Cisco® VFrame Data Center (DC) is a network-driven service orchestration solution that enables the coordinated provisioning and repurposing of physical and virtualized infrastructure services comprising network, storage, and compute resources. Cisco VFrame Data Center enables IT administrators to rapidly commission infrastructure environments to support new application services from shared pools of resources. It also helps enable dynamic modification of existing infrastructure environments in anticipation of changing application requirements or in response to unplanned disruptions.
• Cisco VFrame coordinated provisioning capabilities have been extended to bring VMware ESX servers online quickly and consistently. With SAN-based remote boot support and rapid, consistent provisioning of the physical SAN, LAN, and network service configurations associated with the ESX hypervisor, including the virtual switch, VFrame brings significant scalability to server virtualization environments
• Support for ESX clusters includes VLAN trunking to servers and API based signaling to VMware VirtualCenter that registers ESX servers as they are deployed. Through the API, VFrame also provides a console view of virtual machines that are deployed by VirtualCenter
• Using policies, ESX clusters can be dynamically resized with automated network and storage configurations
• SAN- and NAS-based storage can now be templatized by Cisco VFrame DC and represented as part of the infrastructure. With this release, Cisco VFrame DC also provides advanced SAN management capabilities such as automatic path selection on Fibre Channel and support for additional storage switches
• Server images can now be versioned by Cisco VFrame DC, making it easier to choose the appropriate images for the SAN and NAS booted servers that are managed by Cisco VFrame
Key Cisco VFrame Data Center Benefits
• Operational cost savings: Cisco VFrame DC lowers overall data center operating costs by enabling infrastructure configurations to be provisioned and changed more efficiently. The solution accelerates or automates many of the mundane, time-consuming tasks for server, storage, and network administrators, such as server OS loads, Fibre Channel zoning, and VLAN and VSAN configuration. Cisco VFrame DC also reduces costs associated with deployment of replicated systems and break-fix support agreements by helping IT rapidly recover from disruptions and reprovision a failed service from a cost-effective, shared resource pool.
– Resource pooling and policy-based optimization, resulting in fewer resources that are more efficiently managed and powered
– Reduced resource proliferation through repurposing of unused resources
– Template-based provisioning of infrastructure, providing an efficient "design once, deploy many" operation collaboration model
– Integration with existing third-party service dashboards through the open web services API, providing investment protection and enabling dynamic changes to infrastructure capacity based on business policies
• Faster and simpler service orchestration: Cisco VFrame DC speeds up new application provisioning as well as application reconfiguration and scaling. By proactively planning and coordinating the creation and management of development, test, and deployment environments in a single tool, Cisco VFrame DC accelerates application time to market, simplifies infrastructure repurposing, and streamlines IT collaboration.
– Faster time to market for applications and application services, with coordinated workflow for faster provisioning of the infrastructure required to roll out new applications
– Dynamic repurposing of pooled server, storage, and network resources to align with changing application requirements
– Automated provisioning of SAN, LAN, and network services configurations for the VMware ESX environment, reducing total server provisioning time to minutes instead of hours
• Robust virtualization scale-out: Cisco VFrame DC helps ensure that production applications can be deployed or migrated across virtualized infrastructures without sacrificing security, reliability, or performance. Cisco VFrame DC helps customers dynamically align the necessary network configurations and services to proliferating virtual machines so that applications deployed on a virtualized infrastructure experience the same protection, reliability, and service levels as can be achieved in deployments on traditional physical infrastructures.
– Dynamic VMware ESX cluster sizing and automated policy-based physical capacity management synchronization with VMware VirtualCenter
– Assurance that additional server capacity coming into a cluster has the same networking and storage configurations as others in the cluster
– Capability to make changes such as VLAN or storage logical unit number (LUN) addition or deletion that apply to multiple ESX Servers in bulk across an entire cluster from a single console
Cisco VFrame Data Center 1.2 Components
Figure 1. Components of Cisco VFrame Data Center
Cisco VFrame Data Center Appliance
• Scalability of up to 500 servers, with concurrent server provisioning
• Inclusion of Fibre Channel and Ethernet appliance interfaces for provisioning and monitoring of Ethernet and Fibre Channel fabrics
• Component-level high availability with dual power supplies and hard disks
• System-level high availability using two appliances: a primary-and-secondary pair with automatic data synchronization and automated failover between them
• Command-line interface (CLI) similar to that of the Cisco IOS® Software for initial setup and configuration
Cisco VFrame Data Center GUI
• Secure access through role-based access control (RBAC)
• Graphical topology views of the network and its connected devices
• Intuitive drag-and-drop function for designing service templates and service networks
• Out-of-the-box service template for rapid, compliant, repeatable ESX hypervisor cluster provisioning and configuration
• Locally run client downloaded through a web browser
• Automatic upgrade upon connection to the Cisco VFrame appliance
Cisco VFrame Web Services Interface and Software Development Kit
Cisco VFrame Host Agent
• Server heartbeat communication to the Cisco VFrame DC appliance to enable rapid server failover
• Capacity utilization metrics that provide information to dynamic policy-based triggers to add or delete servers based on load
• Graceful shutdown of servers at the OS level during dynamic reprovisioning
• Lightweight agent that does not affect application performance
Cisco VFrame DC Macros
• Service templates: This industry-pioneering feature allows IT administrators to logically define the infrastructure components that form the service required to host a defined class of applications. The service template is created through an intuitive graphical drag-and-drop interface that allows users to specify the logical components such as servers, firewalls, load balancers, network VLANs, and storage network VSANs that need to be a part of the service. The connectivity among these elements is also defined as a part of the service template. The template is represented as an XML data set that can be exported or imported by multiple Cisco VFrame DC instances and third-party applications. Multiple applications that belong to the same class and require similar infrastructures can be hosted using a single service template to help ensure compliance at the infrastructure architecture level. For example, separate service templates might be created for multi-tier, intranet portal, and e-commerce portal applications because each may require different infrastructure architectures. Figure 2 shows a sample template representing the infrastructure required to support a three-tier application.
Figure 2. Example of an ESX Cluster Template
• Service networks: A service network is an instance of a service template and represents the logical infrastructure required to host a particular application or application service. Figure 3 shows multiple service networks derived from their associated service templates, according to the intended application type. Multiple similar service networks can be created based on a single service template. Each service network can be customized with application-specific parameters such as VLAN ID, IP address, server image, and storage type. Users can control resource allocation to the service networks by associating specific resource pools, such as a server pool or a VLAN pool, with the logical elements of the service network. Users simply fill out values for parameters, such as a VLAN ID or a server image, that are associated with the logical elements of the network.
Figure 3. Service Networks Derived from Templates
• Event maps: Event maps provide a visual representation of the Cisco VFrame DC orchestration workflow derived automatically from a service template. They provide a detailed view of the exact steps that will be taken during the orchestrated provisioning of the service. You can add custom events to any part of this workflow to perform special provisioning actions in the midst of the standard workflow. Figure 4 shows a typical Cisco VFrame DC event map.
Figure 4. Event Map Detailing Orchestration Workflow
• Extensibility macros: Extensibility macros allow you to perform script-based custom operations as part of the provisioning workflow. Macros are Perl-based scripts that can be attached to specific events in the orchestration workflow. This powerful mechanism helps you work on standard CLIs and pass on any device configuration parameters, from VLAN IDs to firewall rules, that can be configured for devices as part of the service provisioning action.
• Topology-aware discovery of Layer 2 networks with Ethernet switch properties, interconnectivity information, VLANs, and port properties
• Discovery of Fibre Channel fabric with Cisco MDS 9000 family storage network switch properties and VSAN information
• Discovery of Brocade Fibre Channel SAN infrastructure
• Fibre Channel storage array and LUN discovery, extensible through storage macro framework
• Discovery of Fibre Channel host bus adapters (HBAs) on Intel x86 servers with vendor and firmware versions
• Discovery of Ethernet network interface cards (NICs) on x86 servers with vendor and firmware versions
• Discovery of information about server NIC and HBA connectivity to Ethernet and Fibre Channel switches, respectively
• Discovery of Layer 4 to 7 device modules connected to a Cisco Catalyst® 6500 Series Switches chassis, including virtual contexts and devices on Cisco Catalyst 6500 Series Firewall Services Modules
• Discovery of Cisco Application Control Engine (ACE) devices
Figure 5. Comprehensive Discovery and Visualization
• Selective inclusion of discovered devices for automated management
• Discovery scope control using IP address ranges and Cisco Discovery Protocol seed radius
• Automatic filtering of capability-based dynamic resource pools based on discovered device attributes
• Automatic pooling for newly discovered devices based on attributes
• Logical resource pools for entities such as IP addresses, VLANs, and Dynamic Host Configuration Protocol (DHCP) ranges
• File- and block-based server OS image snapshot for visibility into NAS and SAN storage, respectively
• Import of snapshots from images created on other Cisco VFrame DC systems
• Browsable image library including properties of the image and the server from which the snapshot came
• Capability to map server image to the current physical server running the image
• Selection of resources from discovered pools based on parameters such as capacity, availability, and performance characteristics as specified in the template
• Rapid, repeatable, compliant provisioning of VMware ESX clusters
• Remote boot of bare metal server from the NAS or SAN and configuration of downstream network and storage mappings
• Automatic configuration of LUN paths between servers and storage arrays
• Remote SAN boot of dataless servers from Fibre Channel LUNs with automated zoning and storage array LUN masking and mapping
• Remote NAS boot of dataless servers with quota tree creation and volume export control
• Dynamic configuration of network resources and LAN access, including IP addressing, VLANs, network teaming, and Hot Standby Router Protocol (HSRP) based on template parameters
• Dynamic configuration of SAN resources and SAN access, including zones, VSANs, and LUN masking and mapping as defined by the service template
• Dynamic configuration of network services, including server load balancers and primary firewall settings as defined by the service template
• Simplified deployment through single-step orchestration; the deployment follows the event map workflow represented in the template using the parameters specified for the particular service network instance, and the deployment action can be controlled through the RBAC mechanism to help ensure protected access
• Predeployment trial run, so that prior to configuration, you can test the provisioning steps to verify deployment order, actual CLIs, and the devices that will be affected; this trial run does not change any configurations on the devices
• Automated error detection and rollback during deployment; error checking stops on fatal errors encountered during configuration, changes are rolled back to restore the configuration to its previous state, and administrators are notified through email and logging so they can take corrective action before attempting reconfiguration
• Entire service networks can be restored either manually or through policies; the restoration operation restores the configuration of the deployed resources for a service network to its prior state and returns the resources to the resource pools for subsequent use on another service network
• Policy-based server capacity optimization:
– Touchless server failover with automatic reconfiguration of LAN and SAN access
– Load based addition and deletion of servers based on CPU load or memory use
– Time-based server addition or deletion
– Maximum and minimum thresholds for number of servers for assured service levels
– Automatic capacity addition and deletion for ESX clusters from spare server pools
• Easy troubleshooting with logical-to-physical resource mapping: Information about the physical resources powering a logical element in the service network at any given time is always available. You can use this information to quickly zoom in from the application infrastructure to a component device level without having to worry about manually cataloging which device is used for what application.
• Logging, fault notification, and user audit: Logs with user, action, timestamp, and event details are available for all actions. Available through syslog, the logs have filtering capabilities. Automatic notification is available for registered users for specific alarms. This notification is also available through the web services interface for any third-party application, such as an enterprise monitor, that needs status information.
• Running network verification: Configuration of the running network can be compared against parameters programmed by Cisco VFrame DC and reported. Optionally, corrective action can be taken to fix existing configurations and restore them to known configurations.
• Reporting: A built-in reporting engine provides reports on resource utilization, service network availability, server usage trends, and administrative user logins, among others. These reports can be exported from Cisco VFrame DC for use with applications such as charge-back schemes and executive metrics.
• Multitenancy with virtual contexts: Cisco VFrame DC can be virtualized into multiple virtual contexts, each with its own resource allocations and service networks that are managed, allowing secure concurrent access to a common set of resources by multiple user groups. This setup is ideal for resource delegation to subgroups of administrators or customers.
• Users and roles: To provide access control, users can be defined within Cisco VFrame DC and made members of specific virtual contexts. Users can be assigned to specific granular tasks such as template design, storage discovery, or network operator through a RBAC mechanism.
• Communications: All communications to configured devices are secured with Secure Shell (SSH) Protocol. Communications between the host agents and Cisco VFrame DC, and in high-availability configurations between Cisco VFrame DC appliances, are also secure.
Web Services API for Integration with Third-Party Systems
• Software development kit with Web Services Description Language (WSDL) for development of third-party clients to interface with Cisco VFrame DC
• Two-way information exchange, including notification of service network availability status, server reboot status, server maintenance mode status, and guided server reprovisioning changes
• Entry of external application-level policies to change infrastructure properties
• Coordinated orchestration of event changes with external monitoring systems to protect against conflicting policy settings and constant server reboot flapping
• Query capability to access discovered and pooled resources for integration with third-party databases or configuration management databases (CMDB).
Table 1. Ordering Information
For More Information