multi-cloud and application centric modeling, deployment and … · 2017-06-26 · multi-cloud and...
TRANSCRIPT
Multi-Cloud and Application Centric Modeling, Deployment and Management with Cisco CloudCenter (CliQr)
Jeremy Oakey - Sr. Director, Technical Marketing & Integrations
BRKCLD-2008
• Introduction
• Architecture
• Anatomy of an Application Profile
• Integrations
• Demos
• Additional Reference Material
• Q&A
Agenda
© 2017 Cisco and/or its affiliates. All rights reserved. Cisco Public
A widening Cloud Gap
Cloud
applications
Cloud
Gap
IT capabilities
• People
• Processes
• Tools
…and what IT is capable of reliably and confidently
supporting today.
Between what cloud applications require…
Lo
Bre
qu
ire
me
nts
Time
Traditional
applications
BRKCLD-2008 4
© 2017 Cisco and/or its affiliates. All rights reserved. Cisco Public
Growing IT complexity: your landscapeUnderstanding the Cloud Gap
Internet of
Things
Data centersHQ BranchHosting / Colocation DevicesPrivate cloud Public Clouds
BRKCLD-2008 5
© 2017 Cisco and/or its affiliates. All rights reserved. Cisco Public
The true challenges of hybrid cloudWhat’s in the Cloud Gap?
Internet of
Things
Data centersHQ BranchHosting / Colocation DevicesPrivate cloud Public Clouds
Hybrid Cloud
Multicloud security
Data center automation IT as a brokerNew skillsets
DevOps environments
Application performance
monitoring
Managing both traditional
& cloud applications Application lifecycle management
New network needs
6BRKCLD-2008
© 2017 Cisco and/or its affiliates. All rights reserved. Cisco Public
Internet of
Things
Data centersHQ BranchHosting / Colocation DevicesPrivate cloud Public Clouds
Hybrid Cloud
Reimagine your cloud for a hybrid IT world New requirements
SECURE
CONNECTIVITY
HYBRID IT
OPERATIONS
VISIBILITY
& INSIGHTS
RISK
MANAGEMENT
AGILITY
COST
PERFORMANCE
RISK
BRKCLD-2008 7
© 2017 Cisco and/or its affiliates. All rights reserved. Cisco Public
Our Approach
A cloud neutral approach to your hybrid IT world
NETWORKSMANAGEMENT ANALYTICSSECURITY
Scale, agility, and
secure user-cloud
access
Integrated platform,
lifecycle management for
all applications
Infra and application
insights for security and
the customer experience
Users, data, and
applications secured
everywhere
Cloud
Intelligence
BRKCLD-2008 8
© 2017 Cisco and/or its affiliates. All rights reserved. Cisco Public
CloudCenter Unique ValueModel Once. Deploy and Manage Anywhere.
Data
Center
DEPLOY
MANAGE
MODEL
Public
Cloud
Private
Cloud
One Integrated
Platform
Lifecycle
Management
New and Existing
Applications
BRKCLD-2008 9
© 2017 Cisco and/or its affiliates. All rights reserved. Cisco Public
What Does ”Model Once” Mean?
Infrastructure-Centric
Cloud-Specific
workflows and Scripts
Labor /Services
IntensiveUnique
Script /
Workflow
Application-Centric
Cloud-Agnostic
Low TCOUnique
Script /
Workflow
Unique
Script /
Workflow
Script-Based Application Profile-Based
BRKCLD-2008 10
© 2017 Cisco and/or its affiliates. All rights reserved. Cisco Public
IT Infra
IT Infra
Developer
Cloud Admin
LOB / IT Apps
Cisco Data Center Reference Stack
Nexus UCS HyperFlex
ACI UCS Director
Multi-Cloud Orchestration
Public Cloud
Hybrid Cloud
CiscoCloud Center
IT ServicesConsumption
Cisco Prime ServiceCatalog (PSC)
Se
cu
rity
an
d A
na
lytics
Security
Cis
co
Te
tra
ti n
An
aly
tics
Cis
co
Se
cu
rity
Po
rtfo
lio
Security and Analytics
PaaS + Container
Management and Automation
Infrastructure
Contiv
BRKCLD-2008 11
© 2017 Cisco and/or its affiliates. All rights reserved. Cisco Public
Cloud Agnostic Cloud API-Specific
Hybrid Cloud ManagementOne Platform
Orchestrator
Extendable
Multi-tenant
Secure
Scalable
Orchestrator
Orchestrator
ManagerApplication
Profile
BRKCLD-2008 13
© 2017 Cisco and/or its affiliates. All rights reserved. Cisco Public
UI
CLI
API
Enterprise Class
ORCHESTRATORMANAGER PROFILE
Extendable
Multi-tenant
Secure
Scalable
BRKCLD-2008 14
© 2017 Cisco and/or its affiliates. All rights reserved. Cisco Public
Secure
MANAGEMENT
PRIVATE
AGENT
MANAGED
APPLICATION VM
80
8443
5671 5671 / 7789
RABBIT MQ
ARTIFACT
REPOSITORY
ORCHESTRATOR
Extendable
Multi-tenant
Secure
Scalable
PROFILEMANAGER
• VM access based on unique C3 generated SSH key
pair for each user per cloud environment
• Ability to use user’s own SSH key
• Network placement and firewall rules
• Support optional SDN integration such as Cisco ACI
•AES-256 Encrypted DB
• Cloud Credentials
• Key Storage
• Optional HSM integration
• Browser-based secure VNC/RDP/SSH
access
• SAML 2.0 SSO
• User/Group RBAC
• Object-level ACL
• n-level Multi-tenancy
BRKCLD-2008 15
© 2017 Cisco and/or its affiliates. All rights reserved. Cisco Public
Scalable
10,000 VMs per Environment
VM VM VM
Extendable
Multi-tenant
Secure
Scalable
BRKCLD-2008 16
© 2017 Cisco and/or its affiliates. All rights reserved. Cisco Public
DEPLOY
MANAGE
MODEL
HooksScripts
Events
SecuritySSO
HSM
InfrastructureIPAM
DNS
Docker
Puppet, Chef
Components
User Content
Vendor Content
Content Integration
Tool Integration
Extendable
Cloud APIsDatacenter Private and Public Cloud
Platform IntegrationITSM | Build Automation (Jenkins)
Extendable
Multi-tenant
Secure
Scalable
BRKCLD-2008 17
© 2017 Cisco and/or its affiliates. All rights reserved. Cisco Public
Groups
Users GroupsSharing
Isolation
Partial
Isolation
Multi-Tenant
Users GroupsSharingUsers GroupsSharing
Peer Tenant Peer Tenant
Sub-Tenant
Extendable
Multi-tenant
Secure
Scalable
BRKCLD-2008 18
© 2017 Cisco and/or its affiliates. All rights reserved. Cisco Public
Cisco CloudCenter Multi-tenancy
Root Tenant
Platform
AdminUsers Groups
Coca-Cola
Tenant
Tenant Admin Users GroupsCoca-America
Sub-tenant
Tenant Admin
Users
Groups
Coca-EMEA Sub-tenant
Tenant Admin
Users
Groups
Pepsi Tenant
BRKCLD-2008 19
© 2017 Cisco and/or its affiliates. All rights reserved. Cisco Public
Cisco CloudCenter Tenant Object Model
Tenant
User Group Sub-TenantApplication
ProfileDeployment Environment
Cloud
Cloud Region
Cloud Account
Image Service
1..n
m..n
n..1
n..1 1..n
1..n
1..n
BRKCLD-2008 20
© 2017 Cisco and/or its affiliates. All rights reserved. Cisco Public
• An application profile is comprised of services.
• The services define a function of the application (e.g.- web, firewall, database, etc.)
• Services are instantiated using packages and customized using artifacts.
• Artifacts can consist of scripts, code snippets, applications.
• Repositories contain the artifacts and can contain packages.
BasicsTerminology
Application
Profile
Se
rvic
es
Repositories
0101
1011
1101
0011
bash
sqlperl
package
Artifacts
BRKCLD-2008 22
© 2017 Cisco and/or its affiliates. All rights reserved. Cisco Public
Application Profile
• CloudCenter JSON Format
• General Information
• Global Parameters (optional)
• Global Tags (optional)
• Application-tiers (Topology)• Application service specific settings
• Application-tier parameters (optional)
• Application-tier tags (optional)
• Hardware specification
• Environment variables
• Support REST API to export/import
BRKCLD-2008 23
© 2017 Cisco and/or its affiliates. All rights reserved. Cisco Public
Application Profile (cont’d)
Meta Data
Custom Parameters
Windows Red Hat Ubuntu Other
MySQL Apache Active MQ Container RDS
Image Mapping
Reusable Services
Application Packages
Service Settings
Topology
…
…
BRKCLD-2008 24
© 2017 Cisco and/or its affiliates. All rights reserved. Cisco Public
Topology Modeling UI
BRKCLD-2008 25
© 2017 Cisco and/or its affiliates. All rights reserved. Cisco Public
Service Definitions
Service Library
CloudCenter provides out of box services
• Load balancers - Nginx, HA Proxy
• Open source AppServers, Databases, etc.
• AWS RDS & ELB
Users can extend to add their own
• E.g. – Load Balancers - F5, A10,
AviNetworks
Types of Service Definitions
• Service Packages with lifecycle scripts
• Service gets installed on VMs
• Container based services
• PaaS
BRKCLD-2008 26
© 2017 Cisco and/or its affiliates. All rights reserved. Cisco Public
Build Lifecycle Actions – Start
BRKCLD-2008 27
© 2017 Cisco and/or its affiliates. All rights reserved. Cisco Public
Build Lifecycle Actions – Stop
BRKCLD-2008 28
© 2017 Cisco and/or its affiliates. All rights reserved. Cisco Public
• These issues could be further isolated and resolved by deploying the VM and logging into the VM and looking at the log files.
• One useful tip is to use the cliqrIgnoreAppFailure parameter to
prevent the VM’s from being terminated on Error state.
• http://docs.cloudcenter.cisco.com/display/CCD46/Troubleshooting+Parameters
• Use agentSendLogMessage to send feeback to the UI
• Verify that user params and environment variables is userenv file
• /usr/local/osmosix/etc/userenv
TroubleshootingApplication VMs
Application Profiles <Application> Edit/Update
BRKCLD-2008 29
© 2017 Cisco and/or its affiliates. All rights reserved. Cisco Public
Examples of Integration Ecosystem
• ServiceNow Scoped Application - certified and available in ServiceNow Store
• Prime Service Catalog
• Cisco ACI
• Configuration ManagementChef, Puppet, Ansible
• DevOpsJenkins plug-in, full API documentation (docs.cloudcenter.cisco.com, APIs)
• IPAM productsie-Infoblox, Bluecat, etc.
• Tetration
BRKCLD-2008 31
© 2017 Cisco and/or its affiliates. All rights reserved. Cisco Public
Better Together – Cisco ACI
CloudCenterModel-Based Approach
ACIPolicy-Based Approach
Application Network Profile
Seamless Integration
“Zero Touch” automation
Powerful Benefits
• Application Security
• Ops Efficiency
• User Agility
BRKCLD-2008 32
© 2017 Cisco and/or its affiliates. All rights reserved. Cisco Public
Security
Dependencies
Application
Service Offering
Service
Service Category
(Service Owner)
What Is Really Running on My Network?Cisco Tetration Analytics Application Insight—Dependency Map
Use Cisco
Tetration Analytics™
outcome to generate
white-list policies
BRKCLD-2008 34
© 2017 Cisco and/or its affiliates. All rights reserved. Cisco Public
Additional Inputs for ADM Runs
• Load-Balancer Configurations • DNS Configurations
• IP Address Management Database • Existing CMDB Information
BRKCLD-2008 35
© 2017 Cisco and/or its affiliates. All rights reserved. Cisco Public
Application clusters
conversation viewsConversation details
including process bindings
Application Conversation View
BRKCLD-2008 36
© 2017 Cisco and/or its affiliates. All rights reserved. Cisco Public
Cloud
Marketplace
Approval
Workflow
Application
Profile
IT Service
Management
IT Ops
Management
IT Business
Management
Cloud API
CloudCenter
API
CMDB
Data Center
Cisco CloudCenter
Public Cloud
Private Cloud
End User
Admin
Manager
Finance
LOB
Procurement
• Inventory Detail
• Deployment status
• Metering Data
Clo
ud
Ce
nte
r
Sco
pe
d A
pp
lica
tio
n
Policies and
Actions
Events
CloudCenter / ServiceNow Integration
BRKCLD-2008 37
CloudCenter @ Cisco live! Las Vegas 2017
Monday June 26th
4:00PM | BRKCLD-1011 – Future-proofing your enterprise cloud strategy
Thursday June 29th
10:00 AM | PSOCLD-1235 – Bridging the Cloud Gap: Cisco Solutions for Next Generation Hybrid Cloud
10:30 AM | BRKCLD-2235 – Deploy a Hybrid, Multi-Cloud Container Environment in Less than an Hour
Instructor Led Labs
LTRCLD-1050 – CCC/ACI/UCSD - A Multicloud story - An Infrastructure View
DevNet – DEVNET-1179, DEVNET-1767, DEVNET-1769
dCloud.cisco.com – Cisco CloudCenter 4.8 with ACI 2.2 v1
© 2017 Cisco and/or its affiliates. All rights reserved. Cisco Public
• Give us your feedback to be entered into a Daily Survey Drawing. A daily winner will receive a $750 gift card.
• Complete your session surveys through the Cisco Live mobile app or on www.CiscoLive.com/us.
Complete Your Online Session Evaluation
Don’t forget: Cisco Live sessions will be available for viewing on demand after the event at www.CiscoLive.com/Online.