HackMD
新世代資料中心的發展趨勢與自動化管理
Internet and Cisco
ARPANET (the progenitor of the internet)
Cisco
- Cisco System was founded on Dec. 10, 1984 by Sandy Lerner and Bosack
- logo 就是舊金山大橋
- Slogan: Bridge to Possible
- developed a groundbreaking new connectivity device called a router
Network Evolution
Campus network and Datacenter network
- 網路分為兩個世界(網路架構):
- Campus network
- 三層式架構
- Core Layer (計中) -> Distribution Layer (Building) -> Access Layer (Level, AP, port)
- Datacenter network
- Server, Storage, Router
- Two-tier: spines and leaves
- Fully Connected Bipartite Graph
- 要加大頻寬的話 -> 加 Spines
- 增加 port 數 -> 加 Leaves
- 現今稱私有雲
- Campus network
- Traffic flow
- North and South (access -> distribution -> core)
- West and East (Leaves to Leaves)
- Campus Network 多需要 PoE (AP, Camera), Datacenter 瓦數不足
Ethernet Layer 2 Fundametal
Switch: self-learning
- If recive dest ffffffff the client can only recive
- Hub
- Receive packet, copy and pass to others nodes
- Switch will record MAC address (source and dest) of each packet
- Record port and MAC address
- (DON'T know where to pass) pass to all others nodes
- Record the port of the dest MAC
| MAC addr | interface | TTL |
|---|---|---|
| A | 1 | 60 |
| A' | 4 | 60 |
VLAN and VXLAN
- Cloud 快速部署的基礎
VLAN
-
48 Ports Switch -> 4 mini 12 Ports Switch
-
Add VLAN ID (12bits) to packet (In Switch)
-
The same VLAN ID could receive the packet.
-
切出不同區域網路 with only 1 switch
-
How to add tag:
- PC don't know which VLAN it belongs to
- the switch will attach/detach the VLAN ID
-
Adding Trunks Port in high level switch to decide which packet could pass
-
In Campus Network and Datacenter Network
-
Ref. IEEE 802.1q VLAN trunk protocol
-
缺點:
- 12個bit,4096不夠用
- 網路第二層,廣播(只要有廣播都需要處理??,收到 broadcast packet switch 會傳給所有 node 全部 node 需接受該封包)
BUM: broadcast unicast multicast
- multi-cast(群播) -> 也會佔頻寬
- Broadcast 受到阻斷不能在廣域網路使用
VXLAN
- Layer 3 IP Layer
- 不一定要基於 VLAN,只要一般封包即可 (避免 broadcast 封包,因此透過 IP Layer 封裝讓對方可以接收,對方第三層拆封包後)
- like VPN 做法(替換 IP address) 分配:
- 封裝相關工作:leaf、border leaf
Data Center "Fabric" Journey
- Spanning-Tree:
- 避免 Broaadcast Storm 讓特定線路待定
- VPC (virtual port channel
Virtual Private Cloud)- 將多個不同的線路虛擬成同一條網外接,以增加頻寬
- VXLAN Flood&Leam
- 第三層網路,所以可以完全連接
- VXLAN BGP EVPN
- Depart control plane and data plane
Datacenter network requirement
- Increased Bandwidth, Rich Features
- Multicloud Orchestration
- Application Performance
- Faster Deployment
- Highly Skilled People
Software Defined Network (SDN)
-
透過程式碼達到自動化快速網路建設,並且可以簡化建設流程
-
SDN 為概念(做法)無 IEEE 定義非 protocol 各公司實作不同
- automation/simplification
- savings
- not protocol
- not single industry standard
- an approach
區分 network controller and network state, structure 並可以動態調整
SDN is
- …a new approach at network transformation reserved. CiscoPublic
- …impacting the networking industry
- …providing new methods to interact with equipment/services via controllers, APIs
- …enabling high-scale, rapid network and service provisioning/management
- …generating a LOT of attention
- …providing a catalyst for traditional Route/Switch engineers to branch-out
SDN is not
-
…an easy button
-
…an end-state
-
…narrowly defined
-
…meaning the death of network engineers
-
…a mandate for all network engineers to become programmers
-
…a new attempt at network evolution
-
Dynamically apply state and control to network infrastructure using globally aware software controls
-
Decoupled control and data planes and centralised intelligence
-
Abstraction of underlying network infrastructure
overlays and underlays
Application Centric Infrastructure (ACI)
以應用為中心的架構
- NEXUS 9000 Fabric
- Application centric policy
- Controller
It is a programmable physical and overlay fabric with a single point of management configurable via API, CLI or GUI.
ACI: How difficult is it to bring it up?
How does Ansible work?
- Linux host with a Python and the Ansible installed
- Support transport to remote hosts
- Typically SSH but could use an API
- Ansible Components
- Ansible configuration file
- Inventory files
- Ansible modules
- Playbooks
