Tiger Team Boot Camp - Cisco IT With Cisco Application Centric Infrastructure André Rodrigues...
Transcript of Tiger Team Boot Camp - Cisco IT With Cisco Application Centric Infrastructure André Rodrigues...
Simplify IT With Cisco Application Centric Infrastructure
André Rodrigues
Systems Engineer Cloud and DC
February 25, 2015
Cisco Confidential 2 © 2013-2014 Cisco and/or its affiliates. All rights reserved.
Cisco has partnered with Microsoft to integrate technologies
Multi-year investment and commitment
Research & Development
Strategic partners in the data center
Executive Sponsorship
Cisco Confidential 3 © 2013-2014 Cisco and/or its affiliates. All rights reserved.
AGENDA Challenges and Opportunities
Application Centric Infrastructure
and Business Benefits
What problem are we trying to solve
and how do we solve it
Open, Open and Open
Demo: ACI&WAP Integration
Cisco Confidential 4 ©2014 Cisco and/or its affiliates. All rights reserved.
ACI Addresses Business Objectives
CIO CISO
• Best Customer Service
• Product and Service Innovation
• IT as a Competitive Advantage
• Increased Business Insight
• Accelerated Application Delivery
• Flexible Infrastructure
• Greater Visibility and Analytics
• Simplified Processes
• Compliance and Governance
• Auditing and Forensics Integration
• Security Intelligence
• Alignment with Business Objectives
Competitive
Advantage
Business
Agility
Lower
TCO
Reduced
Risk
ACI Benefits
CEO
Cisco Confidential 5 ©2014 Cisco and/or its affiliates. All rights reserved.
IT Challenges and Opportunities
IT’s budget
Need:
IT S
implif
ication
Better alignment of IT with rapidly changing business needs requires dynamic and automated policy-based control of DC and Cloud infrastructure.
Cisco Confidential 7 ©2014 Cisco and/or its affiliates. All rights reserved.
Introducing: Application Centric Infrastructure
Apps + Infrastructure
Physical + Virtual Open + Secure
On-Premises + Cloud
Application Oriented Policy = Operational Simplicity
Cisco Confidential 8 ©2014 Cisco and/or its affiliates. All rights reserved.
Application Centric Infrastructure
Customer Business Benefits
• Deploy applications faster
• Workload mobility
• Higher application availability
• Compliant and secure
• CapEx reduction
Application Centric Infrastructure
East-West optimized for all workloads
HYPERVISOR HYPERVISOR HYPERVISOR
X86-Virtual Machines
& Virtual Appliances X86 Servers Unix Systems P and Z systems
Network Service Appliances X86 Multi-Hypervisor
Single open API
for entire system
IP Storage
Customer Operational Benefits
• Risk mitigation
• Better utilization of resources
• Operational efficient / zero touch
deployment and de-commissioning
• Self documenting network
• Simplified day-2 troubleshooting
• OpEx reduction
Cisco Confidential 9 © 2013-2014 Cisco and/or its affiliates. All rights reserved.
The ACI Fabric
HYPERVISOR HYPERVISOR HYPERVISOR
Cisco Confidential 10 © 2013-2014 Cisco and/or its affiliates. All rights reserved.
Investment Protection Extending ACI into the existing infrastructure
Extend ACI Model on existing IP networks, L4-7 Services, Hypervisors
Extended ACI POLICY
ACI Fabric
PROFILE
Existing Nexus
networks
Hypervisors VM’s Bare
Metal
AVS
Bare Metal
Hypervisor VMs
AVS
Cisco Confidential 11 ©2014 Cisco and/or its affiliates. All rights reserved.
ACI is evolving the network infrastructure to be an enabler for
faster application deployment.
Cisco Confidential 12 ©2014 Cisco and/or its affiliates. All rights reserved.
Data Center Automation – Manual versus Policy Driven
Design it
Procure it
Install it
Configure it
Secure it
Is it ready?
Architect it
Design it
Is QA’d
Is procured
Is installed
Is configured
Is secured
It is ready
Architect it
ACI Policy Driven
ARCHITECT DESIGN COMPUTE Service
Request SERVICES SECURITY NETWORK
Application
Available ARCHITECT DESIGN
Service
Request Application
Available
QA it
Cisco Confidential 13 © 2013-2014 Cisco and/or its affiliates. All rights reserved.
Two Types of Languages
Infrastructure Language App Language
Human
Translator
• Application Tier Policy and
Dependencies
• Security Requirements
• Service Level Agreement
• Application Performance
• Compliance
• Geo Dependencies
• VLAN
• IP Address
• Subnets
• Firewalls
• Quality of Service
• Load Balancer
• Access Lists
Cisco Confidential 14 ©2014 Cisco and/or its affiliates. All rights reserved.
A new common language to describe desired state is needed.
Cisco Confidential 15 © 2013-2014 Cisco and/or its affiliates. All rights reserved.
An Innovative Approach to Policy
Provided
Contract
Provided
Contract Provided
Contract
OUTSIDE DB APP WEB
ADC F/W
ADC
What is an application policy?
Group: A set of virtual or physical workloads with the same policy 1.
Contracts: A set of rules governing communication between groups 2.
Service Chains: A set of network services between groups 3.
Cisco Confidential 16 © 2013-2014 Cisco and/or its affiliates. All rights reserved.
Policy is Business Relevant
• Application Centric Infrastructure (ACI) allows the entire infrastructure to take commands in a business-relevant language.
1.
2.
3.
4. -
5.
6. QoS
7. Repeat every time app moves or needs more capacity
ACI Policy Aligned with Applications Traditional Policy Aligned with ….?
Cisco Confidential 17 ©2014 Cisco and/or its affiliates. All rights reserved.
Logical Provisioning of Stateless Hardware
SIM Card Identity for a Phone
Service Profile Identity for a Server
UCS Service Profile Unified Device Management
Network Policy
Storage Policy
Server Policy
Application Profile Identity for the Network
Cisco Confidential 18 © 2013-2014 Cisco and/or its affiliates. All rights reserved.
The Benefits of an Application Centric Policy Application Workload Mobility
CONSISTENT VISIBILITY
ACROSS CLOUD AND DC
TENANT APPLICATION
Latency
Isolation
Systems
Telemetry 0 Packets
dropped
Health
Score
Latency
Health
Score
Isolation
Systems
Telemetry 25 Packets dropped
0 0 0 7 0 0 0 6
Cisco Confidential 19 © 2013-2014 Cisco and/or its affiliates. All rights reserved.
InterCloud
Provider Cloud Enterprise Cloud
Secure Connection
AP
P F/W L/B
WE
B L/B DB APP
F/W ADC WEB ADC DB
AP
P F/W L/B
WE
B L/B APP
F/W ADC WEB ADC
AP
P F/W L/B
WE
B L/B APP
F/W ADC WEB ADC
AP
P F/W L/B
WE
B L/B APP
F/W ADC WEB ADC
Consistent ACI Policy Across Public and Private Clouds
Simplify IT Combining Public and Private Cloud
APIC
Cisco Confidential 20 ©2014 Cisco and/or its affiliates. All rights reserved.
Open
Open Source, Open Standards, Open Interfaces
Cisco Confidential 21 © 2013-2014 Cisco and/or its affiliates. All rights reserved.
Opening the ACI Policy with OpFlex
OPFLEX PROTOCOL + ECOSYSTEM
OPEN SOURCE Open source implementation
available to anyone
ECOSYSTEM Broad, growing vendor support including
hypervisor, network, and L4-7
STANDARD Upcoming OpFlex standard through IETF
APIC
OPFLEX
DELIVERING INVESTMENT PROTECTION BY
ALLOWING ANY DEVICE TO INTEGRATE WITH CISCO ACI
L4-7 DEVICE
HYPERVISOR SWITCH
Cisco Confidential 22 © 2013-2014 Cisco and/or its affiliates. All rights reserved.
“The Network has always been FAIR… No longer… We are delivering a new network that does what is RIGHT for the Application. A BETTER network.” - Tom Edsall, CTO Insieme Networks
Cisco Confidential 23 © 2013-2014 Cisco and/or its affiliates. All rights reserved.
Future Proof—COMMON HARDWARE PLATFORM TWO operational models – Fabric mode w/ APIC
FABRIC MODE (APPLICATION CENTRIC
INFRASTRUCTURE - APIC)
Q2 2014
STANDALONE (TRADITIONAL NETWORKS
OPTIMIZED NX-OS)
Q4 2013
• Nexus 9000 - 1/10/40 GE, 100 GE READY PRICE/PERFORMANCE
• Integrates into Current DC designs – vPC, Integration with existing Nexus
• Optimized NX-OS – less features, less code, tighter HA for patching
• Open EcoSystem – API’s, VM
• Programmable – CLI, SNMP, onePK, JSON (API northbound)
APIC Software
Upgradable
to ACI
Performance
and Scale Security Simplicity Open Agility
Automation
and Visibility
Cisco Confidential 24 © 2013-2014 Cisco and/or its affiliates. All rights reserved.
DEMO: ACI & WAP Integration
Cisco Confidential 25 © 2013-2014 Cisco and/or its affiliates. All rights reserved.
Summary: Our Direction
Data centers and cloud network infrastructures, both
physical and virtual, will no longer be configured, will not
be software defined (or programmed), but instead will
be Policy Driven and Application Centric.