Cisco brings server virtualization to the branch office
The Cisco UCS Express family is a new set of blades that add high-performance general-purpose Intel server capabilities to the ISR G2 series of routers.
We tested the E140D, a mid-range blade, and found it to be a speedy, well-designed, easy to manage and good performing server all stuffed inside of our existing Cisco 3945 ISR G2 branch office router.
Network managers who need general-purpose computing capability will find the UCS Express to be a convenient and tightly integrated device for branch office deployments.
[ALSO: 15 more useful Cisco sites
However, server managers will have to be convinced to abandon their stand-alone servers, as the UCS Express comes at a relatively high cost and doesn't offer the expandability or configuration flexibility of traditional offerings.
Introducing UCS Express
Cisco has a long history of putting general-purpose computers inside its routers. Initially, these add-in blades were devoted to specific tasks, such as running Cisco Call Manager software. The precursors to the UCS Express blades were SRE (Service Ready Engine) blades, running specific qualified applications developed by Cisco and other third-party vendors.
Cisco currently offers three UCS Express blades, a single-wide and two double-wide versions.
The Cisco UCS Express 140S (S for "single") has a four-core Intel CPU and is a single-wide blade, meaning that it takes a normal-size service module slot in an ISR G2 router that's half as wide as the router. You get one single-wide slot in the Cisco 2911, a double-wide slot in the 2921, 2951 and 3925, and two double-wide slots in the 3945. Because the 140S is only about 7 inches wide, it has a more restricted configuration of hard drives (maximum of two 2.5-inch drives) and memory (maximum of two DIMMs, 16GB) than the double-wide versions.
The other two models are both double-wide blades. The Cisco UCS Express 140D (we tested a beta version of the 140D) and 160D are four-core and six-core double-wide blades. With a little more real estate, these come with three DIMM slots (up to 48GB of memory) and three 2.5-inch drive bays. If you want to put more than one of these in a chassis for some reason, there's a complicated set of rules about how many UCS Express servers will fit in ISR G2, considering space, cooling and power requirements, available on the Cisco website.
Booting up UCS Express
Getting started takes a little rethinking because two of the Ethernet ports on the UCS Express blades are internal to the ISR G2 router. Rather than connecting all four of the Ethernet interfaces to the network, we connected the two physical interfaces, and then went into the ISR G2 command line to control the two internal interfaces. Once you figure all this out which takes about 30 minutes, tops then testing UCS Express is a breeze.
Because the blade is integrated into the router, we wouldn't expect to use the video and keyboard ports on the blade very often, although they are available. Instead, the UCS Express blade uses the same lights-out management system as Cisco's larger UCS servers, the Cisco Integrated Management Controller (what Cisco calls a baseboard management controller, or BMC).
Each UCS Express blade gets its own IP address for management, which can be connected either internally through the ISR router, or via an externally accessible dedicated management port.
The particular nature of the integration between the UCS Express blade and the ISR G2 router does present a few restrictions. Because the ISR G2 is normally a router, not a switch, you can't just sling virtual machines onto virtual LANs, unless you've installed some additional hardware to enable Ethernet switching.
This means that VMs running on the UCS Express blade will generally be routed, not switched, when talking through the internal Ethernet connections. That may be fine or even desirable in some topologies, but it can also be a confusing restriction to system managers used to having all of their servers on the same subnet.
It's easy to work around this problem by running a physical Ethernet cable from one of the external Ethernet ports on the UCS Express blade to a switch somewhere in the network, but this adds complexity and a potential failure point. None of this is a show-stopper, but it is something to think about before committing to a large-scale deployment of UCS Express blades in branch offices.
Although the Cisco UCS Express blade shares the same management system as other UCS servers, it doesn't integrate into Cisco UCS Manager tools. Instead, you use either a Web browser, as we did, or a command-line interface to control the blade -- turning it on and off, managing RAID settings, checking sensors such as air flow and temperature, and reviewing hardware error logs.
The Web-based tool also gives direct access to the console, and provides virtual CD-ROM capabilities for initial loading of operating systems.
We found the management simple and straightforward. Although our beta unit initially had an out-of-date firmware load that caused it to shut down abruptly, upgrading the firmware and getting the Cisco UCS Express to run smoothly was a simple operation with the Web-based GUI.
Large deployments of UCS Express blades will also be eased by enterprise-class features in the UCS management tools, such as integration with Active Directory, SNMP traps and configurable alarms, and access controls to increase security of the management plane of the blade.
Running virtual machines
Our Cisco UCS Express blade came with two 8GB SD flash cards, one to run the blade itself, and the other ready for the VMware hypervisor we loaded on the blade through the Web-based GUI.
We downloaded a Cisco-specific ESXi v5.0 image from VMware (at no charge) and installed the hypervisor to the SD flash cards in a matter of minutes once we gave up on making the KVM work on a Mac OS X system and jumped to a Windows client. This freed up the RAID array built into the test blade to be completely dedicated to virtual machine storage.
From there, we had the choice of running with the free ESXi license that VMware offers, or linking the Cisco UCS Express Blade into our existing VMware infrastructure. We started running stand-alone for a few weeks, then after VMware helped us upgrade to the latest and greatest (v5.1) version of VMware, we re-licensed the hypervisor so that we could migrate the UCS Express blade under the control of the vCenter management system.
For most enterprises, whether or not to upgrade the free license to a full VMware capability set will depend heavily on the kind of virtual machines that will run on the UCS Express Blade and the number of blades.
The vCenter management system offers a lot of benefits, but also comes at a cost, including licenses and the continual heartbeat and performance information sent back to vCenter. Many of the advantages of vCenter, such as easy deployment from templates, won't be quite so simple when working across a WAN to branch office locations, so network and system managers should consider the pros and cons before committing.
Cisco doesn't require you to run VMware's ESXi hypervisor, fully supporting Microsoft's Hyper-V and Citrix's XenServer hypervisors, as well as stand-alone operating systems including several flavors of Unix and Microsoft Windows.
However, we think that network and system managers should stick with hypervisor-based deployments on the UCS Express blade for maximum management capabilities and flexibility. With a hypervisor in place, remote operating system upgrades and replacements become simpler, and a hypervisor also opens the ability to easily run multiple virtual machines and get more use out of the UCS Express hardware.
We didn't look at performance in depth on the Cisco UCS Express blades because they're not really designed for compute-intensive environments. However, we think that for most branch office operations, including network operations such as file service, DNS/DHCP, proxies and other security functions, the UCS Express blade has plenty of power.
The UCS Express 140D blade we tested has three disk slots and a built-in RAID controller with RAID 0 (stripe), 1 (mirror) and 5 (parity) support. While Cisco allows you to put your own choice of 2.5-inch hard drives in the slots, they offer 7200 RPM SATA drives, 10K RPM SAS and self-encrypting SAS drives and speedy SSD options.
The result is a fairly speedy I/O subsystem that can deliver a terabyte or more of fast and reliable storage based on local hard drives.
For CPUs in the UCS Express blade family, Cisco has chosen the low-power version of Intel's powerful E3 and E5 processor family, but these are still very hefty processors. For example, the low-power Intel E5-2418L quad-core processor at 2.0GHz has about the same performance as an Intel Core i7 quad-core processor at 2.7GHz.
Combining this with a fast on-board I/O subsystem and, most importantly, plenty of memory makes the Cisco UCS Express blade perfectly capable of handling multiple virtual machines at the same time.
To test this, we used three different VMs: two simple Linux systems running CentOS 5.9 and a third running the open source Vyatta router. We fired up all three VMs and then used the iperf network performance testing tool on both Linux VMs to pass traffic through the third VM as fast as possible. Since the traffic was passing through four network interfaces, the maximum 600Mbps (without errors) we achieved translates to a total system throughput of about 2.5Gbps.
Meanwhile, CPU load on the UCS Express blade was only 21%, indicating that our UCS Express blade had plenty of firepower leftover.
The $64,000 question
We were pleased to see that the Cisco UCS Express blade was easy to configure, fast, elegantly managed and powerful enough to run multiple virtual machines. Now comes the hard question: Should you use it?
Certainly, for network managers who need a way to deploy virtual machines for network-specific tasks, the UCS Express blade makes a lot of sense, because it dramatically simplifies deployment and management of VMs and because it's easy to switch the different VMs onto different subnets, entirely in software.
However, for system managers considering replacing on-site servers with Cisco UCS Express blades, the decision is not so simple, because the UCS Express blade does not have the same expansion capability as a typical rack-mount server.
For example, the UCS Express does not have external SCSI ports, making backup to a tape drive difficult. Cisco does offer the "DP" version of the 140D and 160D, which trades off one of the disk drives for a PCI slot, but now you've lost one-third of your storage capacity and some potential redundancy.
Even if the UCS Express blades are not as expandable, Cisco does claim that they will be as reliable, if not more reliable, than stand-alone servers, especially when installed in ISR G2 routers with dual power supplies. Cisco equipment has an amazing reputation for surviving forever in the dusty and hot environment of wiring closets, which gives Cisco credibility when it claims high reliability for the UCS Express blades.
There is one more critical issue to consider: price. Simply put, the cost of the Cisco UCS Express blades is not competitive with offerings from pure-play server vendors. The low-end E140S UCS Express blade with two 1TB disk drives and 8GB of memory has a list price of about $6,000. The equivalent rack-mount server from Dell, an R210, with similar disk and memory, runs about $1,500.
At the high end, the difference is still extreme. An E160D UCS Express blade with two 10K RPM 900GB SAS drives has a list price of about $10,000, while the R320 server from Dell similarly configured is about $3,500.
Even with a discount of 50% off of Cisco's list price, which is not uncommon for large Cisco customers, the UCS Express blades are still twice as expensive as stand-alone servers. For one office or two the difference is minor, but if you're thinking of rolling these out to 100 offices or more, the cost difference of hundreds of thousands of dollars becomes a significant factor.
So, why would anyone pay twice as much for a server? Cisco offered a lot of reasons that make sense (and some that didn't). For example, if you're in a space-constrained environment, stashing the server in the router might be worth the extra money. A single equipment vendor makes things simpler for upgrades; one set of power supplies makes for greater power and air-conditioning efficiency, saving some money or forestalling an HVAC upgrade.
What if you don't care about any of these things, and are just going through a normal upgrade path, swapping out routers and servers in remote branches? Does the UCS Express value proposition justify paying twice as much for the same capabilities? It's not an obvious slam-dunk. Certainly, some will find the convenience of a single-source solution, small form factor and tight integration into the ISR a compelling argument.
But some network and system managers might chafe at the price differential, as well as the lack of flexibility and the vendor lock-in that UCS Express blades bring.
Read more about data center in Network World's Data Center section.