Helping Customers in their Multicloud JourneyDeploy, monitor, and optimize applications in multicloud and container environments
Johny DevadossSenior Software Architect
Cloud and Automation Product Management Team
Title & Text
Build new digital experiences
Simplify & secure multicloud
Transform the organization
Customer cloud imperatives
Plan/ Execute Cloud-first Strategy
Implement/ Adopt Cloud Technologies
Security & Compliance Requirements
Multivendor Services, Tools & Technologies
Expertise & Skill-Set Requirements
Post-Implementation Support & Management
Multiple Cloud Services - Different Technologies, Tools and Skill Requirements
There are still lot of challenges
Transform Your Infrastructure
Reimagine Your Applications
Secure Your Data
Empower Your Teams
Trusted, Innovation, Simple
Speed to Value
Building the bridge to Multicloud withCisco CX
By Solution
By Use Case
App/workload management
Cloud governance Cloud migration ITaaS and DevOps
Cloud-based HA/DR
Business impact and AIOps
Cloud security
Applicationsecurity
Application segmentation
Multicloud networking
App experience
App performance & infrastructure
optimization
Cisco
Container
Platform
Cisco
CloudCenter
Azure Stack
Appliance
Installation
Support Service
Cisco hybrid
architecture for
Google Cloud’s
Anthos
Hybrid Solution
for Kubernetes
on AWS
Hybrid Cloud
Platform
for SAP Data
Hub
Quick Starts aligned to your deployment
Connect Business objectives with IT priorities and drive architectural alignment to achieve desired outcomes.
Define An implementable plan to serve as a road-map
to success
Execute* On Cloud migration,
DevOps, Delivery, Security, Governance, and Operating Model plans and continually
update and align with the strategy
AlignThe business and
technology priorities to a trajectory for success
Assess The current state and
goals of the cloud across business and technology
organizations
Advisory Services StrategyH
ow
Wh
at
Use Case: Application Workload
Management
• No Resource Control
• Misuse of public cloud resources
• Corporate Governance Policies
• Consuming Legacy Services
• Consuming Public Cloud Services
Problems to solve
Cloud Platform
K8s
VPN Tunnel
VMware
On-premise
Legacy App/Services
CloudCenter Deploy PetClinic App
API Calls to get data from legacy services
Stealthwatch
Consuming Legacy Services
Consuming Public Cloud Services
Cloud Platform
K8s
VPN Tunnel
On-premise
CCP Cluster
Bookinfo App using the Pub/Sub services from Cloud
Stealthwatch
Pub/Sub
Bookinfo AppServiceBroker
Hybrid solutions with cloud providers to accelerate time to value
AWS Microsoft
Google IBM
Demo:CCP
Tenant Cluster Creation
AutomationVisibility
Use Case: ITaaS & DevOps
• Need for hassle free secure automation
• Corporate Governance on Application Deployment
• Increased visibility
Problems to solve
DemoITaaS & DevOps
• CI/CD workflow demo
• Container services in CloudCenter
• CloudCenter Application Profile
Automation
Silence LB SVC
SilenceAPI Server
K8S Deployment
Fool
Clu
ster-
IP
SV
C
Jungle LB SVC
JungleWeb Frontend
K8S Deployment
StairwayTraffic/Incidents
K8S Deployment
RainbowMusic Events
K8S Deployment
FoolWeather Service
K8S Deployment
Rain
bow
C
lust
er-
IP
SV
C
Sta
irw
ay
Clu
ster-
IP
SV
C
Tarantula Architecture
Tenant AlphaL4/L7 SG
User commit1
Jenkins detectsit and
downloads code
2
Jenkins buildscontainer images
and uploads to registry
3Jenkins requestsCCC to deploythe App4
CCC gets the images and deploys to K8S
5
Services are created in K8S and ACI
6That’s it7
Secure Automation Pipeline
Use Case: CI/CD pipeline Automation
Problems to solve
• Limited Visibility Across SW lifecycle
• Code Quality Concerns
• Manual Processes
• Agility
• Codebase Governance
• Need for Increased productivity
• Software vendor Management
Continuous end-to-end software automation pipeline
Agile softwaredelivery
Continuous testautomation
Hyper automation of CICD. AI/ML engine for software
recommendation
Ease of useand efficiency
Automate everything, Everywhere - Pipeline
Code | Integrate | BuildFunctional
and UA testing Performance
testing
Build Test Deploy Operate
Customerexperience
Developers Testers Release team Operations
Deploy toproduction
Cisco Continuous Deployment and Automation Framework (CDAF) Attributes
Agile defect tracking/resolution
Direct access for customer On-Prem
resource to BU development
Microservices-Based architecture
Open source tools -Easy to deployand integrate
Agile SLCM for Co-development
Vendor BU, CX, vendor interaction
SW Release managementAI/ML based
Multiple package versions releases
and tracking
Processautomation
Co-develop and implement with multiple vendor
Your environment. Our CI/CD platform and expertise
Cisco CDAF methodology and components
Scope Develop Test Defect Governance Release Deploy
Define user, requirements and test
strategy
Checkout code from SCM and artifacts
repository, and build the project
Executeautomatic tests (unit,
functional, service level)
Defect discovery, filing and tracking
Security compliance and code threat
prevention
Officially release the package
Deploy a published containerized image
package to an execution
environment Management
Epics, features, user stories, sprints,
Compiled code from BU built images
Test reports release management
dashboard
Bugs, track test PEN test,SAST, DAST
ReleaseManagement Dashboard
Solution deployed in customer lab for
verificationArtifacts
Toolset CICD Test Automation Framework Plan, Track, Orchestrate, Provisioning, Test and Release management
CA RallySLCM
GithubSource control management
JiraIssue/Defect
JenkinsAutomation of pipeline
ArtifactoryArtifact management and repository
Jfrog/docker
ArtifactoryJfrog, Docker Test Tools
CXTMTM500, IXIA, Accuver
Continuous deployment
CDAF Service Delivery motion
OnPrem
Cisco internal cloud. Fully-managed and supported by
Cisco.
Multi-vendor product certification testing – Functional & security,
packaged for deployment
Managed by Cisco or Customer
Cloud HostedMultivendor product certification testing –Functional & security,
packaged for deployment
Managed by Cisco or Customer
Use Case: Automate via API Integration
Problems to solve• Diverse Traffic Patterns with no context
• Network and Security teams have limited to no visibility into container workloads
• Segmentation and security internal to the cluster can only be done by cluster administrators.
• Missing tools to troubleshoot network issues
• Diverse Traffic Patterns with no context
• Network and Security teams have limited to no visibility into container workloads
• Segmentation and security internal to the cluster can only be done by cluster administrators.
• Missing tools to troubleshoot network issues
Problem to solve
• Secure K8s infrastructure:
• network isolation for infrastructure related objects
• Network isolation between namespaces
• Controlling access between Kubernetes services and external services
PODPOD
POD
Frontend-EPG
PODPOD
POD
API-Gateway-EPG
Policy
PODPOD
POD
Backend-EPG
PODPOD
POD
Monitoring-EPG
Policy
Policy Policy
Segmentation
• Non-Cluster endpoints communicating with Cluster:
• Exposing external services, how? NodePort? LoadBalancer?
• Scaling-out ingress controllers, how can you scale?
• Cluster endpoints communicating with non-cluster endpoints:
• POD access to external services and endpoints
Policy
PODPOD
POD
Frontend-EPG
PODPOD
POD
API-Gateway-EPG
Policy
PODPOD
POD
Backend-EPG
PODPOD
POD
Monitoring-EPG
Policy
Policy Policy
Communication to outside of cluster
Demo:Automate via API
Integration
Automation
• Easy way to create managed, monitored and scalable Kubernetes clusters with CCP
• Support CI/CD chain with:
• Governance
• Multi-tenancy
• Cost control
• Agnostic application modeling
Problems to solve
Bangkok, Thailand. 26th November 2019