Fast IT innovation

in Datacenter

Panagiotis Golemis
Consulting System Engineer
Datacenter Technologies
 Internet of Everything is Here
Networked Connection of
People, Process, Data, Things

People Process
Delivering the right information
Connecting people in more
to the right person (or
relevant, valuable ways
machine)
at the right time

IoE
Data Things
Physical devices and objects
Leveraging data into more
connected to the internet and each
useful information for decision
other for intelligent decision making
making
Complex IT Processes to Deploy Application Resources

Challenges: 1 6

Business Application

Server Admins
• Manual processes

Requirements
Setup Bare metal Configure
Servers Provisioning Servers

• Complex handoffs between Create Storage

Resources (LUNs
Create Add VLAN to
VLAN Service Profile
teams and domains 3 and Volumes)

• Static resource allocation 2

Network Adm
IT Add Users Create Update
Planning and Groups 5 VLANs Trunks
Business Outcome: Create Create UCS Configure
Define
Approvals Network Policies Service Profiles SAN Zoning
Cost Models
• Days/weeks/months to
deploy IT services
4
• High operational cost Create Create Add vFilers

Storage
IP space vFilers to Group

• Rigid silos Map Create UCS Blade

NetApp LUN Storage Policy Power On

• Infrastructure inefficiency and under utilization

 IT Consumption Models are Complexity & Volume
Consumer Experience
Changing Increasing
Automation = Simplicity

Customers are Driving towards Automation :

Automation

Management
• Consistency in CONFIGURATION across three
technology silos Compute
• Quick TIME TO MARKET for application owners
• Consistency in ACCURACY Network

• Minimize OPERATING COSTS

Storage
• COMPLEX Functions made easy.
• RAPID execution of repetitive tasks.
 BIOS settings and Need the MAC
BIOS level Need the WWNs?
addresses?
Lights-Out Mgmt config RAID Controller settings /
ILO firmware
/OS
New VLANs?
SANboot /
iSCSI boot
NIC/HBA #?
IPMI credentials
NIC/HBA Firmware
Admin team
or Verification
orchestration tool Rollback
• Many interfaces LAN, SAN, Firewalls,
Load balancers
• Complex verification / rollback
Simplicity and Automation

Customers are Assuming Simplicity :

Automation

Management
• Lack of features
• Possibility of Irrelevance Compute

• Increase Engineering Costs

Network
• Vendor Lock-in.
• Impedes innovation.
Storage
 Chassis

Chassis
Blade

Blade
Eth

Eth
FC

FC
• Fragmented APIs, that eventually can be consolidated using umbrella applications, increasing the
complexity

• The problem gets worse with multiple chassis

How do we manage our network "Today"
In a majority of environments:
Stage configuration in Notepad, copy/paste
Pasting large configuration:
Automation according to definition of fixed third
party tools
Conversational configuration via expect scripts

Challenges:
Scaled Infrastructure
Manual, repetitive, error-prone tasks
Waste time & talent
Network lags behind industry automation Typo? Start from scratch
capabilities
Summary of the Amazon EC2 and Amazon RDS
Service Disruption in the US East Region
AWS official statement :
http://aws.amazon.com/message/65648/
“The trigger for this event was a network configuration
change. We will audit our change process and increase
the automation to prevent this mistake from happening in
the future. However, we focus on building software and
services to survive failures. Much of the work that will
come out of this event will be to further protect the EBS
service in the face of a similar failure in the future”.
The originating cause of the disaster was the review of a
network configuration (human error).
The Good, the OK & the Ugly of
Cloud Architecture
[...] By now, it should have been drilled into
everyone’s heads that they need to architect
for failure if they want guaranteed high
availability from their cloud computing efforts.
http://gigaom.com/cloud/the-good-the-alright-
and-the-ugly-of-cloud-architecture/
(distribution of risk, careful monitoring,
analysis and reaction)
• The automation capabilities of existing tools is not enough
• Expensive additional tools are required
• Often these tools bring silo-functionality, and they need to be integrated with
professional services
• Own custom automation development is too expensive
Save Resources Human Error Customize Innovate
 Open Source Open Standards Open APIs

VXLAN NSH OpFlex RESTful APIs

( XML / JSON )

PowerShell /Python Clients

“ OpFlex demonstrates “We also believe Cisco’s open “Cisco OpFlex…makes it much “We‘re big believers in open
Cisco's commitment to an standards-based approach with easier for us to benefit from ACI standards and
open, application centric the ACI OpFlex protocol makes and its policy model in our open architectures…so we have
approach to cloud services..” ACI even stronger.” OpenStack deployment.” a say in how things evolve.”

Major Financial
Services Firm
Policy Architected Datacenter Enables Fast IT

Fast
IT

Policy Architected Data Center

UCS Director

UCS Integrated
UCS
Compute Nexus Network
& APIC Storage
Infrastructure Solutions
2009: Industry’s First 2013: ACI for the Data 2014: Leading a New
Application Centric CenterSecurity
Fabric Market Category
Infrastructure
Traditional Element Configuration

LAN SAN

• QoS settings • FC Fabric assignments

• Border port assignment for HBAs

Storage SME Server SME Network SME per vNIC

• NIC Transmit/Receive
Rate Limiting

• Subject matter experts consumed by • VLAN assignments for NICs • Number of vHBAs
• VLAN tagging config for NICs • HBA WWN
manual configuration chores assignments
• FC Boot Parameters
• Remote KVM IP settings • HBA firmware
• Serial processes and multiple touches • Call Home behavior
• Remote KVM firmware
inhibit provisioning speed
• Configuration drift and maintenance •
•
Server UUID
Serial over LAN settings
• RAID settings
• Disk scrub actions
challenges •
•
Boot order
IPMI settings
• BIOS scrub actions
• BIOS firmware
• BIOS Settings
UCS Is Policy Computing (Stateless)
Stateless computing facilitates much greater scalability and flexibility

• Servers waiting for their identity based on Application needs

• Service Profiles push out configuration to available HW

• Able to pre-provision compute platform

• Policy is the Server – Agile, Flexible, Mobile, and Scalable

Unified, Embedded Management

Unified
Management a

1. Subject Matter Experts

Define Policies

Storage SME Server SME Network SME

Server Policy…

Storage Policy…

Network Policy…

Virtualization Policy…

Application Profiles…
Unified, Embedded Management

Unified
Management a

1. Subject Matter Experts 2. Policies Used to

Define Policies Create Service
Profile Template

Storage SME Server SME Network SME Server Name

UUID, MAC, WWN
Boot Information
Server Policy…
LAN, SAN Config
Storage Policy… Firmware Policy
Network Policy…

Virtualization Policy…

Application Profiles…
Unified, Embedded Management

Unified
Management a

1. Subject Matter Experts 2. Policies Used to 3. Service Profile 4. Associates Service

Define Policies Create Service Templates Create Profiles with Hardware
Profile Template Service Profiles Configures Servers
Automatically
Server Name
UUID, MAC, WWN
Boot Information
LAN, SAN Config
Storage SME Server SME Network SME Server Name Firmware Policy

UUID, MAC, WWN Server Name

UUID, MAC, WWN
Boot Information Boot Information

Server Policy…
LAN, SAN Config

LAN, SAN Config Firmware Policy

Storage Policy… Firmware Policy Server Name

UUID, MAC, WWN
Boot Information
LAN, SAN Config
Network Policy… Firmware Policy

Server Name
Virtualization Policy… UUID, MAC, WWN
Boot Information
LAN, SAN Config
Application Profiles… Firmware Policy
Provisioning & Administration Cost Reduction

Eliminate Manual
• UCS Manager embedded in all system devices
Configuration
• UCS Manager: Auto-discovery, self integrating components

Automation
Replaces Repetitive • UCS Service Profiles
Tasks • Policy based management

Extend Investment
• Seamless integration with existing tools equals no
in Existing Tools
stranded systems management investments

• UCS Manager and UCS Central allow administrators to

Extend the Reach
scale across larger installations and across data
of SME’s
center/geographies
A New OPEN Operating Model is Required

TRADITIONAL NETWORK MODEL

Network of Boxes
Needs Agility and
Time to Applications
A New OPEN Operating Model is Required

TODAY’S SDN DATACENTER MODEL

Software-Based
Network Virtualization
Lacks Scale,
Visibility, Security
More Complexity
Decreases Reliability
Disjointed Overlay
and Underlay
Increases Costs
A New OPEN Operating Model is Required

TODAY’S SDN DATACENTER MODEL

Software-Based
Network Virtualization
Lacks Scale,
Visibility, Security
More Complexity
Decreases Reliability
Disjointed Overlay
and Underlay
Increases Costs
A New OPEN Operating Model is Required

TODAY’S SDN DATACENTER MODEL FUTURE OPEN MODEL

Software-Based
Network Virtualization
Lacks Scale,
Visibility, Security
Application Centric Infrastructure
More Complexity
Network Virtualization
Decreases Reliability Open Single Point of Control and
Disjointed Overlay Management (Policy)
and Underlay Application Policy and Automation
Physical and Virtual
Scale and Security
Visibility and Troubleshooting
An Innovative New Approach to Policy Application

Contract Contract Contract

Connectivity
Security F/W WEB APP DB
QoS OUTSIDE ADC
L4-7 Services ADC

APPLICATION
NETWORK PROFILE

What is an application policy?

1. End Point Group: A set of VMs / servers with the same policy
2. Contracts: A set of rules governing communication between groups
3. Service Chains: A set of network services between groups
Stateless Networking
Application Network Profile

F/W WEB L/B APP DB

L/B

SLA APIC
QoS
CONNECTIVITY SECURITY
Security APPLICATION L4..7 STORAGE AND
QOS

Network Profile
POLICY POLICIES SERVICES COMPUTE
Load
Balancing
APP PROFILE
application-centric network policy

HYPERVISOR HYPERVISOR HYPERVISOR

Automated Policy Deployments

On-Demand
Domain
Secure Cloud Automated Delivery Managers
Container
OS and
Network Compute VMs Storage Virtual Bare
VM VM
Metal
Machines
Virtualized and Bare-Metal
Policy-Driven Single Pane of Glass
Provisioning Compute
Compute and Hypervisor
End-to-End
Infrastructure Infrastructure
Automation and Automation and Network A B C
Management
Lifecycle Management Network and Services

Tenant Tenant Tenant

Storage A B C
Cisco UCS Director Turn-Key Solution

On-Demand
Domain
Secure Cloud Automated Delivery Managers
Container
OS and
Network Compute VMs Storage Virtual Bare
VM VM
Metal
Machines
Virtualized and Bare-Metal
Policy-Driven Single Pane of Glass
Provisioning Compute
Compute and Hypervisor
End-to-End
Infrastructure
UCS Director Automation and Network A B C
Lifecycle Management Network and Services

Tenant Tenant Tenant

Storage A B C
UCS Director
Agility and Simplicity for Virtualized and Bare-metal IT Infrastructure Services
Open API

Self Service Infrastructure Portal Service Catalog Model Based Infrastructure

Orchestrator

Dynamic Capacity Management Metering & Chargeback Management & Administration UCS Director

Configuration Management Reporting Enterprise Integration

(LDAP/AD, XML Export – CMDB, Metering data, SSO (SAML))

Physical Infrastructure Virtual Infrastructure

Cisco UCS Cisco Nexus
Cisco ASAv
Cisco Cisco VACS
ASA5500
Cisco ISE

Centralized Lifecycle Management of Physical and Virtualization Infrastructure

The World of Many Clouds
Customer Requirements
Business Imperatives

Dynamic,
Reduced Accelerated Efficient, Security Consistency ITaaS
Complexity Deployment Agile

SaaS

Hybrid

Public Private

IT Sourcing Spectrum
Cisco Offers a Complete Portfolio to Support Your Cloud
Initiatives
CISCO CLOUD PRODUCTS AND Cisco Cloud Marketplace
SOLUTIONS for ENTERPRISE

Cisco Enterprise Cloud Suite Enterprise

Private
Prime Service Catalog Clouds
ITaaS Storefront & Application Configuration Portal

UCS Director OpenStack Partner

Infrastructure Management
Intercloud Clouds Cloud Services and
Applications
and Automation Fabric Intercloud Fabric
Secure Hybrid APIs APIs
Cloud
Public
Clouds APIs

VACS Application Centric

Infrastructure Applications Customers Private Cloud
• Cisco • On-prem
Cisco UCS Integrated Infrastructure • Partner and ISV • Managed
• IOE and Vertical • Hybrid
OpenStack Libraries
Platform and Infrastructure Services

CISCO CLOUD CONSULTING SERVICES

Life in IT …

© 2014 Cisco and/or its affiliates. All rights reserved. Cisco Confidential 34