Help us improve your experience.

Let us know what you think.

Do you have time for a two-minute survey?

Navigation
Guide That Contains This Content
[+] Expand All
[-] Collapse All

    Solution Overview

    This MetaFabric 1.0 solution identifies the key components necessary to accomplish the specified goals. These components include compute, network, and storage requirements, as well as considerations for business-critical applications, high availability, class of service, security, and network management (Figure 1). As a result of these requirements and considerations, it is critical that all components are configured, integrated, and tested end-to-end to guarantee service-level agreements (SLAs) to support the business.

    Figure 1: Juniper Networks Virtualized IT Data Center – Solution Components

    Juniper Networks Virtualized IT Data
Center – Solution Components

    The following sections describe the general requirements you need to include in a virtualized IT data center.

    Compute

    Because this solution is focused on a virtualized IT environment, naturally many of the requirements are driven by virtualization itself. Compute resource management involves the provisioning and maintenance of virtual servers and resources that must be centrally managed. The requirements for compute resources within a virtualized IT data center include:

    • Workload mobility and migration for VMs—Applications must be able to be migrated to other virtual machines when resource contention thresholds are reached.
    • Location independence for VMs—An administrator must be able to place the VMs on any available compute resource and move them to any other server as needed, even between PODs.
    • VM visibility—An administrator must be able to view where the virtual machines are located in the data center and generate reports on VM movement.
    • High availability—Compute resources must be ready and operational to meet user demands.
    • Fault tolerance—If VMs fail, there should be ways for the administrator to recover the VMs or move them to another compute resource.
    • Centralized virtual switch management—Keeping the management for VMs and virtual switches in one place alleviates the hassle of logging into multiple devices to manage dispersed virtual equipment.

    Network

    The network acts as the glue that binds together the data center services, compute, and storage resources. To support application and storage traffic, you need to consider what is required at the access and aggregation switching levels, core switching, and edge router tiers of your data center. These are the areas that Juniper Networks understands best, so we can help you in selecting the correct networking equipment to support your implementation of the virtualized IT data center.

    The requirements for a virtualized IT data center network include:

    • 1-Gigabit, 10-Gigabit, and 40-Gigabit Ethernet Ports—This requirement covers the most common interface types in the data center.
    • Converged data and storage—By sending data and storage traffic over a single network, this reduces the cost required to build, operate, and maintain separate networks for data and storage.
    • Load balancing—By distributing and alternating the traffic over multiple paths, this ensures an efficient use of bandwidth and resources to prevent unnecessary bottlenecks.
    • Application quality of experience—By designing class of service requirements for different traffic queues, this ensures prioritization for mission-critical traffic (such as storage and business-critical applications) and best effort handling for routine traffic (such as e-mail).
    • Network segmentation—Breaking the network into different portions lowers the amount of traffic congestion, and improves security, reliability, and performance.
    • Traffic isolation and separation—By carefully planning traffic flows, you can keep East-to-West and North-to-South data center traffic separate from each other and prevent traffic from traveling across unnecessary hops to reach its destination. This allows most traffic to flow locally, which reduces latency and improves application performance.
    • Time synchronization—This requirement ensures that a consistent time stamp is standardized across the data center for management and monitoring purposes.

    Generally speaking, you need to determine which Layer 2 and Layer 3 hardware and software protocols meet your needs to provide a solid foundation for the traffic that flows through your data center.

    Storage

    There are two primary types of storage: local storage and shared storage. Local storage is generally directly attached to a server or endpoint. Shared storage is a shared resource in the data center that provides storage services to a set of endpoints. The MetaFabric 1.0 solution focuses primarily on shared storage as it is the foundation for all of the endpoint storage within a data center. Shared storage can be broken down into six primary roles: controller, front end, back end, disk shelves, RAID groups, and storage pools.

    Although there are many different types of shared storage that vary per vendor, the architectural building blocks remain the same. Each storage role has a very specific role and function in order to deliver shared storage to a set of endpoints.

    The requirements for storage within a virtualized IT data center include:

    • Scale—The storage component must be able to handle sufficient input/output operations per second (IOPS) to support business-critical applications.
    • Lossless Ethernet—This is a requirement for converged storage.
    • Boot from shared storage—The advantages of this requirement include easier server maintenance, more robust storage (such as more disks, more capacity, and faster storage processors), and easier upgrade options.
    • Multiple protocol storage—The storage device must be able to support multiple types of storage protocols, such as Internet Small Computer System Interface (iSCSI), Network File System (NFS), and Fiber Channel over Ethernet (FCoE). This provides flexibility to the administrator to integrate different types of storage as needed.

    Applications

    For your applications, you need to consider the user experience and plan your implementation accordingly. Business-critical applications provide the main reason for the existence of the data center. The other data center components (such as compute, network, and storage) serve to ensure that these applications are hosted securely in a manner that can provide a high-quality user experience. Web services, e-mail, database, and collaboration tools are housed in the data center – these tools form the basis for business efficiency and must deliver application performance at scale. As such, the data center architecture should focus on delivering a high-quality user experience through coordinated operation across all tiers of the data center.

    For example, can the Web, application, and database tiers communicate properly with each other? If you plan to allow VM motion to occur only within an access and aggregation POD, you can include Layer 3 integrated routing and bridging (IRB) within the access and aggregation layer. However, if you choose to move VMs from one POD to another, you need to configure the IRB interface at the core layer to allow the VM to reach the Web, application, and database servers that are still located in the original POD. Factoring in such design aspects ahead of time prevents headaches to the data center administrator in the months and years to come.

    The requirements for applications within a virtualized IT data center include:

    • Business-critical applications—The solution must address common data center applications.
    • High performance—Applications must be delivered to users in a timely fashion to ensure smooth operations.

    High Availability

    Keeping your equipment up and running so that traffic can continue to flow through the data center is a must to ensure that applications run smoothly for your customers. You should strive to build a robust infrastructure that can withstand outages, failover, and software upgrades without impacting your end users. High availability should include both hardware and software components, along with verification. Key considerations for high availability in an virtualized IT data center include:

    • Hardware redundancy—At least two redundant devices should be placed at each layer of the data center to ensure resiliency for traffic. If one device fails, the other device should still be able to forward data and storage packets to their destinations. The data center requires redundant network connectivity and the ability for traffic to use all available bandwidth.
    • Software redundancy—Features such as nonstop software upgrade, Virtual Router Redundancy Protocol (VRRP), graceful restart, MC-LAG, and graceful Routing Engine switchover (GRES) are needed to maintain device uptime, provide multiple forwarding paths, and ensure stability in the data center.

    Class of Service

    Because of the storage requirements in the virtualized IT data center, you must include lossless Ethernet transport in your design to meet the needs for converged storage in the solution. Also, you must consider the varying levels of class of service necessary to support end-to-end business-critical applications, virtualization control, network control, and best-effort traffic.

    Security

    Another important task is to secure your data center environment from both external and internal threats. Because this solution contains both physical and virtual components, you must secure both the applications and traffic that flow through the heart of the data center (often across VMs) as well as the perimeter of the data center (consisting primarily of physical hardware, such as an edge firewall). You must also provide secure remote access to the administrators who are managing the data center.

    Security requirements for this solution include:

    • Perimeter security—Using hardware-based security provides services such as Network Address Translation (NAT), encrypted tunnels, and intrusion detection to prevent attacks and prohibit unauthorized access.
    • Application security—Use of a software solution for application security provides network segmentation, robust policies, and intrusion detection.
    • Remote access—Implementing a secure access method provides two-factor authentication and Role-Based Access Control (RBAC) to allow access to authorized data center administrators.

    Network Management

    The final challenge is connecting the dots between physical and virtual networking; bridging this gap enables the data center engineer to quickly troubleshoot and resolve issues. For network management in a virtualized IT data center, you need to consider management of fault, configuration, accounting, performance and security (FCAPS) in your network (Figure 2).

    Figure 2: Network Management Requirements

    Network Management Requirements

    For more information about FCAPS (the ISO model for network management), see ISO/IEC 10040.

    Network management requirements for the solution include:

    • Virtual and physical—You must be able to manage all types of components in the data center network, regardless if they are hardware-based or virtualized.
    • Fault—Errors in the network must be isolated and managed in the most efficient way possible. You should be able to recognize, isolate, correct, and log faults that occur in your network.
    • Configuration—You should be able to provision your network flexibly from a central location and manage configurations for the devices in your data center.
    • Accounting—You must be able to gather network usage statistics, and establish users, passwords, and permissions.
    • Performance—You should be able to the monitor throughput, network response times, packet loss rates, link utilization, percentage utilization, and error rates to ensure the network continues to perform at acceptable levels.
    • Security—You must be able to control access to network components through use of authorization, encryption, and authentication protocols.

    Published: 2015-04-20