1.1 DEPLOYING OPENSTACK WITH CISCO COMPUTE, NETWORK AND STORAGE Mike Cohen, Director of Product Management Duane DeCapite, OpenStack Product Manager May 14, 2014

2. 2 LEGAL DISCLAIMER Many of the products and features described herein remain in varying stages of development and will be offered on a when-and-if-available basis. This roadmap is subject to change at the sole discretion of Cisco, and Cisco will have no liability for delay in the delivery or failure to deliver any of the products or features set forth in this document. 3. 3 OPENSTACK @ CISCO COMMUNITY PARTICIPATION Code Contributions and blueprints across Core services Networking model, Compute Service and Dashboard, HA, Scheduling, OpenStack Foundation Board member CISCO OPENSTACK ENGINEERING Automation (Puppet) and architectures (HA) for production deployment and operational support Quantum/Neutron/Nova Plug-ins for Cisco product lines UCS, Nexus, CSR1000V Scalable networking services FWaaS, LBaaS, VPNaaS CUSTOMERS Private, Public Extend cloud model for rapid provisioning of network services, bare-metal, intelligent workload placement Drive innovation through real-world use cases 4. 4 OpenStack Platform SUSE Cloud Ubuntu OpenStack UCS and Nexus 1. Source: IDC 5. 5 LIGHTHOUSE CUSTOMERS WITH CISCO OPENSTACK SOLUTIONS Comprehensive Cisco Integrated Solution for OpenStack Operational efficiency with UCS and Nexus with OpenStack Pre-defined reference configurations and performance optimized solutions 6. 6 7. 7 As of February 2014, there are over 30,000 unique UCS customers which represents 53% Y/Y growth More than 75% of all Fortune 500 customers have invested in UCS As of Q2FY14 we have over 14,000 repeat customers which represents 63% Y/Y growth Over 3,850 Channel Partners are actively selling UCS worldwide and over 1900 UCS specialized partners As of CY13 Q1 Cisco is one of the Top 5 Server Vendors based on Worldwide Revenue Share1 90 World Record Performance Benchmarks to date Source: 1 IDC Worldwide Quarterly Server Tracker, Q1 2013, May 2013, Revenue Share *Data Center Revenue is defined as Cisco UCS and Nexus 1000V UCS with Intel Xeon processor CISCO UCS LEADERSHIP AND MOMENTUM 8. 8 UNIFIED MANAGEMENT BLADE AND RACK SERVERS MANAGED A COHESIVE RESOURCE POOL UCS Manager C-Series Rack Optimized Servers B-Series Blade Servers Service Profile: HR_App1 VNIC1 MAC: 08:00:69:02:01:2E HR_WEB_VLAN (ID=50) VNIC2 MAC: 08:00:69:02:01:2F HR_DB_VLAN (ID=210) HBA 1 and 2 WWN: 5080020000075740 WWN: 5080020000075741 VSAN ID: 12 Boot Order: SAN BIOS Settings: Turbo On HyperThreading On UCS Service Profile Unified Device Management Network Policy Storage Policy Server Policy UNIFIED MANAGEMENT A SINGLE UNIFIED SYSTEM FOR BLADE AND RACK SERVERS A Major Market Transformation in Unified Server Management Benefits of UCS Manager and Service Profiles for Both Blade and Rack-Optimized Servers Add Capacity Without Complexity 9. 9 Chassis/Server Discovery Service Profile Association PXE boot devices deployed Cobbler database update Register NodesProvision UCS Servers Updates the newly added node info in puppet Puppet apply Add hosts/system in OpenStack Event Listener PXE boot for initial OS install RHEL 6.4 installation on bare-metal servers Sync all the plugins from Puppet Master Host OS Install Inventory of nova nodes on controller VM Provisioning OpenStack Services Deployment OpenStack Handover Hostname / IP address Logical credentials Resource allocation preferences Only Point of User Touch Pre-configure UCS DEPLOYMENT AUTOMATION OF OPENSTACK ON UCS 10. 10 NOVA BLUEPRINTS 11. 11 12. 12 LAN/SANLAN CISCO UNIFIED FABRIC INNOVATIONS CISCO NX-OS: From Hypervisor to Core CISCO DCNM: Single Pane of Management DELIVERING TO YOUR DATA CENTER NEEDS Resilient, High Performance, Scalable Fabric Operational EfficiencyWorkload Mobility Within/ Across DCs Secure Separation/ Multitenancy LAN+SAN Convergence Cisco Nexus 1000V Cisco Nexus 1010 Cisco Nexus 4000 Cisco Nexus 5000 Cisco Nexus 3000 Cisco Nexus 2000 Cisco Nexus 7000Cisco Nexus 6000 Cisco Nexus 9000 13. 13 INNOVATIONS IN SOFTWARE, HARDWARE, ASICS AND SYSTEMS NEXUS 9500 PRICE POWER EFFICIENCYPROGRAMMABILITYPORT DENSITYPERFORMANCE PRICE COST STRUCTURE for 1G to 1/10GT and 10G to 40G migration 50% less ASICS PERFORMANCE INDUSTRY LEADING PRICE / LINE CARD BANDWITH 1.92 Tbps per slot 100G ready PORT DENSITY 20% HIGHER Non-blocking Density PROGRAMMABILITY JSON/XML API Linux Container for customer apps POWER EFFICIENCY STATE OF THEART BACKPLANE FREE DESIGN 15% greater power and cooling efficiency MERCHANT+ ASIC APPROACH Innovation in Cisco ASICs 14. 14 CISCO NEXUS PLUGINS FOR NEUTRON BENEFITS Automated VLAN Provisioning Configure VLANs on the Nexus switch Layer 3 Gateway Map Nexus Switch Virtual Interface (SVI) to tenant VLAN Scalability with Top of Rack (ToR) Nexus as default Layer 3 Gateway Eliminates configuration and bottleneck of host-based software L3 forwarding Agent Multi-Homed Host Deployments Virtual Port Channel (vPC) for High Availability (HA) and link optimization to multiple Nexus switches Hardware and Software-based Networking Performance benefits of hardware-based ToR switch (Nexus 3000, 5000, 6000, 7000) Flexibility of software-defined Networking with Nexus 1000V http://docwiki.cisco.com/wiki/OpenStack:Grizzly-Nexus-Plugin 15. 15 SERVICE CHAINING WITH NEXUS 1000V API Network is typically routable to enable public access Cloud Controller Node nova-scheduler mysql, rabbit... nova-api neutron-server keystone Compute Node nova-compute *-plugin-agent Compute Node nova-compute *-plugin-agent Compute Node nova-compute *-plugin-agent Compute Node nova-compute *-plugin-agent Network Node dhcp-agent *-plugin-agent l3-agent Network Node dhcp-agent *-plugin-agent l3-agent Network Node dhcp-agent *-plugin-agent l3-agent Management Network API Network Data Network External Network Internet N1000V Foundation of Virtual Services Architecture vPath Service Insertion/Chaining Network Function Virtualization (NFV) VXLAN Overlay Networking VSM/N1000V 16. 16 Network Node dhcp-agent *-plugin-agent CSR 1000V ROUTING API Network is typically routable to enable public access Cloud Controller Node nova-scheduler mysql, rabbit... nova-api quantum-server keystone Compute Node nova-compute *-plugin-agent Compute Node nova-compute *-plugin-agent Compute Node nova-compute *-plugin-agent Compute Node nova-compute *-plugin-agent Management Network API Network Data Network External Network Internet N1000V CSR 1000V Network or Compute node(s) hosts CSR VSM/N1000V CSR Provides per tenant isolation and full IOS capabilities including VPN, BGP, OSFP, MPLS, etc. 17. 17 NEUTRON BLUEPRINTS 18. 18 NEUTRON BLUEPRINTS 19. 19 20. 20 OPEN RESTFUL APIS CENTRALIZED POLICY MODEL OPEN SOURCE CONTROLLER APIC ACI BUILDING BLOCKS NEXT GENERATION NEXUSTRADITIONAL NETWORKS POLICY MODEL ACI BUILT-IN LINE RATE END POINT DIRECTORY INTEGRATED OVERLAY 40G NON-BLOCKING FABRIC SIMPLE, SECURE >_>_ 50% SIMPLER CODE BASE FUTURE PROOF UPGRADABLE TO ACI PROGRAMMABILITY AND AUTOMATION NETWORK VIRTUALIZATION SUPPORT RESILIENCY: IN SERVICE PATCHING, UPGRADE, FAST RESTART ACI BUILDING BLOCKS FUTURE PROOFSOFTWARE UPGRADABLE TO ACI NEXUS 9500 and 9300 INNOVATIONS IN SOFTWARE HARDWARE AND SYSTEM DESIGN PRICE POWER EFFICIENCYPROGRAMMABILITYPORT DENSITYPERFORMANCE OPTIMIZED NX-OSSCALE OUT WITHOUT COMPROMISE COMMON BUILDING BLOCKS - ACCESS AND CORE APIC 21. 21 AN INNOVATIVE NEW APPROACH TO POLICY Connectivity Security QoS L4-7 Services APPLICATION NETWORK PROFILE Contract Contract Contract OUTSIDE DBAPPWEB ADC F/W ADC What is an application policy? Group: A set of VMs / servers with the same policy1. Contracts: A set of rules governing communication between groups2. Service Chains: A set of network services between groups3. 22. 22 POLICY IN THE OPEN SOURCE COMMUNITY Group-Policy Information Model OpFlex Agent Framework OpFlex Agent Group Policy API Contributors Group Policy API Contributors OpFlex Southbound Plugin 1 2 3 Contributors 23. 23 APIC OPFLEX: AN OPEN, EXTENSIBLE POLICY PROTOCOL OPFLEX WAS DESIGNED TO OFFER: Policies: Who can talk to whom What about Ops requirements Abstract policies rather than device-specific configuration1. Flexible, extensible definition of using XML / JSON2. Support for any device including virtual switches, physical switches, network services with strong interoperability across vendors 3. Open, standardized API with an open source reference implementation4. OPFLEX PROXY OPFLEX AGENT OPFLEX AGENT OPFLEX AGENT HYPERVISOR SWITCH ADCFIREWALL 24. 24 TELEMETRY 3 WHY CISCO ACI + OPENSTACK PHYSICAL + VIRTUAL NETWORKING ADVANCED CAPABILITIES Zero-touch operations Performance at scale Physical server, multi- hypervisor Health Metrics Visibility / Telemetry Troubleshooting Service chaining App Acceleration 1 Easy for app developers Self-documenting / automation APPLICATION- CENTRIC POLICY MODEL 2 4 25. 25 OPENSTACK ACI INTEGRATION NEUTRON ROUTER SECURITY GROUP Web WebWebWeb AppApp DB DB HYPERVISOR HYPERVISOR HYPERVISOR NEUTRON NETWORK APIC Contract Contract Contract DBAPPWEB ADC F/W ADC APIC APIC PluginAPIC Plugin OVS Plugin Neutron Networking APIC Plugin Group Policy Plugin OVS Plugin Neutron Networking APIC PLUGIN GROUP POLICY PLUGIN Web WebWebWeb AppApp DB DB HYPERVISOR HYPERVISOR HYPERVISOR 26. 26 DEMONSTRATION ACI and OpenStack May 2014 27. TOPOLOGY Ubuntu Servers running KVM and Real Physical Environment! ACI Fabric APIC OpenStack KVM 10.10.1.1 KVM 10.10.2.1 ApicApic ApicApic APIC PluginAPIC Driver OVS Driver Neutron Networking 28. SUMMARY AND NEXT STEPS Cisco offers a complete Compute, Networking and Storage Solution for OpenStack ACI provides network simplification with leaf-and-spine architecture and group policy abstraction Cisco provides Advanced and Technical Services to help migrate from Pilot to Production Please let us know how we can help you with OpenStack by contacting us at Openstack-support@cisco.com More information can be found at www.cisco.com/go/OpenStack and www.cisco.com/go/aci APIC 29. 29 APPENDIX Cohen, DeCapite May 2014 30. 31 The policy endpoint interprets the policy and maps it to its hardware capabilities HOW OPFLEX WORKS POLICYAPIC A policy authority such as the APIC manages a logical model of desired state HARDWARE PORTS, VLANS, INTERFACES SUBSET OF POLICY 4 IMPLICIT RENDER POLICY UPDATE POLICY RESOLUTION 32 1 Rendering can leverage any low level programming API including OVSDB, OpenFlow or device-specific API 31. 32 TWO OPTIONS FOR OPENSTACK APIS NEUTRON ROUTER SECURITY GROUP NEUTRON NETWORK Neutron API Group Policy API NEUTRON NETWORK Port Port Tenant Tenant Use Existing Neutron APIs with APIC and Cisco ACI Contract GROUP SERVICE CHAIN GROUP Group Policy introduces a new API that maps to the ACI policy model 32. 33 Trunk Cabling (100m) Patch panel Jumper Cable 10G Optical Link Patch panel Jumper Cable 40G BIDI OPTICS PRESERVE EXISTING 10G CABLING SIGNIFICANT TRANSCEIVER SAVINGS $4,059 SAVINGS (LIST) PER 40G LINK Traditional 40G Optical LinkComplete Replacement 40G BiDi Optical LinkReuse all 10G Cabling/Patch Panels +$2,200* Source: Corning OM3 Cable & Patch Panel list prices, Cisco 40G BiDi list price, Competitors 40G SR4 list price +$6,259* 33. 34 BUILT AROUND OPEN APIS APIC Open REST APIs Support Integration With Any Software OpFlex: Open Fabric Attached Device API Supports Integration with Any Network Device Automation Enterprise Monitoring Systems Management Orchestration Frameworks OVM Hypervisor Management Applications NORTHBOUND PROGRAMMABILITY LAYER SOUTHBOUND PROGRAMMABILITY LAYER 34. 35 Compute-intensive Mixed-use (2) UCS 96-Port 6296 Fabric Interconnect (2) Nexus 2232 PP (6) UCS C220 M3 Servers w/ dual Intel Xeon E5-2665 2.4 GHz Processors, 192GB of Memory, Mega RAID, 4 x 900GB 10K SAS HDDs (2) UCS 96-Port 6296 Fabric Interconnect (2) Nexus 2232 PP (6) UCS C220 M3 Servers w/ dual Xeon E5-2665 2.7 GHz Proc, 192GB of Memory, Mega RAID, 4 x 600GB 10K SAS HDDs (2) UCS C240 M3 Servers w/ dual Intel Xeon E5-2665 2.4 GHz Proc, 192GB of Memory, 1 x Mega RAID, 24 x 900GB 10K SAS HDDs Storage-intensive (2) UCS 96-Port 6296 Fabric Interconnect (2) Nexus 2232 PP (8) UCS C240 M3 Servers w/ dual Intel Xeon E5-2665 2.4 GHz Proc, 192GB of Memory, 1 x Mega RAID, 24 x 900GB 10K SAS HDDs CISCO UCS OPENSTACK ACCELERATOR PAKS 35. 36 CISCO UNIFIED FABRIC CONTINUOUS MARKET LEADERSHIP Cisco FabricPath Customers Cisco FEX Customers Cisco NX-OS Customers DC TECHNOLOGY LEADER 1,500+ 11,000+ 40,000+ 11M+ *Source: Infonetics, Q3 2012 DC Network Equipment Report, December 2012 **Source: DellOro, SAN Switching, November 2012 Data current as of December 2012. Subject to change without notice. DATA CENTER SWITCHING LEADER # Market share by revenue in Q3 2012 for DC Ethernet Switching at 71.7%* 1 # Market share by revenue in Q3 2012 for FCoE SAN Switching at 87.3%** 1 10GE Ports Shipped 36. 37 SEPARATING TENANT POLICIES FROM OPERATIONS 2 ACI Admin (Manages Network Operations and Infrastructure) L/B EPG APP EPG DBF/W L/B EPG WEB Application Network Profile Create Application Policy 3 5 ACI Fabric Push Policy APIC OpenStack Tenant (Manages Tenant and Application State only) Instantiate VMs Web WebWebWeb AppApp4 Create Application Network Profile 1 DB DB HYPERVISOR HYPERVISOR HYPERVISOR NOVANEUTRON Automatically Push Network Profiles to AFC L/B EPG APP EPG DBF/W L/B EPG WEB Application Network Profile