Nexus 1000V Deployment Scenarios

Cisco Nexus 1000V VMW ESX VMW ESX
VMs Need to Move
VMotion DRS SW Upgrade/Patch Hardware Fቤተ መጻሕፍቲ ባይዱilure Virtual Center
VN-Link Property Mobility
VMotion for the network Ensures VM security Maintains connection state
VM #10 VM #11 VM #12
VEM
VMW ESX
VEM
VMW ESX
VEM
VMW ESX
VSM VSM
VSM Virtual Appliance
ESX Virtual Appliance Special dependence on CPVA server Supports up to 64 VEMs
Virtual Supervisor Module(VSM)
CLI interface into the Nexus 1000V Leverages NX-OS 4.01 Controls multiple VEMs as a single network device
Nexus 1000V
Virtual Center
A single Nexus 1000V can span multiple ESX Clusters
SVS-CP# show module Mod Ports Module-Type --- ----- --------------------------------1 1 Supervisor Module 2 1 Supervisor Module 3 48 Virtual Ethernet Module 4 48 Virtual Ethernet Module --More--
Virtual Ethernet Module Basics
VEM is a light weight (~10MB RAM) module that provides N1KV switching capability on the ESX host Single VEM instance per ESX host Relies on the VSM for configuration Can run in last known good state without VSM connectivity Some VMWare features will not work (Vmotion) when VSM is down Must have VSM connectivity upon reboot to switch VM traffic
Model Status ------------------ ---------Cisco Nexus 1000V Cisco Nexus 1000V active * standby ok ok
Single Chassis Management
A single switch from control plane and management plane perspective
Defined in the network Applied in Virtual Center Linked to VM UUID
Cisco Nexus 1000V
Richer Network Services
VN-Link: Virtualizing the Network Domain
Policy-Based VM Connectivity
VSM VSM
VSM Physical Appliance
Cisco branded x86 server Runs multiple instances of the VSM virtual appliance Each VSM managed independently
Virtual Supervisor to Virtual Center
VEM Deployment Scenarios
VEM Concepts
Limits of VEM in Nexus 1000V Installation of VEM
Port Types Defined & Addressing Mechanism for ports
n1kv(Config t)# interface Module#/Eth# n1kv(Config t)# interface veth#
Network Benefits
Unifies network mgmt and ops Improves operational security Enhances VM network features Ensures policy persistence Enables VM-level visibility
Supervisor to Ethernet Module
Two distinct virtual interfaces are used to communicate between the VSM and VEM
•Control • Carries low level messages to ensure proper configuration of the VEM. • Maintains a 2 sec heartbeat what the VSM to the VEM (timeout 6 seconds) •Packet •Carries any network packets between the VEM and the VSM such as CDP/LLDP
VSM
Cisco Nexus 1000V
Faster VM Deployment
Cisco VN-Link—Virtual Network Link
Policy-Based VM Connectivity
Server
VM #1 VM #2 VM #3 VM #4 VM #5
Mobility of Network & Security Properties
Server 3
VM #10 VM #11 VM #12
VEM
VMW ESX
VEM
VMW ESX
VEM
VMW ESX
Virtual Ethernet Module(VEM)
Replaces existing vSwitch Enables advanced switching capability on the hypervisor Provides each VM with dedicated “switch ports”
Mobility of Network & Security Properties
Server
VM #6 VM #7
Non-Disruptive Operational Model
VM #8
Cisco Nexus 1000V VMW ESX VMW ESX
Server Benefits
Maintains existing VM mgmt Reduces deployment time Improves scalability Reduces operational workload Enables VM-level visibility Virtual Center
N1KV-Rack10 1000V Eth2/2 N1KV-Rack10 1000V Eth3/5
Virtual Supervisor Options
Server 1
VM #1 VM #2 VM #3 VM #4 VM #5
Server 2
VM #6 VM #7 VM #8 VM #9
Server 3
Server
VM #6 VM #7
Non-Disruptive Operational Model
VM #8
Cisco Nexus 1000V VMW ESX VMW ESX
Defined Policies
WEB Apps HR DB Compliance Virtual Center
VM Connection Policy
Cisco Nexus 1000V
Increase Operational Efficiency
VN-Link: Virtualizing the Network Domain
Policy-Based VM Connectivity
Server
VM #1 VM #2 VM #3 VM #4 VM #5
Nexus 1000V
Virtual Center
VSM
One way API between the VSM and Virtual Center Certificate (Cisco self signed or customer supplied) ensures secure communications Connection is setup on the Supervisor
Nexus 1000V Deployment Scenarios
Dan Hersey Steve Tegeler
Cisco Nexus 1000V Components
Server 1
VM #1 VM #2 VM #3 VM #4 VM #5
Server 2
VM #6 VM #7 VM #8 VM #9
Spanning Tree Considerations/Conversations General Configuration Options for Traffic Flow Special Ports/VLANs used and I/O characteristics 1GE & 10GE deployment scenarios
Nexus 1000V
VM #1
VM #2
VM #3
VM #4
VEM
VMW ESX
Must be on two separate VLANs Supports both L2 and L3 designs
VSM
Nexus 1000V Deployment Scenarios
Virtual Ethernet Modules
N1K-CP# show svs connections Connection VC: IP address: 10.95.112.10 Protocol: vmware-vim https vmware dvs datacenter-name: PHXLab ConfigStatus: Enabled OperStatus: Connected
Nexus 1000V ‘Virtual Chassis’ Model
One Virtual Supervisor Module managing multiple Virtual Ethernet Modules
•Dual Supervisors to support HA environments
Protocols such as CDP operates as a single switch XML API and SNMP management appears as a single ‘virtual chassis’
Upstream-4948-1#show cdp neighbor Capability Codes: R - Router, T - Trans Bridge, B - Source Route Bridge S - Switch, H - Host, I - IGMP, r - Repeater, P - Phone Device ID Platform Local Intrfce Port ID Gig 1/5 Gig 1/10 136 136 S S Nexus Nexus Holdtme Capability
Server
VM #1 VM #2 VM #3 VM #4 VM VM #1 #5
Mobility of Network & Security Properties
Server
VM VM #2 #6
Non-Disruptive Operational Model
VM VM #3 #7 VM VM #4 #8