hybrid cloud solutions - data3 requirements drive the cloud infrastructure two languages must be...
TRANSCRIPT
Hybrid Cloud Solutions with Cisco and Microsoft InnovationRob Tappenden, Technical Solution [email protected] 2016
Industry Evolution & Data Centres
Digitisation and IoT/IoE
Traditional ApplicationsMonolithic Model
Multi-tier Apps
Manual Interaction IT Silos based approach
Configuration driven
Focus on productsDisjoint approaches to solve technical demands
Cohesiveness as “after thought”
Cloud-native applicationsBusiness Agility with cloud modelMicro-services / Bi-Modal IT / DevOps
Policy and Automation Enterprise-wide policy, hyper-convergence and cross-domain automation Consumption driven with analytics and programmability
Focus on business solutionsData Center is the foundation for business agilityDelivered as a solution and / or as a service,
Open-ness
DevOps
Agility & Scale
Hybrid Cloud
The Evolution of Cloud
Traditional Private Cloud Public cloudManaged Cloud
IT Control Convenience
On-Prem Off-Prem
CapEx OpEx
The Evolution of WorkloadsExisting IT
App
WebServers
AppServers Database
Physical Infrastructure
App App
Cloud-Enabled
Service
Local Dedicated Shared
Service
WebServers
AppServers Database
App App
Cloud-Native(Containers)
AppApp
Runtime Micro-services on Containers
.rb .py
.go Java
AppService
Service
WindowsAzure Stack
“We need self-service with new services for apps that scale. And my tenants want it fast.”
Cloud Administrator
“Our customer experience has to be great... I want to run my apps now… We simply can’t wait for infrastructure.”
Line of Business Leader
Preparing for every application security situation is nearly impossible. And we have to move fast.”
Chief Info. Security Officer
“
Infrastructure Manager
We manage them box-by-box. It takes time to set up and check for manual errors.”
A Day in the Life - Typical Challenges
Introducing: Application Centric Infrastructure
APPLICATION ORIENTED POLICY = OPERATIONAL SIMPLICITY
Open + Secure
Apps + Infrastructure
On-Premises + Cloud
Physical + Virtual
1
VM1
VM2
VM1
VM1
VM2
KVM OpFlex Agent
V(X)LAN
Open vSwitch
ESXi Cisco AVS
V(X)LAN
VMware DVS
Hyper-V MSFT vSwitch
V(X)LAN
Docker OpFlex Agent
V(X)LAN
Open vSwitch
VM1
VM1
VM2
VM1
Docker1 Docker2
Docker1 Docker1
OpFlex OpFlex OpFlex OpFlex
Policy driven cloud infrastructure
Application Requirements drive the Cloud InfrastructureTwo Languages must be unified to deliver next-gen cloud services and agility
Application Language
• Application policy and dependencies
• Security requirements• Service level agreement• Application performance• Compliance• Geo dependencies• Compute, Storage, etc.. reqts
Network Language
• WAN Connections • LAN, VLAN, VXLAN switching,
secure Tenancy• IP addressing and Subnets• Firewalls and Security • Quality of service, Bandwidth • Load balancing• Network resiliency, Analytics
Requires an Application Centric Infrastructure
ACI FABRIC
Microsoft System Center | R2 w/ Service Provider Foundation
Azure Pack GUI
Cisco ACI: Microsoft System Center / Azure Pack
Websites, Apps, Database, VMs, ACI Provider Portal Consumer
Self-Service Portal
Websites VMs SQL Service Bus Future Services
Policy Management: APIC / Azure Pack
VM Discovery: OpFlex
Encapsulation: VLAN, NVGRE
Zero touch network provisioningService Insertion
(Physical/ Virtual)
ACI PROVIDER SERVICE
OpFlex Driver
Subject Matter Experts Define Policies
1
Application Centric Policy
NetworkSME
SecuritySME
Application SME
2Policies Used To Create Application Network Profile Templates
3Automated policy configuration across the infrastructure
Life cycle management for day 1, day 2 operations
4
Multi DC WAN and Cloud
StorageL4–L7Services
ComputePhysical Networking
Hypervisors and Virtual Networking
Hypervisors and Virtual Networking
Physical Networking
Compute L4–L7Services
Storage Multi DC WAN and Cloud
Cisco ACI and Azure Pack Workflow
7
23
5
Azure Pack Tenant/ Admin
APIC Admin(Basic
Infrastructure)6
4
ACIFabric
1Application Network Profile
Web App DBFirewall Load Balancer
App Profile
XxxxxxxxxxXxxxxxxxxxxxxxxxxxxxxx
Push Policy On Leaf Where EP Attaches7
Push Network Profiles To The Cisco® APIC2
Get VLANS AllocatedFor Each EPG3
Create VM Networks4
Create Application Policy1
Instantiate VMs5
Indicate EP Attach To Attached Leaf When VM Starts
6
ACI
1
APIC Plugin SCVMM Plugin
Azure Pack
Hypervisor
OpFlex Agent
Web
App
Web
App DB
Web
Web DB
Server 1
Server 2
Server 3
Use CasesShared Network and Virtual Private Network
WEB
WEB
APP
APP
Finance Tenant
DB
DB
Shared Services Tenant
DHCP
DNS
ACI Commonservices
LB
FW
Tenant Private NetworkShared Network
WEB
WEB
APP
APP
DevTest Tenant
192.168.0.0/16
APPAPP
Finance Tenant
DHCP
DNS
ACI Commonservices
LB
FW
WEB WEB
APPAPP
DevTest Tenant
192.168.0.0/16
WEB
WEB
WEB
WEB
DB
DB
Shared Services Tenant
10.0.10.0/24 10.0.10.0/24
Cisco ACI Network OfferingsFeatures Shared Network Tenant Private Network
Isolated Networks ✓ ✓
Firewall ✓ ✓
Shared DHCP ✓ ✓
Shared Load Balancer ✓ ✓
Shared Services ✓ ✓
Public Internet Access ✓ ✓
Private Address Space ✓
Private DHCP Server ✓
ACI enables segmentation based on business needs
ACI benefits
Contain threats and segment user access more easily
Mitigate centralisationrisks
Protect your state-of-the-art data center
Through policy-based segmentation that enables varying levels of granularity
Increasing level of segmentation
PRODUCTION POD DMZ
SHARED SERVICES
Basic data center network segmentation
Basic
DEV
TEST
PROD
Application lifecycle segmentation
Application
WEB
APP
DB
Service level microsegmentation
Service LevelNetwork-
centric
Network-centric segmentation
VLAN 1 VXLAN 2
VLAN 3 Intra-EPG microsegmentation
WEB
WEB
Intra-EPG
Container segmentation
VM
OVS/OpFlex
Container Level
NEW
Simplify Operations: System Health ScoreAggregation of system-wide health, including pod health scores, tenant health scores, system fault counts domain and type and the APIC cluster health state.
• Aggregation of end point group health, including:
• end points
• contexts
• bridge domains
• ports
• VLAN / VXLAN
• that are relevant to that particular application health state.
• Application Health Score
Simplify TroubleshootingViewing the Application from EP to EP with Services• Application behind firewall
and Load balancer is having performance issues.
• Firewall and Load balancers are virtual.
• Wizard quickly draws a logical topology as well as pinpoint virtual port channel (VPC) issue.
• Aggregation of end point group health, including:
• end points
• contexts
• bridge domains
• ports
• VLAN / VXLAN
• that are relevant to that particular application health state.
• Application Health Score
ConsistentAcross virtual and
physical infrastructures
OpenInteroperable, API
SecureAutomated, compliant
AgileFaster, application
centric
Cisco ACI for the Microsoft CloudA next-generation solution, designed to meet today’s rapidly changing business needs
Cisco and Microsoft together deliver:New cloud services for tenants and their enterprise applications
A new operational model
Policy-driven infrastructure
A clear evolutionary path
True Hybrid Cloud with CliQr
Cloud Agnostic
Single Intuitive PlatformCliQr-Hosted SaaS or Onsite Deployment
Full N-Tier Multi-TenancyIntegrated Security
Highly Scalable Distributed Architecture Cloud-Specific
Automated Provisioning and DeploymentNative, No Overhead
What Makes CliQr’s Approach Unique ?• Application-Centric
• Cloud-Agnostic
• On-Board Once… Run Anywhere
Script / Workflows
• Labor /Services Intensive• Infrastructure-Centric• Workflows / Scripting Required Each Cloud
Benchmarking: Workload Placement Matters…PetClinic - Three Tier Web Application
Blender – 5 task rendering job
CliQr (Application Centric Modeling and Lifecycle Management)
FlexPod / Vblock
Business Centric Services Stack
Network(ACI)
Storage / SAN(NetApp / EMC / MDS
& Nexus FC/FCoE)
Compute(UCS)
APPLICATIONS(multi-tier web apps, Hadoop, batch, desktop)
SERVICES(database, load balancer, app server, etc.)
POLICIES(scaling, aging,
lifecycle, governance)
OPS(Chef, Puppet, log collectors, repositories)
IPAM
HSM
SSO
UCS Director(Infrastructure Centric Management and Workflows)
DEVOPS(PaaS, API
gateway, APM, Jenkins plugin)
Infrastructure Centric Workflows
Application Centric Profiles
ITSM / Service Catalog / Approval Workflow / Financial controls(Prime Services Catalog or ServiceNow)
Get started today
1 View the resources available
2 Contact your Data#3 or Cisco Account Rep
3 Establish a pilot
Resources:
• Microsoft Hybrid Cloud with ACI• Solution Brief Cisco Application Centric
Infrastructure Integration with Microsoft• White PaperCisco Application Centric
Infrastructure and Microsoft SCVMM and Azure Pack
• Cisco Hybrid Cloud w/ Cisco ONE ECS/CliQr• White PaperCisco ONE Enterprise Cloud Suite
for Hybrid Ready Private Cloud• Solution OverviewACI and CliQr Cloud Center
Overview