Hybrid Cloud Solutions with Cisco and Microsoft InnovationRob Tappenden, Technical Solution Architectrtappend@cisco.comMarch 2016

Today’s industry and business challenges

2

Industry Evolution & Data Centres

Digitisation and IoT/IoE

Traditional ApplicationsMonolithic Model

Multi-tier Apps

Manual Interaction IT Silos based approach

Configuration driven

Focus on productsDisjoint approaches to solve technical demands

Cohesiveness as “after thought”

Cloud-native applicationsBusiness Agility with cloud modelMicro-services / Bi-Modal IT / DevOps

Policy and Automation Enterprise-wide policy, hyper-convergence and cross-domain automation Consumption driven with analytics and programmability

Focus on business solutionsData Center is the foundation for business agilityDelivered as a solution and / or as a service,

Open-ness

DevOps

Agility & Scale

Hybrid Cloud

The Evolution of Cloud

Traditional Private Cloud Public cloudManaged Cloud

IT Control Convenience

On-Prem Off-Prem

CapEx OpEx

The Evolution of WorkloadsExisting IT

App

WebServers

AppServers Database

Physical Infrastructure

App App

Cloud-Enabled

Service

Local Dedicated Shared

Service

WebServers

AppServers Database

App App

Cloud-Native(Containers)

AppApp

Runtime Micro-services on Containers

.rb .py

.go Java

AppService

Service

WindowsAzure Stack

“We need self-service with new services for apps that scale. And my tenants want it fast.”

Cloud Administrator

“Our customer experience has to be great... I want to run my apps now… We simply can’t wait for infrastructure.”

Line of Business Leader

Preparing for every application security situation is nearly impossible. And we have to move fast.”

Chief Info. Security Officer

“

Infrastructure Manager

We manage them box-by-box. It takes time to set up and check for manual errors.”

A Day in the Life - Typical Challenges

Today’s Challenge for IT Teams?Managing Hybrid Cloud Environments

Microsoft Azure Technology

Microsoft Azure

IT admin

Customers

Windows Azure Pack

Customers

IT admin

Azure Pack: Cloud in your Data Centre

Tenant experience

Tenant experience

Is Infrastructure in your way?

Introducing: Application Centric Infrastructure

APPLICATION ORIENTED POLICY = OPERATIONAL SIMPLICITY

Open + Secure

Apps + Infrastructure

On-Premises + Cloud

Physical + Virtual

1

VM1

VM2

VM1

VM1

VM2

KVM OpFlex Agent

V(X)LAN

Open vSwitch

ESXi Cisco AVS

V(X)LAN

VMware DVS

Hyper-V MSFT vSwitch

V(X)LAN

Docker OpFlex Agent

V(X)LAN

Open vSwitch

VM1

VM1

VM2

VM1

Docker1 Docker2

Docker1 Docker1

OpFlex OpFlex OpFlex OpFlex

Policy driven cloud infrastructure

Application Requirements drive the Cloud InfrastructureTwo Languages must be unified to deliver next-gen cloud services and agility

Application Language

• Application policy and dependencies

• Security requirements• Service level agreement• Application performance• Compliance• Geo dependencies• Compute, Storage, etc.. reqts

Network Language

• WAN Connections • LAN, VLAN, VXLAN switching,

secure Tenancy• IP addressing and Subnets• Firewalls and Security • Quality of service, Bandwidth • Load balancing• Network resiliency, Analytics

Requires an Application Centric Infrastructure

ACI FABRIC

Microsoft System Center | R2 w/ Service Provider Foundation

Azure Pack GUI

Cisco ACI: Microsoft System Center / Azure Pack

Websites, Apps, Database, VMs, ACI Provider Portal Consumer

Self-Service Portal

Websites VMs SQL Service Bus Future Services

Policy Management: APIC / Azure Pack

VM Discovery: OpFlex

Encapsulation: VLAN, NVGRE

Zero touch network provisioningService Insertion

(Physical/ Virtual)

ACI PROVIDER SERVICE

OpFlex Driver

Subject Matter Experts Define Policies

1

Application Centric Policy

NetworkSME

SecuritySME

Application SME

2Policies Used To Create Application Network Profile Templates

3Automated policy configuration across the infrastructure

Life cycle management for day 1, day 2 operations

4

Multi DC WAN and Cloud

StorageL4–L7Services

ComputePhysical Networking

Hypervisors and Virtual Networking

Hypervisors and Virtual Networking

Physical Networking

Compute L4–L7Services

Storage Multi DC WAN and Cloud

Cisco ACI and Azure Pack Workflow

7

23

5

Azure Pack Tenant/ Admin

APIC Admin(Basic

Infrastructure)6

4

ACIFabric

1Application Network Profile

Web App DBFirewall Load Balancer

App Profile

XxxxxxxxxxXxxxxxxxxxxxxxxxxxxxxx

Push Policy On Leaf Where EP Attaches7

Push Network Profiles To The Cisco® APIC2

Get VLANS AllocatedFor Each EPG3

Create VM Networks4

Create Application Policy1

Instantiate VMs5

Indicate EP Attach To Attached Leaf When VM Starts

6

ACI

1

APIC Plugin SCVMM Plugin

Azure Pack

Hypervisor

OpFlex Agent

Web

App

Web

App DB

Web

Web DB

Server 1

Server 2

Server 3

Use CasesShared Network and Virtual Private Network

WEB

WEB

APP

APP

Finance Tenant

DB

DB

Shared Services Tenant

DHCP

DNS

ACI Commonservices

LB

FW

Tenant Private NetworkShared Network

WEB

WEB

APP

APP

DevTest Tenant

192.168.0.0/16

APPAPP

Finance Tenant

DHCP

DNS

ACI Commonservices

LB

FW

WEB WEB

APPAPP

DevTest Tenant

192.168.0.0/16

WEB

WEB

WEB

WEB

DB

DB

Shared Services Tenant

10.0.10.0/24 10.0.10.0/24

Cisco ACI Network OfferingsFeatures Shared Network Tenant Private Network

Isolated Networks ✓ ✓

Firewall ✓ ✓

Shared DHCP ✓ ✓

Shared Load Balancer ✓ ✓

Shared Services ✓ ✓

Public Internet Access ✓ ✓

Private Address Space ✓

Private DHCP Server ✓

ACI enables segmentation based on business needs

ACI benefits

Contain threats and segment user access more easily

Mitigate centralisationrisks

Protect your state-of-the-art data center

Through policy-based segmentation that enables varying levels of granularity

Increasing level of segmentation

PRODUCTION POD DMZ

SHARED SERVICES

Basic data center network segmentation

Basic

DEV

TEST

PROD

Application lifecycle segmentation

Application

WEB

APP

DB

Service level microsegmentation

Service LevelNetwork-

centric

Network-centric segmentation

VLAN 1 VXLAN 2

VLAN 3 Intra-EPG microsegmentation

WEB

WEB

Intra-EPG

Container segmentation

VM

OVS/OpFlex

Container Level

NEW

Simplify Operations: System Health ScoreAggregation of system-wide health, including pod health scores, tenant health scores, system fault counts domain and type and the APIC cluster health state.

• Aggregation of end point group health, including:

• end points

• contexts

• bridge domains

• ports

• VLAN / VXLAN

• that are relevant to that particular application health state.

• Application Health Score

Simplify TroubleshootingViewing the Application from EP to EP with Services• Application behind firewall

and Load balancer is having performance issues.

• Firewall and Load balancers are virtual.

• Wizard quickly draws a logical topology as well as pinpoint virtual port channel (VPC) issue.

Let's take a quick look

• Aggregation of end point group health, including:

• end points

• contexts

• bridge domains

• ports

• VLAN / VXLAN

• that are relevant to that particular application health state.

• Application Health Score

ConsistentAcross virtual and

physical infrastructures

OpenInteroperable, API

SecureAutomated, compliant

AgileFaster, application

centric

Cisco ACI for the Microsoft CloudA next-generation solution, designed to meet today’s rapidly changing business needs

Cisco and Microsoft together deliver:New cloud services for tenants and their enterprise applications

A new operational model

Policy-driven infrastructure

A clear evolutionary path

But wait…..

How many clouds have you got?

Are they all the same?

True Hybrid Cloud with CliQr

Cloud Agnostic

Single Intuitive PlatformCliQr-Hosted SaaS or Onsite Deployment

Full N-Tier Multi-TenancyIntegrated Security

Highly Scalable Distributed Architecture Cloud-Specific

Automated Provisioning and DeploymentNative, No Overhead

What Makes CliQr’s Approach Unique ?• Application-Centric

• Cloud-Agnostic

• On-Board Once… Run Anywhere

Script / Workflows

• Labor /Services Intensive• Infrastructure-Centric• Workflows / Scripting Required Each Cloud

• New or existing

• Simple to complex

• Portable

• No lock-in

Profile Once, Run Anywhere

Benchmarking: Workload Placement Matters…PetClinic - Three Tier Web Application

Blender – 5 task rendering job

CliQr (Application Centric Modeling and Lifecycle Management)

FlexPod / Vblock

Business Centric Services Stack

Network(ACI)

Storage / SAN(NetApp / EMC / MDS

& Nexus FC/FCoE)

Compute(UCS)

APPLICATIONS(multi-tier web apps, Hadoop, batch, desktop)

SERVICES(database, load balancer, app server, etc.)

POLICIES(scaling, aging,

lifecycle, governance)

OPS(Chef, Puppet, log collectors, repositories)

IPAM

HSM

SSO

UCS Director(Infrastructure Centric Management and Workflows)

DEVOPS(PaaS, API

gateway, APM, Jenkins plugin)

Infrastructure Centric Workflows

Application Centric Profiles

ITSM / Service Catalog / Approval Workflow / Financial controls(Prime Services Catalog or ServiceNow)

Get started today

1 View the resources available

2 Contact your Data#3 or Cisco Account Rep

3 Establish a pilot

Resources:

• Microsoft Hybrid Cloud with ACI• Solution Brief Cisco Application Centric

Infrastructure Integration with Microsoft• White PaperCisco Application Centric

Infrastructure and Microsoft SCVMM and Azure Pack

• Cisco Hybrid Cloud w/ Cisco ONE ECS/CliQr• White PaperCisco ONE Enterprise Cloud Suite

for Hybrid Ready Private Cloud• Solution OverviewACI and CliQr Cloud Center

Overview