Cisco Cisco Prime Virtual Network Analysis Module (vNAM) 6.0 Livre blanc
3-3
Cisco Virtualized Multiservice Data Center (VMDC) Virtual Services Architecture (VSA) 1.0
Design Guide
Chapter 3 VMDC VSA 1.0 Design Details
VMDC Building Blocks
1000V generally fulfills this role within the architecture. Depending upon the level of software
functionality (such as quality of service (QoS) or security policy) or scale required, the Cisco VM Fabric
Extender (VM-FEX) can serve as a hardware-based alternative to the Nexus 1000V.
functionality (such as quality of service (QoS) or security policy) or scale required, the Cisco VM Fabric
Extender (VM-FEX) can serve as a hardware-based alternative to the Nexus 1000V.
A second subsystem is virtual services (vApp-based), which can include security, SLB, network
analysis, and optimization services. Services implemented at this layer of the infrastructure complement
more centralized service applications, and uniquely apply to a specific tenant or workgroup and their
applications. Specific vApp-based services previously validated for the VMDC architecture include
Cisco Virtual Security Gateway (VSG), providing a second security policy enforcement point within the
tenant virtual data center or Virtual Private Cloud container. Additionally, in this release, IOS-XE ZBF
features on the CSR or ASA 1000V provide perimeter firewalling; Citrix NetScaler VPX provides SLB;
the CSR or VPX provide NAT; the CSR provides IPsec VPN termination; Virtual Network Analysis
Module (vNAM) provides network analysis; and Virtual Wide Area Application Services (vWAAS)
provides WAN optimization.
analysis, and optimization services. Services implemented at this layer of the infrastructure complement
more centralized service applications, and uniquely apply to a specific tenant or workgroup and their
applications. Specific vApp-based services previously validated for the VMDC architecture include
Cisco Virtual Security Gateway (VSG), providing a second security policy enforcement point within the
tenant virtual data center or Virtual Private Cloud container. Additionally, in this release, IOS-XE ZBF
features on the CSR or ASA 1000V provide perimeter firewalling; Citrix NetScaler VPX provides SLB;
the CSR or VPX provide NAT; the CSR provides IPsec VPN termination; Virtual Network Analysis
Module (vNAM) provides network analysis; and Virtual Wide Area Application Services (vWAAS)
provides WAN optimization.
The third subsystem in the Compute layer is the computing resource. This subsystem includes physical
servers, hypervisor software providing compute virtualization abilities, and the VMs. The Cisco Unified
Computing System (UCS), featuring redundant 6100 or 6200 Fabric Interconnects, UCS 5108 Blade
Chassis, and B-Series Blade or C-Series servers, comprise the compute resources in the VMDC reference
architecture.
servers, hypervisor software providing compute virtualization abilities, and the VMs. The Cisco Unified
Computing System (UCS), featuring redundant 6100 or 6200 Fabric Interconnects, UCS 5108 Blade
Chassis, and B-Series Blade or C-Series servers, comprise the compute resources in the VMDC reference
architecture.
Storage Layer
The Storage layer provides storage resources. Data stores reside in a storage area network (SAN), which
is block-based, or in network attached storage (NAS), which is file-based. SAN switching nodes provide
an additional level of resiliency, interconnecting multiple SAN storage arrays to the compute resources
over redundant FibreChannel or FibreChannel over Ethernet (FCoE) links.
is block-based, or in network attached storage (NAS), which is file-based. SAN switching nodes provide
an additional level of resiliency, interconnecting multiple SAN storage arrays to the compute resources
over redundant FibreChannel or FibreChannel over Ethernet (FCoE) links.
Management Layer
The Management layer comprises the "back-end" hardware and software resources required to manage
the multi-tenant infrastructure. These resources include domain element management systems and
higher level service orchestration systems. The domain management systems currently validated within
VMDC include Cisco UCS Manager, Cisco Integrated Management Controller, VMware vCenter, and
vCloud Director for compute resource allocation; EMC UIM and Cisco Fabric Manager for storage
administration; vWAAS Central Manager for traffic optimization services management; and Cisco VSM
and Virtual Network Management Center (VNMC) for virtual access and virtual services management.
Network Analysis Modules (NAMs), residing within Nexus 1010 systems or as vNAMs within the
compute layer of the infrastructure, provide network analysis functionality.
the multi-tenant infrastructure. These resources include domain element management systems and
higher level service orchestration systems. The domain management systems currently validated within
VMDC include Cisco UCS Manager, Cisco Integrated Management Controller, VMware vCenter, and
vCloud Director for compute resource allocation; EMC UIM and Cisco Fabric Manager for storage
administration; vWAAS Central Manager for traffic optimization services management; and Cisco VSM
and Virtual Network Management Center (VNMC) for virtual access and virtual services management.
Network Analysis Modules (NAMs), residing within Nexus 1010 systems or as vNAMs within the
compute layer of the infrastructure, provide network analysis functionality.
Note
Also available and validated as Flexpod domain management components are the NetApp OnCommand
Unified Manager and OnCommand System Manager software, NetApp VSC (Virtual Storage Console -
a vCenter plug-in that provides end-to-end virtual machine (VM) monitoring, provisioning, B&R and
management for VMware vSphere environments running on NetApp storage).
Unified Manager and OnCommand System Manager software, NetApp VSC (Virtual Storage Console -
a vCenter plug-in that provides end-to-end virtual machine (VM) monitoring, provisioning, B&R and
management for VMware vSphere environments running on NetApp storage).
This layer can also include third party NetFlow collectors for aggregating and correlating network
statistics. Automated service provisioning, including cross-resource service orchestration, is provided
by BMC Cloud Lifecycle Management (CLM) or Cisco Intelligent Automation for Cloud (CIAC).
Zenoss Cloud Service Assurance provides “Day 2” service impact visibility and root cause analysis
tools. However, service orchestration and assurance solutions were not in scope for this VMDC system
release.
statistics. Automated service provisioning, including cross-resource service orchestration, is provided
by BMC Cloud Lifecycle Management (CLM) or Cisco Intelligent Automation for Cloud (CIAC).
Zenoss Cloud Service Assurance provides “Day 2” service impact visibility and root cause analysis
tools. However, service orchestration and assurance solutions were not in scope for this VMDC system
release.