apic-em and - cisco...apic-em application overview at ga public cloud enterprise network day 0...
TRANSCRIPT
![Page 1: APIC-EM and - Cisco...APIC-EM Application Overview at GA Public Cloud Enterprise Network Day 0 Plug-and-Play App Zero touch deployment of routers / switches / APs Accelerated roll-out:](https://reader033.vdocuments.net/reader033/viewer/2022060802/6086b7ac7e0df8319547dce2/html5/thumbnails/1.jpg)
System Engineer
René Andersen
November 2015
TechUpdate November 2015
APIC-EM and Software Defined in the Enterprise
![Page 2: APIC-EM and - Cisco...APIC-EM Application Overview at GA Public Cloud Enterprise Network Day 0 Plug-and-Play App Zero touch deployment of routers / switches / APs Accelerated roll-out:](https://reader033.vdocuments.net/reader033/viewer/2022060802/6086b7ac7e0df8319547dce2/html5/thumbnails/2.jpg)
`
Cisco APIC-EMAn Application Platform for Enterprise WAN and Access Networks
• Virtual (ISO VM) or appliance-based
• Provides user policy abstraction and automation
• Simplification of complex network configuration withCisco® application best practices
• Existing and new installations (Catalyst®, ISR, ASR, WLC)
Ready-to-deploy applications (October 2015):
IWAN (with a license)
Plug-n-Play (free)
Path Trace (free)
BENEFITS:Brownfield support
Ready-to-use-applications
Open, northbound API
![Page 3: APIC-EM and - Cisco...APIC-EM Application Overview at GA Public Cloud Enterprise Network Day 0 Plug-and-Play App Zero touch deployment of routers / switches / APs Accelerated roll-out:](https://reader033.vdocuments.net/reader033/viewer/2022060802/6086b7ac7e0df8319547dce2/html5/thumbnails/3.jpg)
APIC-EM Application Overview at GA
Public Cloud
Enterprise Network
Day 0Plug-and-Play App
Zero touch deployment of routers / switches / APs
Accelerated roll-out: Eliminates tech visits and shrinks deployment from months to minutes
Day 1Cisco IWAN App
Guided, fast auto-provisioning of IWAN solution with Cisco experts’ best practices
From 1000 CLI commands to 10 GUI clicks per branch
Day 2Path Trace App
Discover path between two end points based on 5 tuple
Rapidly troubleshoot congestion and ACL issues and lower OPEX for trouble ticket processing by 98%
BRANCH
![Page 4: APIC-EM and - Cisco...APIC-EM Application Overview at GA Public Cloud Enterprise Network Day 0 Plug-and-Play App Zero touch deployment of routers / switches / APs Accelerated roll-out:](https://reader033.vdocuments.net/reader033/viewer/2022060802/6086b7ac7e0df8319547dce2/html5/thumbnails/4.jpg)
NETWORK
New RouterNew Switch
PnP ApplicationIT
Simple Workflow Zero Touch
Provisioning
SDN
Open
Architecture
BENEFITS
APIC-EM PnP ApplicationUse Case: Auto-Discovery and Provisioning
Zero Touch Deployment.
Shortened Deployment Time.No On-Site Expert Needed
Increased Security. Decreased
Chance of Misconfiguration.
![Page 5: APIC-EM and - Cisco...APIC-EM Application Overview at GA Public Cloud Enterprise Network Day 0 Plug-and-Play App Zero touch deployment of routers / switches / APs Accelerated roll-out:](https://reader033.vdocuments.net/reader033/viewer/2022060802/6086b7ac7e0df8319547dce2/html5/thumbnails/5.jpg)
Network Plug and Play (PnP)
DiscoveryDevice can reach
PnP Server on APIC-EM1
DeploymentDevice receives target
image and configuration2
No StagingNo Staging Required
PnP Runs from Cisco
Factory-Default ConfigurationSwitches (Catalyst®)
Routers (ISR, ASR)
Wireless Access Points
![Page 6: APIC-EM and - Cisco...APIC-EM Application Overview at GA Public Cloud Enterprise Network Day 0 Plug-and-Play App Zero touch deployment of routers / switches / APs Accelerated roll-out:](https://reader033.vdocuments.net/reader033/viewer/2022060802/6086b7ac7e0df8319547dce2/html5/thumbnails/6.jpg)
Network Plug and Play (PnP) – Components
PnP Agent
Runs on Cisco® switches, routers, and wireless access points
Automates the deployment process
PnP Server
Central Server on APIC-EM
Manages sites, devices, images, licenses, workflow
Provides Northbound REST APIs
PnP Protocol
Runs between Agent and Server
Open Schema
PnP Helper App
[ Optional ]
Delivers bootstrap, status and troubleshooting checks
Redpark RJ45
Apple 30pin
Redpark RJ45
Apple 8pin
GetConsole
Airconsole2.0
Bluetooth Adapter
Cloud Redirect Service
[ Optional ]
Roadmap Phase 2
![Page 7: APIC-EM and - Cisco...APIC-EM Application Overview at GA Public Cloud Enterprise Network Day 0 Plug-and-Play App Zero touch deployment of routers / switches / APs Accelerated roll-out:](https://reader033.vdocuments.net/reader033/viewer/2022060802/6086b7ac7e0df8319547dce2/html5/thumbnails/7.jpg)
PnP – Discovery Options
Switches (Catalyst®)
Routers (ISR, ASR)
Wireless Access Points
1
2
3
4
5
DHCPServer
DNSServer
DHCP with options 60 and 43
PnP string: 5A1D;B2;K4;I172.19.45.222;J80
DNS lookup
pnpserver.localdomain ---- 172.19.45.222 (PnP Server)
Cloud re-direction - roadmap (Q4CY2015)
https://devicehelper.cisco.com/device-helper re-directs to 172.19.45.22
(PnP Server)
USB-based bootstrapping
Manual - using the Cisco® Installer App
iPhone, iPad, Android, (roadmap - Windows mobile and PC)
X Others
Any other manual or automated discovery method – Scripting, AN, EEM, NAP, etc.
![Page 8: APIC-EM and - Cisco...APIC-EM Application Overview at GA Public Cloud Enterprise Network Day 0 Plug-and-Play App Zero touch deployment of routers / switches / APs Accelerated roll-out:](https://reader033.vdocuments.net/reader033/viewer/2022060802/6086b7ac7e0df8319547dce2/html5/thumbnails/8.jpg)
PnP – DHCP Discovery Example
pnp profile pnp-zero-touch
transport http ipv4 10.51.89.147 port 80
Resulting PnP Profile in running-config
ip dhcp pool pnp_pool
network 10.51.89.160 255.255.255.248
default-router 10.51.89.254
option 43 ascii "5A1D;B2;K4;I10.51.89.147;J80"
Sample DHCP Server Config
Option 43 Format
5A = PnP DHCP ID
1D = PnP DHCP debug on
1o = PnP DHCP debug off
token.K = <protocol>
1: XMPP-starttls;
2: XMPP-socket;
3: XMPP-tls;
4: HTTP;
5: HTTPS
token.B = <address type> 1:host; 2:ipv4; 3:ipv6
token.I = <remote server ip add / hostname>
token.J = <remote server port>
token.P = <server jid>
token.N = user <name>
token.O = <password>
![Page 9: APIC-EM and - Cisco...APIC-EM Application Overview at GA Public Cloud Enterprise Network Day 0 Plug-and-Play App Zero touch deployment of routers / switches / APs Accelerated roll-out:](https://reader033.vdocuments.net/reader033/viewer/2022060802/6086b7ac7e0df8319547dce2/html5/thumbnails/9.jpg)
PnP – Simple & Secure & Consistent
Switches
(Catalyst)
Routers
(ISR/ASR)Wireless AP
APIC-EM PnP Dashboard
APIC-EM Bulk Import/Export
APIC-EM PnP REST API Support
Python
APIC-EM API
PnP REST API
Customer’s Existing
Automation Frameworks
Automation Framework
(i.e. Python scripts,
configuration generator, etc)
Device Repository
and Database
![Page 10: APIC-EM and - Cisco...APIC-EM Application Overview at GA Public Cloud Enterprise Network Day 0 Plug-and-Play App Zero touch deployment of routers / switches / APs Accelerated roll-out:](https://reader033.vdocuments.net/reader033/viewer/2022060802/6086b7ac7e0df8319547dce2/html5/thumbnails/10.jpg)
NETWORK
DMVPNSLA QoS
Path SelectionBusiness Policy:
App SLAIWAN
ApplicationIT
SDN
Simple Workflow Zero Touch
Provisioning
Business Level
Policies
Open
Architecture
Network,
Applications
Monitoring
BENEFITS
APIC-EM IWAN ApplicationUse Case: Cisco Best Practices & Knowledge for SDWAN
Note: IWAN App Release 1 targets less than 500 sites, 2 links per Branch with ISR4000.
From Weeks to
Minutes
Over 1000 CLI commands
reduced to 10 GUI Clicks
![Page 11: APIC-EM and - Cisco...APIC-EM Application Overview at GA Public Cloud Enterprise Network Day 0 Plug-and-Play App Zero touch deployment of routers / switches / APs Accelerated roll-out:](https://reader033.vdocuments.net/reader033/viewer/2022060802/6086b7ac7e0df8319547dce2/html5/thumbnails/11.jpg)
`
Three main areas:
1. Hub site and settings
2. Administration of
application policy
3. Branch site setup
IWAN App on APIC-EM
Policy-Driven IWAN Site Deployment including PnP and Monitoring
Step-by-Step Network and Hub Settings
Simple Policy Definition and Customization
![Page 12: APIC-EM and - Cisco...APIC-EM Application Overview at GA Public Cloud Enterprise Network Day 0 Plug-and-Play App Zero touch deployment of routers / switches / APs Accelerated roll-out:](https://reader033.vdocuments.net/reader033/viewer/2022060802/6086b7ac7e0df8319547dce2/html5/thumbnails/12.jpg)
NETWORK
ITTrouble Ticket
Path Visualization User
Simple Workflow
SDN
Open ArchitectureApplication Path
Monitoring
APIC-EM Path Trace ApplicationUse Case: Accelerate Trouble-Ticket Processing
Easy visual discovery of trouble spots in
communication path based on 5-Tuple
OPEX for ticket processing decreased by 98%
From 1.4 hours to 1 minute
![Page 13: APIC-EM and - Cisco...APIC-EM Application Overview at GA Public Cloud Enterprise Network Day 0 Plug-and-Play App Zero touch deployment of routers / switches / APs Accelerated roll-out:](https://reader033.vdocuments.net/reader033/viewer/2022060802/6086b7ac7e0df8319547dce2/html5/thumbnails/13.jpg)
APIC-EM Path Trace Hop-by-hop Details specific to 5-tuple Path
![Page 14: APIC-EM and - Cisco...APIC-EM Application Overview at GA Public Cloud Enterprise Network Day 0 Plug-and-Play App Zero touch deployment of routers / switches / APs Accelerated roll-out:](https://reader033.vdocuments.net/reader033/viewer/2022060802/6086b7ac7e0df8319547dce2/html5/thumbnails/14.jpg)
APIC-EM Path Trace"response": {
"request": {
"sourceIP": "212.1.10.20",
"destIP": "65.1.1.6"
},
"lastUpdate": "Thu Apr 23 01:23:21 UTC 2015",
"properties": [ ],
"networkElementsInfo": [
{
"id": "424621be-d2b4-4d42-ad16-92d4d5c19fa4",
"type": "WIRED",
"ip": "212.1.10.20",
"linkInformationSource": "Wired"
},
{
"id": "8beada2e-cd2c-421d-941f-3ba42696c489",
"name": "CAMPUS-Access1",
"type": "SWITCH",
"ip": "212.1.10.1",
"ingressInterface": {
"physicalInterface": {
:
![Page 15: APIC-EM and - Cisco...APIC-EM Application Overview at GA Public Cloud Enterprise Network Day 0 Plug-and-Play App Zero touch deployment of routers / switches / APs Accelerated roll-out:](https://reader033.vdocuments.net/reader033/viewer/2022060802/6086b7ac7e0df8319547dce2/html5/thumbnails/15.jpg)
Introducing APIC-EM and 3 Apps
Day 0 : Plug-and-Play App
Zero touch deployment of routers / switches / APs
Shrinks deployment from months to minutes
Day 1 : Cisco IWAN App
Guided, fast auto-provisioning of IWAN solution with Cisco experts’ best practices
From 1000s of CLI commands to a few policy deployments with a few GUI clicks per branch
Day 2 : Path Trace App
Discover path between two end points based
Lower OPEX for trouble ticket processing by 98%
3 N E W A P P L I C A T I O N S
Applications
SecurityOrchestration Automation Collaboration
SOUTHBOUND ABSTRACTION LAYER
CATALYST | ISR | ASR | WIRELESS
REST API
E N T E C H N O L O G Y D I F F E R E N T I A T I O N
![Page 16: APIC-EM and - Cisco...APIC-EM Application Overview at GA Public Cloud Enterprise Network Day 0 Plug-and-Play App Zero touch deployment of routers / switches / APs Accelerated roll-out:](https://reader033.vdocuments.net/reader033/viewer/2022060802/6086b7ac7e0df8319547dce2/html5/thumbnails/16.jpg)
APIC-EM Packaging and Deployment
Built as a
Linux Container
Grapevine
Root
LXC
Container
LXC
Container
GV
Client
GV
Client
Operation System
Server / Machine
Standalone or
Resilient Deployment
3 Nodes• active-active-active
• Scale and HA- Software failure- HW failure of 1 node
1 or 2 Nodes• active-active
• Scale and HA- Software failure only
Download or
Preinstalled Appliance
Download• .iso image including
ubuntu 14.04 64bit
• available from:- software.cisco.com- devnet.cisco.com
Cisco Appliance• APIC-EM installed
• ready-to-go
• or SKU:- APIC-EM-APL-R-K9- APIC-EM-APL-G-K9
![Page 17: APIC-EM and - Cisco...APIC-EM Application Overview at GA Public Cloud Enterprise Network Day 0 Plug-and-Play App Zero touch deployment of routers / switches / APs Accelerated roll-out:](https://reader033.vdocuments.net/reader033/viewer/2022060802/6086b7ac7e0df8319547dce2/html5/thumbnails/17.jpg)
APIC-EM Deployment Considerations
`
Bare Metal/HW Appliance Virtual Machine
GV Root
GV Client GV Client
Libs/Bins Libs/Bins
LXC
Container
LXC
Container
Server Hardware
Operation System
Server Hardware
Hypervisor and/or Host OS
Virtual Machine
Operation System
GV Root
GV Client GV Client
Libs/Bins Libs/Bins
LXC
ContainerLXC
Container
![Page 18: APIC-EM and - Cisco...APIC-EM Application Overview at GA Public Cloud Enterprise Network Day 0 Plug-and-Play App Zero touch deployment of routers / switches / APs Accelerated roll-out:](https://reader033.vdocuments.net/reader033/viewer/2022060802/6086b7ac7e0df8319547dce2/html5/thumbnails/18.jpg)
`
Before You Deploy: System Requirements
Server: 64-bit x86 (supported by Ubuntu 14.04 LTS)
vCPU: 6 (2.4 GHz) or more
RAM: 64 GB (for single-host deployments)/
32 GB (for multi-host deployments)
Storage: 500 GB HDD
− Hardware-based RAID at RAID level 10
− Disk I/O Speed: 200 MBps
Network adaptor: 1 x
Browser: Google Chrome (44.0 or later)
Hypervisor: VMware vSphere 5.1/5.5
(for Virtual Appliance)
![Page 19: APIC-EM and - Cisco...APIC-EM Application Overview at GA Public Cloud Enterprise Network Day 0 Plug-and-Play App Zero touch deployment of routers / switches / APs Accelerated roll-out:](https://reader033.vdocuments.net/reader033/viewer/2022060802/6086b7ac7e0df8319547dce2/html5/thumbnails/19.jpg)
`
Scale Numbers
Network
Devices:
2000
Access
Points:
2000
End
Hosts:
20,000
Note: These scale numbers are for the APIC-EM platform and the base applications.
Some other APIC-EM applications might have different scale numbers. At GA: IWAN App Release 1 targets < 500
sites, 2 links per Branch with ISR4000
![Page 20: APIC-EM and - Cisco...APIC-EM Application Overview at GA Public Cloud Enterprise Network Day 0 Plug-and-Play App Zero touch deployment of routers / switches / APs Accelerated roll-out:](https://reader033.vdocuments.net/reader033/viewer/2022060802/6086b7ac7e0df8319547dce2/html5/thumbnails/20.jpg)
Devices SupportedGeneral Availability Release
`
Device Series
Catalyst 2960-X/XR Series Switches Catalyst 4500x Series Switches
Catalyst 2960-S Series Switches Catalyst 4900 Series Switches
Catalyst 2960 Series Compact Switches Catalyst 6500 Series Switches
Catalyst 3560 Series Compact Switches Catalyst 6800 Series Switches
Catalyst 3650 Series Switches Cisco Nexus 5000 Series Switches
Catalyst 3850 Series Switches Cisco Nexus 7000 Series Switches
Catalyst 3750-X Series Switches
EtherSwitch Modules for Integrated
Services Routers: SM-E22-16-P, SM-
ES2-24-P, SM-D-ES2-48, SM-ES3-16-P,
SM-ES3-24-P, SM-D-ES3-48-P
Catalyst 3560-X Series Switches Industrial Ethernet 2000 Series Switches
Catalyst 4500 Series Switches Industrial Ethernet 3000 Series Switches
LAN
Device Series
4000 Series Integrated Services Routers
Integrated Services Routers Generation 2
ASR 1000 Series Aggregated Services Routers
ASR 9000 Series Aggregated Services Routers
Cisco Cloud Services Router 1000v
WAN
Device Series
Wireless LAN Controllers (IOS XE & AireOS)
WLAN
![Page 21: APIC-EM and - Cisco...APIC-EM Application Overview at GA Public Cloud Enterprise Network Day 0 Plug-and-Play App Zero touch deployment of routers / switches / APs Accelerated roll-out:](https://reader033.vdocuments.net/reader033/viewer/2022060802/6086b7ac7e0df8319547dce2/html5/thumbnails/21.jpg)
Common Policy Model from Branch to Data Center
Application Network Flow Profile
SLA, Security, QoS, Load Balancing
User and Things Network Profile
QoS, Security, SLA, Device, Location, Role
Cloud Data Center WAN Access
POLICY
DATA CENTER WAN AND ACCESS
CISCO® ADVANTAGE
BROWNFIELD AND
GREENFIELDEND TO END
POLICY FRAMEWORK: FOCUS ON
APPLICATION AND USER ENABLEMENT
![Page 22: APIC-EM and - Cisco...APIC-EM Application Overview at GA Public Cloud Enterprise Network Day 0 Plug-and-Play App Zero touch deployment of routers / switches / APs Accelerated roll-out:](https://reader033.vdocuments.net/reader033/viewer/2022060802/6086b7ac7e0df8319547dce2/html5/thumbnails/22.jpg)
You @ DevNet Developer Ecosystem
Application-aware
Performance
Management,
Visualization, Granular
Troubleshooting,
Real-time analytics
and Flow Visibility
Advanced
Orchestration,
Provisioning,
Lifecycle Mgmt, and
Customized Policies
UC Integration and
monitoring
Defense Force
for Security
Securing SDN
Controller
Deployments
Compliance Topology
visualization
across AWS and
multiple controllers
Average Growth
per Month
20APIC-EM DevNet
Companies
153devnet.cisco.com
Forum | Sandbox | API Index | Documentation
![Page 23: APIC-EM and - Cisco...APIC-EM Application Overview at GA Public Cloud Enterprise Network Day 0 Plug-and-Play App Zero touch deployment of routers / switches / APs Accelerated roll-out:](https://reader033.vdocuments.net/reader033/viewer/2022060802/6086b7ac7e0df8319547dce2/html5/thumbnails/23.jpg)
Resources and Starting Points
• Demos in dCloud and DevNet Sandboxes (today still running EFT code, upgrading in the coming weeks)
• APIC-EM @ CCO: www.cisco.com/go/apicem
• APIC-EM @ DevNet: devnet.cisco.com/site/apic-em
Cisco YouTube
https://www.youtube.com/watch?v=mUY5Er-fjOs