Cloud Ready Infrastructure Smart Solutions Kits Accelerate Design and Deployment of Unified DC
CRI Smart Solutions Kits
Downloads: This chapterpdf (PDF - 913.0KB) The complete bookPDF (PDF - 1.06MB) | Feedback

CRI Smart Solutions Kits Accelerate Design and Deployment of Unified DC

Table Of Contents

CRI Smart Solutions Kits Accelerate Design and Deployment of Unified DC

VMDC Topology

CRI Kits—Cloud Ready Network Infrastructure for ICS Environments

Cloud Ready Infrastructure Smart Solutions Kits

CRI-PO-M BOMs

CRI-PO-L BOMs

Accessing the BOMs on CCW

Recommended Reading and URLs

Additional information

Acknowlegdements


CRI Smart Solutions Kits Accelerate Design and Deployment of Unified DC


Cloud Ready Infrastructure (CRI) Smart Solutions Kits are a prescriptive, modular, and flexible portfolio of building blocks for designing and deploying Cisco's Unified Data Center Networking platform based on the Cisco Virtualized Multiservice Data Center (VMDC) architecture.

Cisco® Virtualized Multiservice Data Center (VMDC) architecture. is a validated reference architecture for both Cloud and traditional data center environments. The VMDC architecture shown in Figure 1 uses modular, flexible, validated designs in an integrated approach that adapts easily to address enterprise, service provider, or public sector needs. VMDC brings together the three components of the Unified Data Center: Unified Management, Unified Fabric, and Unified Computing. Cloud Ready Infrastructure Smart Solutions Kits focus on simplifying ordering and deploying the Unified Data Center Networking module of the architecture.

Figure 1 VMDC Reference Architecture

Cloud Ready Infrastructure Smart Solutions Kits are pre-defined and pre-validated baseline bill of materials (BOM) sized for different environments to enable functionality for the Unified Data Center Networking layer of VMDC. This layer provides secure separation and access to shared network services for the applications and workflow moving through the virtualized data center. The baseline is a suggested starting point of products and features that can be readily adapted to meet each business's unique needs.

Cloud Ready Infrastructure Smart Solutions Kits complement VMDC Cisco Validated Design (CVD) documentation. The CVDs detail validated architecture features and benefits, along with guidance on how to integrate and configure the products and technologies to provide the end-to-end system. The CRI Smart Solutions Kits provide product BOMs and licenses necessary to implement the system described in the CVDs.

In the future, Cloud Services Management kits will be made available to simplify the ordering and deploying the Cloud Services Management Layer. The kits will be based on Cisco Validated Designs, which pre-validate Cloud Ready Infrastructure with Cloud Service Management solutions such as Cisco Intelligent Automation for Cloud.

VMDC Topology

As shown in Figure 2, the CRI Smart Solutions Kit describes the baseline products for the core/aggregation layer and services layer of the VMDC reference architecture. These two layers, along with integrated compute, storage, and network systems (ICS) (compute + storage + networking) form the basic data center building blocks called Points of Delivery (POD). The POD serves as a blueprint for incremental build-out of the Cloud data center in a structured fashion. When resource utilization within a POD reaches a pre-determined threshold (i.e., 70-80%), the idea is that one simply deploys a new POD. From a service fulfillment and orchestration perspective, a POD represents a discrete resource management domain.

Figure 2 VMDC System Overview

CRI Kits—Cloud Ready Network Infrastructure for ICS Environments

The CRI kits are ideal for new and existing FlexPod, Vblock, and other integrated compute, storage, and networks stacks (ICS) systems. The CRI kits are easily integrated with these converged environments by connecting the northbound links of the ICS to CRI kit. Figure 3 shows how a typical ICS connects to the aggregation/access layer of the CRI kit.

The CRI kit extends the secure workload separation provided by the ICS throughout the rest of the data center network using VMDC network containers.

The ICS layer is described in detail in validated ICS systems such as the FlexPod1 and Vblock2 .

Figure 3 CRI and ICS

Cloud Ready Infrastructure Smart Solutions Kits

The Cloud Ready Infrastructure Smart Solutions Kits portfolio is the pre-defined, pre-validated baseline BOMs that follow the Virtualized Multiservice Reference Architecture.

Each kit defines the VMDC POD components and sized by the number of UCS chassis supported by each POD3 . The VMDC 2.x design guides recommend four 10GE links between each aggregation layer switch and the integrated compute, storage, and storage systems based on Cisco UCS (two links to each N5K of the ICS), based on a 4:1 network oversubscription, along with existing best practices described. From the UCS chassis perspective, eight 10G links, 4 to each Fabric Interconnect, exist.

The number of UCS chassis can be used to derive other use case-specific sizing metrics, such as the number of virtual machines. For example, assuming 250 VMs per chassis for mixed generic IaaS workloads, then the VM limits are 6000, 12000, and 16000 VMs, respectively.

These baseline bills of materials are intended to be a starting point and intended to be adapted to each customer's unique needs. Detailed scalability considerations are described in the VMDC 2.2 Design Guide and include factors such as tenant numbers, bandwidth counts, services throughput, nic/mac counts, VLAN counts, and vlan-port count.

Table 1 summarizes the CRI kits for VMDC 2.x. The kits are a list of product IDs that are available in pre-populated Cisco Commerce Workspace (CCW) templates. The table headings are used to identify the kits in this document (e.g., CRI-SO-M). These heading are not product IDs since the kits are not bundles that are orderable with a single SKU.

Table 1 CRI Kits

 
CRI-PO-M
CRI-PO-L

Aggregation Switch

Nexus 7009

Nexus 7018

Network Services1

Catalyst 6500 DSN + ASA5555-X + ASA-SM + ACE30

Catalyst 6500 DSN + ASA5585-X + ASA-SM + ACE30

Number of UCS B-Series Chassis Supported

48

64

1 Load Balancing is an essential function for many of the VMDC container models. Cisco ACE is listed as an example; however, every customer situation is unique, and a L4-L7 services strategy should be based on current needs as well as planning for the future as your network transitions to virtualization and cloud.


Figure 4 Cloud Ready Network Infrastructure Smart Solutions Kits

Figure 4 depicts the products used in the CRI smart solutions kits. This is a simplified view and does not show the redundant pair. The details of each BOMs are included below. The product IDs (PIDs) and quantity of each product are provided.

The BOMs are shown using promotional bundles, as of 11/28/12. However, the recommended product PIDs and quantities are still valid if the promotion bundle has expired.

CRI-PO-M BOMs

This kit is based on the Nexus 7009 as the aggregation node and the Data Center Services Node and appliances for network services.

The Nexus 7009 aggregation nodes are deployed in pairs as listed in Table 1. The Nexus 7000 scales up through additional line cards. Each Nexus 7009 has:

Dual Sup2

Dual M2 Series Line Cards

The Data Center Services Nodes are deployed in pairs as listed in Table 2. Each DSN has:

Dual VS-Sup720

Dual 6708 Line Cards

ACE30 for load balancing

ASA-SM for firewall

If price is an issue, then a single VS-Sup720 configuration can be used; however, system redundancy is reduced.

The DSN scales up through additional feature licenses on the service modules and by adding additional service modules. For example, the ASA-SM is specified below with 20 security context licenses, which supports up to 20 tenants. The ASA-SM can be scaled up to support 250 tenants by upgrading the virtual context licenses (e.g., ASA5500-SC-20).

A pair of ASA5555-X is the recommended starting point as listed in Table 3. If additional performance is required, then the ASA5585-X (with SSP20 or higher) should be considered. Choose different platforms or licensing based on services throughput, contexts, and features needed for deployment.

Table 1 CRI-PO-M Aggregation Layer with Cisco Nexus 7009

Item Name
Description
Quantity

N7K-C7009-BUN2-P2

Nexus 7009 Promo Bundle (Chassis SUP2 (3)FAB2)

2

N7K-M224XP-23L

Nexus 7000 M2-Series 24 Port 10GE with XL Option (req. SFP+)

2

SFP-10G-SR

10GBASE-SR SFP Module

20

N7K-M224XP-23L

Nexus 7000 M2-Series 24 Port 10GE with XL Option (req. SFP+)

2

SFP-10G-SR

10GBASE-SR SFP Module

20

N7K-C7009-FAB-2

Nexus 7000 - 9 Slot Chassis - 110Gbps/Slot Fabric Module

6

N7K-AC-6.0KW

Nexus 7000 - 6.0KW AC Power Supply Module

4

CAB-AC-C6K-TWLK

Power Cord 250Vac 16A twist lock NEMA L6-20 plug US

8

N7KS2K9-61

Cisco NX-OS Release 6.1 for SUP2

2

N7K-LAN1K9

Nexus 7000 LAN Enterprise License (L3 protocols)

2

N7K-SUP2

Nexus 7000 - Supervisor 2 Includes External 8GB USB Flash

2

N7K-USB-8GB

Nexus 7K USB Flash Memory - 8GB (Log Flash)

2

N7K-SUP2

Nexus 7000 - Supervisor 2 Includes External 8GB USB Flash

2

N7K-USB-8GB

Nexus 7K USB Flash Memory - 8GB (Log Flash)

2


Table 2 CRI-PO-M: Data Center Services Node for Network Services 

Item Name
Description
Quantity

WS-C6509-E

Catalyst 6500 Enhanced 9-slot chassis 15RU no PS no Fan Tray

2

VS-S720-10G-3C

Cat 6500 Supervisor 720 with 2 x 10GbE and 3x1GE MSFC3 PFC3C

2

BF-S720-64MB-RP

Bootflash for SUP720-64MB-RP

2

VS-F6K-MSFC3

Catalyst 6500 Multilayer Switch Feature Card (MSFC) III

2

VS-F6K-PFC3C

Catalyst 6500 Sup 720-10G Policy Feature Card 3C

2

VS-S720-10G

Catalyst 6500 Supervisor 720 with 2 10GbE ports

2

CF-ADAPTER-SP

SP adapter for SUP720 and SUP720-10G

2

MEM-C6K-CPTFL1GB

Catalyst 6500 Compact Flash Memory 1GB

2

X2-10GB-SR

10GBASE-SR X2 Module

4

WS-X6708-10G-3C

C6K 8 port 10 Gigabit Ethernet module with DFC3C (req. X2)

2

WS-X6708-10GE

Cat6500 8 port 10 Gigabit Ethernet module (req. DFC and X2)

2

WS-F6700-DFC3C

Catalyst 6500 Dist Fwd Card for WS-X67xx modules

2

X2-10GB-SR

10GBASE-SR X2 Module

8

WS-X6708-10G-3C

C6K 8 port 10 Gigabit Ethernet module with DFC3C (req. X2)

2

WS-X6708-10GE

Cat6500 8 port 10 Gigabit Ethernet module (req. DFC and X2)

2

WS-F6700-DFC3C

Catalyst 6500 Dist Fwd Card for WS-X67xx modules

2

X2-10GB-SR

10GBASE-SR X2 Module

8

ACE30-MOD-K9

Application Control Engine 30 Hardware

2

SC6K-A51-ACE

ACE30 module Software Release 5(1)

2

ACE30-MOD-04-K9

ACE30 Module with 4G 4G Comp 30K SSL TPS and 250VC

2

WS-SVC-ASA-SM1-K9

ASA Services Module for Catalyst 6500-E 3DES/AES

2

SF-ASASM-8.5-K8

ASA Software 8.5 for Catalyst 6500-E ASASM 2 free VFW

2

ASA5500-ENCR-K9

ASA 5500 Strong Encryption License (3DES/AES)

2

MEM-C6K-APP-24GB

Cat6500 24GB Service Module Memory

2

SF-ASASM-ASDM-6.5

ASDM Software 6.5 for Catalyst 6500-E ASASM

2

WS-SVC-ASA-SM1

Base ASA Services Module PID for K8/K9

2

ASA5500-SC-20

ASA 5500 20 Security Contexts License

2

WS-CAC-6000W

Cat6500 6000W AC Power Supply

4

CAB-C19-CBN

Cabinet Jumper Power Cord 250 VAC 16A C20-C19 Connectors

8

WS-C6509-E-FAN

Catalyst 6509-E Chassis Fan Tray

2

VS-S720-10G-3C

Cat 6500 Supervisor 720 with 2 x 10GbE and 3x1GE MSFC3 PFC3C

2

BF-S720-64MB-RP

Bootflash for SUP720-64MB-RP

2

VS-F6K-MSFC3

Catalyst 6500 Multilayer Switch Feature Card (MSFC) III

2

VS-F6K-PFC3C

Catalyst 6500 Sup 720-10G Policy Feature Card 3C

2

VS-S720-10G

Catalyst 6500 Supervisor 720 with 2 10GbE ports

2

SV33AIK9-12233SXJ

Cisco CAT6000-VSS720 IOS ADVANCED IP SERVICES SSH

2

CF-ADAPTER-SP

SP adapter for SUP720 and SUP720-10G

2

MEM-C6K-CPTFL1GB

Catalyst 6500 Compact Flash Memory 1GB

2

X2-10GB-SR

10GBASE-SR X2 Module

4


Table 3 CRI-PO-M: VPN Services 

Item Name
Description
Quantity

ASA5555VPN-EM5KK9

ASA 5555-X w/5000 AnyConnect Essentials and Mobile

2

ASA-AC-E-5555

AnyConnect Essentials VPN License - ASA 5555-X (5000 Users)

2

ASA-AC-M-5555

AnyConnect Mobile - ASA 5555-X (req. Essentials or Premium)

2

SF-ASA-8.6-K8

ASA 5500 Series Software Ver. 8.6 for ASA 5512X--5555X DES

2

ASA-VPN-CLNT-K9

Cisco VPN Client Software (Windows Solaris Linux Mac)

2

CAB-AC

AC Power Cord (North America) C13 NEMA 5-15P 2.1m

2

ASA-PWR-AC

ASA 5545-X/5555-X AC Power Supply

2

ASA5500-ENCR-K9

ASA 5500 Strong Encryption License (3DES/AES)

2

ASA-ANYCONN-CSD-K9

ASA 5500 AnyConnect Client + Cisco Security Desktop Software

2

ASA-PWR-BLANK

ASA 5545-X/5555-X Power Slot Blank Cover

2


CRI-PO-L BOMs

This kit is based on the Nexus 7018 as the aggregation node and the Data Center Services Node and appliances for network services.

The Nexus 7018 aggregation nodes are deployed in pairs as listed in Table 4. The Nexus 7000 scales up through additional line cards. Each Nexus 7018 has:

Dual Sup2E

Pair of M2 Series Line Card for southbound traffic

The Data Center Services Nodes are deployed in pairs as shown in Table 5. Each DSN has:

Dual VS-Sup720

Dual 6708 Line Cards

Dual ACE30 for load balancing for additional performance

Dual ASA-SM for firewall for additional performance

The DSN scales up through additional feature licenses on the service modules and by adding additional service modules. For example, the ASA-SM is specified below with 20 security context licenses, which support up to 20 tenants. The ASA-SM scales up to 250 tenants by upgrading the number of licenses.

Remote access VPN is only offered as an appliance because there is no DSN service module with this functionality. A pair of ASA5585-X (with SSP20) is the recommended starting point for additional performance as shown in Table 6. Choose different platforms or licensing based on services throughput, contexts and features needed for deployment.

Table 4 CRI-PO-L Aggregation Layer with Cisco Nexus 7018

Item Name
Description
Quantity

N7K-C7018

18 Slot Chassis No Power Supplies Fans Included

2

N7K-M224XP-23L

Nexus 7000 M2-Series 24 Port 10GE with XL Option (req. SFP+)

2

SFP-10G-SR

10GBASE-SR SFP Module

20

N7K-C7018-FAB-2

Nexus 7000 - 18 Slot Chassis - 110Gbps/Slot Fabric Module

6

N7K-AC-7.5KW-US

Nexus 7000 - 7.5KW AC Power Supply Module US (cable included

4

N7K-C7018-FAN

Nexus 7000 - 18 Slot Fan

4

N7K-C7018-F-BLANK

Nexus 7018 Fabric Module Blank

4

N7KS2K9-61

Cisco NX-OS Release 6.1 for SUP2

2

N7K-LAN1K9

Nexus 7000 LAN Enterprise License (L3 protocols)

2

N7K-SUP2E

Nexus 7000 - Supervisor 2 Enhanced Includes 8GB USB Flash

2

N7K-USB-8GB

Nexus 7K USB Flash Memory - 8GB (Log Flash)

2

N7K-SUP2E

Nexus 7000 - Supervisor 2 Enhanced Includes 8GB USB Flash

2

N7K-USB-8GB

Nexus 7K USB Flash Memory - 8GB (Log Flash)

2

N7K-M224XP-23L

Nexus 7000 M2-Series 24 Port 10GE with XL Option (req. SFP+)

2

SFP-10G-SR

10GBASE-SR SFP Module

20


Table 5 CRI-PO-L: Data Center Services Node for Network Services 

Item Name
Description
Quantity

WS-C6509-E

Catalyst 6500 Enhanced 9-slot chassis 15RU no PS no Fan Tray

2

WS-X6708-10G-3C

C6K 8 port 10 Gigabit Ethernet module with DFC3C (req. X2)

2

X2-10GB-SR

10GBASE-SR X2 Module

8

WS-X6708-10GE

Cat6500 8 port 10 Gigabit Ethernet module (req. DFC and X2)

2

WS-F6700-DFC3C

Catalyst 6500 Dist Fwd Card for WS-X67xx modules

2

ACE30-MOD-K9

Application Control Engine 30 Hardware

2

SC6K-A51-ACE

ACE30 module Software Release 5(1)

2

ACE30-MOD-04-K9

ACE30 Module with 4G 4G Comp 30K SSL TPS and 250VC

2

VS-S720-10G-3C

Cat 6500 Supervisor 720 with 2 x 10GbE and 3x1GE MSFC3 PFC3C

2

BF-S720-64MB-RP

Bootflash for SUP720-64MB-RP

2

VS-F6K-MSFC3

Catalyst 6500 Multilayer Switch Feature Card (MSFC) III

2

VS-F6K-PFC3C

Catalyst 6500 Sup 720-10G Policy Feature Card 3C

2

VS-S720-10G

Catalyst 6500 Supervisor 720 with 2 10GbE ports

2

SV33AIK9-12233SXJ

Cisco CAT6000-VSS720 IOS ADVANCED IP SERVICES SSH

2

CF-ADAPTER-SP

SP adapter for SUP720 and SUP720-10G

2

MEM-C6K-CPTFL1GB

Catalyst 6500 Compact Flash Memory 1GB

2

X2-10GB-SR

10GBASE-SR X2 Module

4

VS-S720-10G-3C

Cat 6500 Supervisor 720 with 2 x 10GbE and 3x1GE MSFC3 PFC3C

2

BF-S720-64MB-RP

Bootflash for SUP720-64MB-RP

2

VS-F6K-MSFC3

Catalyst 6500 Multilayer Switch Feature Card (MSFC) III

2

VS-F6K-PFC3C

Catalyst 6500 Sup 720-10G Policy Feature Card 3C

2

VS-S720-10G

Catalyst 6500 Supervisor 720 with 2 10GbE ports

2

CF-ADAPTER-SP

SP adapter for SUP720 and SUP720-10G

2

MEM-C6K-CPTFL1GB

Catalyst 6500 Compact Flash Memory 1GB

2

X2-10GB-SR

10GBASE-SR X2 Module

4

WS-X6708-10G-3C

C6K 8 port 10 Gigabit Ethernet module with DFC3C (req. X2)

2

WS-X6708-10GE

Cat6500 8 port 10 Gigabit Ethernet module (req. DFC and X2)

2

WS-F6700-DFC3C

Catalyst 6500 Dist Fwd Card for WS-X67xx modules

2

X2-10GB-SR

10GBASE-SR X2 Module

8

WS-SVC-ASA-SM1-K9

ASA Services Module for Catalyst 6500-E 3DES/AES

2

SF-ASASM-8.5-K8

ASA Software 8.5 for Catalyst 6500-E ASASM 2 free VFW

2

ASA5500-ENCR-K9

ASA 5500 Strong Encryption License (3DES/AES)

2

MEM-C6K-APP-24GB

Cat6500 24GB Service Module Memory

2

SF-ASASM-ASDM-6.5

ASDM Software 6.5 for Catalyst 6500-E ASASM

2

WS-SVC-ASA-SM1

Base ASA Services Module PID for K8/K9

2

ASA5500-SC-20

ASA 5500 20 Security Contexts License

2

WS-CAC-6000W

Cat6500 6000W AC Power Supply

4

CAB-C19-CBN

Cabinet Jumper Power Cord 250 VAC 16A C20-C19 Connectors

8

WS-C6509-E-FAN

Catalyst 6509-E Chassis Fan Tray

2


Table 6 CRI-PO-L: VPN Services 

Item Name
Description
Quantity

ASA5585-S20X-K9

ASA 5585-X Chas with SSP20 8GE 2SFP+ 2GE Mgt 2 AC 3DES/AES

2

ASA5585-SEC-PL

ASA 5585-X Security Plus License (Enables 10G SFP+ Ports)

2

ASA-AC-E-5585

AnyConnect Essentials VPN License - ASA 5585-X (Max Users)

2

ASA5585-PWR-AC

ASA 5585-X AC Power Supply

2

CAB-US515P-C19-US

NEMA 5-15 to IEC-C19 13ft US

4

ASA-SSP-20-INC

ASA 5585-X Security Services Processor-20 with 8GE

2

ASA5500-ENCR-K9

ASA 5500 Strong Encryption License (3DES/AES)

2

ASA5585-BLANK-HD

ASA 5585-X Hard Drive Blank Slot Cover

4

ASA5585-PWR-AC

ASA 5585-X AC Power Supply

2

ASA5585-BLANK-F

ASA 5585-X Full Width Blank Slot Cover

2

ASA-VPN-CLNT-K9

Cisco VPN Client Software (Windows Solaris Linux Mac)

2

SF-ASA5585-8.2-K8

ASA 5500 Series Software Version 8.2 for ASA 5585-X DES

2


Accessing the BOMs on CCW

The BOM listed above are available on the Cisco Commerce Workspace (CCW).

If you would like a copy of the BOMs shown in this document, which are in CCW, contact your Cisco or Partner sales team4 .

Recommended Reading and URLs

1. Cisco VMDC public website, http://www.cisco.com/go/vmdc

2. Cisco VMDC partner website http://www.cisco.com/go/vmdc (click on For Partners)5

3. Cisco Virtualized Multi-Tenant Data Center, Version 2.2, Design Guide, http://www.cisco.com/en/US/docs/solutions/Enterprise/Data_Center/VMDC/2.2/design_guide/vmdcDesign22.html

4. Cisco Virtualized Multi-Tenant Data Center, Version 2.2, Implementation Guide, http://www.cisco.com/en/US/partner/docs/solutions/Enterprise/Data_Center/VMDC/2.2/implementation_guide/vmdcImplementationGuide22.html

5. Data Center Service Nodes, http://www.cisco.com/en/US/prod/collateral/switches/ps5718/ps708/design_guide_c07-606204.html

6. ASA5000 VPN, http://www.cisco.com/en/US/prod/collateral/vpndevc/ps6032/ps6094/ps6120/prod_brochure0900aecd80402e39.html

7. Partner Bundles and Promotions, http://www.cisco.com/web/partners/incentives_and_promotions/index.html

Additional information

Please email ask-vmdc-external@cisco.com with additional questions.

Acknowlegdements

Author: Kevin Loo

1 http://www.cisco.com/go/flexpod
2 http://www.cisco.com/go/vblock
3 The number of UCS chassis listed is only a baseline example and assumes fully populated UCS B-Series Chassis with B200 blade servers.
4 The sales team can contact sac-support@cisco.com
5 Additional cisco.com authorization required.