Cisco Blogs


Cisco Blog > Open at Cisco

Nexus 1000V On Open Source Hypervisors

Last week at Cisco Live, Cisco unveiled the Cisco ONE strategy. I won’t go into detail on Cisco ONE in this blog post, there has been plenty of blog and analyst coverage of this elsewhere. One piece of the announcement I would like to talk about is the Nexus 1000V and it’s move to running on Open Source hypervisors, along with OpenStack Quantum integration.

Nexus 1000V on KVM With OpenStack: The Cisco Live Demo

At Cisco Live, we demonstrated the Nexus 1000V on KVM with integration into OpenStack. The demo included both the Nexus 1000V Virtual Supervisor Module (VSM), as well as the Virtual Ethernet Module (VEM). The VSM is a virtual machine running Cisco NX-OS software. For the demo, the VSM was running on a Nexus 1010 physical appliance. The VEM was running on the Linux host itself, which was running Fedora Linux, version 16. The OpenStack version we demoed was OpenStack Essex. We were running Nova, Glance, Keystone, Horizon and Quantum. We also wrote a Nexus 1000V Quantum plugin which handles interaction between Quantum and the Nexus 1000V VSM. This is done via a REST API on the Nexus 1000V VSM.

What we demonstrated was the ability for providers to create networks using the standard “nova-manage” CLI in OpenStack. These networks were then mapped to port-profiles on the Nexus 1000V VSM. When a tenant then powered up a VM, the VM was placed on the provider network, and ultimately had it’s VIF attached to the port-profile associated with the provider network. The network administrator, through the VSM, is now able to see the virtual interfaces attached to veth ports, and can apply policies on them. We demoed ACLs on the virtual ports, to demonstrate a Nexus 1000V feature in use with OpenStack. What the demo ultimately showed was the Nexus 1000V operational model separating network and server administrator in an OpenStack deployment.

Where To Go From Here

One thing we are planning to do around our Quantum plugin is to expose the port-profile concept as an extension to the standard Quantum API. This allows profiles to be managed by our Quantum plugin, and allows for us to provide the ability to expose profiles to users of Quantum via the extension API. One immediate benefit this allows for is a GUI such as Horizon to expose port-profile information back into their UI, allowing tenants to select port-profiles to map to virtual interfaces when powering up virtual machines. Effectively, this would allow for providers to create port-profiles and make them available for their tenants to select when powering up virtual machines. Providers can then control policy on the virtual interfaces on their networks.

The End Result

The result of integrating Nexus 1000V with Open Source hypervisors is allowing for the continued evolution of advanced virtual machine networking onto these platforms. OpenStack Quantum integration allows for the integration of the concept of network and server administrator separation into the OpenStack deployment model. Both of these are ultimately about providing more control, visibility, and programmability for customers. I think this is something customers will be excited about, just as we are excited about driving to deliver this to those same customers.

Tags: , , , ,

Cisco live! Recap: Jimmy Ray Talks Virtual Overlays and “Programming” the Network

June 15, 2012 at 8:20 am PST

This week at Cisco live! in San Diego I had a chance to catch up with Jimmy Ray Purser and talk about Cisco’s strategy for programming the network, and specifically programming virtual network slices of a larger physical infrastructure:

Tags: , , , , ,

Nexus 1000V and Virtual Network Overlays Play Pivotal Role in Software Defined Networks

June 14, 2012 at 4:00 am PST

There’s an incredible amount of hype and excitement these days around Software Defined Networking (SDN), which promises to herald in a new age of flexibility, business agility and automation to our existing data center and campus networks. Since there are very few, if any, SDN networks in production environments today, though, we know there are a lot of implementation details to work out before the industry achieves the lofty benefits of network programmability. Cisco opened its kimono this week on its strategy around programmable networks (an even broader concept than what we believe the traditional definition of SDN is), called Cisco Open Network Environment. (Get Omar’s take on Cisco ONE).

Open Network EnvironmentIf you are like a lot of people, you might think that SDN is synonymous with OpenFlow, the leading standards-based approach for SDN today. However, we are already seeing folks across the industry extending the SDN vision beyond what OpenFlow is currently envisioned to do, so we think the definition of SDN will probably evolve over the next year or so to include additional programming models and protocols. Cisco ONE, for example, includes three approaches to network programmability: 1) our own onePK set of API’s to Cisco network operation systems and devices, 2) a portfolio of agents and controllers that will support OpenFlow, among other things, and 3) our Nexus 1000V-based portfolio for building virtual network overlays.

Read More »

Tags: , , , , , , , , , , ,

Third-Party Virtual Services on the Cisco Nexus 1010-X Appliance Start with Imperva WAF

June 11, 2012 at 12:55 pm PST

Nexus 1010-X services imageIn a blog post earlier this year, I highlighted the Nexus 1010-X virtual services appliance announced at Cisco Live! in London, and why virtual services can be best deployed on a separate UCS-based appliance running NX-OS. The Nexus 1010 and 1010-X are dedicated platforms for hosting virtual service nodes, like the Nexus 1000V virtual supervisor module (VSM), virtual firewalls, and our virtual network analysis module (NAM). All these services run in virtual machines on the Nexus 1010, rather than taking up valuable resources on application servers, and allow for easier manageability by the networking and security teams (rather than the server team).

Continuing on the same theme, this week at Cisco live! San Diego (my how time flies between these shows!), web application firewall (WAF) manufacturer, Imperva, announced that their SecureSphere WAF would soon be available on the Cisco Nexus 1010-X virtual services appliance (Q4 CY 2012). This is the first third-party virtual service announced on either the Nexus 1010 or 1010-X appliance, and provides additional security capabilities on top of Cisco’s virtualization infrastructure for cloud applications.  Read More »

Tags: , , , , , , ,

Cisco UCS Serial # 0001: Saving $80,000/month in Operating Costs and with Improved Software Licensing Compliance

June 11, 2012 at 10:50 am PST

You meet the most interesting people at trade shows! This morning at Microsoft’s Tech Ed event here in Orlando the Cisco booth was humming with activity as the exhibit hall opened for the attendees. One early visitor to our booth turned out to have a very interesting – and quite fun – Cisco UCS story. 

 Jeff Stahl of Kindred Healthcare was the early visitor with the unique story. I started off my conversation with Jeff commenting on the complementary “Got Servers?” Cisco t-shirt he had just picked up. Jeff quickly mentioned he was a Cisco UCS customer and in fact was ‘our first’ customer as he has UCS serial # …0001 in his datacenter. What followed over the next few minutes was a fun conversation with Jeff and a few Cisco Engineers hearing about Kindred Healthcare’s UCS experience.

 The Kindred Healthcare case study is available online here – and the benefits they accrued in moving to Cisco’s UCS server platform make a great read:

 For instance, their comments on UCS and management are timely as our UCS Manager solution is up for a “Best of Show” award here at Tech Ed 2012 – “In addition to these savings, the Kindred team was also impressed by the centralized management that UCS offered, including service profiles that ensure consistent configurations. “We evaluated a number of different server solutions, but Cisco UCS really came out on top,” says King. “We didn’t consider the decision a mere hardware upgrade. Rather, UCS presented us the opportunity to truly transform the way we deliver services.”

 Also great to hear and read up on was the savings in overall operating costs and improved licensing compliance for their Microsoft solutions such as SQL Server and SharePoint – “The elastic characteristics of the UCS-based infrastructure have allowed Kindred to temporarily extend its virtualization services … As a result, the company reduced its operational costs by more than $80,000 a month. Kindred also saw Microsoft licensing savings. “We are now able to leverage our existing investment in Microsoft infrastructure service licenses by landing their services on our shared infrastructure, giving us immediate concurrency and the ability to upgrade as desired.”

 To learn more on Cisco’s UCS and Nexus capabilities for Microsoft software, please visit www.cisco.com/go/microsoft.

 

Tags: , , , ,