Arista Nuage meetup dublin 18-2
-
Upload
patrick-lynchehaun -
Category
Internet
-
view
281 -
download
2
Transcript of Arista Nuage meetup dublin 18-2
Copyright 2016 Alcatel-‐Lucent. All rights reserved. @AristaNetworks @nuagenetworks
SDN Dublin
Nuage Networks
So3ware Defined Networking
Internet
Cloud Technologies Networking at scale Policy Based Solutions
Proven by success with Enterprises and Service Providers
§ Leader in SoBware Defined Networking focusing on best of breed, open soluHons
§ Alcatel-‐Lucent venture-‐ Built from a solid networking background
§ Deployed at 20+ Enterprise and Service Provider Customers across public and private clouds
VPN VPN
KVM/XEN LXC/Docker
ESXi
Copyright 2016 Alcatel-‐Lucent. All rights reserved.
§ Current SituaHon
§ Compute is Virtualized
§ Available in Minutes
§ Network is ParHally Virtualized
§ ConfiguraHon takes Days/Weeks
Network ConfiguraHon
Compute Management
New Tenant / ApplicaHon Request
Auto-‐instanHaHon
Compute Request completed in
Minutes Help Desk Change Control
IP Address
VLAN Address
Firewall Configuration
LAN (VLAN) Configuration
WAN (IP) Configuration
Security / QA Team
Project Coordinator
Network Change completed in days/Weeks
00:01
AutomaHng and Securing the Network
Cloud Service Management Plane
Virtualized Services Directory
Datacenter Control Plane
Virtualized Services Controller
Virtualized Services Directory (VSD) • Network Policy Engine – abstracts complexity • Service templates and analyHcs
Nuage Networks Virtualized Services PlaKorm (VSP)
Virtual RouMng & Switching (VRS) • Distributed switch / router – L2-‐4 rules • IntegraHon of bare metal assets
Virtualized Services Controller (VSC) • SDN Controller, programs the network • Rich rouHng feature set
WAN Router
MP-‐BGP
MP-‐BGP
Datacenter Data Plane
Virtual RouHng & Switching
HYPERVISOR
HYPERVISOR
HYPERVISOR
HYPERVISOR
HYPERVISOR
HYPERVISOR
Brooklyn Datacenter -‐ Zone 1
IP Fabric
Hardware GW for
Bare Metal
Nuage Networks Virtual Services PlaKorm
Copyright 2016 Alcatel-‐Lucent. All rights reserved.
Nuage VRS (Hypervisor)
• Single OVS Bridge – Is Flow-‐Based – Performs Firewalling,
Switching, RouHng, NAT, … – Processes ARP, DHCP locally
• Does not require Dedicated Network Node for RouHng, DNAT, SNAT, DHCP
VRS (Single OVS bridge)
Nuage VRS (Hypervisor)
Copyright 2016 Alcatel-‐Lucent. All rights reserved.
VSP Role in the Policy Workflow
Compute Management
2
Policy InstanMaMon • IP address, • L2, L3 service • MulH-‐domain, WAN • Security / FW secngs • QoS parameters
Network Change Completed automatically 00:01
Nuage VSP
Networking, Security policies
1
Compute policies
1
3
Overall Policy/OrchestraHon Engine
Firewall
Firewall
4
Copyright 2016 Alcatel-‐Lucent. All rights reserved.
Example of tools used in CI/CD-‐Chain
Commit Automated and repeatable -‐ Build of packages -‐ Deployment of infrastructure -‐ Deployment of new package -‐ Unit / IntegraHon / Performance TesHng
Package
Repeatable allocaHon of Servers, Storage, Network, Security
Copyright 2016 Alcatel-‐Lucent. All rights reserved. @AristaNetworks @nuagenetworks
Arista IntegraMon
Copyright 2016 Alcatel-‐Lucent. All rights reserved.
Arista and Nuage SoluHon Highlights
Cloud Service Management Plane
Datacenter 1 Control Plane
Datacenter 1 Data Plane
Virtual RouHng & Switching
Virtualized Services Directory
Virtualized Services Controller
HYPERVISOR
HYPERVISOR
HYPERVISOR
HYPERVISOR
HYPERVISOR
HYPERVISOR
Metropolis Datacenter -‐ Zone 1
IP Fabric
MP-‐BGP MP-‐BGP
• Supported Services in Nuage VSP Release 3.0 • L2 domain/VXLAN with MAC Learning in the
data path
• VSC integraHon point • VSC uses OVSDB to push VLAN, VXLAN, port
configuraHon to Arista • VSC MP-‐BGP federaHon enables Arista
VXLAN extension across DC domains
• Data plane interoperability • Arista performs Head End ReplicaHon &
sends BUM traffic to all VTEPs (SW and HW) associated with a VNI
• Nuage & Arista VXLAN instances perform MAC learning on interconnecHng tunnels
Datacenter 2 Edge Router
CVX*
Arista VXLAN GW
Copyright 2016 Alcatel-‐Lucent. All rights reserved.
Nuage VSP and Arista HW VXLAN Gateway IntegraHon
Virtual RouHng &
Switching (VRS)
Virtualized Services Controller (VSC)
Hypervisors, servers
Virtualized Services
Directory (VSD)
4. VSC sends VXLAN service aiributes (OVSDB)
Nuage VSP
2. VSD takes control of Arista VXLAN GWs • Discovers Arista via VSC • Assigns permissions to
Arista resources • Configures VLANs • Map endpoints to service
templates (HW GW & VRS)
VXLAN datapath with MAC Learning
3. VSD sends to VSC related service informaHon
5. Arista HW VTEP is configured: Port-‐VLAN mapping to VXLAN, VXLAN VNID & list of tunnels
Arista VXLAN GW Arista VXLAN GW
ApplicaHon plalorm
1. Configure VSC on Arista GW • VSC-‐Arista OVSDB
control established
6. VSC sends flood list to Arista whenever a new host or end point is discovered (SW or HW VTEP)
CVX*
*Arista Strictly Private & ConfidenHal – shared under NDA only
Copyright 2016 Alcatel-‐Lucent. All rights reserved.
WAN
MP-‐BGP Nuage VSD
Policy driven automaHon
Inter-‐Data Center connecHvity
OVSDB
Nuage VSC
Arista VXLAN GW!Arista VXLAN GW!
Bare Metal Server & Virtualized Servers and Storage
Arista VXLAN GW!Arista VXLAN GW!
VM VM
Hypervisor
Virtual RouMng & Switching (VRS)
CVX*
Data Center 1
OVSDB
Nuage VSC
Arista VXLAN GW!Arista VXLAN GW!
Bare Metal Server & Virtualized Servers and Storage
Arista VXLAN GW!Arista VXLAN GW!
VM VM
Hypervisor
Virtual RouMng & Switching (VRS)
CVX*
Data Center 2
DC Edge Router DC Edge Router
MP-‐BGP
Copyright 2016 Alcatel-‐Lucent. All rights reserved.
Service InserHon
Virtualized Services Directory
Nuage VSD
Arista VXLAN GW!
Physical or virtual service appliances
Arista VXLAN GW!Arista VXLAN GW!
Zone 1
Policy driven automaHon
Virtualized Services Controller
Nuage VSC
VM FW1
Hypervisor
Virtual RouMng & Switching (VRS)
LB VM VM
Arista VXLAN GW!
ApplicaMon VMs VM
Traffic from VMs
BUSINESS LOGIC
DATABASE SERVERS
FW1
BL
DB
BL
DB
FW2
South
BL FW2
DB
LB
A logical view of the service chain topology
Copyright 2016 Alcatel-‐Lucent. All rights reserved.
Demo
Extending Cloud to Bare-metal Network
Management Plane
Control Plane
IP Network Data Plane
VSD
VSC
Baremetal Network VLANx
VXLAN
CVX
Database
VRS
Physical Device Virtual Device VRS/HV-‐Remote Leaf VXLAN VLAN
DOMAIN
NETWORK
TOR
Subnet
- Extended Layer2 connectivity across spine to remote racks via VXLAN tunnel with Bare-metal network
- Underlay network extended into the overlay
Overlay
OVSDB
vms
https://youtu.be/kLJg4O9rI50
Automation Nuage VSP
Management Plane
Control Plane
IP Network Data Plane
VSD
VSC
VXLAN
VRS
Virtual Device Inter-‐Rack
VXLAN
DOMAIN
NETWORK
Subnet vm
VRS
Subnet
vm Overlay
Virtual Device
Example script to build full network connectivity between racks using Nuage VSPK
https://youtu.be/ael15tddmFk