SONA – 数 据中心的发展之路
Click here to load reader
description
Transcript of SONA – 数 据中心的发展之路
1© 2005 Cisco Systems, Inc. All rights reserved. Cisco PublicBusiness Ready Data CenterArchitecture
SONA – 数据中心的发展之路
2© 2005 Cisco Systems, Inc. All rights reserved.Business Ready Data CenterArchitecture Cisco Public
传统的数据中心的问题
应用系统及服务
通讯的应用
计算的基础架构
网络基础架构
基础设施(电力 , 冷却 ,布线 , 及物理安全 )
存储的基础架构
Enterprise Data CenterInternet Data Center
Public Web Site
100s of Servers with Integrated Storage
E-Commerce Application
4-Tier Application App. Server
Internet Data Center
Supply-Chain Management
Traditional Voice PBX
In-House Developed Apps
2-Tier CRM Application
NCR DB Server
Data Warehousing
Finance, HR, Payroll and EDI
Mainframe Systems
Tape Backup Multiple 2-Tier ERP Instances
Engineering Services
NAS Filers
E-Mail Appliances
IP Services
DNS RADIUS LDAP
JBOD
Operations Center
现有的基础架构
缺乏灵活性
不足的恢复能力
费用高昂
不一致的安全策略
不一致的业务永续 /容灾计划
资源利用率不足
运维复杂 , 低效
隔离的应用环境
僵化隔离的基础架构
3© 2005 Cisco Systems, Inc. All rights reserved.Business Ready Data CenterArchitecture Cisco Public
数据中心基础架构的发展路径 三个阶段性步骤
自动化
存储资源
网络资源
计算资源
Dynamic Provisioning and Information Lifecycle
Management (ILM) to Enable Business Agility
Business PoliciesOn-Demand
Service Oriented 虚拟化
存储资源网络资源计算资源
应用系统
Management of Resources Independent of Underlying Physical Infrastructure to
Increase Utilization, Efficiency and Flexibility
数据 网络
服务器 互连网络
Centralization and Standardization to
Lower Costs, Improve Efficiency and Uptime
整合
LANWANMAN
存储网络
存储 网络
智能化 信息网络 (IIN)
HPC集群网格
4© 2005 Cisco Systems, Inc. All rights reserved.Business Ready Data CenterArchitecture Cisco Public
InstantInstantMessagingMessaging
UnifiedUnifiedMessagingMessaging
MeetingMeetingPlacePlace
IPCCIPCC IP PhoneIP Phone VideoVideoDeliveryDelivery
PLMPLM CRMCRM ERPERP
HCMHCM ProcurementProcurement SCMSCM协协作应用系统作应用系统
传统传统的架构的架构 / / 面向面向服务的架构服务的架构
业业务应用系统务应用系统
基础
架构
层基
础架
构层
计计 算 网 络算 网 络计计 算 网 络算 网 络 存存 储 网 络储 网 络存存 储 网 络储 网 络
服务服务器阵列器阵列 服务器服务器交换交换 存储存储交换交换 数据中心数据中心互连互连
MDS FamilySFS Family Catalyst Family ONS Family
DirectorFabric
ModularRackBlade
InfinibandSwitching
DWDM, SONET, SDH, FCIP
计算资源计算资源
网网络虚拟化服务络虚拟化服务
存存储资源储资源 外围设备外围设备
Data Data CenterCenter
Data Data CenterCenterBranchBranch
BranchBranchCampusCampus
CampusCampusTeleworkerTeleworker
TeleworkerTeleworkerWAN/MANWAN/MAN
WAN/MANWAN/MANEnterprise Enterprise EdgeEdge
Enterprise Enterprise EdgeEdge 网网络平台络平台
思科数据中心网络架构的框架交
互服
务层
交互
服务
层
基础架构基础架构管理管理
服服务管理
务管理
先进先进的分析和决策支持的分析和决策支持
基础架构的增强服务基础架构的增强服务计 算计 算服 务服 务计 算计 算服 务服 务
存 储存 储交 换 服 务交 换 服 务存 储存 储交 换 服 务交 换 服 务
安安 全 服 务全 服 务安安 全 服 务全 服 务
应用网络化服务应用网络化服务
Virtualization, Replication, Virtual Fabrics
Virtualization, Replication, Virtual FabricsRDMA,
Low Latency Clustering
RDMA, Low Latency Clustering
Firewalls, Intrusion Protection, Security Agents
Firewalls, Intrusion Protection, Security Agents
应应 用 加 速 服 务用 加 速 服 务应应 用 加 速 服 务用 加 速 服 务WAAS, App Acceleration, WAAS, App Acceleration, Optimization, Security and Server OffloadOptimization, Security and Server Offload
WAAS, App Acceleration, WAAS, App Acceleration, Optimization, Security and Server OffloadOptimization, Security and Server Offload
可适
应的
管理
服务
可适
应的
管理
服务
网络网络基础架构虚拟化基础架构虚拟化
服服务虚拟化
务虚拟化
应用应用网络化服务网络化服务
基础架构基础架构的增强服务的增强服务
5© 2005 Cisco Systems, Inc. All rights reserved.Business Ready Data CenterArchitecture Cisco Public
数据中心里的安全服务
Storage & Tape Arrays
AVS WAAS
Application Network Services
MDS 9500
BranchBranch
WAN, VPN, Internet
Catalyst 6500
Virtual Firewalls Provides Isolation and
Controls Access
Host Protection – Cisco Security
ManagerVSANs for
Storage Isolation
DDOS Guard Protection
Application-Layer Security
Intrusion Protection Prevent Outbreak
Propagation
FC Security Protocol for Authenticating Access
6© 2005 Cisco Systems, Inc. All rights reserved.Business Ready Data CenterArchitecture Cisco Public
系统管理员安装新的服务器安装 O/S, 补丁及应用系统
网络管理员连接以太网 , 配置 VLAN 及端口的相关设置
负载均衡管理员把新的服务器加入到服务器群组中
安全管理员检查安全策略 , 增加防火墙的可通过的端口地址
网络管理员确保访问路由指向新的服务器
存储管理员配置 LUN, 映射至服务器
存储管理员规划磁盘卷及相关资源
假设我们需要增加一台服务器到Web 服务器群组…
The challenge is one of ‘coordination delays’. This type of simple scale-out of an existing serve often takes enterprises 90-days.
New service turn-ups, after the application has been developed, often take 180+ days.
VFrame is designed to eliminate these delays and automate the provisioning of services
今天 : 需要部署一个企业的服务
7© 2005 Cisco Systems, Inc. All rights reserved.Business Ready Data CenterArchitecture Cisco Public
VFrame 可控制服务器启动并连接到对应的 LUN/映象
VFrame 配置端口 , VLAN, 及交换策略
VFrame 增加服务器到负载均衡的群组中
VFrame 在防火墙服务模块上配置虚拟防火墙
VFrame 规划可路由的子网地址
VFrame 获取对应的 LUN 及 WWN 名称
VFrame 获取可用的存储卷及启动的映象文件
第三方资源规划的应用
VFrame 提供企业服务的资源规划 (Provisioning)
8© 2005 Cisco Systems, Inc. All rights reserved.Business Ready Data CenterArchitecture Cisco Public
未来的服务器资源规划的实现VFrame
Provisioning
60+% 服务器利用率~30% 服务器数量减少60+% 服务器利用率~30% 服务器数量减少
9© 2005 Cisco Systems, Inc. All rights reserved.Business Ready Data CenterArchitecture Cisco Public
Branch Office Branch Office
分支架构文件服务器的膨胀 解决方案 : 广域应用加速服务
File Storage in the Data CenterFile Storage in the Data Center
WAN/VPN Network
Local File & Print Server
File Storage Distributed
Core File Engine
Tape Arrays
Files
Storage Arrays
Files
Network Attached Storage Filers
Files
LAN Speeds for Remote FilesLAN Speeds for Remote FilesFiles
Administrator
Administrator
更更低的成本低的成本• Consolidate files on scalable, centralized NASConsolidate files on scalable, centralized NAS• Centralize file administrationCentralize file administration
增强增强的灵活性的灵活性• Dynamic provisioning of additional storageDynamic provisioning of additional storage• Universal authorized access to information Universal authorized access to information
增增强的恢复能力强的恢复能力• Consistent, compliant security and business Consistent, compliant security and business continuance, back up best practicescontinuance, back up best practices
10© 2005 Cisco Systems, Inc. All rights reserved.Business Ready Data CenterArchitecture Cisco Public
Remote UsersRemote Users
网站应用的性能保证 解决方案 : 应用加速服务
WAN/VPN Network
APPS ARE TOO SLOW!Remote Branch
Telecommuter
Data CenterData Center
2x - 5x Faster Application Delivery!2x - 5x Faster Application Delivery!
增增强的性能强的性能• Dramatically reduces the amount of information sent to the client Dramatically reduces the amount of information sent to the client
from the central sitefrom the central site
• Dynamically Caches, Transforms Content, Compresses Content, and Dynamically Caches, Transforms Content, Compresses Content, and Secures the Web With Full-Proxy FunctionalitySecures the Web With Full-Proxy Functionality
• Reduces latency and improves responsiveness by handling all Reduces latency and improves responsiveness by handling all redirectionsredirections
AVS - 3100
11© 2005 Cisco Systems, Inc. All rights reserved.Business Ready Data CenterArchitecture Cisco Public
业务连续及规章要求 解决方案 : 增强的业务连续方案
MDS 9500
DWDMNetwork
SONET/SDH
IP WAN
Metro / Wide Data Center
Interconnect Network
ONS155X0154xx
ONS15454
7X00
Storage &Tape Arrays
Blade ServersUNIX/NT Servers
Mainframes
1
3
MDS
9500
Storage &Tape Arrays
Blade ServersUNIX/NT Servers
Mainframes
Access Access NetworkNetwork
广泛的应用支持• Asynch / Synch Replication, Backup, Point in Time Copy
• Multi-vendor Support: EMC, HP, HDS, IBM, Appliances
• 3rd Party Appliance Support: SANTap
• Network Assisted Serverless Backup
连续访问• Global Site Selector
• VPN – IPSec, SSL, MPLS
• Optimized Exit Routing
优化的 SAN 扩展• Multi-protocol Transport: FCIP, DWDM, Sonet/SDH
• Distance / Application Optimization: Write and Tape Acceleration
• Security: FCIP Encryption and FC-SP Auth• WAN Utilization: Compression and Large B2B Credits
• Availability: VSANs and Inter VSAN Routing
12© 2005 Cisco Systems, Inc. All rights reserved.Business Ready Data CenterArchitecture Cisco Public
层次Server Virtualization V
Remote DMA Services
Virtual I/O
Clustering Services
Compute Fabric Services
Fabric Gateway Services
服务器集群
总结
HPC/ 网格
存储 / 磁带区域
核心层
汇聚层
接入层
边缘层
核心层
Firewall Services
Intrusion Detection
VPN Termination
DOS Protection
Anomaly Detection
Content Caching
SSL Offloading
Server Balancing
File Caching
AON Analysis
App Acceleration
Fabric Routing Services
Data Replication Svcs
Storage Virtualization
Fabric Gateway Services
Virtual Fabrics (VSANs)
Network Analysis
QoS IPMc
IGPs
STP
MPLS
VLANs
DoS
GRE
VRF
IPSec
HSRP
PVLANs
VRRP GLBP
IGPs
A B
Scaling Ethernet Module
Cisco Catalyst Layer 2 Switch
10 Gigabit Ethernet
Gigabit Ethernet
Cisco Catalyst 6500 Multilayer SwitchCisco Catalyst Layer 3 Switch
InfinibandCisco 3000 Series Fabric Server Switch
Cisco 7000 Series Fabric Server Switch
Virtual Server Link
Virtual Servers
Fibre Channel
Cisco MDS 9500 Multilayer Director
Fibre Channel Trunk
ARedundant SAN Fabric
13© 2005 Cisco Systems, Inc. All rights reserved.Business Ready Data CenterArchitecture Cisco Public