The Cisco® Virtualized Multi-Tenant Data Center (VMDC) 2.0 solution is designed for enterprises building cloud-capable infrastructure and service providers deploying an infrastructure-as-a-service (IaaS) model for the data center. It integrates various Cisco and third-party products that are part of the cloud computing ecosystem (Figure 1).
Figure 1. Solution Topology
Customer Benefits
The Cisco VMDC architecture is a validated design of a virtualized multi-tenant infrastructure that confers several benefits:
• Predictable deployment time and cost: Use of a validated, scalable, modular architecture that incorporates Cisco's pod designs and integrated compute stacks
• Rapid tenant provisioning and management on a unified infrastructure: Use of a comprehensive automation framework with portal-based resource provisioning and management capabilities
• Efficient and flexible workload deployment: Use of shared resource pools and service catalogs
Architecture Features
• Infrastructure
– Use of two different integrated compute stacks: Vblock™ Infrastructure Packages, defined by the Virtual Computing Environment (VCE) coalition,1 and a Cisco, NetApp, and VMware stack
– Pod-based design (see Figure 1): Two baseline scale points (compact and large pods) validated
– Workload mobility and disaster recovery capabilities: For business continuance
– Security in each module of the architecture: Integrated compute stacks, pod, and data center interconnect
• Tenant scale and service tiers
– End-to-end separation of tenants on top of unified infrastructure: Validated scaling of from 30 to 150 tenants
– Service-tier-based design to allow differentiated services for tenants (see Table 1): Validation of a three-tier model
– Support for scalable and flexible mix of typical enterprise workloads per tenant: Support for a range from a few hundred to multiple thousand virtual machines
• Tenant and workload management
– Lifecycle management for tenants and workload using the BMC Cloud Lifecycle Management (CLM) product
– Fully templated process to create, monitor, and delete tenants within the service-tier framework
– Service catalog and portal capability for tenant-focused workload management
Table 1 lists the service tiers that were used to validate the multi-tenant service capability of the Cisco VMDC 2.0 solution. The chosen service tiers reflect a typical set of parameters used by customers to create a differentiated IT environment. Note that the three tiers are only an example to demonstrate the flexibility and scalability of the solution.
Table 1. Example Service Tiers
Service
Bronze
Silver
Gold
Tenant-specific network services
No additional services
Firewall services
Firewall and load-balancing services
Segmentation
One VLAN per client and a single virtual routing and forwarding (VRF) instance
Multiple VLANs per client and a single VRF instance
Multiple VLANs per client and a single VRF instance
Data protection
None
Snap: Virtual copy (local site)
Clone: Mirror copy (local site)
Disaster recovery
None
Remote replication (with specific recovery-point objective [RPO] or recovery-time objective [RTO])
Remote replication (any-point-in-
time recovery)
Workload sizing (number of virtual machines per core)
4:1, 2:1, or 1:1
4:1, 2:1, or 1:1
4:1, 2:1, or 1:1
Solution Components
Table 2 lists the components of the Cisco VMDC solution.
Table 2. Solution Components
Features
Compact Pod
Large Pod
Network
• Cisco Nexus® 5020 Switch and 7000 10-Slot Switch
• Cisco Catalyst® 6500 Series Switches and Catalyst 6509-E Switch (WAN edge)
• Data center services node: Cisco Catalyst 6509-E Switch (with Virtual Switching System [VSS])
• Cisco Nexus 2148T Fabric Extender
• Cisco Nexus 7000 10-Slot and 18-Slot Switches
• Cisco Catalyst 6500 Series Switches and Cisco CRS-1 Modules (WAN edge)
• Data center services node: Cisco Catalyst 6509-E Switch (with VSS)
• Cisco Catalyst 6500 Series Firewall Services Module (FWSM) and Cisco Application Control Engine (ACE)
• VMware vShield
• NetApp vFiler and Virtual Service Domains
• Cisco Nexus 1000V Switch
• Cisco Catalyst 6500 Series FWSM and Cisco ACE
• VMware vShield
• NetApp vFiler and Virtual Service Domains
• Cisco Nexus 1000V Switch
Storage fabric and arrays
• Cisco MDS 9506 and MDS 9513 Multilayer Directors and Cisco MDS 9148 and 9134 Multilayer Fabric Switches
• EMC Symmetrix V-Max with virtual provisioning
• NetApp FAS3170 and NetApp FAS6080
• Cisco MDS 9506 and MDS 9513 Multilayer Directors
• EMC Symmetrix V-Max with virtual provisioning
• NetApp FAS3170 and NetApp FAS6080
Orchestration and management
• BMC Atrium Orchestrator
• VMware vCenter
• Cisco UCS Manager
• BMC BladeLogic for server and network
• BMC Remedy IT Service Management Suite
• BMC Atrium Orchestrator
• VMware vCenter
• Cisco UCS Manager
• BMC BladeLogic for server and network
• BMC Remedy IT Service Management Suite
Solution Scope
Table 3 summarizes the scope of Cisco VMDC 2.0 solution validation.
Table 3. Solution Validation Scope
Use Case
Details
Validation of functions across the entire data center for SAN and network-attached storage (NAS) designs
End-to-end feature integration validation, including validation of quality of service (QoS) for all data center network layers from the access layer to the WAN edge on all platforms; VMware ESX and virtual machine provisioning, bootup, and maintenance; and SAN and NAS storage design
Disaster recovery scenario validation
Transparent movement of data center workloads for business continuance (active-backup scenario)
Automation validation
Validation of service orchestration, portal, and service catalog, with element manager integration for computing and network resources
Validation of data center services
Validation of service-tier offerings with data center services node (firewall, load balancing, etc.)
Failover scenario validation
Validation of redundancy designs (with baseline steady-state traffic), including routing, virtual PortChannel (vPC) and multichassis EtherChannel (MEC), Equal-Cost Multipath (ECMP), VSS, Hot Standby Router Protocol (HSRP), active-active service modules, and clustering
Security validation
End-to-end security validation for various components
Scalability validation
Multidimensional scalability (VLANs, MAC addresses, HSRP, routes, contexts, and virtual machines) within the scope of the architecture
