VDC Architecture
The Cisco NX-OS software provides the base upon which the VDCs are supported. Figure 5-5 shows NX-OS in VDC mode.
Figure 5-5 NX-OS in VDC Mode
At the heart of the NX-OS, are the kernel and infrastructure layer. The kernel supports all processes and all VDCs that run on the switch, but only a single instance of the kernel exists at any one point in time. The infrastructure layer provides an interface between the higher layer processes and the hardware resources of the physical switch (TCAM and so on). Having a single instance of this layer reduces complexity (when managing the hardware resources). Having a single infrastructure layer also helps scale performance by avoiding duplication of this system’s management process.
Working under control of the infrastructure layer are a number of other important system processes that also exist as unique entities. Of these, the VDC manager is a key process when it comes to supporting VDCs. The VDC manager is responsible for the creation and deletion of VDCs. More importantly, it provides VDC-related APIs for other infrastructure components, such as the system manager and resource manager, to perform their own related functions.
When a VDC is created, the system manager is responsible for launching all services required for VDC startup that run on a per-VDC basis. As new services are configured, the system manager will launch the appropriate process. For example, if OSPF were enabled in a VDC named Marketing, the system manager would launch an OSPF process for that VDC. If a VDC is deleted, the system manager is responsible for tearing down all related processes for that VDC.
The resources manager is responsible for managing the allocation and distribution of resources between VDCs. Resources such as VLANs, VRFs, port channels, and physical ports are examples of resources managed by the resource manager.
Sitting above the infrastructure layer and its associated managers are processes that run on a per-VDC basis. All the Layer 2 and Layer 3 protocol services run within a VDC. Each protocol service started within a VDC runs independently of the protocol services in other VDCs. The infrastructure layer protects the protocol services within a VDC so that a fault or other problem in a service in one VDC does not impact other VDCs. The Cisco NX-OS software creates these virtualized services only when a VDC is created. Each VDC has its own instance of each service. These virtualized services are unaware of other VDCs and only work on resources assigned to that VDC. Only a user with the network-admin role can control the resources available to these virtualized services. (You can find more on the network-admin role later in this chapter in the “VDC Management” section.) The Cisco NX-OS software also creates a virtualized control plane for each VDC that processes all the protocol-related events.