1 / 36

Data Center Virtualização e P rogramabilidade

Data Center Virtualização e P rogramabilidade. Roger Oliveira Engenheiro de Sistemas Setor Público. Agenda. Redes Virtuais Serviços de redes Virtuais SDN e Redes Programáveis. App. App. App. App. App. App. App. App. App. App. App. App. OS. OS. OS. OS. OS. OS. OS. OS.

kay
Download Presentation

Data Center Virtualização e P rogramabilidade

An Image/Link below is provided (as is) to download presentation Download Policy: Content on the Website is provided to you AS IS for your information and personal use and may not be sold / licensed / shared on other websites without getting consent from its author. Content is provided to you AS IS for your information and personal use only. Download presentation by click this link. While downloading, if for some reason you are not able to download a presentation, the publisher may have deleted the file from their server. During download, if you can't get a presentation, the file might be deleted by the publisher.

E N D

Presentation Transcript

  1. Data Center Virtualização e Programabilidade Roger Oliveira Engenheiro de Sistemas Setor Público

  2. Agenda • Redes Virtuais • Serviços de redes Virtuais • SDN e Redes Programáveis

  3. App App App App App App App App App App App App OS OS OS OS OS OS OS OS OS OS OS OS Problema: Como ConectarVMs? Hypervisor Hypervisor Hypervisor

  4. App App App App App App App App App App App App OS OS OS OS OS OS OS OS OS OS OS OS vSwitch vSwitch vSwitch Solução: vSwitch (2003) Hypervisor Hypervisor Hypervisor

  5. App App App Def. Rede Def. Rede OS OS OS Def. Rede vSwitch vSwitch vSwitch Problema: Como Mover VMs em Escala? Hypervisor Hypervisor Hypervisor

  6. App App App Def. Rede Def. Rede OS OS OS Def. Rede vSwitch vSwitch vSwitch vNetwork Distributed Switch Solução: Distributed Virtual Switch (2008) Nexus 1000V Hypervisor Hypervisor Hypervisor

  7. Componentes do Nexus 1000V Virtual Ethernet Modules (VEM) Até 128 VEMs* o o o VEM VEM Administrador de Rede Administrador de Virtualização VSM Virtual Supervisor Module (VSM) vCenter

  8. Switches Modulares Supervisor Supervisor VSMs Line Card Backplane Line Card o o o o o o Line Card Até128 VEMs Nexus 7000 Nexus 1000V

  9. Port Profiles no Nexus 1000V… • Pode ser aplicadoparamúltiplasportas • Podeincluir: • VLANs • ACLs • NetFlow • QoS • Private VLANs • ... port-profile WEB switchport mode access switchport access vlan105 ip port access-group myacl in no shut vmware port-group state enabled

  10. …Port Groups no vCenter port-profile WEB switchport mode access switchport access vlan105 ip port access-group myacl in no shut vmware port-group state enabled Port Group Port-group WEB vCenter Server

  11. Agenda • Redes Virtuais • Serviços de redes Virtuais • SDN e Redes Programáveis

  12. Formatos de Serviços de Rede “Appliance” Módulo Nexus 1000v Hypervisor Serviço Integrado Virtualizado

  13. Nexus 1000V e ServiçosVirtuais Infraestrutura Virtual InfraestruturaFísica Cisco Virtual Security Gateway ImpervaSecureSphere WAF ASA 1000V CloudFirewall Network Analysis Module (vNAM) Zone A Cloud Services Router 1000V Citrix NetScaler1000V vWAAS Switches Zone B Servers WAN Router Nexus 1000V vPath VXLAN Multi-Hypervisor (VMware, Microsoft, RedHat*, Citrix*)

  14. Virtual Security GatewayIntelligent Traffic Steering with vPath VNMC VM VM VM VM VM VM VM VM VM VM VM VM VM VM VM VM VM VM VM Nexus 1000V Distributed Virtual Switch vPath VSG Initial Packet Flow 1 1 Log/Audit

  15. Virtual Security GatewayIntelligent Traffic Steering with vPath VNMC VM VM VM VM VM VM VM VM VM VM VM VM VM VM VM VM VM VM VM Nexus 1000V Distributed Virtual Switch vPath VSG Flow Access Control (policy evaluation) 2 2 Initial Packet Flow 1 1 Log/Audit

  16. Virtual Security GatewayIntelligent Traffic Steering with vPath VNMC VM VM VM VM VM VM VM VM VM VM VM VM VM VM VM VM VM VM VM Nexus 1000V Distributed Virtual Switch vPath VSG DecisionCaching 3 3 Flow Access Control (policy evaluation) 2 2 Initial Packet Flow 1 1 Log/Audit

  17. Virtual Security GatewayIntelligent Traffic Steering with vPath VNMC VM VM VM VM VM VM VM VM VM VM VM VM VM VM VM VM VM VM VM 4 4 Nexus 1000V Distributed Virtual Switch vPath VSG DecisionCaching 3 3 Flow Access Control (policy evaluation) 2 2 Initial Packet Flow 1 1 Log/Audit

  18. Virtual Security GatewayPerformance Acceleration with vPath VNMC VM VM VM VM VM VM VM VM VM VM VM VM VM VM VM VM VM VM VM Nexus 1000V Distributed Virtual Switch vPath VSG ACL offloaded to Nexus 1000V (policy enforcement) Remaining packets from flow Log/Audit

  19. Virtual Security GatewayIntelligent Traffic Steering with vPath VNMC VM VM VM VM VM VM VM VM VM VM VM VM VM VM VM VM VM VM VM Nexus 1000V Distributed Virtual Switch vPath VSG Initial Packet Flow 1 1 Log/Audit

  20. Virtual Security GatewayIntelligent Traffic Steering with vPath VNMC VM VM VM VM VM VM VM VM VM VM VM VM VM VM VM VM VM VM VM Nexus 1000V Distributed Virtual Switch vPath VSG Flow Access Control (policy evaluation) 2 2 Initial Packet Flow 1 1 Log/Audit

  21. Virtual Security GatewayIntelligent Traffic Steering with vPath VNMC VM VM VM VM VM VM VM VM VM VM VM VM VM VM VM VM VM VM VM Nexus 1000V Distributed Virtual Switch vPath VSG DecisionCaching 3 3 Flow Access Control (policy evaluation) 2 2 Initial Packet Flow 1 1 Log/Audit

  22. Virtual Security GatewayIntelligent Traffic Steering with vPath VNMC VM VM VM VM VM VM VM VM VM VM VM VM VM VM VM VM VM VM VM 4 4 Nexus 1000V Distributed Virtual Switch vPath VSG DecisionCaching 3 3 Flow Access Control (policy evaluation) 2 2 Initial Packet Flow 1 1 Log/Audit

  23. Virtual Security GatewayPerformance Acceleration with vPath VNMC VM VM VM VM VM VM VM VM VM VM VM VM VM VM VM VM VM VM VM Nexus 1000V Distributed Virtual Switch vPath VSG ACL offloaded to Nexus 1000V (policy enforcement) Remaining packets from flow Log/Audit

  24. Agenda • Redes Virtuais • Serviços de redes Virtuais • SDN e Redes Programáveis

  25. Conceitos de SDN: Inteligência Centralizada (“Modêlo 1”)

  26. Plano de Controle (IOS) Dispositivo de Rede Atual (router, switch, ...) Plano de Dados (ASIC)

  27. Aplicações SDN Controller (software) Programação (ex.: OpenFlow) Exemplos atuais: Wireless controllers, PfR, Nexus 1000V, etc.

  28. Conceitos de SDN: Overlays Virtuais (“Modêlo 2”)

  29. CGH SDU Controle de TráfegoAéreo Pacotes Rede IP Exemplos atuais: MPLS, IPSec, OTV, e muitos outros

  30. Overlays Virtuais VM VM VM VM Software Software Servidor Virtualizado (hypervisor) Servidor Virtualizado (hypervisor) VM VM Servidor Virtualizado (hypervisor) Software VM VM VM

  31. Perguntas Válidas E como fica o suporte (dias 2, 3, e assim por diante)? COMO fazer uma implementação não-disruptiva? O que SDN pode trazer de diferencial HOJE?

  32. Components do Cisco ONE eXtensible Network Controller (XNC) Overlays Multi-hypervisor (VXLAN e NVGRE) onePK (API padronizada)

  33. XNC: Roteamento Baseado em Latência

  34. ACI – Application Centric Infrastructure API • Policies • Who can talk to whom • What about • Topology control • Ops stuff Application Policy Infrastructure Controller • Distributed policy enforcement • Just in-time resolution Performed by embedded policy enforcement agents (PEs) Draw a software boundary around collection of switches to make a system

  35. Open Daylight Projeto "open source" formadoporlíderes da indústria sob a Linux Foundation com o objetivo de avançar a adoção de Software Defined Networking (SDN) através da criação de um framework suportadoporváriosfabricantes Platinum Gold Silver

More Related