SONA – 数据中心的发展之路

1© 2005 Cisco Systems, Inc. All rights reserved. Cisco PublicBusiness Ready Data CenterArchitecture

SONA – 数据中心的发展之路

林晓 [email protected]

2© 2005 Cisco Systems, Inc. All rights reserved.Business Ready Data CenterArchitecture Cisco Public

传统的数据中心的问题

应用系统及服务

通讯的应用

计算的基础架构

网络基础架构

基础设施(电力 , 冷却 ,布线 , 及物理安全 )

存储的基础架构

Enterprise Data CenterInternet Data Center

Public Web Site

100s of Servers with Integrated Storage

E-Commerce Application

4-Tier Application App. Server

Internet Data Center

Supply-Chain Management

Traditional Voice PBX

In-House Developed Apps

2-Tier CRM Application

NCR DB Server

Data Warehousing

Finance, HR, Payroll and EDI

Mainframe Systems

Tape Backup Multiple 2-Tier ERP Instances

Engineering Services

NAS Filers

E-Mail

E-Mail Appliances

IP Services

DNS RADIUS LDAP

JBOD

Operations Center

现有的基础架构

缺乏灵活性

不足的恢复能力

费用高昂

不一致的安全策略

不一致的业务永续 /容灾计划

资源利用率不足

运维复杂 , 低效

隔离的应用环境

僵化隔离的基础架构


数据中心基础架构的发展路径三个阶段性步骤

自动化

存储资源

网络资源

计算资源

Dynamic Provisioning and Information Lifecycle

Management (ILM) to Enable Business Agility

Business PoliciesOn-Demand

Service Oriented 虚拟化

存储资源网络资源计算资源

应用系统

Management of Resources Independent of Underlying Physical Infrastructure to

Increase Utilization, Efficiency and Flexibility

数据网络

服务器互连网络

Centralization and Standardization to

Lower Costs, Improve Efficiency and Uptime

整合

LANWANMAN

存储网络

存储网络

智能化信息网络 (IIN)

HPC集群网格


InstantInstantMessagingMessaging

UnifiedUnifiedMessagingMessaging

MeetingMeetingPlacePlace

IPCCIPCC IP PhoneIP Phone VideoVideoDeliveryDelivery

PLMPLM CRMCRM ERPERP

HCMHCM ProcurementProcurement SCMSCM协协作应用系统作应用系统

传统传统的架构的架构 / / 面向面向服务的架构服务的架构

业业务应用系统务应用系统

基础

架构

层基

础架

构层

计计算网络算网络计计算网络算网络存存储网络储网络存存储网络储网络

服务服务器阵列器阵列服务器服务器交换交换存储存储交换交换数据中心数据中心互连互连

MDS FamilySFS Family Catalyst Family ONS Family

DirectorFabric

ModularRackBlade

InfinibandSwitching

DWDM, SONET, SDH, FCIP

计算资源计算资源

网网络虚拟化服务络虚拟化服务

存存储资源储资源外围设备外围设备

Data Data CenterCenter

Data Data CenterCenterBranchBranch

BranchBranchCampusCampus

CampusCampusTeleworkerTeleworker

TeleworkerTeleworkerWAN/MANWAN/MAN

WAN/MANWAN/MANEnterprise Enterprise EdgeEdge

Enterprise Enterprise EdgeEdge 网网络平台络平台

思科数据中心网络架构的框架交

互服

务层

交互

服务

层

基础架构基础架构管理管理

服服务管理

务管理

先进先进的分析和决策支持的分析和决策支持

基础架构的增强服务基础架构的增强服务计算计算服务服务计算计算服务服务

存储存储交换服务交换服务存储存储交换服务交换服务

安安全服务全服务安安全服务全服务

应用网络化服务应用网络化服务

Virtualization, Replication, Virtual Fabrics

Virtualization, Replication, Virtual FabricsRDMA,

Low Latency Clustering

RDMA, Low Latency Clustering

Firewalls, Intrusion Protection, Security Agents

Firewalls, Intrusion Protection, Security Agents

应应用加速服务用加速服务应应用加速服务用加速服务WAAS, App Acceleration, WAAS, App Acceleration, Optimization, Security and Server OffloadOptimization, Security and Server Offload

WAAS, App Acceleration, WAAS, App Acceleration, Optimization, Security and Server OffloadOptimization, Security and Server Offload

可适

应的

管理

服务

可适

应的

管理

服务

网络网络基础架构虚拟化基础架构虚拟化

服服务虚拟化

务虚拟化

应用应用网络化服务网络化服务

基础架构基础架构的增强服务的增强服务


数据中心里的安全服务

Storage & Tape Arrays

AVS WAAS

Application Network Services

MDS 9500

BranchBranch

WAN, VPN, Internet

Catalyst 6500

Virtual Firewalls Provides Isolation and

Controls Access

Host Protection – Cisco Security

ManagerVSANs for

Storage Isolation

DDOS Guard Protection

Application-Layer Security

Intrusion Protection Prevent Outbreak

Propagation

FC Security Protocol for Authenticating Access


系统管理员安装新的服务器安装 O/S, 补丁及应用系统

网络管理员连接以太网 , 配置 VLAN 及端口的相关设置

负载均衡管理员把新的服务器加入到服务器群组中

安全管理员检查安全策略 , 增加防火墙的可通过的端口地址

网络管理员确保访问路由指向新的服务器

存储管理员配置 LUN, 映射至服务器

存储管理员规划磁盘卷及相关资源

假设我们需要增加一台服务器到Web 服务器群组…

The challenge is one of ‘coordination delays’. This type of simple scale-out of an existing serve often takes enterprises 90-days.

New service turn-ups, after the application has been developed, often take 180+ days.

VFrame is designed to eliminate these delays and automate the provisioning of services

今天 : 需要部署一个企业的服务


VFrame 可控制服务器启动并连接到对应的 LUN/映象

VFrame 配置端口 , VLAN, 及交换策略

VFrame 增加服务器到负载均衡的群组中

VFrame 在防火墙服务模块上配置虚拟防火墙

VFrame 规划可路由的子网地址

VFrame 获取对应的 LUN 及 WWN 名称

VFrame 获取可用的存储卷及启动的映象文件

第三方资源规划的应用

VFrame 提供企业服务的资源规划 (Provisioning)


未来的服务器资源规划的实现VFrame

Provisioning

60+% 服务器利用率~30% 服务器数量减少60+% 服务器利用率~30% 服务器数量减少


Branch Office Branch Office

分支架构文件服务器的膨胀解决方案 : 广域应用加速服务

File Storage in the Data CenterFile Storage in the Data Center

WAN/VPN Network

Local File & Print Server

File Storage Distributed

Core File Engine

Tape Arrays

Files

Storage Arrays

Files

Network Attached Storage Filers

Files

LAN Speeds for Remote FilesLAN Speeds for Remote FilesFiles

Administrator

Administrator

更更低的成本低的成本• Consolidate files on scalable, centralized NASConsolidate files on scalable, centralized NAS• Centralize file administrationCentralize file administration

增强增强的灵活性的灵活性• Dynamic provisioning of additional storageDynamic provisioning of additional storage• Universal authorized access to information Universal authorized access to information

增增强的恢复能力强的恢复能力• Consistent, compliant security and business Consistent, compliant security and business continuance, back up best practicescontinuance, back up best practices


Remote UsersRemote Users

网站应用的性能保证解决方案 : 应用加速服务

WAN/VPN Network

APPS ARE TOO SLOW!Remote Branch

Telecommuter

Data CenterData Center

2x - 5x Faster Application Delivery!2x - 5x Faster Application Delivery!

增增强的性能强的性能• Dramatically reduces the amount of information sent to the client Dramatically reduces the amount of information sent to the client

from the central sitefrom the central site

• Dynamically Caches, Transforms Content, Compresses Content, and Dynamically Caches, Transforms Content, Compresses Content, and Secures the Web With Full-Proxy FunctionalitySecures the Web With Full-Proxy Functionality

• Reduces latency and improves responsiveness by handling all Reduces latency and improves responsiveness by handling all redirectionsredirections

AVS - 3100


业务连续及规章要求解决方案 : 增强的业务连续方案

MDS 9500

DWDMNetwork

SONET/SDH

IP WAN

Metro / Wide Data Center

Interconnect Network

ONS155X0154xx

ONS15454

7X00

Storage &Tape Arrays

Blade ServersUNIX/NT Servers

Mainframes

1

3

MDS

9500

Storage &Tape Arrays

Blade ServersUNIX/NT Servers

Mainframes

Access Access NetworkNetwork

广泛的应用支持• Asynch / Synch Replication, Backup, Point in Time Copy

• Multi-vendor Support: EMC, HP, HDS, IBM, Appliances

• 3rd Party Appliance Support: SANTap

• Network Assisted Serverless Backup

连续访问• Global Site Selector

• VPN – IPSec, SSL, MPLS

• Optimized Exit Routing

优化的 SAN 扩展• Multi-protocol Transport: FCIP, DWDM, Sonet/SDH

• Distance / Application Optimization: Write and Tape Acceleration

• Security: FCIP Encryption and FC-SP Auth• WAN Utilization: Compression and Large B2B Credits

• Availability: VSANs and Inter VSAN Routing


层次Server Virtualization V

Remote DMA Services

Virtual I/O

Clustering Services

Compute Fabric Services

Fabric Gateway Services

服务器集群

总结

HPC/ 网格

存储 / 磁带区域

核心层

汇聚层

接入层

边缘层

核心层

Firewall Services

Intrusion Detection

VPN Termination

DOS Protection

Anomaly Detection

Content Caching

SSL Offloading

Server Balancing

File Caching

AON Analysis

App Acceleration

Fabric Routing Services

Data Replication Svcs

Storage Virtualization

Fabric Gateway Services

Virtual Fabrics (VSANs)

Network Analysis

QoS IPMc

IGPs

STP

MPLS

VLANs

DoS

GRE

VRF

IPSec

HSRP

PVLANs

VRRP GLBP

IGPs

A B

Scaling Ethernet Module

Cisco Catalyst Layer 2 Switch

10 Gigabit Ethernet

Gigabit Ethernet

Cisco Catalyst 6500 Multilayer SwitchCisco Catalyst Layer 3 Switch

InfinibandCisco 3000 Series Fabric Server Switch

Cisco 7000 Series Fabric Server Switch

Virtual Server Link

Virtual Servers

Fibre Channel

Cisco MDS 9500 Multilayer Director

Fibre Channel Trunk

ARedundant SAN Fabric

SONA – 数据中心的发展之路

Documents

Transcript of SONA – 数据中心的发展之路

SONA – 数 据中心的发展之路

Documents

Transcript of SONA – 数 据中心的发展之路

SONA – 数据中心的发展之路

Transcript of SONA – 数据中心的发展之路