Enterprise Data Center Architecture - Cisco · L’evoluzione dell’infrastruttura: da Silos a...
19
1 © 2005 Cisco Systems, Inc. All rights reserved. Session Number Presentation_ID Enterprise Data Center Architecture Luciano Pomelli Consulting SE [email protected]
Transcript of Enterprise Data Center Architecture - Cisco · L’evoluzione dell’infrastruttura: da Silos a...
1© 2005 Cisco Systems, Inc. All rights reserved.Session NumberPresentation_ID
Enterprise Data Center Architecture
Luciano PomelliConsulting [email protected]
2© 2005 Cisco Systems, Inc. All rights reserved.Session NumberPresentation_ID
Real-Time Enterprise
Service-Oriented
ArchitectureReal-Time
Infrastructure
SOA
Virtualization,automation
Operationally awareapplications
Policy-basedmanagement
The Walls Are Coming Down
Business
Infrastructure Applications
3© 2005 Cisco Systems, Inc. All rights reserved.Session NumberPresentation_ID
L’ordine del giorno del CIO
Aumentare l’impatto chel’IT ha sul Business
Migliorarel’efficacia dell’IT
Accelerare l’evoluzionedell’IT
4© 2005 Cisco Systems, Inc. All rights reserved.Session NumberPresentation_ID
Affrontare le nuove sfidecome e dove investire?
70% del Budget IT per Manutenzione30% disponibile per Asset e Innovazione
30% 70%Asset e
innovazioneOperazioni
“Keeping the Lights On”
*Source: Gartner - IT Infrastructure, And The Shift To “Real-Time” Feb, 2005
5© 2005 Cisco Systems, Inc. All rights reserved.Session NumberPresentation_ID
Enterprise Data Center
Applicazioni e Servizienterprise
Applicazioni dicomunicazione
Infrastruttura dicomputing
Infrastrutturadi rete
Attrezzature(Power,Condizionamento,Cablaggio,Sicurezza fisica)
InfrastrutturaStorage
Enterprise Data CenterInternet Data Center
Public Web Site100s of Servers withIntegrated Storage
E-Commerce Application
4-Tier ApplicationApp. Server
Internet Data CenterSupply-Chain Management
TraditionalVoice PBX
In-HouseDeveloped Apps
2-Tier CRMApplication
NCR DB Server
DataWarehousing
Finance, HR,Payroll and EDI
MainframeSystems
Tape Backup Multiple 2-TierERP Instances
EngineeringServ ices
NAS Filers
E-MailAppliances
IP Serv ices
DNS RADIUS LDAP
JBOD
OperationsCenter
Infrastrutturaattuale
TCO
RESILIENZA
AGILITA
Sicurezzainconsistente
Disaster Recoveryinconsistente
Silos Applicativi isolati
Infrastruttura Silos rigida
Risorse sottoutilizzate
Complessita edinefficienza operativa
6© 2005 Cisco Systems, Inc. All rights reserved.Session NumberPresentation_ID
L’evoluzione dell’infrastruttura:da Silos a Service Oriented pools
Controllo deicosti
Livelli ServizioApplicativo
Reazione allecondizioni di
business
Conformita allenorme –
contenimentodel rischio
Gestione delleinformazioni
Criticità dibusiness
Nuovainfrastruttura
TCO
RESILIENZA
AGILITA
Sicurezza integrata emulti-livello
Tiered Storage eBusiness Continuance
Architettura edInfrastruttura Service
Oriented
Pool risorse altamenteutilizzate
Provisioning dinamico
Ambiente operativostandard
Infrastrutturaattuale
TCO
RESILIENZA
AGILITA
Sicurezzainconsistente
Disaster Recoveryinconsistente
Silos Applicativi isolati
Infrastruttura Silos rigida
Risorse sottoutilizzate
Complessita edinefficienza operativa
7© 2005 Cisco Systems, Inc. All rights reserved.Session NumberPresentation_ID
L’evoluzione dell’infrastruttura:da Silos a Service Oriented pools
Controllo deicosti
Livelli ServizioApplicativo
Reazione allecondizioni di
business
Conformita allenorme –
contenimentodel rischio
Gestione delleinformazioni
Criticità dibusiness
Nuovainfrastruttura
TCO
RESILIENZA
AGILITA
Sicurezza integrata emulti-livello
Tiered Storage eBusiness Continuance
Architettura edInfrastruttura Service
Oriented
Pool risorse altamenteutilizzate
Provisioning dinamico
Ambiente operativostandard
Infrastrutturaattuale
TCO
RESILIENZA
AGILITA
Sicurezzainconsistente
Disaster Recoveryinconsistente
Silos Applicativi isolati
Infrastruttura Silos rigida
Risorse sottoutilizzate
Complessita edinefficienza operativa
APPLICATION 1...N
USERS
DEDICATEDCOMPUTING
DEDICATEDSTORAGE
DEDICATED NETWORK
USERS
VIRTUALIZATIONVIRTUALIZATION
INTELLIGENT INFORMATIONNETWORK
APPLICATION 1...N
POOLEDCOMPUTIN
G
POOLEDSTORAGE
8© 2005 Cisco Systems, Inc. All rights reserved.Session NumberPresentation_ID
Da Server-Centrico a Service-Centrico
Modello Service-Centrico“Pools” di Risorse StandardizzateAssemblate On-Demand per creare
una “Virtual Infrastructure”
DATACENTER
NETWORK
User AccessNetwork
Shared ApplicationServices
PooledCompute
ResourcesPooledStorage
Resources
Aggregazionedello Storage nella
SAN
Prevalenza di1-RU e Blade
Servers
ApplicationSilos
ApplicationSilos
Server-CentricoCompute-Silosmonolitico eproprietario
ApplicationSilos
9© 2005 Cisco Systems, Inc. All rights reserved.Session NumberPresentation_ID
Spostamento intelligente di Dati / Voce / VideoAtraverso un Sistema di Reti
Rete e ServiziApplication-aware
Virtualizzazione delle risorse inrete
Valo
reL’evoluzione del Data Center e l’IntelligentInformation Network
Tempo
Infrastrutturadi rete
Sistemaglobale
Risorse edapplicazioni
INTEGRAZIONETRASPORTO
INTEGRAZIONESERVIZI
INTEGRAZIONEAPPLICAZIONI
ServerFabric
Network
CONSOLIDAMENTO
HPCClusterGRID
DataNetwork
Semplicità, Integrazione eStandardizzazione per
ridurre i Costi, migliorareEfficienza e Uptime
LANWANMAN
SAN
StorageNetwork
IntelligentInformation
Network
VIRTUALIZZAZIONE
StorageNetworkCompute
EnterpriseApplications
Gestione delle risorseindipendente
dall’infrastruttura fisica perincrementare Utilizzo,
Efficienza e Flessibilità
AUTOMAZIONE
Storage
Network
Compute
Provisioning dinamico eAutonomic Information
Lifecyle Management (ILM)ottiene Business Agility
Business PoliciesOn-Demand
Service Oriented
10© 2005 Cisco Systems, Inc. All rights reserved.Session NumberPresentation_ID
La struttura della Enterprise Data CenterNetwork Architecture
InstantInstantMessagingMessaging
UnifiedUnifiedMessagingMessaging
MeetingMeetingPlacePlace
IPCCIPCC IP PhoneIP Phone VideoVideoDeliveryDelivery
PLMPLM CRMCRM ERPERP
HCMHCM ProcurementProcurement SCMSCM
CollaborationCollaborationApplicationsApplications
Traditional Architecture / Service Oriented ArchitectureTraditional Architecture / Service Oriented Architecture
BusinessBusinessApplicationsApplications
NET
WO
RK
EDN
ETW
OR
KED
INFR
AST
RU
CTU
RIN
FRA
STR
UC
TUR
EE L
AYE
R L
AYE
R
Compute Compute Storage Storage
ServerServer Fabric Fabric
ServerServerSwitchingSwitching
StorageStorageSwitchingSwitching
Data CenterData CenterInterconnectInterconnect
DirectorFabric
ModularRackBlade
InfinibandSwitching
DWDM,SONET,SDH, FCIP
Catalyst Family MDS Family ONS FamilySFS Family
AN
ALY
TIC
S &
AD
APT
IVE
AN
ALY
TIC
S &
AD
APT
IVE
POLI
CY
POLI
CY
INTE
RA
CTI
VEIN
TER
AC
TIVE
SER
VIC
ESSE
RVI
CES
LA
YER
LA
YER
Serv
ices
Man
agem
ent
Serv
ices
Man
agem
ent
Infrastructure Enhancing ServicesInfrastructure Enhancing Services
Security ServicesCompute Services Storage Fabric Services
Application Networking ServicesApplication Networking Services
Application Delivery Services Application Integration Services
Infiniband GE,10GE Fibre ChannelFICONiSCSI
DWDMSDHFCIP
11© 2005 Cisco Systems, Inc. All rights reserved.Session NumberPresentation_ID
Virtual Server Clusters
SERVER FABRIC NETWORK
Enterprise Grids
ServerVirtualization V
Low LatencyRDMA Virtual I/O
Grid/UtilityComputing
EMBEDDED VIRTUALIZATION SERVICES
Infiniband
SFS-7000
SFS 3000
Fabric AssistedApplications
Data ReplicationServices
StorageVirtualizationVirtual Fabrics
Storage & Tape Arrays
STORAGE AREA NETWORK
DATA CENTERINTERCONNECT
NETWORK
SONET/SDHxWDM
Metro EthernetFCIP
EMBEDDED STORAGE SERVICES
FC, FICON, iSCSI, FCIP
ONS 15000
MDS 9500
Firewall ServicesDDOS Guard
IntrusionPrevention
ServerLoad Balancing
SSL Off-load
SERVER FARM NETWORKEMPLOYEE / PARTNER / CUSTOMER
ACCESS NETWORK
InternetInternetMPLS VPNMPLS VPNIPSEC/SSL VPNIPSEC/SSL VPN
Blade ServersUNIX/NT Servers
Mainframes
EMBEDDED NETWORK SERVICES
Gig E, 10 Gig EApplicationMessage Services
AVS WAAS
Application Network Services
Catalyst6500
L’infrastruttura di rete per il Data Center
12© 2005 Cisco Systems, Inc. All rights reserved.Session NumberPresentation_ID
Infrastruttura resiliente e “sicura”
Storage & Tape Arrays
AVS WAAS
Application NetworkServ ices
MDS 9500
SFS 3000
BranchBranch
WAN, VPN,Internet
Catalyst6500
Virtual FirewallsProvides Isolation and
Controls Access
Host Protection– Cisco Security
ManagerVSANs Storage
Isolation
DDOS GuardProtection
Application-Layer Security
Intrusion ProtectionPrevent Outbreak
Propagation
FC Security Protocol forAuthenticating Access
13© 2005 Cisco Systems, Inc. All rights reserved.Session NumberPresentation_ID
Abilitare un Virtual Data Centervirtualizzare Server, Storage e l’infrastruttura di rete
Virtual Server Clusters
Storage & Tape Arrays
EMPLOYEE / PARTNER / CUSTOMERACCESS NETWORK
InternetInternetMPLS VPNMPLS VPNIPSEC/SSL VPNIPSEC/SSL VPN
Enterprise GridsDATA CENTER
INTERCONNECTNETWORK
SONET/SDHxWDM
Metro EthernetFCIP
Blade ServersUNIX/NT Servers
Mainframes
Gig E, 10 Gig E
Infiniband
FC, FICON, iSCSI, FCIP
MDS 9500
ONS 15000
SFS 3000
• Infiniband Switching• Policy-based Server
Provisioning
Virtualizzazione del computing
• SAN Fabric Virtualization—VSAN• Network-based virtualization
Virtualizzazione dello Storage
• Virtual LANs (VLANs)• Virtual Firewalls
Servizi di rete Virtualizzati
• GLB, SSL / IPSec VPN• MPLS, VRF Mapping
Connettività utenti Virtualizzata
• DWDM, Sonet,• InterVSAN Routing
Interconnessione DC Virtuale
AVS WAEEApplication NetworkServ ices
CiscoCatalyst6500
14© 2005 Cisco Systems, Inc. All rights reserved.Session NumberPresentation_ID
La gestione del Data Center oggi Data Center Provisioning orizzontale
App/OS
Security
Storage
Policies
Network (L4-7)
App/OS App/OS
Server Server Server
Network (L2-3)
Management
Management
Management
Management
Management
Management
Parzializzato Ripetitivo Inefficiente Costoso
15© 2005 Cisco Systems, Inc. All rights reserved.Session NumberPresentation_ID
Security
Storage
Policies
Network (L4-7)
Compute
Network (L2-3)
Management
Management
Management
Management
Management
Management
VFrame™•Virtualization•Orchestration•Provisioning
APIsAPIse.g. Tivoli
Application-Centric
Service-Oriented
End-to-End
La gestione del Data Center del futuro Data Center Provisioning verticale
16© 2005 Cisco Systems, Inc. All rights reserved.Session NumberPresentation_ID
Cisco Enterprise Data Center Architecturepronta per le esigenze attuali e proiettata al futuro
Virtual Server Clusters
Storage & Tape Arrays
EMPLOYEE / PARTNER / CUSTOMERACCESS NETWORK
InternetInternetMPLS VPNMPLS VPNIPSEC/SSL VPNIPSEC/SSL VPN
Enterprise GridsDATA CENTER
INTERCONNECTNETWORK
SONET/SDHxWDM
Metro EthernetFCIP
Blade ServersUNIX/NT Servers
Mainframes
Gig E, 10 Gig E
Infiniband
FC, FICON, iSCSI, FCIP
MDS 9500
ONS 15000
SFS 3000
AVS WAEEApplication NetworkServ ices
CiscoCatalyst6500
Firewall ServicesDDOS Guard
IntrusionPrevention
ServerLoad Balancing
SSL Off-load
SERVER FARM NETWORK
EMBEDDED NETWORK SERVICES
ApplicationMessage Services
SERVER FABRIC NETWORK
ServerVirtualization V
Low LatencyRDMA Virtual I/O
Grid/UtilityComputing
EMBEDDED VIRTUALIZATION SERVICES
Fabric AssistedApplications
Data ReplicationServices
StorageVirtualizationVirtual Fabrics
STORAGE AREA NETWORK
EMBEDDED STORAGE SERVICES1. Proliferazione di Storage e isole SAN
3. Proliferazione dei FileServer Remoti
2. Business Continuance e aderenza alle normative
5. Convenienza di HighPerformance e Grid Computing
4. Prestazioni delle Applicazioni Web
17© 2005 Cisco Systems, Inc. All rights reserved.Session NumberPresentation_ID
Subtitle: Size 26, Left Aligned
17.15-17.45
16.45-17.15
16.15-16.45
15.45-16.15
15.15-15.45
14.45-15.15
14.00-14.45
12.30-13.30
Agenda:
Q&A e conclusioni
Special GuestCase study
Luciano PomelliServer Networking e Virtual Data Center
Coffee break
Andrea VERRIOttimizzazione delle prestazioni applicative
Davide CATTONIConsolidamento e virtualizzazione dello storage
Luciano POMELLIIntroduzione all'architettura Cisco Enterprise DataCenter
Registrazione e buffet lunch
18© 2005 Cisco Systems, Inc. All rights reserved.Session NumberPresentation_ID
DataBase Tier
Application Tier
Segmentazione fisica
FirewallServices
IntrusionProtectionServices
Web Tier
SAN
Intranet/Internet
Load-balServices
Maggiore complessità di gestionee minore efficienza
Numero più elevato di apparati; Utilizzo non ottimale delle risorse; Provisioning meno flessibile;
19© 2005 Cisco Systems, Inc. All rights reserved.Session NumberPresentation_ID
Appl. Tier DataBase TierWeb Tier
Segmentazione logica evirtualizzazione dei servizi
• FWSM offre servizi FW virtuali
• Ogni logical FW contiene leproprie security policies
• Fino a 100 logical FW canoperare simultaneamente su
ogni modulo
Catalyst 6500 Service
Costi ridotti, gestione semplificata e allocazione di risorse flessibile Servizi integrati (FW, LB, SSL offload, IPS, DDOS) negli apparati di aggregazione
(num. inferiore gli apparati) Utilizzo ottimale degli apparati (virtualizzazione); Provisioning rapido e centralizzato;
to core network
Edge
Aggregation
Blade Server
