aCloud Services Architecture - Harshal Pimpalkhute, Sr. Prod. Mktg. Mgr., A10 Networks - OpenStackSV 2014
- 1. aCloud Services Architecture
OpenStack Integration
Harshal Pimpalkhute| Sr. Product Marketing Manager | A10 Networks
openstacksv.com
Conference Organizer SEPTEMBER 2014
CONFERENCE ORGANIZER
- 2. The Evolution of Networking for Cloud IaaS
Rapidly emerging cloud frameworks: Open, Vendor and Carrier specific
NFV SDN
Decouple
NW Data &
Control
Automated
Policy
Virtualized
Resources
Cloud
ADCs must integrate with evolving cloud
frameworks for consistent policy enforcement
& dynamic L4-7 services
©A10 Networks, Inc.
Service provider function
virtualization
(Example: CGN)
Network virtualization
(Example: VMWare NSX)
Infrastructure
virtualization
(Example: OpenStack)
Virtualized
Services
ADCs are best suited for automated security and policy enforcement
- 3. The Evolution of Application & Security Services for Cloud IaaS
©A10 Networks, Inc.
Dynamic
Static
Dedicated
Infrastructure:
Manual Policy
Management
Shared Virtual
Infrastructure:
Discrete and
Manual Policy
Management
Cloud IaaS
Shared Infrastructure
with automated
Policy enforcement
Silo Multi-tenant/Shared
Policy Enforcement
Infrastructure
ADC is critical for policy enforcement and SLAs
- 4. Automation & Policy Enforcement for Cloud IaaS
Automation & Policy Enforcement Needs
Consistent policy and security enforcement
Dynamic L4-L7 Services
©A10 Networks, Inc.
Automated provisioning
SDN/Cloud Integration
Elastic scalability
DMZ
Public IaaS MSSP
DC
Services Controller
SDN Controller
Cloud Orchestration
Policy Enforcement
Application Services and
Security
Ex: aGalaxy
SDN and Networking
Ex: Cisco ACI/APIC, VMware
NSX, etc.
Compute and Storage
Ex: OpenStack, VMware
VCO, Microsoft SCVMM
- 5. Introducing aCloud Services Architecture
Pay-as-You-Go
Licensing
Cloud & SDN Integration
©A10 Networks, Inc.
High Performance, Virtualized
and Hybrid Appliances
On Demand Licensing
SDN and Cloud Orchestration
Integration
Agility
Dynamic L4-L7 Services
Multi-tenancy Support
Programmability; API-driven
Reduced TCO
Operational Efficiencies
Metered Consumption
Reduced Resource Consumption
Choice of Form
Factors
Automation
Automated Service Provisioning
Rapid Scale Up Scale Down
Integration with Cloud and SDN
- 6. SDN and Cloud Orchestration Integration
SDN and Cloud Orchestration Integration
Centralized policy
enforcement
©A10 Networks, Inc.
Integration with OpenStack,
VMware vCloud Director*,
Microsoft SCVMM
Automated network
segmentation and security
Overlay Support: VXLAN and
NVGRE; Integration with IBM SDN
VE, Cisco APIC*, VMWare NSX*,
Reduced provisioning overhead,
time and cost
Programmability: RESTful aXAPI,
Smart Templates; aGalaxy
Achieve automation, operational agility, and reduced TCO
* In planning phase
- 7. aCloud: OpenStack Integration
©A10 Networks, Inc.
Horizon Dashboard Client Application
Features:
Neutron Integration
LBaaS in OpenStack
A10 ACOS Appliances
Physical, HVA and Virtual
A10
LBaaS Driver
REST API
Nova Cinder Neutron
OpenStack Cloud APIs
Compute Storage Networking
- 8. aCloud: OpenStack Integration
Nova Cinder Neutron
Compute Storage Networking
©A10 Networks, Inc.
OpenStack Cloud APIs
Horizon Dashboard
A10 ACOS Appliances
Physical, HVA and Virtual
Client Application
A10
LBaaS Driver
REST API
- 9. aCloud: OpenStack Integration
LBaaS Neutron Advanced Service Plugin
Message Queue Asynchronous
©A10 Networks, Inc.
Driver 1
Driver 1
LBaaS Driver 2
Agent
Driver 2
A10 LBaaS Driver
LBaaS Neutron
Extension Rest API
Core API Synchronous
NOVA
(Compute)
CINDER
(Block Storage)
Neutron
REST
SWIFT
(Object Storage)
Client
Application
Horizon
(Dashboard)
REST
REST
Glance
(Image Service)
Keystone
(Authentication)
Editor's Notes
- The focus of innovations to address cloud infrastructure needs is at the network and DC virtualization level. The combination of different cloud deployment models as a result of network and DC virtualization requires e a policy driven infrastructure. If you take a look at SDN, NFV along with DC virtualization – an automated policy enforcement emerges as the single requirement to realize the benefits of these innovations. An ADC is closest to the application in the stack and is best suited to address an organizations security and policy enforcement needs. Furthermore, as these virtualization approaches evolve the ADC has to integrate with these eco-systems to deliver the benefits of consistent policy enforcement across the infrastructure.
- So to summarize – Infrastructure has evolved from a dedicated to a heavily shared multi-tenant resource in Cloud IaaS DC. As a result the policy enforcement for security and application service has to evolve to a more dynamic and automated.
- The A10 aCloud Services Architecture provides consistent security and policy enforcement for Cloud IaaS infrastructure. High performance appliances along with a choice of form factors allow consistent policy enforcement in a range of consumption models by integrating with SDN and Cloud Orchestration platforms. Furthermore, a pay-as-you-go licensing infrastructure allows organizations to pay for what is consumed. As a solution the aCloud services deliver the benefits of Agility, automation and reduced TCO in a Cloud IaaS environment.
- Automation
Automated System Provisioning via Cloud / SDN API
Drive L4-7 Service Chaining to Tenant / Workload
Operational Agility
Support Operational Needs for Automation & Agility
Support Rapid Response to Internal / External Needs
Enable New User / Customer Services ($$$)
Reduced TCO
Reduced Manual Change Management Tasks for IT
Enable Pay-as-You-Go IaaS for End Users