:
How do I manage, automate, and monitor service performance?
The Solution
• Extensible, Open
Management Framework
• Pre-Integrated Automation
and Orchestration
Benefits
• Simplifies and accelerates the USE of cloud services by providing capabilities
to rapidly offer users cloud services
• This new management integrates with the existing IT environment
• VMDC offers an open
management framework
through a documented set of
component APIs
• The VMDC open
management solution
provides flexibility
• Cisco offers domain element
management and network
specific offerings such as:
 Cisco Network Services
Manager (NSM)
 Cisco Data Center Network
Manager
 Cisco UCS Manager
• Storage solutions vary by
vendor
• An open framework
expedites VMDC integration
into existing management
solutions and the
development of new ones
Aggregation/
Access
Compute
vPC
vPC
4x10GE 4x10GE
vPC
Services
MEC MEC
Core
WAN Edge/
DCI
Storage
API
API
API
API
API
API
© 2012 Cisco and/or its affiliates. All rights reserved.

70. VMDC Cloud Management Solutions
• High Scale & Multi-tenant Apps
• Significant Complexity
• Established Market Position
• Complex Cloud Target/SP
• Others like OpenStack
• Leveraging partner company assets
• Automation of IT processes
• Integration of apps to the business process
• Private Cloud/ Large Enterprises
CISCO COMMON TECHNOLOGY
VNMC, UCSM, etc
OnePK, OneController (Future)
OpenStack/
Others
CIAC, Prime, Cloupia

71. Automating the Service Deployments
BMC’s CLM Workload Automation and Lifecycle Management
• Provides an end-to-end
automated lifecycle
management
• 2nd Generation Cloud
Lifecycle Management
Platform
• Integrated full-stack cloud
services
• Intelligent placement of
provisioned services
• Service-Catalog Platform for
Automation, Orchestration,
and Management
• “Day 2 management”—
performance, compliance,
security
Operational
Repository
Map to
CMDB
Network Services
Secure Network
Containers
FlexPod, Vblock
Networks
Integrated
Compute Stack
Storage Servers
Virtualized Multi-Service Data Center
Resource Management
Service Governor
Service
Blueprint
Network
Blueprint
Storage
Service Catalog
User
Request
Service
Catalog
Service
Blueprint
Design Services
and Options
Translate to
Business Offerings
VXI, HCS, IaaS
Completes a
Service Request

72. BMC Cloud Lifecycle Management (CLM)
– System Components
Network
BNABSA
Compute
VMDC 2.0/2.1/2.2/2.3
UCS B & C
Series/UCSM
Compute
NetApp/EMC
Storage
Nexus/VSS/ASA/ACE/AS
R/CRS/VSG
Network
VMware vSphere, Citrix
XenServer, Microsoft Hyper-
V
Virtual Compute
Cloud
Portals
Service
Catalog
Service
Governor
Cloud API
MoM

73. VMDC 2.0 + CLM 2.1
CRS, N7k, C6k, FWSM, ACE20
VMDC 2.1 + CLM 2.1
C6k, N7k, FWSM, ACE20
VMDC 2.2 + CLM 3.1
(With VSG & Expanded Gold
container)
A9k, N7k, C6k, ASA, ACE30
VMDC 2.2 + CLM 3.0
4-Zone Flexible Container
(No VSG)
A9k, N7k, C6k, ASA, ACE30
Flexible Container
BMC CLM Validated Network Containers (to-date)

74. Cloud Service Assurance
Key Objectives & Functions
Automate
service
enablement &
lifecycle
Auto-provisioning of service
assurance system through auto-
discovery and integration with
orchestration
Consolidate
monitoring
Single pane of glass for fault and
performance monitoring of
compute, storage, network and OS
Reduce MTTR
(Reduces OPEX,
Increases
Availability)
Root-cause analysis and tenant
based service impact analysis
Reduce cost of
OSS/BSS
integration
Abstracted and normalized
interfaces to simplify integration and
maintenance of northbound systems

75. VMDC Cloud Assurance
-With Zenoss CSA
• Validated design for cloud operations automation
Single view for compute, virtualization, DC network and storage fault &
performance
Complete VMDC/Flexpod/Vblock component coverage
Multi-tenant service availability & performance reporting
• Providing service visibility to tenants through tenant portals
• Orchestration integration or stand alone operations
• Advanced Services deployment services
• Zenoss Cloud Service Assurance – Solutions plus on Cisco
GPL in UCS plus software category
• Zenoss CSA 4.2 validated for VMDC 2.3
Recently Updated
for VMDC 2.2, 2.3
and 3.0 Systems
Delivers unified fault & performance management of
compute, storage, network & applications infrastructure

76. Cloud Service Assurance
Simplified Service Impact & Root Cause Analysis
Application
VM
Data Store
Host
UCS Service
Profile
UCS Blade
UCS Chassis
Tenant Service
Ranked probable root-cause events Service Impact Events
1
1
2
2
Root
Cause
Service
Impact

77. © 2012 Cisco and/or its affiliates. All rights reserved. Cisco Connect 77
VMDC Summary

78. Summary
• VMDC is the Cisco validated reference architecture for Cloud infrastructure - Public/Private/Hybrid
• Cisco CVDs for cloud infrastructure, orchestration and assurance enable quicker adoption and
deployment of complex technologies for end-end solutions
• Multi-tenancy, service differentiation, tiered security services, virtualization and automation are key
for cloud deployments
• Defined System for today, evolving for tomorrow
Reduced complexity as system is characterized via validation efforts with supporting collateral
Facilitates Modularity, Scalability, Pay-as-you-Grow models
Speed, Risk mitigation for Deployments
Multiple VMDC phases and tenancy models – evolving with new technologies/platforms and customer needs
• Validated Automation & Management
Resource pools encompassing network, compute and storage
Out-of-Box Orchestration & Assurance support for different VMDC designs and tenancy models
• Validated Onboarding of services
Hosted Collaboration (HCS), Hosted Virtual Desktop (HVD), DRasS, Hybrid
• VMDC based Cloud Ready Infrastructure kit provides pre-packaged BOMs in CCW

79. Resources
• www.cisco.com/go/vmdc
• ask-vmdc-external@cisco.com
• http://www.cisco.com/go/dci
• http://www.cisco.com/go/cloudverse
• http://www.cisco.com/en/US/products/ps11104/serv_home.html
• http://www.cisco.com/en/US/solutions/ns341/eantc_cloud.html
•
http://www.cisco.com/en/US/partner/docs/solutions/Enterprise/Data_Center/VMDC/2.3/implementation_guide/VMDC_2.3_IG.html
•
http://www.cisco.com/en/US/partner/solutions/ns340/ns414/ns742/cloud_orchestration_bmc_clm.html
•
http://www.cisco.com/en/US/partner/docs/solutions/Enterprise/Data_Center/VMDC/CLSA/Partner_DIG/CLSA_VMDC_DIG.html
•
http://www.cisco.com/en/US/docs/solutions/Enterprise/Data_Center/VMDC/CRI/VMDC_CRI_Kits.html
• http://www.cisco.com/go/vblock
• http://www.cisco.com/go/flexpod
• http://www.cisco.com/go/bmc

80. Complete Your Paper
“Session Evaluation”
Give us your feedback and you could win
1 of 2 fabulous prizes in a random draw.
Complete and return your paper
evaluation form to the room attendant
as you leave this session.
Winners will be announced today.
You must be present to win!
..visit them at BOOTH# 100

81. © 2012 Cisco and/or its affiliates. All rights reserved. Cisco Connect 81
Thank you.