Cisco offers solutions for deploying OpenStack with Cisco compute, network, and storage technologies. Key elements include Cisco's participation in the OpenStack community, Cisco OpenStack engineering efforts, and Cisco technology partnerships with companies providing OpenStack platforms. Cisco provides unified management of compute and network resources through Cisco UCS.

1. 1
DEPLOYING OPENSTACK
WITH CISCO COMPUTE,
NETWORK AND STORAGE
Mike Cohen, Director of Product Management
Duane DeCapite, OpenStack Product Manager
May 14, 2014

2. 2
LEGAL DISCLAIMER
Many of the products and features described
herein remain in varying stages of development
and will be offered on a when-and-if-available
basis. This roadmap is subject to change at the
sole discretion of Cisco, and Cisco will have no
liability for delay in the delivery or failure to
deliver any of the products or features set forth
in this document.

3. 3
OPENSTACK
@ CISCO
COMMUNITY PARTICIPATION
• Code Contributions and blueprints across Core services
• Networking model, Compute Service and Dashboard, HA,
Scheduling,
• OpenStack Foundation Board member
CISCO OPENSTACK ENGINEERING
• Automation (Puppet) and architectures (HA) for production
deployment and operational support
• Quantum/Neutron/Nova Plug-ins for Cisco
product lines
• UCS, Nexus, CSR1000V
• Scalable networking services
• FWaaS, LBaaS, VPNaaS
CUSTOMERS
• Private, Public
• Extend cloud model for rapid provisioning of network services,
bare-metal, intelligent workload placement
• Drive innovation through real-world use cases

4. 4
OpenStack Platform
SUSE Cloud Ubuntu OpenStack
UCS and Nexus
1. Source: IDC

5. 5
LIGHTHOUSE CUSTOMERS WITH CISCO OPENSTACK SOLUTIONS
• Comprehensive Cisco Integrated Solution for
OpenStack
• Operational efficiency with UCS and Nexus with
OpenStack
• Pre-defined reference configurations and
performance optimized solutions

6. 6

7. 7
• As of February 2014, there are over 30,000 unique UCS customers which
represents 53% Y/Y growth
• More than 75% of all Fortune 500 customers have invested in UCS
• As of Q2FY14 we have over 14,000 repeat customers which represents
63% Y/Y growth
• Over 3,850 Channel Partners are actively selling UCS worldwide and
over 1900 UCS specialized partners
• As of CY13 Q1 Cisco is one of the Top 5 Server Vendors based on
Worldwide Revenue Share1
• 90 World Record Performance Benchmarks to date
Source: 1 IDC Worldwide Quarterly Server Tracker, Q1 2013, May 2013, Revenue Share
*Data Center Revenue is defined as Cisco UCS and Nexus 1000V
UCS with Intel® Xeon® processor
CISCO UCS LEADERSHIP AND MOMENTUM

8. 8
UNIFIED MANAGEMENT
BLADE AND RACK SERVERS MANAGED A COHESIVE RESOURCE POOL
UCS
Manager
C-Series Rack
Optimized Servers
B-Series
Blade Servers
Service Profile: HR_App1
VNIC1
MAC: 08:00:69:02:01:2E
HR_WEB_VLAN (ID=50)
VNIC2
MAC: 08:00:69:02:01:2F
HR_DB_VLAN (ID=210)
HBA 1 and 2
WWN: 5080020000075740
WWN: 5080020000075741
VSAN ID: 12
Boot Order: SAN
BIOS Settings:
Turbo On
HyperThreading On
UCS Service Profile
Unified Device Management
Network Policy
Storage Policy
Server Policy
UNIFIED MANAGEMENT
A SINGLE UNIFIED SYSTEM FOR
BLADE AND RACK SERVERS
A Major Market
Transformation in Unified
Server Management
Benefits of UCS Manager and
Service Profiles for Both Blade
and Rack-Optimized Servers
Add Capacity
Without Complexity

9. 9
Chassis/Server Discovery
Service Profile Association
PXE boot devices deployed
Cobbler database update
Register NodesProvision UCS Servers
Updates the newly added node
info in puppet
Puppet apply
Add hosts/system in OpenStack
Event Listener
PXE boot for initial OS install
RHEL 6.4 installation on bare-metal
servers
Sync all the plugins from Puppet
Master
Host OS Install
Inventory of nova nodes on
controller
VM Provisioning
OpenStack Services Deployment
OpenStack Handover
Hostname / IP address
Logical credentials
Resource allocation preferences
Only Point of User Touch
Pre-configure UCS
DEPLOYMENT AUTOMATION OF OPENSTACK ON UCS

10. 10
NOVA BLUEPRINTS

11. 11

12. 12
LAN/SANLAN
CISCO UNIFIED FABRIC INNOVATIONS
CISCO NX-OS: From Hypervisor to Core CISCO DCNM: Single Pane of Management
DELIVERING TO YOUR DATA CENTER NEEDS
Resilient, High
Performance,
Scalable Fabric
Operational EfficiencyWorkload
Mobility Within/
Across DCs
Secure
Separation/
Multitenancy
LAN+SAN
Convergence
Cisco Nexus 1000V
Cisco Nexus ® 1010
Cisco
Nexus 4000
Cisco
Nexus 5000
Cisco
Nexus 3000
Cisco
Nexus 2000
Cisco
Nexus 7000Cisco
Nexus 6000
Cisco
Nexus 9000

13. 13
INNOVATIONS IN SOFTWARE, HARDWARE, ASICS AND SYSTEMS
NEXUS 9500
PRICE POWER EFFICIENCYPROGRAMMABILITYPORT DENSITYPERFORMANCE
PRICE
COST STRUCTURE
for 1G to 1/10GT
and 10G to 40G
migration
50% less ASICS
PERFORMANCE
INDUSTRY LEADING PRICE /
LINE CARD BANDWITH
1.92 Tbps per slot
100G ready
PORT DENSITY
20% HIGHER
Non-blocking Density
PROGRAMMABILITY
JSON/XML API
Linux Container for
customer apps
POWER EFFICIENCY
STATE OF THEART
BACKPLANE FREE DESIGN
15% greater power
and cooling efficiency
MERCHANT+ ASIC APPROACH
Innovation in Cisco ASICs

14. 14
CISCO NEXUS PLUGINS FOR NEUTRON BENEFITS
• Automated VLAN Provisioning
Configure VLANs on the Nexus switch
• Layer 3 Gateway
Map Nexus Switch Virtual Interface (SVI) to
tenant VLAN
Scalability with Top of Rack (ToR) Nexus as
default Layer 3 Gateway
Eliminates configuration and bottleneck of
host-based software L3 forwarding Agent
• Multi-Homed Host Deployments
Virtual Port Channel (vPC) for High Availability (HA)
and link optimization to multiple Nexus switches
• Hardware and Software-based Networking
Performance benefits of hardware-based ToR switch
(Nexus 3000, 5000, 6000, 7000)
Flexibility of software-defined Networking with Nexus
1000V
http://docwiki.cisco.com/wiki/OpenStack:Grizzly-Nexus-Plugin

15. 15
SERVICE CHAINING WITH NEXUS 1000V
API Network is
typically routable to
enable public access
Cloud Controller
Node
nova-scheduler
mysql, rabbit...
nova-api
neutron-server
keystone
Compute Node
nova-compute
*-plugin-agent
Compute Node
nova-compute
*-plugin-agent
Compute Node
nova-compute
*-plugin-agent
Compute Node
nova-compute
*-plugin-agent
Network Node
dhcp-agent
*-plugin-agent
l3-agent
Network Node
dhcp-agent
*-plugin-agent
l3-agent
Network Node
dhcp-agent
*-plugin-agent
l3-agent
Management Network
API Network
Data Network
External Network
Internet
N1000V
• Foundation of Virtual Services
Architecture
• vPath Service
Insertion/Chaining
• Network Function
Virtualization (NFV)
• VXLAN Overlay
Networking
VSM/N1000V

16. 16
Network Node
dhcp-agent
*-plugin-agent
CSR 1000V ROUTING
API Network is
typically routable to
enable public access
Cloud Controller
Node
nova-scheduler
mysql, rabbit...
nova-api
quantum-server
keystone
Compute Node
nova-compute
*-plugin-agent
Compute Node
nova-compute
*-plugin-agent
Compute Node
nova-compute
*-plugin-agent
Compute Node
nova-compute
*-plugin-agent
Management Network
API Network
Data Network
External Network
Internet
N1000V
CSR 1000V
Network or Compute node(s) hosts CSR
VSM/N1000V
CSR Provides per tenant
isolation and full IOS
capabilities including VPN,
BGP, OSFP, MPLS, etc.

17. 17
NEUTRON BLUEPRINTS

18. 18
NEUTRON BLUEPRINTS

19. 19

20. 20
OPEN RESTFUL APIS
CENTRALIZED POLICY MODEL
OPEN SOURCE
CONTROLLER
APIC
ACI BUILDING BLOCKS
NEXT GENERATION NEXUS—TRADITIONAL NETWORKS
POLICY MODEL
ACI
BUILT-IN LINE RATE
END POINT DIRECTORY
INTEGRATED OVERLAY
40G NON-BLOCKING FABRIC
SIMPLE, SECURE
>_>_
50% SIMPLER
CODE BASE
FUTURE PROOF
UPGRADABLE
TO ACI
PROGRAMMABILITY
AND AUTOMATION
NETWORK
VIRTUALIZATION
SUPPORT
RESILIENCY:
IN SERVICE PATCHING,
UPGRADE, FAST RESTART
ACI BUILDING BLOCKS
FUTURE PROOF—SOFTWARE UPGRADABLE TO ACI
NEXUS 9500 and 9300
INNOVATIONS IN SOFTWARE HARDWARE AND SYSTEM DESIGN
PRICE POWER EFFICIENCYPROGRAMMABILITYPORT DENSITYPERFORMANCE
OPTIMIZED NX-OSSCALE OUT WITHOUT COMPROMISE
COMMON BUILDING BLOCKS - ACCESS AND CORE
APIC

21. 21
AN INNOVATIVE NEW APPROACH TO POLICY
Connectivity
Security
QoS
L4-7 Services
APPLICATION
NETWORK PROFILE
Contract Contract Contract
OUTSIDE
DBAPPWEB
ADC
F/W
ADC
What is an application policy?
Group: A set of VMs / servers with the same policy1.
Contracts: A set of rules governing communication between groups2.
Service Chains: A set of network services between groups3.

22. 22
POLICY IN THE OPEN SOURCE COMMUNITY
Group-Policy Information Model
OpFlex Agent Framework OpFlex Agent
Group Policy API
Contributors
Group Policy API
Contributors
OpFlex Southbound Plugin
1
2
3
Contributors

23. 23
APIC
OPFLEX: AN OPEN, EXTENSIBLE POLICY PROTOCOL
OPFLEX WAS
DESIGNED TO OFFER:
Policies:
• Who can talk to whom
• What about
• Ops requirements
Abstract policies rather than
device-specific configuration1.
Flexible, extensible definition
of using XML / JSON2.
Support for any device including virtual
switches, physical switches, network
services with strong interoperability
across vendors
3.
Open, standardized API with an open
source reference implementation4.
OPFLEX
PROXY
OPFLEX
AGENT
OPFLEX
AGENT
OPFLEX
AGENT
HYPERVISOR
SWITCH ADCFIREWALL

24. 24
TELEMETRY
3
WHY CISCO ACI + OPENSTACK
PHYSICAL +
VIRTUAL
NETWORKING
ADVANCED
CAPABILITIES
• Zero-touch operations
• Performance at scale
• Physical server, multi-
hypervisor
• Health Metrics
• Visibility / Telemetry
• Troubleshooting
• Service chaining
• App Acceleration
1
• Easy for app
developers
• Self-documenting /
automation
APPLICATION-
CENTRIC
POLICY MODEL
2 4

25. 25
OPENSTACK ACI INTEGRATION
NEUTRON
ROUTER
SECURITY
GROUP
Web WebWebWeb AppApp DB DB
HYPERVISOR HYPERVISOR HYPERVISOR
NEUTRON
NETWORK
APIC
Contract Contract Contract
DBAPPWEB
ADC
F/W
ADC
APIC
APIC PluginAPIC Plugin OVS Plugin
Neutron
Networking
APIC Plugin
Group Policy
Plugin
OVS Plugin
Neutron
Networking
APIC PLUGIN GROUP POLICY PLUGIN
Web WebWebWeb AppApp DB DB
HYPERVISOR HYPERVISOR HYPERVISOR

26. 26
DEMONSTRATION
ACI and OpenStack
May 2014

27. TOPOLOGY
• Ubuntu Servers running KVM and Real Physical Environment!
• ACI Fabric
• APIC
• OpenStack
KVM
10.10.1.1
KVM
10.10.2.1
ApicApic ApicApic
APIC PluginAPIC Driver OVS Driver
Neutron
Networking

28. SUMMARY AND NEXT STEPS
Cisco offers a complete Compute, Networking and Storage Solution for OpenStack
ACI provides network simplification with leaf-and-spine architecture and group policy abstraction
Cisco provides Advanced and Technical Services to help migrate from Pilot to Production
Please let us know how we can help you with OpenStack by contacting us at Openstack-support@cisco.com
More information can be found at www.cisco.com/go/OpenStack and www.cisco.com/go/aci
APIC

29. 29
APPENDIX
Cohen, DeCapite
May 2014

30. 31
The policy endpoint interprets
the policy and maps it to its
hardware capabilities
HOW OPFLEX WORKS
POLICYAPIC
A policy authority such as the
APIC manages a logical model
of desired state
HARDWARE
PORTS,
VLANS,
INTERFACES
SUBSET OF
POLICY
4
IMPLICIT
RENDER
POLICY
UPDATE
POLICY
RESOLUTION
32
1
Rendering can leverage any low level
programming API including OVSDB,
OpenFlow or device-specific API

31. 32
TWO OPTIONS FOR OPENSTACK APIS
NEUTRON ROUTER
SECURITY
GROUP
NEUTRON NETWORK
Neutron API Group Policy API
NEUTRON
NETWORK
Port
Port
Tenant Tenant
Use Existing Neutron APIs with APIC
and Cisco ACI
Contract
GROUP
SERVICE
CHAIN
GROUP
Group Policy introduces a new API
that maps to the ACI policy model

32. 33
Trunk Cabling
(100m)
Patch
panel
Jumper
Cable
10G Optical Link
Patch
panel
Jumper
Cable
40G BIDI OPTICS PRESERVE EXISTING 10G CABLING
SIGNIFICANT TRANSCEIVER SAVINGS
$4,059
SAVINGS (LIST)
PER 40G LINK
Traditional 40G Optical Link—Complete Replacement
40G BiDi Optical Link—Reuse all 10G Cabling/Patch Panels
+$2,200*
Source: Corning OM3 Cable & Patch Panel list prices, Cisco 40G BiDi list price, Competitors 40G SR4 list price
+$6,259*

33. 34
BUILT AROUND OPEN APIS
APIC
Open REST APIs Support Integration With Any Software
OpFlex: Open Fabric Attached Device API Supports Integration with
Any Network Device
Automation
Enterprise
Monitoring
Systems
Management
Orchestration
Frameworks
OVM
Hypervisor
Management Applications
NORTHBOUND
PROGRAMMABILITY
LAYER
SOUTHBOUND
PROGRAMMABILITY
LAYER

34. 35
Compute-intensive Mixed-use
(2) UCS 96-Port 6296 Fabric
Interconnect
(2) Nexus 2232 PP
(6) UCS C220 M3 Servers w/
dual Intel Xeon E5-2665 2.4 GHz
Processors, 192GB of Memory,
Mega RAID, 4 x 900GB 10K
SAS HDDs
(2) UCS 96-Port 6296 Fabric
Interconnect
(2) Nexus 2232 PP
(6) UCS C220 M3 Servers w/
dual Xeon E5-2665 2.7 GHz
Proc, 192GB of Memory, Mega
RAID, 4 x 600GB 10K SAS
HDDs
(2) UCS C240 M3 Servers w/
dual Intel Xeon E5-2665 2.4 GHz
Proc, 192GB of Memory, 1 x
Mega RAID, 24 x 900GB 10K
SAS HDDs
Storage-intensive
(2) UCS 96-Port 6296 Fabric
Interconnect
(2) Nexus 2232 PP
(8) UCS C240 M3 Servers w/
dual Intel Xeon E5-2665 2.4 GHz
Proc, 192GB of Memory, 1 x
Mega RAID, 24 x 900GB 10K
SAS HDDs
CISCO UCS OPENSTACK ACCELERATOR PAKS

35. 36
CISCO UNIFIED FABRIC
CONTINUOUS MARKET LEADERSHIP
Cisco FabricPath
Customers
Cisco FEX
Customers
Cisco NX-OS
Customers
DC TECHNOLOGY LEADER
1,500+
11,000+
40,000+
11M+
*Source: Infonetics, Q3 2012 DC Network Equipment Report, December 2012 **Source: Dell’Oro, SAN Switching, November 2012
Data current as of December 2012. Subject to change without notice.
DATA CENTER SWITCHING LEADER
# Market share by revenue
in Q3 2012 for DC Ethernet
Switching at 71.7%*
1
# Market share by revenue
in Q3 2012 for FCoE SAN
Switching at 87.3%**
1
10GE Ports
Shipped

36. 37
SEPARATING TENANT POLICIES FROM OPERATIONS
2
ACI Admin
(Manages Network
Operations and
Infrastructure)
L/B
EPG
APP
EPG DBF/W
L/B
EPG
WEB
Application Network Profile
Create Application Policy
3
5
ACI
Fabric
Push Policy
APIC
OpenStack Tenant
(Manages Tenant
and Application
State only)
Instantiate VMs
Web WebWebWeb AppApp4
Create Application Network
Profile
1
DB DB
HYPERVISOR HYPERVISOR HYPERVISOR
NOVANEUTRON
Automatically Push
Network Profiles to
AFC
L/B
EPG
APP
EPG DBF/W
L/B
EPG
WEB
Application Network Profile