VMDC 3.0.1 Introduction
The Cisco Virtualized Multiservice Data Center (VMDC) Solution provides design and implementation guidance for enterprises deploying private cloud services, and for service providers building public and virtual private services. With the goal of providing an end-to-end system architecture, the Cisco VMDC solution integrates various Cisco and third-party products that are part of the cloud computing ecosystem.
This document is intended for, but not limited to, system architects, network design engineers, system engineers, field consultants, advanced services specialists, and customers who want to understand how to deploy a public or private cloud data center infrastructure. This design guide assumes that the reader is familiar with the basic concepts of IP protocols, QoS, and HA. This guide also assumes that the reader is aware of general system requirements and has knowledge of enterprise or service provider network and data center architectures.
VMDC, Cisco's reference architecture for cloud deployment, has been widely adopted by many service providers and enterprises worldwide. In previous releases, VMDC provided design guidance for scalable, secure, resilient, public and private cloud infrastructures serving multiple consumers or tenants. Within the Data Center portion of the architecture, these designs were centered on traditional hierarchical infrastructure models incorporating leading Cisco platforms and Layer 2 resilience technologies such as Virtual Port Channel (vPC), providing network containers or "tenancy" models of different sizes and service profiles, with necessary network based services as well as orchestration and automation capabilities to accommodate the various needs of cloud providers and consumers.
VMDC 3.0 introduced Cisco FabricPath for intra-DC networks, as an optional Layer 2 alternative to a hierarchical vPC-based design. FabricPath simplifies and expands Layer 2 network design by removing the complexities of Spanning Tree Protocol (STP) and thus enabling more extensive, flexible, and scalable Layer 2 designs. This release is the first VMDC release of FabricPath-based designs. Other releases will follow as Cisco develops and evolves FabricPath. While FabricPath comprises an improved Layer 2 multipathing technology, vPC based resiliency remains a valid option in the VMDC portfolio. As such, customers will be able to choose between vPC-based and FabricPath-based designs to meet their requirements.
VMDC 3.0.1 features incremental modifications to the "Typical Data Center" topology model from VMDC 3.0 to address the following areas:
•Updated Nexus 7000 with new Sup2E second generation Supervisor Modules
•Alternative F-Series linecards: F2 and enhanced F2 (F2e) 48-port 1/10 Gigabit Ethernet Modules
•Alternative service attachment and resilience methods: localized, clustered ASA firewalls and centralized, (C6500) VSS-paired ACE-30 and ASA Service Modules. Examination of ACE appliance resilience utilizing vPC attachment (versus EtherChannel in VMDC 3.0)
•Additional access distribution methods, such as Nexus 2200 Fabric Extenders in the access tier of the infrastructure, connecting to Nexus 7000 "aggregation-edge" nodes.
•Modifications to the Integrated Compute tier of the infrastructure: added VM-FEX with various server and VIC options: B-Series with VIC-1280 and C-Series with M2 and M3 VIC 1225.
VMDC 3.0 and 3.0.1 Revision History
VMDC 3.0 introduced the following features.
•FabricPath in a typical Enterprise Data Center, as well as an extended configuration that supports distributed services extended across a contiguous logical data center potentially spanning multiple buildings on a site.
•An Expanded Palladium container, which is built as a suggestion to Enterprise considerations for a model that will serve a unified group (company), but would still like to take advantage of some divisions and isolations of resources.
•Appliance-based services are used (ACE 4710 and ASA 5585) along with a DSN-based service distribution model. The expansion of these components brings in additional relevance to meeting the needs of smaller- to medium-sized.
•Virtual Services Gateway (VSG) to provide inter or intra VLAN zoning and policy enforcement for VM traffic.
•Nexus1000v QoS Implementation.
The VMDC 3.0.1 implementation guide is an incremental update from the VMDC 3.0 release. This release supersedes VMDC 3.0, so this guide replaces the original VMDC 3.0 implementation guide.
The following features were introduced in the VMDC 3.0.1 release.
•ASA Clustering with ASA5585 Appliances connected to Aggregation-edge via vPC.
•ACE-4710 vPC connectivity to Aggregation-edge.
•VM-FEX deployment in B-Series UCS System.
•Sup2E/F2E based Aggregation-edge.
•Expanded implementation guidance for the VSS DSN connected to Aggregation-edge via vPC.
•Sup2/F2 based Access-edge with FEX 2232 and Host vPC.
The typical data center can be extended to connect multiple PoDs via two or more dedicated FabricPath switches, or Super spines. This guide briefly discusses advantages, as well as the challenges in integrating two PoDs to form an extended data center with FabricPath, distributed services and a 4-wide active-active gateway configuration.
For more information about other VMDC validated solutions, refer to the Cisco Virtualized Multiservice Data Center site:
The architecture described in this document addresses the following customer challenges:
•Need for design guidance on implementing FabricPath-based Data Centers.
•Need to address application of network services over FabricPath-based topologies.
•Need for multi-tenancy design guidance over a FabricPath topology in private enterprise "cloud" environments.
The following use cases are specifically addressed in VMDC 3.0:
•DC and PoD design
•Inter-PoD communication (multi-PoD or DC wide)
•Inter-PoD VM mobility
•Inter-PoD/Inter-building (intra-campus) Service Resilience
•Split N-tiered applications
In VMDC 3.0.1, the scope is reduced focus from that of VMDC 3.0, to intra-PoD service resilience and attachment alternatives. In this context, the following use cases apply:
•Intra-PoD VM mobility
•Intra-PoD Service Resilience
•Split N-tiered applications
In addressing the identified requirements we modified the Unified Data Center Networking component of the VMDC architecture, replacing it with a FabricPath-based design. Figure 1-1 shows a high level diagram of the overall VMDC solution.
In general, the solution consists of three modular layers:
1. Unified Computing and Integrated Systems (UCIS) providing server and application virtualization, currently consisting of FlexPods and Vblocks.
2. Unified Fabric and Data Center Networking (UCDC) providing network and network based services virtualization.
3. Data Center Interconnect (DCI) providing seamless multi-site connectivity. The solution is complemented by Cloud Service Management components that enable end to end provisioning and orchestration, as well as monitoring and assurance.
Figure 1-1 High Level VMDC Solution
In VMDC 3.X we replaced only the UCDC layer of the architecture, allowing us to leverage existing design guidance for UCIS and DCI layers. As such the following assumptions were maintained:
•Previous design guidance for UCIS (FlexPod, Vblock) components remains the same. VMDC 3.0 and 3.0.1 validation was performed on the latest FlexPod and Vblock releases. Applications validated on FlexPod or Vblock continue to function on the overall VMDC architecture.
•Previous design guidance for DCI components remains the same. Using FabricPath for long distance multi-site DCI was not covered, however VMDC 3.0 did address shorter distance, inter-building resilience in a campus environment. As previously noted, VMDC 3.0.1 focused on single-site, intra-PoD design alternatives.
•There are no complementary management and orchestration components in VMDC 3.0. This is because VMDC 3.0 is an introductory FabricPath-based design that will be followed by subsequent enhancement releases. We intend to address this gap in a future release.
•Cisco ("XaaS") applications such as Unified Communication, Hosted Collaboration Systems, Media Data Center, Video Surveillance, and TelePresence, use the VMDC architecture as the infrastructure basis for validation efforts. The latest release used for these validations is VMDC release 2.3. No specific Cisco application validations were in scope for VMDC 3.0. However, given the level of validation performed thus far, we are confident that these will work in VMDC 3.0 infrastructures without major issues.