1 White Paper TOPOLOGY-INDEPENDENT IN-SERVICE SOFTWARE UPGRADES ON THE QFX5100 Juniper Innovation Brings ISSU to Data Center Top-of-Rack Switches Copyright 2014, Juniper Networks, Inc. 1
2 Table of Contents Executive Summary...3 Introduction...3 Leveraging Junos OS Virtualization Technology How TISSU Works Upgrade with Subsecond Convergence Time... 6 TISSU Benefits... 6 Conclusion: Juniper Innovation...7 About Juniper Networks...7 List of Figures Figure 1: In-Service Software Upgrade (ISSU) architecture... 4 Figure 2: Software updates without Topology-Independent In-Service Software Upgrades (TISSU)... 5 Figure 3: Software updates with TISSU Copyright 2014, Juniper Networks, Inc.
3 Executive Summary For a number of years, in-service software upgrades (ISSUs) have provided network administrators with a simpler, faster way to upgrade network system software. ISSU contributes to business continuity by ensuring network services and applications remain available even during system upgrades, so there s no impact on user productivity or customer satisfaction. To date, however, ISSU has only been available on high-end, chassis-based networking devices, such as core routers and switches. And it has relied on redundant hardware at a minimum, identically configured dual routing engines. Some vendors have claimed to offer ISSU through the use of completely redundant network devices, a truly expensive approach that takes half the network offline during an upgrade. With the introduction of Juniper Networks QFX5100 line of switches with its innovative software architecture, Juniper has delivered a new model for ISSU and an industry first true ISSU for top-of-rack switches. Each QFX5100 features a Linux-based hypervisor supporting up to four virtual machines (VMs) running Juniper Networks Junos operating system today and other services in the future. Juniper s Topology-Independent In-Service Software Upgrade (TISSU) technology leverages this VM-based architecture, eliminating the need for any redundant hardware and enabling network administrators to perform full system software upgrades in minutes, with no downtime. TISSU dramatically reduces the time, cost, and complexity of system upgrades while contributing to hitless data center operation. It also eliminates the outages and costs that can result from failed device upgrades, further enhancing data center availability. By making it easy to keep switches up to date with the latest features and security upgrades, TISSU ensures customers get the most from their networks while reducing risk. And by bringing technology to top-of-rack switch platforms that was previously only available for high-end systems, Juniper s TISSU now makes it possible to employ in-service upgrades across the network, end to end. Introduction The ability to perform ISSU has been a boon for network architects and administrators. This high availability feature for network devices lets administrators install new software versions without having to take network equipment offline. Without ISSU, updating software on network devices is highly disruptive and time-consuming: It requires a significant amount of planning in advance, including s notifying users of the impending update and attendant downtime, and the network is completely unavailable during the actual upgrade process. Manual software upgrades are also error prone, putting the enterprise at risk for greater disruption and downtime. With ISSU, there s no need for network administrators to plan outages and block out the hours needed to complete an upgrade, significantly reducing the time it takes to perform software upgrades and dramatically lowering the associated costs. Likewise, network architects have more options and greater flexibility in how they design the network because there s no need to factor in the impact of software upgrades. Above all, ISSU contributes to business continuity by ensuring network services and applications remain available, so there s no impact on user productivity or customer satisfaction. ISSU has a lot of advantages. To date, however, it has only been available on high-end, chassis-based networking devices such as core routers and switches, and it has been expensive to implement. Current ISSU implementations for modular routers and switches use an active-backup model based on two identically configured Routing Engines (REs), which allows the software upgrade to be done in a round-robin fashion, without bringing down the entire system. Some vendors claim to support ISSU based on a redundant network topology, but this is not a true ISSU. This kind of ISSU implementation requires network administrators to install fully redundant, identically configured network gear in a topology-dependent design. During the upgrade process, half of the switches and routers are taken offline, new software loaded, and a failover performed to bring the updated devices back online. This process is then repeated for the remaining switches and routers. Besides being expensive, this method cuts available bandwidth in half, constraining business applications and services. Copyright 2014, Juniper Networks, Inc. 3
4 VMa VMb Other Processes Other Processes PFE Control Master/ Backup Election Master/ Backup Election PFE Control Software Bridge Host OS Partition for PFE Warm Boot PFE Hardware Other Hardware Figure 1: In-Service Software Upgrade (ISSU) architecture Juniper Networks knows there s a better way to upgrade network software. With the introduction of TISSU technology on the QFX5100 line of switches, Juniper is delivering a new model for ISSU and an industry first true ISSU for top-ofrack switches. TISSU extends the reach of ISSU to the heart of the data center, to a class and price point of switches not previously available. By leveraging VMs to host Junos OS on each switch, TISSU can perform entire operating system upgrades simply and quickly on a single QFX5100 switch. No redundant hardware is needed no second supervisor module or routing engine, no second switch for a redundant topology it s all integrated into TISSU. With this innovative technology, network administrators can upgrade software on data center access switches seamlessly, without disrupting servers, applications, or users. Leveraging Junos OS Virtualization Technology How TISSU Works Juniper designed the QFX5100, its latest line of data center top-of-rack switches, as a universal building block for its fabric-based data center switching architectures. The QFX5100 features an innovative software architecture a Linuxbased hypervisor that supports up to four virtual machines (VMs) concurrently, on which the Junos OS (and other services in the future) run. TISSU takes advantage of this virtualization technology. During normal switch operations, Junos OS only runs on one VM (called VMa for the purposes of this white paper). When TISSU is initiated, a second VM (VMb) is launched to load the new version of the software. Once VMb has loaded the new operating system, it synchronizes protocol states with VMa. When that synchronization process is complete, the Junos OS running on VMb seamlessly takes over switch operations and VMa shuts down. 4 Copyright 2014, Juniper Networks, Inc.
5 Upgrade one switch at a time Applications run on half bandwidth Long maintenance window Figure 2: Software updates without Topology-Independent In-Service Software Upgrades (TISSU) TISSU is supported for all Layer 2 and Layer 3 protocols. This topology-independent design eliminates the need for a redundant switch topology to perform a software upgrade. Upgrade all switches at the same time Applications run on full bandwidth No application downtime Figure 3: Software updates with TISSU TISSU allows a complete operating system to be updated, not just individual subsystems. During upgrades, the switches seamlessly move to the newer software. There s no disruption to the control plane, and packet forwarding is continuous so network operations are unaffected and applications run on full bandwidth. To further streamline data center operations, Juniper plans to enable network administrators to upgrade multiple TISSU-capable switches at one time, with just a few clicks from Juniper Networks Junos Space Network Director software, which provides a single pane of glass for managing all Juniper switches. Copyright 2014, Juniper Networks, Inc. 5
6 Upgrade with Subsecond Convergence Time With TISSU, upgrading data center access switch software is a simple, non-disruptive process with subsecond convergence time. Network administrators begin the process with a few steps: Ensure that graceful Routing Engine switchover (GRES), nonstop active routing (NSR), and nonstop bridging (NSB) are enabled on target switches Copy the latest Junos OS release to the switch Initiate software upgrade using the switch CLI or (in the future) Junos Space Network Director management software The switch then completes the process: TISSU launches VMb. VMb loads the newest software version and synchronizes all protocol state information from VMa. Once synchronized, VMb takes over control and VMa shuts down. Upgrade is complete. To enable GRES, NSR, and NSB in TISSU, the network administrator must enter the following CLI commands: set chassis redundancy graceful-switchover set routing-options nonstop-routing set protocols layer2-control nonstop-bridging To commit the changes after configuration, enter these commands: set system commit synchronize commit synchronize Implementing the actual TISSU capability requires a single command: request system software in-service-upgrade <image location> Extensive lab testing of TISSU reveals that network convergence time is in the millisecond range, even when a million packets per second are blasted into network interfaces on switches where TISSU has been performed. To date, enterprises have had to schedule a maintenance window with a few hours of downtime to fully implement software upgrades. In contrast, TISSU operates in minutes, eliminating the hours of planning and execution previously needed to upgrade software on data center access switches. TISSU Benefits For a number of years, ISSU has provided IT with a simpler, faster way to upgrade network system software. By leveraging VMs, TISSU brings the high availability of ISSU to top-of-rack switches and extends this capability by delivering additional benefits, including the following: There is virtually no network downtime. Support for full system software upgrades is provided, not simply hot fixes or patches. There is no need for redundant REs. There is no need for redundant network topology. The VM architecture can support additional software services for example, a service to collect network statistics for performance monitoring. Ease of use lets network administrators keep switches up to date with the latest features and security upgrades, ensuring customers get the most from their networks while reducing risk. It provides end-to-end ISSU, from data center core to the edge. TISSU delivers upgrades with no downtime and eliminates the outages and costs that can result from failed device upgrades. With TISSU, network administrators can keep switches up to date while ensuring hitless data center operations. 6 Copyright 2014, Juniper Networks, Inc.
7 Conclusion: Juniper Innovation Data center uptime is crucial. By innovating in software, Juniper has delivered an industry first the high-availability features of in-service software upgrades on top-of-rack data center switches. TISSU lets network administrators update switch software quickly and efficiently without affecting network or server operations. Customers now have the flexibility to enable Topology-Independent In-Service Software Upgrade in Juniper Networks QFX5100 top-of-rack switch platforms technology that was previously only available for modular, high-end dual-re systems. In fact, TISSU makes it possible to employ in-service upgrades across the network, end to end. As a result, customers always have access to e-commerce sites, sale teams and suppliers can update order entry applications, and other business processes can continue uninterrupted. About Juniper Networks Juniper Networks is in the business of network innovation. From devices to data centers, from consumers to cloud providers, Juniper Networks delivers the software, silicon and systems that transform the experience and economics of networking. The company serves customers and partners worldwide. Additional information can be found at Corporate and Sales Headquarters Juniper Networks, Inc North Mathilda Avenue Sunnyvale, CA USA Phone: 888.JUNIPER ( ) or Fax: APAC and EMEA Headquarters Juniper Networks International B.V. Boeing Avenue PZ Schiphol-Rijk Amsterdam, The Netherlands Phone: Fax: To purchase Juniper Networks solutions, please contact your Juniper Networks representative at or authorized reseller. Copyright 2014 Juniper Networks, Inc. All rights reserved. Juniper Networks, the Juniper Networks logo, Junos and QFabric are registered trademarks of Juniper Networks, Inc. in the United States and other countries. All other trademarks, service marks, registered marks, or registered service marks are the property of their respective owners. Juniper Networks assumes no responsibility for any inaccuracies in this document. Juniper Networks reserves the right to change, modify, transfer, or otherwise revise this publication without notice EN Apr 2014 Copyright 2014, Juniper Networks, Inc. 7
An Oracle White Paper June 2013 Oracle Real Application Clusters One Node Executive Overview... 1 Oracle RAC One Node 12c Overview... 2 Best In-Class Oracle Database Availability... 5 Better Oracle Database
EOS: The Next Generation Extensible Operating System Performance, resiliency and programmability across the entire network are now fundamental business requirements for next generation cloud and enterprise
Proven Infrastructure Guide EMC VSPEX PRIVATE CLOUD VMware vsphere 5.5 for up to 1,000 Virtual Machines Enabled by Microsoft Windows Server 2012 R2, EMC VNX Series, and EMC Powered Backup EMC VSPEX Abstract
How AWS Pricing Works May 2015 (Please consult http://aws.amazon.com/whitepapers/ for the latest version of this paper) Page 1 of 15 Table of Contents Table of Contents... 2 Abstract... 3 Introduction...
Double-Take Replication in the VMware Environment: Building DR solutions using Double-Take and VMware Infrastructure and VMware Server Double-Take Software, Inc. 257 Turnpike Road; Suite 210 Southborough,
white paper Public or Private Cloud: The Choice is Yours Current Cloudy Situation Facing Businesses There is no debate that most businesses are adopting cloud services at a rapid pace. In fact, a recent
WHITE PAPER: TWO-FACTOR AUTHENTICATION: A TCO VIEWPOINT........................................ Two-Factor Authentication Who should read this paper This whitepaper is directed at IT, Security, and Compliance
MOBILE FIRST ENTERPRISE 1 White Paper Mobile-first Enterprise: Easing the IT Burden 10 Requirements for Optimizing Your Network for Mobility 2 MOBILE FIRST ENTERPRISE Table of Contents Executive Summary
Liquidware Labs Customer Support Policy Version 2.0 Introduction This guide has been authored by experts at Liquidware Labs in order to provide information and guidance concerning Liquidware Labs Customer
What s New in the VMware vsphere 6.0 Platform VERSION 1.1/TECHNICAL WHITE PAPER MARCH 2015 Table of Contents Introduction.... 3 vsphere Hypervisor Enhancements.... 3 Scalability Improvements.... 3 ESXi
vshield Manager 5.0.1 vshield App 5.0.1 vshield Edge 5.0.1 vshield Endpoint 5.0.1 This document supports the version of each product listed and supports all subsequent versions until the document is replaced
Hyper-V Live Migration over Distance Reference Architecture Guide By Hitachi Data Systems in collaboration with Microsoft, Brocade and Ciena June 2010 Summary Hitachi Data Systems, Microsoft, Brocade and
An Oracle White Paper October, 2013 Delivering Database as a Service (DBaaS) using Oracle Enterprise Manager 12c Executive Overview...2 Evolution of Database as a Service...2 Managing the Database Lifecycle...4
Optimizing with Citrix NetScaler White Paper Three keys to building the best front-end network for virtual desktop delivery www.citrix.com Executive summary Motivated by the compelling benefits virtual
ClickSoftware Copyright Notice Copyright 2008 ClickSoftware Technologies Ltd. All rights reserved. Publication Notice The information contained herein does not constitute a warranty of any kind. ClickSoftware
Symantec Control Compliance Suite Overview Addressing IT Risk and Compliance Challenges Only 1 in 8 best performing organizations feel their Information Security teams can effectively influence business
FileMaker Server 13 FileMaker Server Help 2010-2013 FileMaker, Inc. All Rights Reserved. FileMaker, Inc. 5201 Patrick Henry Drive Santa Clara, California 95054 FileMaker and Bento are trademarks of FileMaker,
FlexPod Cooperative Support Model Quick Reference Guide NetApp and Cisco share a long history of support collaboration with FlexPod, a data center solution that is unified, pretested, and validated. It
An Oracle White Paper June, 2013 Enterprise Manager 12c Cloud Control Executive Overview... 2 Introduction... 2 Business Application Performance Monitoring... 3 Business Application... 4 User Experience