BRKSPG 2002

BRKSPG-2002
Cisco NFVI
Network Function
Virtualization Infrastructure
Naren Narendra, Senior Product Manager

Cisco Spark
Questions?
Use Cisco Spark to communicate
with the speaker after the session
How
1. Find this session in the Cisco Live Mobile App
2. Click “Join the Discussion”
3. Install Spark or go directly to the space
4. Enter messages/questions in the space
cs.co/ciscolivebot#BRKSPG-2002
© 2018 Cisco and/or its affiliates. All rights reserved. Cisco Public
Agenda
• Network Function Virtualization Infrastructure (NFVI) Fundamentals
• Cisco NFVI Components
• Cisco VIM (Virtualized Infrastructure Manager)
• Cisco VIM Unified Management
• Monitoring & Assurance
• SDN Integrations
• Where are we headed?
• Conclusion
Network Function Virtualization Infrastructure
Fundamentals
The ETSI NFV Reference Architecture and NFVI
MANO
OSS/BSS NFV + = NFVI

Orchestrator
Hardware Software
EM 1 EM 2 EM 3 VNF-M
VNF
(VNF
Manager
Managers)
VNF 1 VNF 2 VNF 3
• NFVI - Network Function Virtualization

NFVI Infrastructure is the totality of all hardware
and software components that build the
Virtual
Compute
Virtual Storage Virtual Network platform in which VNFs are deployed
Virtualized
Virtualization Layer Infrastructure • VIM - Virtualized Infrastructure Manager
Manager Controls and manages the NFVI compute,
Hardware Resources
storage, and network resources. VIM is the
Compute Storage Network
NFVI software platform
BRKSPG-2002 © 2018 Cisco and/or its affiliates. All rights reserved. Cisco Public 6
SP Approaches to NFV
Fully Disaggregated Vertical NFV Solution Stack Common & Horizontal NFVI
(DIY or SI Led) (Use Case Led) (Infrastructure Led)
MANO MANO MANO MANO MANO MANO MANO
VNF VNF VNF VNF VNF VNF VNF VNF VNF VNF VNF VNF
Virtualization Virtualization Virtualization Virtualization Virtualization

NFVI
Hardware Hardware Hardware Hardware Hardware Hardware
• Fully disaggregated approach with • Use-case focused NFV solution stacks, • Common, horizontal carrier-grade NFV
different elements of the solution coming each from same or different vendors infrastructure for multiple use cases –
from different vendors • Pre-integrated, tested and validated by from one vendor
• SP is driving Systems Integration – vendor with single point of ownership • VNF and MANO packages comes per
either by self or by appointing a SI • Faster time to market use case from the target vendors
• Integration overhead is very high • However, convergence of platform may • Pre-integrated, tested and validated
• Arbitraging between vendors is difficult, be very challenging in future due to NFVI with single point of ownership
no single point of ownership platform architecture inconsistency • Faster time to market
• Takes longer to deploy – perceived • May lead to multiple silo’s that are not • Convergence of the platform is achieved
cost benefit may be lost in higher cross-leveraged and more expensive to with this platform architecture strategy
coordination & slower time to market manage in longer term
NFV Infrastructure Requirements
Carrier Class Performance
Use Case Agnostic Infrastructure
Open Standards Based, Modular and Elastic
Easy to use with Unified Management
Integrated Solution with Single Point of Ownership
Multi-level Security
Service Velocity Operational Simplification Open Architecture

Cisco NFV Solution Architecture
North Bound APIs
NFVO, Resource Orchestration & VNF Service Orchestration
NSO – Network Services Orchestrator enabled by Tail-f
Virtual Network Functions (Cisco and 3rd Party) VNF Manager

rd
CSR ASAv Ultra VMS Video XRv vWSA 3 Party Cisco ESC
Virtual Infrastructure VIM

Infrastructure Management
Monitoring and Assurance
Unified Management
API Virtual Compute Virtual Storage Virtual Network Red Hat OSP
(RHEL) (Ceph) (OVS, VTF, SR-IOV)
Cisco VIM
Lifecycle Manager
Infrastructure Abstraction with RHEL, KVM/Qemu, Host Packages, vSwitches
GUI
Cisco Physical Infrastructure
Optional Network VIM
Compute (UCS) Network (Nexus) Storage (UCS) (Cisco VTS / Cisco ACI)
Cisco NFVI Scope

Cisco NFVI Platform Use Cases
Business Services Mobility Other VNFs 3rd party VNFs

(e.g. Cisco vMS) (e.g. Ultra) (e.g. Media, vPE/vBNG) (e.g. vIMS, vLB)
Open APIs for Platform Consumption

Unified Management
Cisco VIM
Lifecycle Manager
Lifecycle Manager
GUI
Compute (UCS) Network (Nexus) Storage (UCS) (SDN
(Cisco Controller)
VTS / Cisco ACI)
Cisco NFVI Scope

In
Production
NTT East
Managed Services for SOHO OSS/BSS
Customer Portal
Network Services NFV Orchestrator

Orchestrator
Elastic Services
Controller VNF Manager
Physical
OpenStack
CPE
API
vCPE (VNF)
Existing IP Network Internet
VTS
SDN Controller
Cisco NFVI
Physical
CPE
https://newsroom.cisco.com/press-release-content?type=webcontent&articleId=1896371
Cisco NFVI Solution
Leading Industry Partnerships
Integrated platform Design and Validation
Certified by Red Hat Performance Acceleration,

Joint Engineering Enhanced Platform Awareness

Unified Management
Cisco VIM
Lifecycle Manager
GUI
Cisco NFVI Scope

Cisco NFVI Solution
Leading Industry Partnerships
Integrated platform Design and Validation
Simple Access to Support

Certified by Red Hat Single Point of Contact
Performance Acceleration,
Joint Engineering Enhanced Platform Awareness

Unified Management
Cisco VIM
Lifecycle Manager
GUI
Cisco NFVI Scope

Best of Breed Partnership
Cisco NFVI Components
Cisco NFVI Components
Business Services Mobility Other VNFs 3rd party VNFs

(e.g. Cisco vMS) (e.g. Ultra) (e.g. Media, vPE/vBNG) (e.g. vIMS, vLB)
Open APIs for Platform Consumption

Cisco VIM
CiscoVirtual
VIMStorage
Platform Virtual Network
Unified Management
API Red Hat OSP

Unified Virtual Compute
(RHEL) (OpenStack
(Ceph) based)(OVS, VTF, SR-IOV)
SDN
Cisco VIM
Management Lifecycle Manager
Lifecycle Manager
GUI
Infrastructure Abstraction with RHEL, KVM/Qemu, Host Packages, vSwitches Integrations
Monitoring & Physical Infrastructure (Optional)
Physical Infrastructure Optional Network VIM
Assurance Compute (UCS) Network (Nexus) Storage (UCS) (SDN
(Cisco Controller)
VTS / Cisco ACI)
Cisco NFVI Scope

Cisco VIM
Virtualized Infrastructure Manager
OpenStack as the VIM
OpenStack can be complex to operate:
Complex interactions between services,

databases, messaging queues, etc.,
Health and performance of a cloud

is difficult to quantified, verify and monitor
Updates/upgrades require extensive human

effort and are prone to issues
Cisco VIM Carrier Class Platform
Unified Management System (Multi-Pod & Multi-Site, Single Pane of Glass, GUI, REST API)
Lifecycle Manager (Day N operations – Pod Mgmt, Update/Upgrades, Reconfig, REST)
Integrated Tools (Benchmarking: Networking, Storage, Compute)
Logging & Assurance (ELK stack, Zenoss, …)
Health Checks & Failure Recovery (CloudPulse, Cloud Recovery, REST) Day N
Control and Data Plane HA (Compute, Network & Storage) Cisco VIM
Turn Key Ubiquitous Security (TLS, SELinux, non-root, RBAC, etc. )
Packaged
Software Performance Enhancement (Fast Data Stacks like VPP, tuning – CPU pinning, NUMA and many more)
Integrated SDN Controller (VTS, ACI)
Containerized Deployment (OpenStack Services, CI/CD Capable Platform) Day 0

Fully Automated Installer (1-click, Modular, Robust)
Red Hat Enterprise Linux OpenStack Platform (RHEL OSP)

Red Hat Ceph Storage Solution OpenStack,
Linux & Storage
Operating Systems – Red Hat Enterprise Linux (RHEL) and Cisco NX-OS / IOS-XR Distribution
Hardware Cisco UCS Cisco Cisco NIC Cisco H/W

VIC FPGA* GPU*
Compute Nexus 9000 UCS FI NCS5000* Accelerator*
* Future
Cisco VIM Release Schedule
2HCY ’16 Sep’17

Cisco VIM 1.0 Cisco VIM 2.2
2016 2017 2018
May ’17 1HCY ’18

Cisco VIM 2.0 Cisco VIM 2.4
Shipping
Cisco NFVI follows Cisco VIM schedule Roadmap
Cisco VIM 2.0 Features
Software Hardware Data Plane

• Newton OSP 10 • Intel X710 NIC • SRIOV with Intel x710
• Mgmt Node Auto Backup • UCS C240 M4 compute • ML2 VPP
• VM Cold Migration • Intel v4 (Broadwell) • NFVbench Performance
• VM Resizing • Scale up to 20 Storage Benchmarking
• Auto Configuration ToR nodes
• IP source Filtering • ToR Switches
• Keystone V3 • Nexus 9396PX Third Party Integration
• Automated SW Upgrade • Nexus 93180YC • SwiftStack
Framework • Micropod (TechPreview) • Zenoss
• Unified Management UI
(TechPreview)
Cisco VIM 2.2 Features
Software Hardware
• Cisco VIM Insight GUI • MicroPod GA
• Software Upgrade – Liberty to Newton • ML2 VPP and SRIOV for both Full and
• VTS Upgrade – 2.3 to 2.5 Micropod
• VTS 2.5 Integration
• ACI/APIC SDN controller Integration
• Fluentd Integration
• Post Install Enable TLS
• Post Install Re-config Provider and Tenant VLAN ranges Data Plane
• Post Install CIMC password change • ML2 VPP with L3 and SRIOV
• IPv6 support (management and data plane) • NFVbench REST API and visualization
• Platform Security • Scale Support for both control and data
• LDAP integration with Microsoft AD plane
• Disk Maintenance
Cisco VIM 2.2 Full Pod
ToR Switch 1 ToR Switch 2 Mgmt Switch
Management Node
Compute Node 1
Controller Node 1 Cisco VIM 2.2
Compute Node 2
Controller Node 2
Compute Node 3
Controller Node 3 C
Compute Node 4
Storage Node 1
…
Storage Node 2 …
Storage Node 3 …
… …
Storage Node 20 Compute Node N*
* Total of 64 Compute & Storage nodes in a pod

Cisco VIM 2.2 Micropod Micropod
ToR Switch 1
• One management node and three
converged nodes
ToR Switch 2
• Control, Compute and Storage on all 3
nodes
Management Node
• Same HA capabilities as a full pod
• Same software and hardware lifecycle Control Compute Storage
capabilities as full pod Node 1

• Reduces pod footprint by 60%
Control Compute Storage
(Mandatory nodes)
Node 2
Control Compute Storage
Node 3
Significant Efficiencies with Pod footprint
Use Case: Cisco VMS IWAN
Full Pod Micropod
ToR Switch 1 ToR Switch 2 Mgmt Switch ToR Switch 1 ToR Switch 2 Mgmt Switch
Mgmt Node
Converged
Node 1
Controller 1
Compute 1
Controller 2 Converged
Mgmt Node
Compute 2 Node 2
Controller 3
Compute 3
Converged
Storage 1 Node 3
Storage 2
Storage 3
Cisco VIM 2.2 – Hardware Compatibility
1x Cisco VIC
+ Cisco
Intel CPU Intel CPU Intel NIC 2x Intel NIC Cisco Cisco Cisco VIC1340 &
Node Server V3 v4 X710 X520 VIC1227 VIC1240 VIC1340 1380
UCS C240 M4 ✓ ✓ ✓ ✓ ✓
Control UCS C220 M4 ✓ ✓ ✓ ✓ ✓
UCS B200 M4 ✓ ✓ ✓ ✓ ✓
UCS C240 M4 ✓ ✓ ✓ ✓ ✓
Compute UCS C220 M4 ✓ ✓ ✓ ✓ ✓
UCS B200 M4 ✓ ✓ ✓ ✓ ✓
Storage UCS C240 M4 ✓ ✓ ✓ ✓ ✓
Management UCS C240 M4 ✓ ✓ ✓* ✓
Supported from CVIM 2.2 onwards
Data Plane Support – Full Pod
Combinations listed below are supported in Cisco VIM 2.2
NFVI Tenant virtual Networks Provider Virtual Networks SR-IOV

Virtual Switch
Type Encapsulation Encapsulation Passthrough
OVS VLAN VLAN No

UCS C220/C240 +
VTF + VTS VXLAN VLAN No
Cisco VIC1227
VPP + ML2 VLAN VLAN No
UCS C220/C240 + OVS VLAN VLAN Yes

Intel NIC X710
VPP + ML2 VLAN VLAN Yes
UCS C220/C240 +
OVS VLAN VLAN Yes
Intel NIC X520
UCS B-series OVS VLAN VLAN Yes
Data Plane Support – Mircopod
Combinations listed below are supported in Cisco VIM 2.2
NFVI Tenant virtual Networks Provider Virtual Networks SR-IOV

Virtual Switch
Type Encapsulation Encapsulation Passthrough
OVS VLAN VLAN No

UCS C220/C240 +
Cisco VIC1227
VPP + ML2 VLAN VLAN No
OVS VLAN VLAN Yes

UCS C220/C240 +
Intel NIC X710
VPP + ML2 VLAN VLAN Yes
Containerized Install, Update and Upgrade
Container-Based Deployment
NFVI
Management Node
Controller Nodes
Containers
Repo Compute Nodes
Storage Nodes
Cisco Customer Controlled
Containerized OpenStack Services Verifications/
Monitoring/
Operations
• Consistent deployment of software versions

• Isolation of services from each other gives better resiliency
• Predictable and low impact updates (both software patches and major version upgrades)
Elastic
Deployment Kibana Nova Neutron Glance Nova
Search
Container Repo Ceilometer Ceilometer

VMTP MariaDB Horizon
Registry Mirror + Zenoss + Zenoss …
Mgmt APIs Logstash … Keystone Logstash … …
Management Node Control Node Compute Node Storage Node
Software Openstack Verifications/

Common Node Storage (Ceph)
Packaging/Distrib Input Validation Bare-Metal Install Service Monitoring/
Level Setup Setup
ution Orchestration Operations
Offline and Online Install / Update / Upgrade
NFVI
Controller Nodes
Compute Nodes
Docker
Storage Nodes
Containers
Management
Repo
Software
Packages
Download Plug in to the Admin
Management Node
Hardware Life Cycle Management Verifications/
Monitoring/
Operations
Add and remove of compute nodes

to scale the pod on demand
Replacement of control nodes in

case of maintenance
Replacement of storage nodes in

case of maintenance
Cisco NFVI
Automated Software Updates & Upgrades Verifications/
Monitoring/
Operations
Update/upgrade on demand
Update with patches and security

updates
Rollback to previous version in case

of any error
Cisco NFVI
Underlay Networking
• API – OpenStack API end points for managing/using the NFVI
• External – Link to world beyond the cloud via OpenStack virtual routers (L3 agent)
• Management/Provisioning network – PXE boot and Openstack inter-service communication
• Provider – Link to existing infrastructure networks
• Tenant – Inter VM traffic via OpenStack tenant networks
• Storage – Ceph data replication traffic
Provider
API
Management/Provisioning
Tenant
External Storage
VTC Node
Control Node Compute Node Storage Node Management
(optional)
Node
Control Host Compute Hos Storage Host
Control Host Storage Host
Cisco VIM Security - Defense in Depth
Proactively design & secure the platform
• Cisco Secure Development Lifecycle • Minimum attack surface…

(CSDL) compliant • No unnecessary open ports
• Cisco Product Security Baseline (PSB) • No unnecessary software bits installed
compliant • Passwords management
• Network segmentation • Authenticated and secure access to
• SELinux at host and container level APIs and Dashboards
• Immutable containers • Seamless update of security patches
• Containers running as non-root • Bandit security analyzer
• ANSSI review of VPC deployment • File/Process ownership/permissions
Disk Maintenance
• Ability to check, identify and repair faulty disks without having to

remove the node
• Disk maintenance can be performed on:
• Management
• Control
• Compute
• Hardware RAID is pre-requisite for disk maintenance
• REST API and CLI can be used to query information on pod nodes
• Supported from CVIM 2.2 onwards
Post-Install: UCS CIMC Password Change
• Ability to change CIMC password for all or specific servers
• CIMC password change or reconfigure supported via Cisco VIM UM
• The new password must satisfy atleast 3 of the following conditions
• At least 1 letter between a to z
• At least 1 letter between A to Z
• At least 1 number between 0 to 9
• At least 1 character from !$#@%^-_+=*&
• And "password length between 8 and 20 characters
• Supported only on UCS C series
Post-Install: Provider & Tenant VLAN Range Changes
• Cisco VIM 2.2 provides the ability to increase Provider and Tenant VLAN
ranges Post Install
• This provides customer with the flexibility in network design and planning
• Applies to both C-series and B-series pods enabled with UCSM plugin
• To run this feature, you should already have tenant and provider networks
enabled on their pod with Day 0 configuration
• Sample day-0 setup_data.yaml configuration
TENANT_VLAN_RANGES: 1002:1004 # Must match the range given in tenant network segment
PROVIDER_VLAN_RANGES: 2002:2004 # Must match the range given in provider network segment
Post-Install: Enable TLS
• Why TLS?
• TLS encrypts and authenticates communication to cloud endpoints
• Enabling TLS is important to ensure network security
• Supported TLS certificates configuration

• Cisco VIM Rest API endpoints
• OpenStack API endpoints
• SwiftStack Service through Horizon
• Fluentd Service
Keystone LDAP Integration with MS Active Directory
• LDAP Integration with Microsoft Active Directory
With introduction of Keystone V3, OpenStack service authentication can be delegated to
external LDAP/AD server
• Expose LDAP user filter configurations with setup_data.yaml
user_filter: '(memberOf=CN=os-users,OU=OS-Groups,DC=mercury,DC=local)
• Enable v4,v6 connectivity to LDAP server

url: 'ldap://[2001:420:293:2487:d1ca:67dc:94b1:7e6c]:389, ldap://172.26.233.104:389‘
• High availability with multiple LDAP domain servers

url: 'ldap://172.26.233.104:389, ldap://172.26.233.105:389'
Fully
NFVbench integrated with
Addressing Network Benchmarking CVIM
Build node Cisco VIM Pod

2
Traffic TOR-SW A TOR-SW B
generator
Build node
1 Controller 1 Controller 2 Controller 3 5
4 Storage 1 Storage 2 Storage 3
Compute 1 Compute 2 Compute 3
NFVbench
3 Compute i
container
Compute Compute Compute n
1 Stage VNF chain (OpenStack API) 3 Clear counters in vswitch(es) 5 Traffic flows to the VNF
2 Stitch traffic generator interfaces to VNF chain 4 Start traffic
An integrated network performance benchmarking toolkit, pre-installed on every POD along with a set of best known practices
Centralized Logging
Cisco VIM – Centralized Logging
• Log forwarders on all nodes forward logs to Fluentd-aggregator on Management node
• Fluentd-aggregator to forward logs to ElasticSearch database
• Kibana dashboard for viewing logs stored in ElasticSearch
• Fluentd-aggregator to forward logs to remote Syslog
Management /
Provisioning
Network
Log Forwarder Log Forwarder Log Forwarder Log Aggregator
Logs Logs Logs Kibana

Control Node(s) Storage Node(s) Compute Node(s)
ElasticSearch
Management
Node
• Fluentd is used as Log Forwarder and Log Aggregator from CVIM 2.2
• Logstash as Log Forwarder and Log Aggregator in CVIM 1.0 ad 2.0
Management /
Provisioning
Network
Logs
Logs Logs Kibana

ElasticSearch
Management
Node
Management /
Provisioning
Network
LogsLogs
Logs Kibana
ElasticSearch
Management
Node
Management /
Provisioning
Logs Network
LogsLogs
Kibana
ElasticSearch
Management
Node
Cisco VIM – Monitoring Logs
• Kibana visualizes the data stored in Elasticsearch using custom dashboards

• User can add filters or create queries to search through the logs
Log Management & Export
Cisco VIM – Log Rotation
• ELK rotation parameters
• CISCO VIM stores all the logs in Elasticsearch on the management node
# elk_rotation_frequency: "monthly" # Available options: "daily", "weekly", "fortnightly", "monthly"
# elk_rotation_size: 2 # Gigabytes (float is allowed)
# elk_rotation_del_older: 10 # Delete older than 10 units (where units depends on elk_rotation_frequency)
• Cloud log rotation parameters

• Log rotation and management for compute, control and storage nodes
# log_rotation_frequency: "monthly" # Available options: "daily", "weekly", "monthly", "yearly"
# log_rotation_size: "100M" # Max file size to start rotating (must pecify the unit. Available options: k, M, G))
# log_rotation_del_older: 10 # Number of files to keep before starting deleting them
Cisco VIM – Syslog Export
• Syslog Forwarding supports the following options :
• Forwarding logs from Management node to External Syslog Server
• Reconfigure existing Syslog settings to point to a different syslog
• Supports both IPv4 and IPv6
The following needs to be configured in setup_data.yaml

# SYSLOG_EXPORT_SETTINGS:
# remote_host: <Syslog_ip_addr> # required
# protocol: udp # required between tcp/udp defaults to udp
# facility: local5 # required; defaults to local5
# severity: debug # ; required, value of debug
# port: <int> # typically 514 (required)
# clients: 'ELK' # required
Cisco VIM Unified Management
Unified Management
CLI
• Cisco NFVI can be managed through
GUI, CLI and REST API interfaces
• Unified Management GUI
• Multi-pod
Cisco
• Multi-user
NFVI
• RBAC
• Containerized, lightweight, stateless
REST API Unified Mgmt
GUI
Cisco VIM Unified Management (UM)
Intuitive GUI (Intuitive Graphical User Interface)
Ubiquitous Security (TLS, SELinux, non-root, Certificate Management RBAC, etc. )
Highly Scalable (Light Weight , stateless and REST API driven) Cisco VIM
Unified
Management
Multi-User and RBAC (Multiple concurrent sessions and RBAC for security)
Multi-Site and Multi-Pod (Single Pane of Glass to Deploy and Manage Distributed deployments)
Containerized Deployment (Easy to Install , update and upgrade)
Cisco VIM
Virtualized Infrastructure Manager
Deployment Models
Cisco VIM UM on Dedicated UM Node Cisco VIM UM on Management Node
Cisco VIM Cisco VIM

UM Cisco VIM Cisco VIM
UM
Portal UM Portal UM Portal
Portal
Cisco Cisco Cisco VIM UM

VIM UM VIM UM runs on the
Dedicated Node
SW SW Management node
Cisco VIM Pod 1 of the CVIM pod
Cisco VIM UM Node Mgmt Node
REST API One pod only
CVIM Pod 1 CVIM Pod 2 CVIM Pod N*

Mgmt Node Mgmt Node Mgmt Node Cisco VIM Pod 1
Control, Compute &
Storage servers
Control, Compute
CVIM Pod 2 CVIM Pod N*
Control, Compute Control, Compute
& Storage servers
& Storage servers & Storage servers
Pod 1
Deployment Models
On Unified Management Node On CVIM Management Node
Runs on a dedicated Unified Management node Runs on the management node of the pod
Multi-pod Support No Multi-pod support
All Features supported All features but for NFVbench
Recommended Only for local pod management
Unified Management – Pod Blueprint
Unified Management – Installation
Unified Management – Installation
Unified Management – CloudPulse
Unified Management – Pod Management
Unified Management – SW Updates
Password Management
Logging Visualization Verifications/
Monitoring/
Operations
Multi-Pod Management
Multi-Site, Multi-POD with RBAC
Monitoring & Assurance
Monitoring & Assurance with Zenoss
Monitoring
 Health and performance monitoring – physical and logical
 POD level view of components, Physical to Virtual Co-relation
 Ability to monitor multiple NFVI pods
Analysis and Reporting

 Service Impact Analysis – Creates accurate models of services and their
dependencies on application infrastructure
 POD capacity forecast – Alert ahead of time
 Generate reports – Device, Performance, Cisco UCS, NFVI reports
Automation
 Automate discovery and modeling – POD changes
 Automatically checks POD level health
 Integrated with CVIM installation (optional)
NFV Assurance Integration Points
vNMS : Virtual Network Monitoring System

Cisco VIM Integration with Zenoss
• Zenoss dispatcher deployed by CVIM

control nodes (using software in CVIM Collector #1 Collector #2
repository)
• Tight integration with Celiometer and
SSH UCS API, SSH &
other components. Zenoss lifecycle AMQP CVIM API
managed by the CVIM lifecycle
manager
NFVI POD (s)
Control Center NFVI Management Node
Resource Manager #1 NFVI Control Nodes (3x)
Ceilometer & Zenoss Dispatcher
Resource Manager #2 NFVI Compute Nodes (2 or more)
Ceilometer
Nexus ToR Switches NFVI Storage Nodes (3x)
SDN Integrations
Cisco VIM Integration with Cisco ACI
Cisco VIM 2.2 – ACI Integration
Cisco VIM 2.2 integrates ACI using OpFlex ML2 plugin to provide the
market leading SDN solution for Cisco NFVI
Integrating ACI with Cisco VIM

• Allows dynamic creation of networking constructs to be driven directly from
OpenStack requirements
• Provides additional visibility within the ACI APIC down to the level of the
individual virtual machine (VM) instance
Cisco VIM 2.2 deploys ACI OpFlex plugin in “Unified” mode with ML2:
• Modular Layer 2 (ML2) mode – Standard Neutron API is used to create
networks
Future: Group Based Policy (GBP) mode – New API is provided to describe,
create and deploy applications as policy groups
Cisco VIM with ACI – Architecture
A typical architecture of ACI fabric with

Cisco VIM deployment consists of
• Nexus 9000 Spine/Leaf topology
• APIC cluster
• Cisco VIM Pod – Controller, Compute
and Storage Servers
• An ACI External Routed Network
connection Cisco
VIM
Cisco VIM with ACI architecture
OpFlex ML2
OpFlex ML2 APIC Driver for integration into
Neutron runs on the Control nodes
• Translates Neutron networking elements

such as a network, subnet or router into
APIC constructs within the ACI Policy
Model
An OpFlex proxy runs on the ACI leaf switch
• Exchanges policy information with the

Agent-OVS instance extending the ACI
switch fabric and policy model into the
virtual switch
ACI Integration in Cisco VIM 2.2
Cisco VIM 2.2 ACI Integration Features

• Containerized deployment of APIC services
• Fully Automated Day 0 APIC configuration
• VLAN Pools, AEP, Physical Domain for bare metal hosts, Intf policy for LACP, PC
and VPC, Network VRF and BDs, EPGs, Associate EPGs to Phys domains and
AEPs
• Dynamic provisioning of provider and tenant networks
• Hardware Supported – UCS C-Series with Cisco VIC
• Virtual switch and Tenant encapsulation – OVS and VLAN
• Reconfigure option to scale up/down ACI Fabric (Leaf nodes)
• Fully supported in CVIM Unified Management GUI
Scale Optimizations – ACI integration
In Cisco VIM 2.2 ACI Unified Plugin for OpenStack enables optimized
functions for Local Layer 3 functions
• DHCP optimization with Distributed DHCP
• The Discovery, Offer, Response, and Acknowledgement (DORA) functions that
interact with the VM instances is kept local to each compute node
• Distributed Metadata on compute nodes
• OpenStack VM's can receive instance-specific information such as instance-id,
hostnames, and SSH keys from the Nova Metadata Service
• Distributed NAT
• Distributes Source NAT and Floating IP functions for OpenStack to the Open
vSwitch of the compute nodes
Cisco VIM Integration with Cisco VTS
Cisco VIM – VTS Integration
• Pre-requisites for VTS Integration with Cisco VIM

• VTC (Controller) is installed in HA mode on two external servers
• VTSR is the BGP control-plane running in HA mode
• VTSR script to configure loopback interface and BGP-ASN
Cisco VIM – VTS Control Components
• Cisco VIM will install VTS plugin on all 3 control nodes
• Control node will send network information to VTC over MX network
Cisco VIM Control Plane Cluster in HA
Control Node 1 Control Node 2 Control Node 3

VTC
MX MX MX MX
Cisco VIM – VTF VHOST Forwarder
• Cisco VIM will install VTF VHOST on all compute and control nodes
• VTSR control plane will use tenant network to program VTF vswitch
Compute Node x N
VHost
VTC VTF container VM
VTSR Socket
MX MX Tenant Tenant
Where are we headed?
Distributed NFV with Edge Cloud & CO
Transformation
Cust Access CO Remote DCs Central DCs Co-Lo / Cloud Hosted
Prem Peering
Nothing is vBNG, vOLT, vCMTS, vPE VPC, SecGW, vIMS, VPC, Gi-LAN, vIMS, XaaS delivered
vBranch, seen Biz Services (vMS), vManaged Service, Biz Services (vMS), vMS, from the Multi-
Analytics today… vRAN, Media xCoding, cDVR, Media xCoding, cDVR, vCDN, Cloud
vCDN, Analytics vPE, vBNG, vCMTS, vCDN, vDDoS,
vCDN, Analytics Virtualized RR, Analytics
MEC, VPC
Analytics
VPC & vCDN, Cloud RAN, IOT / Fog Computing,
& Fog Apps AR/VR, IOT, Fog, location based Online Gaming, Location
services, Data Analytics based Services, AR/VR,
Data Analytics
Remote DC
Near Edge Co-Lo
DCI Peering
Carrier-E /
Transport Edge
DCI DCI
` Central Data Centers Peering

VPN CPE
Internet /
Partner SP DCI DCI
Edge
DCI Peering
Remote DC Co-Lo
Cust. Prem Access Aggregation Near Edge Core and Edge Multi-Cloud
Evolution of Workloads
Application requirements changing: Cloud Native, Micro-services, Containers
Bare Metal / Virtual Cloud-Enabled Cloud-Native
App App App App App Service

Service
App App Service
Service
App
Web App Web App .rb .py .go Java

Database Database
Servers Servers Servers Servers
Physical Infrastructure Local Dedicated Shared Runtime Micro-services on Containers
Towards a Cloud Native Common Virtualization Platform
Edge Compute >10s of Virtual >100s of Virtual >1,000s of Virtual workloads
>100s of Virtual workloads
Latency sensitive apps Workloads, workloads, Production & Backend
Production services
(MEC, IoT, Edge Analytics) Production Services Production services services
Remote DC
Near Edge Co-Lo
DCI Peering
Carrier-E /
Transport Edge
DCI DCI
` Central Data Centers Peering

VPN CPE
Internet /
Partner SP DCI DCI
Edge
DCI Peering
Remote DC Co-Lo
Cust. Prem Access Aggregation Near Edge Core and Edge Multi-Cloud
Nano Micro Rack(s) Multi-Rack ½ or Full Rack
Modular Cloud
Orchestration
Software Stack
BM
High Performance, Automation, Day 0 – N Lifecycle Management, HA, Consistent Networking Models, Logging, Assurance, Security
Cisco NFVI Powered by Cisco VIM
Carrier Grade NFVI Solution
Multi-Use Open source Ease of Use Single Point of Carrier Grade Joint
Case Capable, and standards with Simplified Accountability Performance, Engineering &
Cisco & 3rd compliant Manageability & Ownership HA, Scale & Innovation with
Party Security Partners
Evolution to Cloud Native SP Virtualization

solution with seamless integration with WAN to
Integrated platform sold and supported by Cisco, drive true realization of NFV
powered by Intel, fully backed by Red Hat
Complemented with best in class MANO and Industry’s Broadest VNF Portfolio
Cisco Spark
Questions?
Use Cisco Spark to communicate
with the speaker after the session
How
1. Find this session in the Cisco Live Mobile App
2. Click “Join the Discussion”
3. Install Spark or go directly to the space
4. Enter messages/questions in the space
cs.co/ciscolivebot#BRKSPG-2002
• Please complete your Online Complete Your Online
Session Evaluations after each
session
Session Evaluation
• Complete 4 Session Evaluations
& the Overall Conference
Evaluation (available from
Thursday) to receive your Cisco
Live T-shirt
• All surveys can be completed via
the Cisco Live Mobile App or the
Communication Stations
Don’t forget: Cisco Live sessions will be available
for viewing on-demand after the event at
www.ciscolive.com/global/on-demand-library/.
Continue Your Education
• Demos in the Cisco campus
• Walk-in Self-Paced Labs
• Tech Circle
• Meet the Engineer 1:1 meetings
• Related sessions
Continue Your Education
• Demos in the Cisco campus
• Walk-in Self-Paced Labs
• Tech Circle
• Meet the Engineer 1:1 meetings
• Related sessions
Thank you

BRKSPG 2002

Uploaded by

Document Informationclick to expand document informationnfv8

Document Informationclick to expand document information

Copyright:

Available Formats

BRKSPG 2002

Uploaded by

Document Information

Original Title

Copyright

Available Formats

Share this document

Share or Embed Document

Sharing Options

Did you find this document useful?

Is this content inappropriate?

Copyright:

Available Formats

BRKSPG 2002

Uploaded by

Copyright:

Available Formats

BRKSPG-2002

Naren Narendra, Senior Product Manager

OSS/BSS NFV + = NFVI

• NFVI - Network Function Virtualization

MANO MANO MANO MANO MANO MANO MANO

Virtualization Virtualization Virtualization Virtualization Virtualization

Carrier Class Performance

Use Case Agnostic Infrastructure

Open Standards Based, Modular and Elastic

Easy to use with Unified Management

Integrated Solution with Single Point of Ownership

Service Velocity Operational Simplification Open Architecture

NFVO, Resource Orchestration & VNF Service Orchestration

NSO – Network Services Orchestrator enabled by Tail-f

Virtual Network Functions (Cisco and 3rd Party) VNF Manager

Virtual Infrastructure VIM

Cisco NFVI Scope

Business Services Mobility Other VNFs 3rd party VNFs

Open APIs for Platform Consumption

Virtual Infrastructure VIM

Cisco NFVI Scope

Network Services NFV Orchestrator

Existing IP Network Internet

Certified by Red Hat Performance Acceleration,

Virtual Infrastructure VIM

Cisco NFVI Scope

Simple Access to Support

Virtual Infrastructure VIM

Cisco NFVI Scope

Business Services Mobility Other VNFs 3rd party VNFs

Open APIs for Platform Consumption

Virtual Infrastructure VIM

API Red Hat OSP

Cisco NFVI Scope

Complex interactions between services,

Health and performance of a cloud

Updates/upgrades require extensive human

Lifecycle Manager (Day N operations – Pod Mgmt, Update/Upgrades, Reconfig, REST)

Integrated Tools (Benchmarking: Networking, Storage, Compute)

Logging & Assurance (ELK stack, Zenoss, …)

Integrated SDN Controller (VTS, ACI)

Containerized Deployment (OpenStack Services, CI/CD Capable Platform) Day 0

Red Hat Enterprise Linux OpenStack Platform (RHEL OSP)

Hardware Cisco UCS Cisco Cisco NIC Cisco H/W

2HCY ’16 Sep’17

2016 2017 2018

May ’17 1HCY ’18

Software Hardware Data Plane

* Total of 64 Compute & Storage nodes in a pod

capabilities as full pod Node 1

Control Compute Storage

Control UCS C220 M4 ✓ ✓ ✓ ✓ ✓

Compute UCS C220 M4 ✓ ✓ ✓ ✓ ✓

Storage UCS C240 M4 ✓ ✓ ✓ ✓ ✓

Management UCS C240 M4 ✓ ✓ ✓* ✓

Supported from CVIM 2.2 onwards

NFVI Tenant virtual Networks Provider Virtual Networks SR-IOV