Data Center Architecture

Chia sẻ: Orchid Orchid | Ngày: | Loại File: PDF | Số trang:0

0
195
lượt xem
85
download

Data Center Architecture

Mô tả tài liệu
  Download Vui lòng tải xuống để xem tài liệu đầy đủ

• Introduction • Data Center Design Overview • DC IP Infrastructure • DC Application Optimization • DC Security • DC Storage Networking & Business Continuance • Summary

Chủ đề:
Lưu

Nội dung Text: Data Center Architecture

  1. Data Center Architecture Overview Willie Yam Data Center Lead, APAC DC-1101 11201_05_2005_c2 © 2005 Cisco Systems, Inc. All rights reserved. 1
  2. Agenda • Introduction • Data Center Design Overview • DC IP Infrastructure • DC Application Optimization • DC Security • DC Storage Networking & Business Continuance • Summary DC-1101 11201_05_2005_c2 © 2005 Cisco Systems, Inc. All rights reserved. 2
  3. DC Functional Layers … A Data Center Topology Layers & Services Core Aggregation Firewall Services Server Balancing Intrusion Detection SSL Offloading Network Analysis DOS Protection Access File Caching Content Caching VPN Termination Server Farms Server Clusters Edge Virtual Fabrics (VSANs) Server Virtualization V Virtual I/O Storage Virtualization Compute Fabric Services Data Replication Svcs Remote DMA Services Fabric Routing Services Clustering Services Fabric Gateway Services Fabric Gateway Services Core Storage / Tape Farms DC-1101 11201_05_2005_c2 © 2005 Cisco Systems, Inc. All rights reserved. 3
  4. Physical Areas … A Data Center Topology Ceiling Plenum The Physical Facility… • Flooring • Racks Rack Rack Rack HVAC • HVAC and Electrical infrastructure • Cabling Raised Flooring • Fire Suppression Systems • Compute Equipment • Network Equipment DC-1101 11201_05_2005_c2 © 2005 Cisco Systems, Inc. All rights reserved. 4
  5. Blueprints and Best Practices The baseline of an architecture… DC-1101 11201_05_2005_c2 © 2005 Cisco Systems, Inc. All rights reserved. 5
  6. The Data Center Network System Validation Roadmap… Network Virtualization Network Virtualization Virtual Infrastructure Virtual Infrastructure Virtual Switching Virtual Switching Network Intelligence Network Intelligence Virtual Routing Virtual Routing Virtual Services Virtual Services Service Integration Service Integration Virtual Firewalls Virtual Firewalls Security: Security: Virtual Load balancers Network DNA Network DNA FWSM, IDS, CSA, Riverhead, Virtual Load balancers FWSM, IDS, CSA, Riverhead, System Virtualization System Virtualization Portego Portego Server Virtualization Aggregation, service and access Aggregation, service and access Server Virtualization Application Optimization Application Optimization Storage Virtualization Network Areas layers layers Storage Virtualization Network Areas WASF, Content Switching, WASF, Content Switching, Segmentation Core and Edge layers Core and Edge layers Segmentation SSL, AONS, CDN, caching SSL, AONS, CDN, caching « ------ » IP switching Infrastructure IP switching Infrastructure Service points Service points « ------ » Network Management Network Management Logical Partitioning, Dynamic Storage Switching Infrastructure Storage Switching Infrastructure Server farm topologies Server farm topologies Logical Partitioning, Dynamic « ------ » « ------ » Provisioning & Self Adjusting Distributed Data Center Distributed Data Center « ------ » « ------ » Provisioning & Self Adjusting Interop., transparency and Interop., transparency and Infrastructure Infrastructure HA, Convergence, Scalability HA, Convergence, Scalability Integration Integration « ------ » « ------ » Performance Performance Baseline Fundamental Baseline Fundamental Functional Network Areas Functional Network Areas Mapping DC technology to Mapping DC technology to customer requirements customer requirements Architecture Foundation Service Virtualization DC-1101 Definition Architecture Integration 11201_05_2005_c2 © 2005 Cisco Systems, Inc. All rights reserved. 6
  7. DATA CENTER DESIGN OVERVIEW DC-1101 11201_05_2005_c2 © 2005 Cisco Systems, Inc. All rights reserved. 7
  8. Data Center Design Strategic Foundation Good Design Requires Defined Business Policies • Security Policy External, Internal, Partner Inter and Intra Server Farm Risk Analysis—too much vs. too little • Business Continuance and Disaster Recovery Policy Business Impact Assessment (BIA) per application How many Data Centers, how far apart Active/Active, Active/Standby, both Personnel Support Plan during outage • Application and Service Level Agreements Application bandwidth and redundancy BIA prioritization between applications Layer2 and Layer3 server adjacency requirements NIC Teaming and Backup and Management networks DC-1101 11201_05_2005_c2 © 2005 Cisco Systems, Inc. All rights reserved. 8
  9. Today’s Data Center Integration of Many Systems and Services Storage N-Tier Front End Network Applications Network Application/Server WAN/ Optimization FC Security Internet Switch Web Servers Resilient Cache IP Firewall DR Data Center Scalable Infrastructure NAS Application and Server Optimization App Servers Content Data Center Security IDS Switch MAN/ DC Storage Networks Internet VSANs Distributed Data Centers DB Servers FC Switch Mainframe IP Comm. Operations FC Switch RAID Metro Network DWDM/SONET/Ethernet FC Tape DC-1101 SAN 11201_05_2005_c2 © 2005 Cisco Systems, Inc. All rights reserved. Secondary Data Center 9
  10. Systems and Solutions Tactical Execution IP Network Application DC Security Storage Network Business Continuance Infrastructure Optimization Infrastructure Networking Routing Content Switching Traffic Filtering FC Switching DC Interconnectivity Switches Server Load Balancing Firewalls Director Class Switches DWDM, SONET/SDH, CWDM Routers ACL—RACLs, VACLs Stackable Switches GE and 10GE IGP and BGP Protocols MetroE and IP WAN Services L2 and L3 VPN Service Switching SSL Offload Intrusion iSCSI/FCIP Site Selection Detection/Protection Modular SSL Acceleration Network IDS FC to IP Ethernet Gateways Failover and Load Balancing Stackable Mgmt Simplification Host IDS IP Services in FC switches DNS Base Site Selection RPVST+ Monitoring Encrypted Traffic Route Health Injection IGP and BGP Site Selection Server Farm Topologies Caching L3 and L2 Features SAN Topologies Data Replication and SAN Extension NIC Teaming Reverse Proxy Caching PVLANs, Static ARP, Port Best Practices Synchronous and Asynchronous Security, MD5 Authentication Clustering WCCP and SLB Redirection Intra-DC FC Over Campus and MAN AAA, SSH, Root and BPDU Guard, iSCSI, FC, NAS, Content Prepositioning ARP Spoofing, DHCP Spoofing, Inter-DC FCIP Over WAN VLAN Hoping DC-1101 11201_05_2005_c2 © 2005 Cisco Systems, Inc. All rights reserved. 10
  11. DATA CENTER IP Infrastructure DC-1101 11201_05_2005_c2 © 2005 Cisco Systems, Inc. All rights reserved. 11
  12. Data Center Architecture Intranet Core Internet Edge DC Aggregation Aggregation Layer Server Access Access Layer Load Firewall SSL Cache Network IDS DC-1101 GSS 11201_05_2005_c2 Balancer © 2005 Cisco Systems, Inc. All rights reserved. Offloader analysis Sensor 12
  13. IP Infrastructure Highly Available, Adaptable, Predictable, Deterministic and Service Ready Cisco 7500/7200 • Integration with the routed Cisco GSS Content Router Routers Cisco 3550/4500 network WEB DNS FTP Switches Intranet and Internet peering DMZ Cisco PIX Internet Edge Firewalls DC Isolation from external events Catalyst 6500 • Server farm topologies Switches Campus Core Layer 2 Adjacency requirements Firewall Module Service modules Content Engine Layer 3 Boundary Content Switching Module IDS sensor SSL Module Service Location Application Services Multi-tier Topologies Catalyst 4500/ Mainframe 6500 Switches Scalability WEB DHCP PIX / Firewall Service Module • 1RU and Blade Servers IPTV Server Call Manager Cluster Integration Design Alternatives APP APP APP Service Integration Primary Server Farm DC-1101 11201_05_2005_c2 © 2005 Cisco Systems, Inc. All rights reserved. 13
  14. Multi-tier Topologies Physical vs. logical Topology IP Network IP Network Physical Topology Service devices are shared (transparent and virtual) Logical Topology Greater service efficiency Used in Hosting Services Easier manageability Dedicated service devices More cost effective DC-1101 Highly scalable 11201_05_2005_c2 © 2005 Cisco Systems, Inc. All rights reserved. 14
  15. DATA CENTER Application Optimization DC-1101 11201_05_2005_c2 © 2005 Cisco Systems, Inc. All rights reserved. 15
  16. Application Optimization High Availability, Scalability and Health of Application Services • Load Balancing Application Availability Scalability • SSL Offloading SSL Scalability Centralized PKI Management Security/Traffic Inspection • Caching Server I/O and CPU reductions DC-1101 11201_05_2005_c2 © 2005 Cisco Systems, Inc. All rights reserved. 16
  17. Server and Application Scalability Improving and Guaranteeing Service Levels Load balancing and Content Switching Technology • Distribute Traffic Load • HW alternative to clustering technologies • Avoiding misbehaving apps/server: app health checking • Allows seamless scalability • Enables any-window maintenance change control Server Server DC-1101 11201_05_2005_c2 © 2005 Cisco Systems, Inc. All rights reserved. Server 17
  18. SSL Offloading Scaling Application Layer Security Hardware Alternative to Software or per Server SSL Transactions With SSL Offloader Without SSL Offloader • Improves server scalability • SSL processing within servers requires high-end • Enables L5+ load balancing servers to scale SSL and user session capacity persistence via L4-7 switch integration • Hides L5+ info for intelligent load balancing, user • Simplifies certificate persistence, and security management • Managing SSL certificates • Provides traffic inspection on individual servers is a visibility hidden in SSL heavy operational burden sessions DC-1101 11201_05_2005_c2 © 2005 Cisco Systems, Inc. All rights reserved. 18
  19. Caching in the Data Center Offloading Static Content Serving Caching Technology • Offload processing of requests for static content • Reduces server farm CPU cycles IP Network Increases Scalability RPC Cluster • Done close to the server farm Reverse Proxy Caching mode Aggregation layer • Offloading Redirection Alternatives Web Cache Control Protocol (WCCP) Content Switch DC-1101 11201_05_2005_c2 © 2005 Cisco Systems, Inc. All rights reserved. 19
  20. DATA CENTER Security DC-1101 11201_05_2005_c2 © 2005 Cisco Systems, Inc. All rights reserved. 20
Đồng bộ tài khoản