Chapter 27: Virtualization Flashcards
The process of using software to create multiple independent virtual servers.
Server Virtualization
The process of virtualizing specific network functions so they can be run in common x86 hardware instead of a dedicated appliance.
Network Functions Virtualization
Virtualization using containers.
Containerization
A software emulation of a physical server with an operating system.
Virtual machine
An isolated environment where containerized applications run.
Container
A software version of a physical Layer 2 switch
vSwitch
Which platform plays the role of the orchestrator in Cisco’s Enterprise NFV solution?
Cisco DNA Center
One of the main reasons server virtualization is popular.
Underutilized hardware resources
T/F
VMs and containers increase the overall efficiency and cost-effectiveness of a server by maximizing the use of the available resources.
True
The virtualization software that creates VMs and performs the hardware abstraction that allows multiple VMs to run concurrently.
Hypervisor
This type of hypervisor runs directly on the system hardware.
Type 1
This type of hypervisor requires a host OS to run.
Type 2
T/F
A container is a lightweight VM.
False
T/F
Virtual machines share the same OS and remain isolated from each other.
False.
Containers share the same OS and remain isolated from each other.
T/F
A virtual machine contains a large number of components that are not really required to run.
True
T/F
Containers share the underlying resources of the host operating system.
True
A file created by a container engine that includes the application code along with its dependencies
Container image
Enables VMs to communicate with each other within a virtualized server and with external physical networks through the physical network interface cards (pNICs).
vSwitch
T/F
Network traffic cannot flow directly from one vSwitch to another vSwitch within the same host.
True
Benefits of distributed virtual switching.
- Centralized management of vSwitch configuration for multiple hosts in a cluster, which simplifies administration.
- Migration of networking statistics and policies with virtual machines during a live VM migration.
- Configuration consistency across all the hosts that are part of the distributed switch.
Default subnet for Docker0
172.16.0.0/16
A vSwitch is also known as a ______ ______.
Virtual bridge
Popular vSwitches
- Cisco Nexus 1000VE Series Virtual Switch
- Cisco Application Virtual Switch (AVS)
- Open vSwitch (OVS)
- IBM DVS 5000v
- vSphere Switch
An architectural framework created by the European Telecommunications Standards Institute that defines standards to decouple network functions from proprietary hardware-based appliances and have them run in software on standard x86 servers.
NFV
All the hardware and software components that comprise the platform environment in which virtual network functions (VNFs) are deployed.
NFV Infrastructure (NFVI)
The virtual or software version of a Network Functions commonly used by L2, L3, and Layer 4 through Layer 7 functions.
Virtual Network Function (VNF)
Examples of Cisco VNFs
- Cisco Cloud Services Router 1000V (CSR 1000V)
- Cisco Cloud Services Platform 2100 (CSP 2100)
- Cisco Integrated Services Virtual Router (ISRv)
- Cisco NextGen Firewall Virtual Appliance (NGFWv)
- Cisco Adaptive Security Virtual Appliance (ASAv)
Responsible for managing and controlling the NFVI hardware resources and the virtualized resources.
NFVI Virtualized Infrastructure Manager
Chaining VNFs together to provide an NFV service or solution.
Service Chaining
Performs fault, configuration, accounting, performance, and security (FCAPS) functions for VNFs.
NFV Orchestrator
Manages the lifecycle of one or multiple VNFs as well as FCAPS for the virtual components of a VNF.
VNF Manager
A platform typically operated by Service Providers and larger enterprise networks to support all their network systems and services.
Operations Support System (OSS)
A combination of product management, customer management, revenue management (billing), and order management systems that are used to run the SP’s business operations.
Business Support System
Traffic that comes into the server through a pNIC and is sent to a VNF; it is then sent from the VNF back to the physical wire through the pNIC.
North-South traffic
Traffic that enters the server through a pNIC to a VNF and is then sent to another VNF before being sent back to the physical wire through a pNIC.
East-West traffic
A memory access method that allows an I/O device to send or receive data directly to or from the main memory.
Direct Memory Access
What area of the memory is kernel executed?
Kernel space
What area of the memory are non-kernel processes executed?
User space
Where does OVS-DPDK operate?
User space
This process polls for data that comes into the pNIC and processes it, bypassing the kernel completely.
DPDK Poll Mode Driver (PMD)
T/F
DPDK PMD requires one or more CPU cores dedicated to polling and handling the incoming data.
T
Allows VNFs to have direct physical access to physical PCI devices, which appear and behave as if they were physically attached to the VNF.
PCI Passthrough
Exclusive one-to-one mapping. Bypassed hypervisor. Direct access to I/O resources. Reduced CPU utilization. Reduced system latency. Increased I/O throughput.
What are these advantages of?
PCI Passthrough
Disadvantage of PCI Passthrough
The entire pNIC is dedicated to a single VNF and cannot be used by other VNFs. The number of VNFs that can use PCI Passthrough is limited to the number of pNIC available in the system.
Allows multiple VNFs to share the same pNIC.
SR-IOV
Single-Root Input/Output Virtualization
Emulates multiple PCIe devices on a single PCIe device (pNIC).
SR-IOV
What are the emulated devices in SR-IOV known as?
Virtual Functions (VFs)
What are the physical devices in SR-IOV known as?
Physical Function (PFs)
What modes does SR-IOV support for switching traffic between VNFs?
Virtual Ethernet Bridge (VEB)
Virtual Ethernet Port Aggregator (VEPA)
Traffic between VNFs attached to the same pNIC is hardware switched directly by the pNIC.
Virtual Ethernet Bridge (VEB)
Traffic between VNFs attached to the same pNIC is switched by an external switch.
Virtual Ethernet Port Aggregator (VEPA)
Reduces the operational complexity of enterprise branch environments by running the required networking functions as virtual networking functions (VNFs) on standard x86-based hosts.
Cisco Enterprise Network Functions Virtualization (ENFV)
4 components of Cisco ENFV
- Management and Orchestration (MANO)
- VNFs
- NFVI Software
- Hardware resources
Features of NFVI Software
- Network Hypervisor
- Embedded PnP client
- VM lifecycle mgmt
- Service chaining
- Local web UI
- Open , programmable APIs
What is the benefit of this feature of NFVI Software:
Network Hypervisor
Embedded KVM to abstract the underlying hardware components.
What is the benefit of this feature of NFVI Software:
Embedded PnP client
Facilitates zero-touch deployment of branch virtualization infrastructure, including VNFs, resulting in reduced OpEx when deploying new branch sites.
What is the benefit of this feature of NFVI Software:
VM lifecycle mgmt
Enables all VNF lifecycle management, such as creating and deleting VNFs and adding CPU, memory, and storage
Lifecycle management monitors the status of the VNFs and supports failure and recovery monitoring, and stop and restart of services.
What is the benefit of this feature of NFVI Software:.
Service chaining
A built-in virtual switch enables communication between the different VNFs. This switch can enable Layer 2 service chaining of VNFs.
Multiple independent service paths can be created based on applications or user profiles.
What is the benefit of this feature of NFVI Software:
Local web UI
A built-in GUI that is used to manage NFVIS.
Can be used to upload VNFs, deploy VNFs, service-chain VNFs, change VNF resources, and monitor VNFs and hardware platforms, avoiding the need for complex commands.
What is the benefit of this feature of NFVI Software:
Open, programmable APIs
Programmable APIs are provided for service orchestration. These can be used to integrate all the functionality that NFV Infrastructure
Software provides with orchestration tools of your choice. Includes options for both REST and NETCONF APIs.
What platforms support Cisco ENFVIS?
Cisco Enterprise Network Compute System (ENCS)
- Cisco Cloud Services Platforms
- Cisco 4000 Series ISRs with a Cisco UCS E-Series blade
- UCS C-Series
Includes a centralized dashboard and
tools to design, provision, manage, and monitor all branch sites across the enterprise.
Cisco DNA center
Two main functions of DNA center:
- To roll out new branch enterprise locations
- Deploy new VNFs and virtualized services.
Provides centralized policies, which enables
consistent network policies across the enterprise branch offices
Cisco DNA center
How are centralized policies created?
By building network profiles.
What is included in network profiles?
- Configuration for LAN and WAN virtual Interfaces.
- Services or VNFs to be used.
- Devices configuration required for the VNFs.
Provides a way to automatically and remotely provision and onboard new network devices.
PnP
Provides an environment for the virtualization of both network functions and applications in the enterprise branch.
Cisco ENFV
Cisco-supported VNFs for Cisco DNA center
- ISRv
- ASAv
- NGFWv
- Viptela vEdge
- cEdge
- vWAAS
- vWLCs
Third-party VNFs for Cisco DNA center
- ThousandEyes
- Fortinet
- PaloAlto
- InfoVista
- CTERA
- Windows Server
- Linux Server
NFVIS-supported communication models for orchestration and management.
- REST
- CLI
- HTTPS
- NETCONF/YANG
NFVIS virtualization layer is based on:
- KVM
- QEMU
- Libvirt
NF benefits
- Reduced capex and opex
- Faster time-to-market
- Improved ROI
Components of NFVIS:
- Linux
- Hypervisor
- vSwitch
- VM lifecycle mangement
- PnP client
- Orchestration
- HTTPS web server
- Device management
- RBAC
x86 hosting platforms that support Cisco Enterprise NFVIS:
Cisco Enterprise Network Compute System (ENCS)
- Cisco Cloud Services Platforms
- Cisco 4000 Series ISRs with a Cisco UCS E-Series blade
- UCS C-Series
