a10 nfv ecosystem integration overview...o openstack, redhat, huawei, zte o docker/kubernetes...

A10 NFV Ecosystem Integration Overview

Agenda• NFV

• Openstack• Private Cloud

• VMware• Cisco

• Automation (Private Cloud & NFV)• Ansible• Containers/Kubernetes Integration

• FlexPool Licensing

Private & NFV: Requirements

Usecases§ Ent.DCautomation§ Ent.Private/HybridCloud

Ecosystem§ VMware§ Containers§ SDN:CiscoACI,VMwareNSX,etc.

Usecases§ vEPC,vCPEetc.§ ServiceChaining

Ecosystem§ Openstack§ Containers§ SI:Ericsson,NEC,Huaweietc.

NFV(SP)SDDC(Enterprise)

SelfService->Agility

Automation->Efficiency

Consumption->Flexibility

Private Cloud / NFV Adoption

Private Cloud / NFV Requirements

I N F R A S T R U C T U R EVirtualization

Network Storage Computing

SELF SERVICE PORTAL / CATALOG

TEMPLATES BLUEPRINTS METERING

Orchestrator & Automation

• SelfService/On-Demand

• AutomatedProvisioning

• HighAvailability

• Elasticity

• PooledConsumption

• Analytics

I N F R A S T R U C T U R E

Virtual

Network

Virtual

Storage

Virtual

Computing

Network Storage Computing

SELF SERVICE / CATALOG

Virtual Function Manager(s)

ADC(VNF)

CGN(VNF)

Security(VNF)

S E R V I C E S

Orchestrator

Cloud/SDN

Management

Software:vThunder

Bare Metal

Hardware:Thunder

Secure Application

ServicesHarmony Controller

A10

Integrations:

Openstack

VMware

Cisco

©A10 Networks, Inc. | Confidential

A10 NFV Solution

A10 VNFs

Hypervisor (VM)

o Optimized performance

o KVM

o VMware ESXi

o Microsoft HyperV

ADC CGN TPS CFW SSLi

Software/COTS (Bare Metal)

o High Performance

o Qualified reference designs

o Choice of OEM

ADC CGN

Containers

o Container/Dockers

o Quick provisioning

o Multi-Cloud

o Kubernetes Integration*

LightningADCACOSContainers*

*Roadmap

Ecosystem Integrations

SDN

DEVOPS

CLOUD

AUTOMATED POLICY

AutomatedPolicywithA10’sOpenAPI*roadmap

PrivateCloud

o VMwarevRO,CiscoUCSD

o Openstack,RedHat,Huawei,ZTE

o Docker/Kubernetes

VirtualNetwork

o CiscoACI

o VMwareNSX*

Automation

o Puppet

o Chef

o Ansible

PrivateCloud

o AWS,Azure

o Google,Alibaba

VNF LifeCycle

ONBOARD DEPLOYMENT INSTANTIATE

SETUPSTART

STOP SCALEDELETE TERMINATION

ProvisionInfrastructure

DeploySoftware

SystemConfiguration

ChangeManagement

OrchestrateInfrastructure

Automation Tools & FrameworksProvision

InfrastructureOrchestrate

InfrastructureSystem

ConfigurationDeploySoftware

ChangeManagement

Openstack/HEAT

Ansible

Puppet,Chef

VMwarevRA/vRO,CiscoUCSD

Onboard Deploy Instantiate Setup,Start Scale,Stop

Openstack: Use Cases

1.vThunder– ADC,CGN,CFW,SSLi

LBaaS 2.vThunder– ADC

UseCases

1. AutoProvisioning• vThunderspinup/down• ADC,CGN,CFW,SSLi

2. ADCasaService• ADCconfiguration• vThunder,Thunder,BareMetal

Who uses Openstack?

• SP/Telcos• Academics• HostingProviders• DC/Coloservices

Openstack / Heat Orchestration

vThunder– ADC,CGN,CFW,SSLi

HEAT

• OrchestrateCloudapplication

• DeclarativetemplateorVNFdescriptor

• Automaticallyconfiguresanddeploysresources(inStacks)

• Stackisacollectionofresourcesassociatedwithatemplate

A10 ADC, CGN, CFW, SSLi in OpenStack

• OpenStack Distribution Support• A10 VNF certification on Red Hat OpenStack 10• Canonical Ubuntu

• SR-IOV DPDK Support on KVM

I N F R A S T R U C T U R E

Open vSwitch

(OVS)CEPH Storage KVM

NeutronCinder /

SwiftNOVA

SELF SERVICE / CATALOG

Harmony Controller

VNF VNF VNF

S E R V I C E S

Openstack

Openstack: A10 VNF WorkflowCloudManager

Service Catalog Config Mgmt. DB

VNF / Infrastructure

Provision:A10VNF

descriptor

Deploy:vThunder

CGNGLM

GetLicenseConfig:CloudInit

Monitor,Manage

SelfService

IT/Operations/CloudAdmin

AppOwner

• MobileCoreVirtualizationInitiative• Tenderissuedandecosystempartnersselected• A10CGNexistingcustomer• A10invitedtoconductseveralPoC

• Requirements:• Performance• HA,Scaleout• Openstack&NFVIntegrations(Servers,NICetc.)

U s e c a s e

• WonthreePoPs• vCGNScaleoutonKVM/SRIOV

• 8nodes• ECMP,BGP• N+2Redundancy/Failover

• Openstack(future)

A 1 0 S o l u t i o n

Case Study: vCGN EasternEurope,LeadingMobile&FixedOperator)

Subscribers

Internet

Service&DistributionLayer

$$$

vCGNScaleout

vCGNThroughput(Net):180G

Cluster(8 nodes)

NormalPerNode

FailurePer Node(N-2)

Throughput 180 23 30

ConcurrentSessions

14M 3.5M 4.6M

InternalOnly

• SecurecloudconnecttoEnterpriseCustomers• ProvidevalueaddedservicesonMPLSnetwork

• Requirements• IntegrationwithbusinessintelligencelayerwithAPI• Integrationwithopenstack• Twocloudsforfailover– withGSLB• Services:SSLi,ADC,Firewall• Future:IPSECbetweenDC,ServiceChaining

U s e C a s e

• vThunderADC,SSLi(inconsideration)• Serviceconsolidationwithpartitions

• Openstack/HEAT– RedHat• Future:SFC


Case Study: vCFW (GSLB, SSLi) USLargestMobileProvider

Corporate Users

Cloud #1

Internet

GSLB

SSLi

Cloud #2

GSLB

SSLi

InternalOnly

Private Cloud

VMware vRealize Integration

vCenter

vRealize Orchestrator

A10 Plugin

VMwarevSphere

A10 vThunder

Workflows,Scripts&Action

A10 vRO Plugin*

o L4-L7 Load Balancing

o L7 HTTP Rules

o Health Monitoring

o SLB Templates

o SSL Offload

o NAT Pools

o Trunk Interfaces

o Multi-tenancy w/ L3V ADP

o High Availability Cluster

* Roadmap

VMware VRO Plugin• Thunder ADC device orchestration workflows

• ADC (SLB) configuration workflows• vThunder, Thunder Support

• Harmony Controller LADC orchestration• LADC configuration workflows• Thunder configuration workflows*

A10UCSDConnector

aXAPI REST-based Programmability

Thunder SeriesAppliance

VirtualThunder

BareMetal

• Automated Provisioning and Management of A10 Thunder ADC Network Services• Network configuration workflow to configure network parameters• L4-L7 ADC Policy workflow to configure virtual services with SLB parameters

Cisco UCS Director A10 Connector

Cisco UCS Director ConnectorA10 UCSD Connector*


o L7 HTTP Rules

o Health Monitoring

o SLB Templates

o SSL Offload

o NAT Pools

o Trunk Interfaces



* Roadmap

Application Owner IT Admin IT Operations

SelfServiceConsole AdminConsole Dashboard

OS&VMDeployment PolicyManager ResourcePools

UCSDirector

Thunder Appliance Virtual Thunder Bare Metal

A10DevicePackage

Cisco ACI Integration

Harmony Controller*

APIC

Thunder:Physical, Virtual, Bare Metal

* Roadmap

A10 ACI Device Package


o L7 HTTP Rules

o Advanced Health Monitoring

o SLB Templates

o SSL Offload

o SSL Insight

o NAT Pools

o Trunk Port (PC, VPC)



Automation / DevOps

Automation/DevOps Tools Survey

Ansible Use cases

AutomationOrchestration

Users

A10 ModuleAnsible

Playbook

IT automation software

• Deploy Software

• Configure Systems

• Automate IT tasks

• Continuous deployments

• Service provisioning

• Network provisioning

Ansible PlaybookWhat is a Playbook

• Written in YAML

• Collection of plays (tasks)

A10 Ansible Playbook

A10 Module

Ansible Playbook

Create real server

Create service group

A10 device(hosts)

Description

A10 Devices

Create virtual server

A10AnsibleModules

ConfigurationManagementforA10devices

AutomateA10ADCConfiguration

• AnsibleModulecomeswithexampleplaybooks

• A10Moduleispartofthe‘NetworkModules’

• AvailablefordownloadfromA10GitHubpage

• AutomateA10Thunder/vThunderconfiguration

workflows

• ManageServers,ServiceGroups,VirtualServers

• Heathmonitorconfigurationworkflows

• NetworkAutomation&Provisioning• Reducemanualwork• Reducehumaninputerrors• PreviouslyusedCLIscripts,butnotscalable

• Requirements• OpenAPIs• Ansibleplaybooks&modules

• SLB(server,servicegroup,virtualserver,healthmonitor)• Manageconfigstateandchangemanagement

U s e c a s e

• ThunderADC&vThunderADC(existingdeployments)• API• A10AnsibleModules-

• A10supportedmodules(Future)


Case Study: ADC

Private Cloud / DC

A10 ADC

Internet

CanadianMobileProvider

ThundervThunder

InternalOnly

Containers

Kubernetes IntegrationA10’sIngressController

Service

Service

Service

Service

KubernetesMaster

KubernetesNode1

KubernetesNodeN

vThunder, LADC

Harmony Controller*

• IntegrationwithKubernetesAPIs

• AutomaticServiceDiscovery

• Insertion/DeletionfromADCforservice

• Benefits:• FeaturerichADC• Security• Visibility&Control• Analytics

….

*Roadmap

cThunder: ACOS Container SolutionContainerizingtheACOS(Phase1)

§ DockerimageforACOS

Packaging&DistributionACOS(Phase2)

§ Smallfootprint(memorysize)

§ Distributableimagehostedonline

§ IntegrationwithKubernetes(IngressController)

ACOS

Phase 1:Containerization

Phase 2:Packaging & Distribution

Software Licensing

A10’s FlexPoolFlexible Consumption of Secure Application Services

T H E N …

o Solution – Capacity pooling for user defined instances

o Software License Portability Across On-Prem & Cloud

o Software upgrades included Maintenance included

N O W

o A La Carte – Fixed Instance licenses

o Software License Tied to Hardware

o Perpetual per box lifetime. Additional Maintenance costs

FlexPoolInstance Licenses

FlexPool OverviewCapacity Pool

o 10G, 50G, 100G, Customo Floating License pool

Subscriptiono 1yr, 3yrso Enterprise License Agreements

(ELA)o Standard & Advanced

All inclusiveo Gold support includedo Software upgrades includedo No feature licenseso Choice of Software form

factors

FLEXPOOL

PUBLICCLOUD

PRIVATECLOUD

TRADITIONAL

OPERATIONALSIMPLICITY

INVESTMENTPROTECTION

FLEXIBLEALLOCATION

o Shared capacity pool

o Dynamically scale capacity (no reboot)

o User defined Instance sizes

o Centralized license management

o Visibility and usage monitoring

o All inclusive, Multi Services

o License portability

o Eliminate overprovisioning

o Software upgrades & maintenance included

FlexPool Benefits

Aligns Consumption with Business Needs

THANK YOU

a10 nfv ecosystem integration overview...o openstack, redhat, huawei, zte o docker/kubernetes...

Documents