automation of application centric infrastructure...

Automation of Application Centric Infrastructure (ACI) with Cisco UCS Director

BRKACI-2410

Raju Penmetsa

@RajuPenmetsa1

Data Center Group

© 2014 Cisco and/or its affiliates. All rights reserved. BRKACI-2410 Cisco Public

Agenda

• IT Complexity

• Solution for ACI Automation

– Cisco UCS Director

• Application Centric Infrastructure Delivery

– How it gets delivered (High-level)

– How does it actually works ?

– Demo

– Co-Existence with Existing Environment.

• Key Takeaways

3


Abstract

Most of todays automation tools and processes focus on virtual infrastructure. Real

world applications need automation for both physical and virtual infrastructure with

network, storage and compute connections.

• This session will cover the automation of Cisco Application-Centric Infrastructure

(ACI) based Converged Infrastructures such as FlexPod, Vblock and VSPEX with

Cisco UCS Director, its elements and how it actually works.

• This session invites you to engage on an end-to-end journey inside unified

automation of ACI environments to deliver fully scalable infrastructure and dynamic

applications. The full policy-based approach will augment ACI policies to deliver an

adaptive system in a fully secure multi-tenant implementation of both physical and

virtual in connection with storage for diverse enterprise workloads and/or service-

provider multi-tenanct environments. Our journey will focus system management

& automation and how to drive the ACI via API calls and its native Application

Policy Infrastructure Controller (APIC) through a live demonstration.

4


Abstract

Key-Take Aways:

• How to automate Converged Infrastructure based on Cisco

Application Centric Infrastructure (ACI)

• Learn how UCS Director provides automation of pre-existing

infrastructure and ACI based infrastructure.

• Unified Infrastructure Management and Automation across both

Physical and Virtual Infrastructure in connection with Storage

• Fulfilling the rapid deployment of infrastructure for on-demand

application delivery

Please "Fasten your seat belts" and join us to learn more about End-to-

End Application-Centric Infrastructure Automation with UCS Director!

5


Data Center: Applications and Infrastructure

Legacy Apps

Business Critical

Apps

Desktop

Virtualization

Analytics

Web Apps Dev./Test

Sandboxes

Infrastructure Solutions

Application Drives the Shape of Infrastructure


New Applications, New Demands on Data Center Infrastructure

Application

Attributes Infrastructure

Demands

Dynamic

Instantiation/Removal

Increasingly

Non-Virtualized

Infrastructure

Independent

Scale-Out/Multinode

Multi-Cloud Models

Application Awareness

Physical + Virtual

+ Cloud

Dynamic Shared

Resource Pool

1/10/40/100G Scale

Secure Multi-Tenancy

Cloud and Big Data Are Driving a Paradigm Shift


Challenges:

• Manual processes

• Complex handoffs between teams and domains

• Static resource allocation

Result:

• Days/weeks/months to deploy IT services

• High operational cost

• Rigid silos

• Infrastructure inefficiency and under utilization

Complex IT Processes to Deploy Resources for App’s

Ap

plicati

on

Netw

ork

Pro

file

Update

Trunks

Create

EPG

Configure

SAN Zoning

UCS Service

Profiles

Create Network

Policies

Se

rve

r

Ad

min

s

Configure

Servers

Update vNIC

With VLAN Select SP’s

Add VLAN to

Service

Profile

Create

VLAN Update

Sto

rag

e

Add vFilers

to Group

Create

vFilers

Create

IP space

Update Create

Storage Policy NFS Mount

Add Users

and Groups

IT

Planning

Approvals Define

Cost Models

Bu

sin

ess

Ap

plic

atio

n

Req

uire

men

ts

1

2

3

4

5

6

Web Web Web App

Bare-Metal HYPERVISOR HYPERVISOR

DB

Hyper-v

Bare-Metal

Bare-Metal

8


Challenges… How did we get Here?

Storage

Network

Compute

Tenant

B

Tenant

C

Tenant

A

A B C

Virtualization

Storage

Manager

B C A

Virtualization

Manager

Network

Manager

Compute

Manager

Storage

Manager

Element Management

Manual Process

Disjoined

Provisioning

Disruptive Growth

Static Resource

Allocation

Seen as Different

Components

Today’s

Challenges

Have Lead

To…

Operational

Complexity

Architecture

Rigidity

Infrastructure

Inefficiency

Silos

Higher TCO


Agenda

• IT Complexity






– Demo 1 – Application Deployment

– Demo 2 – Tenant on-boarding & Application profile definition / creation

• Integration / Migration with Existing Environment.

• Key Takeaways

10


Cisco UCS Director Turn-Key Solution

On-Demand

Automated Delivery

Policy-Driven

Provisioning

Secure Cloud

Container

VMs Compute Network Storage

UCS Director

Domain Managers

OS and

Virtual

Machines

Storage

Network

Compute

Tenant

B Tenant

C Tenant

A

Virtualized and Bare-Metal

Compute and Hypervisor

B C A

Network and Services

VM VM Bare Metal

Sin

gle

Pan

e o

f G

lass

En

d-t

o-E

nd

Au

tom

ati

on

an

d

Lif

ec

yc

le M

an

ag

em

en

t 11


Cisco UCS Director

Centralized Lifecycle Management of Physical and Virtualization Infrastructure

Virtual Infrastructure

IT Admins IT Operations End Users

Physical Infrastructure

Cisco UCS

Cisco

Nexus

Open API for

Integration

UCS Director

Self Service Console

OS & VM Deployment

Admin Console

Policy Manager

Dashboard

Resource Pools

Agility and Simplicity for Virtualized and Bare-Metal IT Services

12


UCS Director Focus

UCS Network

(ACI or Standalone) Storage Virtualization L4-7 Services

UCS Director

Infrastructure Mgmt Portals

(Self-Service and Admin)

Infrastructure API

=

Application Software

Web Web Web App

Bare-Metal HYPERVISOR HYPERVISOR

D

B

Hyper-V

Bare-Metal

Bare-Metal

13


Cisco UCS Software Portfolio UCS Manager, Central, APIC and UCS Director

UCS Manager

UCS Central

UCS Director

• Manage Single

UCS domain

• Embedded Mgmt of

all UCS s/w and h/w

components

• Manage multiple

UCS Domains

• Deliver global

policies, service

profiles, ID pools,

and templates

• Manage Compute,

Storage, Network, ACI

and Virtualization

• Manage FlexPod,

VSPEX, Vblock

• Support for 3rd party

heterogeneous

infrastructure

APIC & DFA

• Embedded

Management for ACI

• Manages ACI Fabric

• L4-7 Management

• Policies: Connectivity,

Security & QoS,

• Compute & Storage*

APIC

14


Agenda

• IT Complexity









• Key Takeaways

15


What is an Application?

• Application Contains Group of Tiers and/or Infrastructure Components

• Infrastructure Seamlessly working together in connection with Software (Eg: Oracle, 3 Tired App)

Application Model

3 Tier Application (Web+App+DB)

Web App DB

What is Involved to Deliver an Application?

• Application Deployment Involves

Physical:

Compute, Network and Storage

Virtual Infrastructure:

vCompute, vNetwork, Virtual Storage

Virtual Machines

Layer 4-7 Services

L/B APP DB F/W

L/B

WEB

16


Compute

Web 2 VMs, High IO

App 8 VMs, 10 GB

DB 2 VMs, 50 GB

Storage Network Resource

Needs: • Quantity

• Capacity

• Quality

“Controllers” UCS Manager

Web Stateful FW & LB

App L4-L7 services

• Stateless FW

DB Connection to

Application

Web Cache locally

App

Primary Storage

• IOPS

• Mirrored

DB • 2 High IOPS

• Data Mirroring

vCenter / SCVMM

APP DB WE

B DB Tier

Storage Storage

Web Tier App Tier

Application

Profile

Compute

Network

Storage

L/B APP DB F/W

L/B

WEB

End-to-End Virtual Infrastructure for Application Deployment

17


Compute

Web 2 VMs, High IO

App 8 VMs, 10 GB

DB 2 VMs, 50 GB


Needs: • Quantity

• Capacity

• Quality



App L4-L7 services

• Stateless FW

DB Connection to

Application

Web Cache locally

App

Primary Storage

• IOPS

• Mirrored

DB • 2 High IOPS

• Data Mirroring

vCenter / SCVMM

APP DB WE

B DB Tier

Storage Storage

Web Tier App Tier

Application

Profile

Compute

Network

Storage

L/B APP DB F/W

L/B

WEB

Application Instantiation

VM

Network with L4-7 Services

Storage


18


UCS

Director

Application Catalog

Compute

Web 2 VMs, High IO

App 8 VMs, 10 GB

DB 2 VMs, 50 GB


Needs: • Quantity

• Capacity

• Quality



App L4-L7 services

• Stateless FW

DB Connection to

Application

Web Cache locally

App

Primary Storage

• IOPS

• Mirrored

DB • 2 High IOPS

• Data Mirroring

vCenter / SCVMM

APP DB WE

B DB Tier

Storage Storage

Web Tier App Tier

Application

Profile

Compute

Network

Storage

L/B APP DB F/W

L/B

WEB


VM


Storage


19


Agenda

• IT Complexity









• Key Takeaways

20

Before going there …


ACI policy model brings the concept of End-Point Group (EPG)

HTTPS

Service

HTTPS

Service

HTTPS

Service

HTTPS

Service

HTTP

Service

HTTP

Service

HTTP

Service

HTTP

Service

EPG - Web

EPGs are a grouping of end-points representing application or

application components independent of other network constructs.

POLICY MODEL

22


Application Network Profiles (ANP) – what’s that ?

Inbound/Outbound

Policies Inbound/Outbound

Policies

Application Network Profile

Application Network profiles are a group of EPGs and the policies that

define the communication between them.

POLICY MODEL

=

EPG - WEB EPG - APP EPG - DB

23


Applying Policy between EPGs: ACI contracts

EPG A

EPG B

EPG C Contract 02

The policy model allows for both unidirectional and bidirectional policies.

Contracts define the way in which EPGs interact.

Unidirectional

Communication

Bidirectional

Communication Contract 01

Ex: ACI Logical Model applied to the “3-Tier App” ANP

24


ACI Application Network Profile (ANP) Details

• Application Network profile: stateless

definition of application requirements

Application tiers

Connectivity policies

Layer 4 – 7 services

XML/JSON schema

• UCS Director:

Abstracted ANP to the APIC

Connectivity Policy

Layer 4 – 7 Services

UCS Service Profiles

Provisioned VM’s from Templates

Updated with Correct Port Groups

## App Network Profile: Defines Application Level Metadata (Pseudo Code Example)

<Network-Profile = Production_Web>

<App-Tier = Web>

<Connected-To = Application_Client>

<Connection-Policy = Secure_Firewall_External>

<Connected-To = Application_Tier>

<Connection-Policy = Secure_Firewall_Internal & High_Priority>

. . .

<App-Tier = DataBase>

<Connected-To = Storage>

<Connection-Policy = NFS_TCP & High_BW_Low_Latency>

. . .

App Tier DB Tier

Storage Storage

WEB

Application Network

The application network profile (ANP) fully describes the application

connectivity requirements

25


Agenda

• IT Complexity









• Key Takeaways

26

Live Demo – 3 Tier Application Provisioning


UCS Director Demo 1

Self-Service

Portal

Use Case

• Self-Service Application Container Provisioning

100% Virtual Application

28


SM

E

De

fin

e P

oli

cie

s

Virtual Infra SME

Storage SME

Server SME

Network SME

APP

SME

Server Policy…

Storage Policy…

Application Network …

Virtualization Policy…

Application Profiles…

Polices Used to Define Network, L4-7 Services, Service Profile

NFS and Storage

2

Create EPG, BD

Update SP’s

with VLAN’s

Boot Information

Create Network

on Storage and

Mount NFS

DvS/AVS Nexus 1000v

Provision

3

Server Name

UUID, MAC, WWN

Boot Information

LAN, SAN Config

Storage Configuration

Virtual Infrastructure

Configuration

Network

Configuration

System is ready

4

Unified Management and Automation of ACI based POD Aligns People, Policy and Configuration to Business

29


UCS Director brings together APIC and UCS Application Infra. provisioning with UCS-Director : 100% VMs

L4-L7 Services

Server Load

Balancer

Tenant Self-

Service User

1 Select App

Catalog

Pushes App

Profile

UCS Director

ACI Fabric

UCS

Director

APIC Application

Network Profile

Application

Profile

Compute

Network

Storage

L/B APP DB F/W

L/B

WEB

Storage Storag

e App DB Web

30



L4-L7 Services

Server Load

Balancer

Tenant Self-

Service User

1 Select App

Catalog

Pushes App

Profile

UCS Director

ACI Fabric

UCS

Director

Security/QoS

Policies Security/QoS

Policies

DB

End

Point

Group

APP

End

Point

Group

WEB

End

Point

Group


Deploy App

Network

Virtualization Admin

vCente

r

Publish VI

Network

Profile

Database Tier Application tier Web tier

4a Discover VLAN

to EPG/BD and

FI Topology

5 Update

FI/SP’s

UC

SM

Update SP’s

Application Network Profile Virtual Infrastructure

APP

Port

Profile/

Group

Web

Port

Profile/

Group

Database

Port

Profile/

Group

Discover

VI Network

31



L4-L7 Services

Server Load

Balancer

Tenant Self-

Service User

1 Select App

Catalog

Pushes App

Profile

UCS Director

ACI Fabric

UCS

Director

Security/QoS


Policies

DB

End

Point

Group

APP

End

Point

Group

WEB

End

Point

Group


Deploy App

Network


vCente

r

Publish VI

Network

Profile


4a Discover VLAN

to EPG/BD &

FI Topology

5 Update

FI/SP’s

UC

SM

Update SP’s

Application Network Profile Virtual Infrastructure

APP

Port

Profile/Grou

p

Web

Port

Profile/

Group

Database

Port

Profile/

Group

Discover VI

Network

8 Deploy

Application

L/B APP DB F/W

L/B

WEB

32


UCS

Director

Application Catalog

Compute

Web 2 VMs, High IO

App 8 VMs, 10 GB

DB 2 VMs, 50 GB


Needs: • Quantity

• Capacity

• Quality



App L4-L7 services

• Stateless FW

DB Connection to

Application

Web Cache locally

App

Primary Storage

• IOPS

• Mirrored

DB • 2 High IOPS

• Data Mirroring

vCenter / SCVMM

APP DB WE

B DB Tier

Storage Storage

Web Tier App Tier

Application

Profile

Compute

Network

Storage

L/B APP DB F/W

L/B

WEB


VM + Bare Metal


Storage

End-to-End Virtual + Bare-Metal Application Infra. Deployment

33


L4-L7 Services

Server Load

Balancer

Tenant Self-

Service User

1 Select App

Catalog

Pushes App

Profile

UCS Director

ACI Fabric

UCS

Director

APIC


Application

Profile

Compute

Network

Storage

L/B APP DB F/W

L/B

WEB

Storage Storag

e App DB Web

UCS Director brings together APIC and UCS Application Infra. provisioning with UCS-Director : VMs + Bare Metal

34


L4-L7 Services

Server Load

Balancer

Tenant Self-

Service User

1 Select App

Catalog

Pushes App

Profile

UCS Director

ACI Fabric

UCS

Director

Security/QoS


Policies

DB

End

Point

Group

APP

End

Point

Group

WEB

End

Point

Group


Deploy Application

Network


vCente

r

Publish VI

Network Profile

Application Network Profile Virtual

Infrastructure

APP

Port

Profile/

Group

Web

Port

Profile/

Group


4a Change

Discovery

5 FI & BM

Updates

UC

SM

Deploy

Bare-Metal &

Update SP’s Database

VI Network

8 Deploy

Application


35


L4-L7 Services

Server Load

Balancer

Tenant Self-

Service User

1 Select App

Catalog

Pushes App

Profile

UCS Director

ACI Fabric

UCS

Director

Security/QoS


Policies

DB

End

Point

Group

APP

End

Point

Group

WEB

End

Point

Group


Deploy Application

Network


vCente

r

Publish VI

Network Profile

Application Network Profile Virtual

Infrastructure

APP

Port

Profile/

Group

Web

Port

Profile/

Group


4a FI Topology

5 Update FI UC

SM

Deploy

Bare-Metal &

Update SP’s Database

Discover

VI Network

8 Deploy

Application

APP WEB

DB

L/B APP DB F/W

L/B

WEB


36


Agenda

• IT Complexity









• Key Takeaways

37


UCS Director Demo 2

Secure Tenant

on-boarding

Application Profile

Definition

Use Cases

• Application Profile Definition

• Tenant Onboarding

38

Example Application: SAP HANA


SAP HANA Tenant Structure

• Infrastructure

– Create Port Groups

– Create VLAN’s in Storage & Network

– Update Trunks on Switches

Cisco UCS

Cisco UCS SP’s

Nexus 50xx

vSphere

Cluster(s)

Infrastructure Tenant

VDM

Shared DS for OS

Tenant NFS Datastore

VLAN

Nexus 1000v

NFS export

VMDK

VMkernel

VLAN

Storage

PP

NFS export

VIF

NFS export NFS

export

Access

PP

MGMT

Access Network

MGMTNetwork

Storage Network

Network Legend

40


SAP HANA – App Instantiation with ACI

Instantiate VMs

Applction Catalog

Fabric

Create

Application Network

Profile

Access

MGMT

Storage

Access

MGMT

Storage

Creation of

PortGroups

Tenant Catalog

to UCS Director

vCenter

Map to

PortGroups

Tenant

B Tenant

C Tenant

A

41


Agenda

• IT Complexity









• Key Takeaways

42


Co-Existence of FlexPod/Vblock & ACI based POD

• Co-Existance Strategy for Customer Comes with

– UCS

– Nexus

– Storage

– FlexPod, Vblock & VSPEX

L3

L2

N5500 N5500

N7K N7K

ACI Fabric

VMware DVS

L3 L3

L3 L3

“APIC-sourced” VMware DVS / Cisco AVS

“APIC-sourced” VMware DVS / Cisco AVS

vCenter

vShield

L2 L2

L2 L2

vMotion / Cold Migration

UCS

Director

43


Agenda

• IT Complexity









• Key Takeaways

44


Challenges… How did we Simplify?

Storage

Network

Compute

Tenant

B

Tenant

C

Tenant

A

A B C

Virtualization

Storage

Manager

B C A

Virtualization

Manager

Network

Manager

Compute

Manager

Storage

Manager

Element Management

Manual Process

Disjoined

Provisioning

Disruptive Growth

Static Resource

Allocation

Seen as Different

Components

Today’s

Challenges

Have Lead

To…

Operational

Complexity

Architecture

Rigidity

Infrastructure

Inefficiency

Silos

Higher TCO

````````` `

SIMPLICITY

FLEXIBILITY

VISIBILITY

An Evolutionary

Approach Required To

Drive…

CONSISTENCY

OPTIMIZE

AUTOMATE

Delivering…

Dynamic

Application

Centric

Infrastructure

Evolving into…

The Unified DC

Architecture!


Complete Your Online Session Evaluation

• Give us your feedback and you could win fabulous prizes. Winners announced daily.

• Complete your session evaluation through the Cisco Live mobile app or visit one of the interactive kiosks located throughout the convention center.

Don’t forget: Cisco Live sessions will be available for viewing on-demand after the event at CiscoLive.com/Online

46

https://www.ciscolive.com/online


Continue Your Education

• Demos in the Cisco Campus

• Walk-in Self-Paced Labs

• Table Topics

• Meet the Engineer 1:1 meetings

47

Segue/Chapter Slide

automation of application centric infrastructure...

Documents