cloud orchestration in the service provider with...

Cloud orchestration in the Service Provider with Intelligent Automaton BRKSPG-2802

Lawrence Cross

Sr. Systems Engineering Manager

GSA, Cloud Automation Systems and Architecture

© 2013 Cisco and/or its affiliates. All rights reserved. BRKSPG-2802 Cisco Public

Agenda

Setting the Foundation

World of Many Clouds

Challenges

Cisco Intelligent Automation for Cloud (CAIC)

CIAC Starter Edition

CIAC Platform

3


Agenda



Challenges



CIAC Platform

4


Setting the Stage

5

As Service Provides (SP) continue to build out new cloud based environments and add more cloud based services the need for flexible Orchestrations solutions are required, balancing out of the box content while maintaining the systems ability to leverage existing systems, and deliver new differentiated services. Cisco’s Intelligent Automation for Cloud (CIAC) solution enables the SP community to leverage existing investments and provides an evolutionary approach to Cloud, IaaS and beyond.


Goals

6

The goal of the session is to provide an overview of Cisco’s Intelligent Automation for Cloud (CIAC) platform and insight to the evolutionary journey to the cloud.

It provides the value add of Cloud Orchestration used for orchestrating Cisco's Data Center and Cisco’s Secure Containment Models enabling a flexible, evolutionary approach to the journey to the Cloud.


Agenda



Challenges



CIAC 3.1 Platform

7


The Cloud Characteristics

• On-demand self-service • End-user can provision computing capabilities, such as server, network and storage as needed

• Broad network access

• Resource pooling • Physical and virtual resources dynamically assigned and reassigned according to user demand.

• Rapid elasticity • Capabilities can be rapidly and elastically provisioned to quickly scale out, and rapidly released

to quickly scale in.

• Measured Service • Resource usage monitored, controlled, and reported

Reference: The NIST Definition of Cloud Computing, Special Publication 800-145

9


The Cloud Benefits

• Agility • Quickly adjust to the needs of the business

• Reduce time to deploy new VM (~15 min) • Deploy when needed and not in advance

• Complete lifecycle management • Discovery, tracking, inventory, analysis, assessment, aging and retirement

• Reduce human error

• Usage tracking • Capacity planning, chargeback, etc.

• Centralized Control and Governance • Ensure business value • Mitigate risks • Compliance

• Optimized staff • Staff is able to spend more time focusing on business needs

10


Cloud Applications and Services Deployment Models

Private Cloud

On Premise

Public

Cloud

Multi-tenant

Software

Virtual Private

Cloud

Shared Hardware,

Dedicated VMs

Hosted Private

Cloud

Dedicated,

Managed

11


Generalized Cloud Management Model

Device Device Device

Compute Domain

Controller


Storage

Domain Controller


Network

Domain Controller

Orchestrator Policy/Rules/Workflow Engine

Application Application Application Application Service API

Domain

abstracted API

Cross-domain

Orchestrator

Domain specific

controllers

provide device

abstraction

Portals

12


Agenda



Challenges



CIAC 3.1 Platform

13

Challenges


Introduction

Early Adopters of Cloud What They Discovered

Deployed with objective of decreasing costs

Did not utilize automation, orchestration, repeatable services

Virtualization just increased workload burden on IT

Management gap resulted in higher costs

15


78% of Enterprises: Private Cloud Is Strategic Real Value of Cloud Is Speed, Flexibility, Agility

Today’s Cloud

Cloud Management Enables Value to Be Realized

IT Can Better Align with Business Decisions

Fees Up IT Staff to Focus on Strategic Competitive Innovation

16


Unlocking Cloud Benefits

Operational Process Automation

Service Delivery Automation

Self-Service Portal and Service Menus

Lifecycle Management

Resource Management

17


Public Cloud

Services Private Cloud

Hybrid Cloud

Traditional

Data Center

Tomorrow’s IT: World of Many Clouds Enabling Multiple IT Sourcing Models

18


Journey to the Cloud Crawl, Walk, Run…on Your Cloud Journey

Compute-as-

a-Service Hybrid Clouds

Virtual Data Centers

Simple and

Advanced IaaS

Multi-Tenancy

Network-as-a-Service

Crawl

Walk

Run

Sprint

Transition Stages

Enterprise Private Cloud

Service Provider

PaaS, Hybrid Cloud

Dev and Test

Cloud

19


UNIFIED

MANAGEMENT

UNIFIED

FABRIC

UNIFIED

COMPUTING

Cisco Unified Data Center The Platform for Delivering IT-as-a-Service

20


Agenda



Challenges



CIAC 3.1 Platform

21


On-Demand, Self-Service Provisioning of IT Resources

Easiest to Use, Delivers Faster Time to Value

Optimized for Cisco Architectures, Complements Existing IT Systems and Management Tools

Policy-Based, Model-Driven Approach Reduces TCO

Automation

Intelligence

Flexibility

Policy-Based Network

Infrastructure Resource Management

Policy-Based Compute

Cisco Intelligent Automation for Cloud IT-as-a-Service Requires a New Management Approach

Network

Compute

Storage

Service Profiles

Physical-Virtual, Multi-Hypervisor

Network Containers

Dynamic Network Provisioning

On-Demand Provisioning

Service Catalog

Service Governance

Integration and Automation

Lifecycle Management

Pay-per-Use

Self-Service Portal and Orchestration

23


Cisco Intelligent Automation for Cloud

Cloud Service

Providers

Self-Service Portal and Service Catalog

Cisco Cloud Portal

Orchestration and Automation

Cisco Process Orchestrator

Policy-Based Compute

Cisco UCS Manager

OS/Bare Metal Provisioning

Integration Framework

Cisco Network Services Manager

Policy-Based Network

Cisco Server Provisioner

Clo

ud C

onte

nt

Pre

-Bu

ilt fo

r P

ort

al a

nd

A

uto

ma

tio

n

Image/ Config Mgmt

Monitoring

Email

Service Desk/CMDB

LDAP/Active Directory

Billing/ Chargeback

Storage Mgmt Multi-Vendor Compute

and Network Mgmt Virtualization Mgmt

Network

Compute

Storage

24


Where to Start?

“All In” from the Start?

Culture, Management Processes IT New / Changing Roles

Technology Is Not the Hard Part

No Standard Clouds

25


Cisco’s Journey to the Cloud Start Where You Are Comfortable

Compute-as-

a-Service Virtual Data Centers

Crawl

Walk

Run

Sprint

Transition Stages

Cisco IAC

Solution Kits

Cisco IAC Roadmap

Multi-Hypervisor

Multi-Cloud

Start Here

Cisco Starter Edition

Start Here

26


Agenda



Challenges



CIAC Platform

27


First Step on Way

to Production

Compute-as-a-

Service on UCS

Use Cases

• Self-service and auto provisioning

• Scope next steps

• Development/Test

• Department-level pilot

• Internal IT provisioning system

Cisco IAC Starter Edition Accelerate Your Journey to the Cloud

29


Cisco IAC Starter Edition

Entry-Level Private Cloud for Compute-as-a-Service

Orchestrates Cisco UCS and VMware vCenter

Baseline for Growth Software Solution

• Smaller IT shops

or department-

level cloud

deployments

• Starting point

toward an

Enterprise private

production cloud

• Service providers

offering hosted or

on-premise single-

tenant CaaS

• Out-of-the-box

integration with

Cisco UCS and

VMware vCenter

• Network and

storage manually

pre-provisioned

• Works on Vblock,

FlexPod, HDS,

3PAR

• Add and provision

new blades for

physical or

virtualized

environments

• Add integrations*

• Upgrade path to

Cisco Intelligent

Automation for

Cloud

• Self-service

portal, process

orchestrator, bare-

metal server

provisioner

• Deployment-ready

with prebuilt, out-

of-the-box content

for automation,

catalog, portlets

30


Cisco Intelligent Automation for Cloud Starter Edition

Cloud Management and Orchestration Software for Cisco UCS

Order VMs and Physical Servers

with Automated Provisioning

Easy-to-Use End-Self-Service

and Administrator Web Portal

31


CIAC Starter Edition – Features & Benefits

Pre-Built Portal

Content and

Workflows to

Accelerate Time

to Cloud

Deployment of

Compute-as-a-

Service on

Cisco UCS to

Improve Agility

Self-Service

Provisioning

and Automation

for both Virtual

and Physical

Control Over

Resources and

Consumption

with Lifecycle

Management

Ability to Grow

Deployment and

Expand to New

Use Cases with

Upgrade Path

32


• Users work from portal interface

• 2 virtual services: VM from template, VM base OS install

• Admin-controlled templates

• 3 VM sizes (adjustable by admin)

• 2 physical services: Base Windows, Base Linux

• Next available physical blade allocation

• User-selected service profile template

• Start/stop/reset/add CPU/add RAM/snapshot VM

• Admin-created networks per organization

• Built-in IP address management

• Auto-expiration (lease management)

CIAC Starter Edition—Technical Feature Specs

• Simple, private cloud

• Single tenant, multi-organizational units

• Single server orders

• Physical and virtual servers

• 1 Cisco UCS-M 2.0 B Series + 1 vCenter 4.1/5.0 maximum

• Accelerated install/ configuration process

• Admin connects Cisco UCS-M and VMware vCenter

• Admin registers blades, networks

• Admin registers VM/OS/Cisco UCS Service Profile templates

• Admin repurpose blades to virtual/physical pools

• Automated ESX provisioning and addition to vCenter

• Resource capacity view from portal

• Basic failed service recovery and cleanup

• Infrastructure fault detection (no auto handling)

• 90+% of operations are from portal

• Add/remove organizations and users

• Assign other administrators, physical order privilege

• Quotas, service access control, approvals

• Virtual data centers

• Detailed resource usage views

• Firewalls, load-balancing, VRF provisioning

• Storage system and disk provisioning

• Billing, chargeback

• Multi-site deployments and DCI

• Clustered applications, HA, DR

• IP address manager integration or DHCP

• Start date and reservations

• Other blades/server or hypervisors

• User-uploaded custom images

General

Infrastructure Administration

User Administration Starter Edition Doesn’t Include

Cloud Portal and Self-Service

Provisioning

33


Agenda



Challenges



CIAC Platform

34

CIAC 3.1 Platform



Secure, Reliable Foundation for Private, Public, or Hybrid Clouds

Edition: Cisco IAC 3.1

Scalable Clouds Out-of-the box cloud management that scales from virtual machines to multiple virtual data centers

CloudSync Cloud infrastructure discovery to manage and synchronize cloud infrastructure elements

Service

Remediation Quick identification of problem workflows

and remediation actions

Clouds Your Way Over 200 extension points to deploy cloud on existing

IT practices, policies and infrastructure systems

36


POD 1 POD 2

Key Concept: Compute POD Infrastructure Grouping Unit What is it?

– Point of delivery, a unit of the data center

– Examples: vBlock 300, FlexPod, VMDC compute POD

– One UCS domain

– Local and shared network and storage

– Local and shared domain managers

Also:

– IAC registers POD by associating a set of domain managers

– Scalability through multiple PODs

Access Switch


Network

Services

Manager

vCenter

UCS Chassis and Servers

NetApp DFM

or EMC UIM

NetApp/

EMC/HDS

Portal and

Orchestrator

Network

Stack

Included in IAC

Integrated to IAC

Not IAC Integrated

Access Switch


UCS Manager

UCS Chassis and Servers

NetApp DFM

or EMC UIM

NetApp/

EMC/HDS

UCS Manager

Portal, Orchestrator,

NSM, and vCenter Are

One per System UCS Manager and Cisco

SP Are One per POD

37


Virtual Data Centers

38


VDC Ordering Service in 3.1 Order by “Organization Admin” or “Cloud Portal Technical Admin”

39


POD 1 POD 2

Key Concept: Virtual Data Centers Shared and Dedicated Deployment Environments

What are they?

– Dedicated pool resources for departments or whole organizations

– Include one network zone and VLANs

– Each housed in a cluster within one POD

– May be placed in any POD

– Soft or hard reservation

Value

Cost-effective and secure alternative to “shadow IT”

Accommodates different organizational sizes (small, medium, large)

Org A’s VDC “Staging”

Available capacity Available capacity

Available capacity

Available Capacity

Available Capacity

Available Capacity Org B’s VDC “Website”

Shared Zone

Org A’s VDC “QA Lab”

Deploy Servers

Org A

Users Shared Zones: A

Special VDC Shared

Across All Cloud Users.

Created by the Cloud

Administrator.

Virtual Data Center:

Dedicated to One

Organization’s Users.

Ordered by the Org

Admin. The Cloud

Admin Selects the

PODs to House in.

Network 1

Network 2

Network 3

VM VM

VM

VM

VM

Physical Server

Physical Server

VDC “Web Site”

40


VDC Lifecycle Management Actions for managing VDC – “My Virtual Data Centers” Portlet

Size Modify VDC

Size Decommission

VDC

Size Add Network

to VDC

Size Order a Virtual Machine

from Template

Size Order a Virtual Machine

and Install an OS

Size Remove Network

from VDC

Size Order a Physical

Server

41


Server Lifecycle Management Actions for managing servers

Power Up

Power Down

Power Cycle

Modify Configuration

Take Snapshot

View Snapshot Revert to Snapshot

Delete Snapshot Decommission

Extend Lease

42


A CPTA can remediate failed services caused by infrastructure problems

Error Handling

Requisition

Summary

Error Details

Remediation

Actions

Requisition

Details

43


Error Handling – Remediation Actions

Size

Size

Size

Size

Size

Cancel option stops the service delivery in its current

state in order to release the resource for future usage.

Restart will undo any changes to the service and

attempts to start over from the beginning of the order

Retry attempts to resume service at the step that just

failed

Ignore attempts to ignore the step that just failed and

continues with the next step in the process

Rollback reverses all infrastructure and service item

changes. 44


Facilitate Approval Business Process

Enable “Approval” to enforce the order-to-provision business process with approval, for example – VDC ordered by OTA to be approved by CPTA

– VM ordered by a user (VM Owner) to be approved by OTA

45


Resource Capacity Dashboards Resources Usage by Organization

Select the organization

The chart below shows the resource usage of the organization

46


Resource Capacity Dashboards System Resources Capacity

Select the POD

The chart shows the resource usage of the selected POD

47


Resource Capacity Dashboards VDC Capacity

Select the VDC

The chart below shows the resource usage of the VDC

48


Connection Status Dashboards Observe and Validate Connectivity

User can take Action here to validate connection

The results will be shown here

Select the platform element

Detail of the platform element

49


Key Concept: CloudSync

Discovery of cloud infrastructure and management systems

Reduces setup and management costs

Synchronizes dashboard of underlying infrastructure components

50


Network-as-a-Service Bundles Cisco Network Services Manager

– Ensures right networking resources are assigned to cloud resources

– Order networking layer from self-service portal

– Eliminates IT rework to correct errors

Process Orchestrator Adapter for NSM permits rapid automation for network provisioning

51


VMDC 2.0

Silver Gold Bronze

L2

L3

L3

vFW

LB

L2

L3

L3

vFW

FW

L2

L3

L3

vFW

LB

VMDC Validated Infrastructure, Secure Containment Common Infrastructure – Differentiated Services

Enables per-VM segmentation of

traffic w/full switching via VN-

Link

Isolates L2 / L3 customer traffic

via VLANs, VRFs, & Virtual Device

Contexts

Enables monetization of service

differentiation by enabling value

added services (e.g. SLB, Firewall)

Enables seamless extension of

tenants between pods via OTV

UCS Virtual

Access

Storage

Access

Services

Aggregation

Core

Data security,

authentication

and access

control

Unifed

Computing VN-Link

Fabric Path

FEX Architectures

VMDC 2.1

Palladium

L2

L3

FW

LB

LB

Public Zone

Private Zone

VMDC 2.2

Expanded

L2

L3

FW

LB

LB

vFW

vFW

FW

Protected

Back-End

Protected

Front-End

52





Link



Contexts






UCS Virtual

Access

Storage

Access

Services

Aggregation

Core

Data security,

authentication

and access

control

Unifed

Computing VN-Link

Fabric Path

FEX Architectures

53


VMDC 2.0

Silver Gold Bronze

L2

L3

L3

vFW

LB

L2

L3

L3

vFW

FW

L2

L3

L3

vFW

LB




Link



Contexts






54





Link



Contexts






VMDC 2.1

Palladium

L2

L3

FW

LB

LB

Public Zone

Private Zone

55





Link



Contexts






VMDC 2.2

Expanded

L2

L3

FW

LB

LB

vFW

vFW

FW

Protected

Back-End

Protected

Front-End

56


Clouds Your Way

Over 200 extension points for self-serve portal and orchestration

Deploy cloud within existing IT practices, policies and systems

Examples – Open/close tickets in ITSM solutions

– Add pricing and showback

– Document asset management changes

– Set up/decommission monitoring or service assurance

– Integrate with external IP address managers

57


Multi-Cloud Accelerator Kit Solution Pack for Cloud Management on OpenStack

Solution

Accelerators

Unifie

d M

anag

em

ent

Ecosyste

m

Cisco Network Services

Manager


Cisco Cloud Portal

Multi-Cloud

Accelerator Kit

OpenStack

AWS EC2

VMware vCloud

New!

• Create virtual data centers, on-board tenants and provision cloud services

with Cisco IAC on multiple hypervisors

• Not included in Cisco IAC 3.1—downloaded from public website


Pre-Built

Content Packs

3rd Party Infrastructure

Cisco UCS Manager




58


Multi-Cloud Accelerator Kit Solution Pack for Cloud Management on OpenStack

Solution

Accelerators

Unifie

d M

anag

em

ent

Ecosyste

m

Cisco Network Services

Manager


Cisco Cloud Portal

Multi-Cloud

Accelerator Kit New!


Pre-Built

Content Packs

3rd Party Infrastructure

Cisco UCS Manager




OpenStack

AWS EC2

VMware vCloud

59


Cisco Process Orchestrator Cisco Cloud Portal

Cisco Intelligent Automation Makes OpenStack Viable as Production Platform

Service catalog and

organizational multi-tenancy

“Real” user portal

– Portlets, user experience

– Extensible to add service assurance and billing

Policies

– Quotas, leases, selection guides and rule sets

Request management

Role-Based Access Control (RBAC)

– At the service, VM template and action on a VM

Service definition beyond VM

– Value-added services

– Bundles

Provisioning workflows

beyond OpenStack

Bare metal provisioning to

OpenStack cloud layer

Automation and integration

– Email, CMDB, incident, directories, security

– Orchestration of storage and network

– Configuration of middleware, applications

Day 2 maintenance of OpenStack

Integration with back office systems

– Billing

– Financials

60


Multiple Cloud and Virtual Environments

Manage OpenStack and Other Cloud Platform Options (EC2, vCD)

Cloud Platform

Setup for

OpenStack, Amazon

EC2,

or VMware

vCloud Director

61


Cisco Cloud Management Differentiation

• Focus on cloud self-service, service catalog, and automation

• RBAC, policy controls, orchestration, lifecycle management

• Open to heterogeneous h/w, hypervisors, third-party systems

• Allows customer flexibility and customer choice

• Extensive from IaaS to PaaS, private to hybrid, other use cases

• Content packs for rapid service creation and deployment

• Easy-to-use, self-service portal and service catalog

• Visually configure new portal services and automation workflows

“Right-Size” Solution

Leverage Existing Investments

Flexibility

User Experience

Best-in-Class Platform

• Leverages Cisco leadership in fabric-based infrastructure

• Orchestration and provisioning of physical and virtual resources

62


IAC 4.0 (Planning)

IAC 3.1 (Oct ’12)

IAC 3.0 (Apr ’12)

IAC 5.0 (TBD)

NextGenCatalog 5.0 (TBD)

Compute-as-a-

Service for

VMware vCenter

and Cisco UCS

Cisco Intelligent Automation for Cloud Strategic Roadmap

Table Stakes Cisco Differentiated Solutions

Infrastructure-

as-a-Service

via VDCs

converged

infrastructure

“inside”

Multi-cloud

enablement with

biz governance +

network

automation

Platform-as-a-

Service app

configuration +

OpenStack

infrastructure

management

IT-as-a-Service

(e.g. UC, VDI,

BYOD) +

Offered as a

hosted solution

63


Tier 2/3 SP and large enterprise looking to step forward from a

vCloud Director based Phase 1

• They need to expand and differentiate the services they provide relative to Amazon and others. Generic IaaS isn’t good enough anymore.

Cisco can help with bare metal cloud options.

• They need to reduce the cost of running their cloud through automation across traditional IT back office systems. There is too much volume

for manual activities. Cisco can help automate.

• The need to lower their platform costs. An all VMware stack is not cost competitive. Cisco can

provide OpenStack based options.

• As they add multi-cloud scenarios and PaaS

services to their cloud, network automation is now a must have.

Cisco Intelligent Automation for Cloud Our Sweet Spot

64


Difficulties quickly emerged. “We developed our own

customer-facing portal for the cloud offering,” says

Thomas Gfeller, product manager at Swisscom.

“Almost right away, we could see that our software

had serious limitations. The billing and fulfillment

processes were insufficiently automated, which

resulted in unnecessary operating costs. Customers

had very little transparency into the management of

their cloud data. And most importantly, the solution

was hard-coded and did not offer the configuration

flexibility we needed for a rapid time to market of

new product features.”

Swisscom Case Study

65


Swisscom now offers a standardized catalog of 26

different cloud-based services, including virtual

servers, storage, network, and security, all managed

through Cisco IAC. Business customers can place

orders online and provision a virtual data center in

minutes. “The key to the whole solution is the level of

customization provided by Cisco Services,” says Simon

Ruch, project manager at Swisscom. “Our cloud

services are now fully integrated into our billing

systems, our incident management system, and

even our extranet resources. We’ve automated some

of our most time-consuming processes, and we’ve

gained greater visibility across the enterprise from a

single portal. It’s a huge improvement.”

Swisscom Case Study

66


With the strength and flexibility of Cisco IAC as a

foundation, Swisscom is now free to virtualize more

services while finding more opportunities for

efficiency across the enterprise. “We plan to expand

our storage capabilities and offer a wider range of

features on all of our services,” says Flückiger.

“Another goal is to put multi-cloud services into

production. We also want to use Cisco automation

packs to transfer more of our in-house functions to

automated processes. That’s just in the short term. In

the long term, we fully expect that Cisco cloud

solutions, backed by the expertise of Cisco

Services, will help Swisscom maintain its edge in a

very competitive, very challenging market.”

Swisscom Case Study

67


Conclusions

The Promise of Cloud “Better, Faster, Cheaper”

Not all clouds are created equal

Cloud is a complex set of Technologies integrated together

There is not a one size fits all

CIAC enables the evolutionary approach to automating a cloud environment

CIAC’s flexibility enables the services today and enables the SP’s to develop the XaaS services of Tomorrow.

Questions?

68


Maximize your Cisco Live experience with your

free Cisco Live 365 account. Download session

PDFs, view sessions on-demand and participate in

live activities throughout the year. Click the Enter

Cisco Live 365 button in your Cisco Live portal to

log in.

Complete Your Online Session Evaluation

Give us your feedback and you could win fabulous prizes. Winners announced daily.

Receive 20 Cisco Daily Challenge points for each session evaluation you complete.

Complete your session evaluation online now through either the mobile app or internet kiosk stations.

Note: This slide is now a Layout choice

69


Back Up Slides

71


Converged Infrastructure

Animated Story of Journey to Differentiated Cloud Mgmt Platform (CMP)

Service Catalog

Orchestrator

3.1

.1

Co

nte

nt

Pre-Provisioned L2/L3 Network

vCenter VDC

Enterprise Centric Multi-Organizational

IAC 3.1.1

IAC 3.1.1 Forms the starting

basis of SP cloud

mgmt and

automation

Multi-Cloud

Solution Accelerator Enables SPs to offer

VMware and OpenStack

clouds (multi-hypervisor

by VDC)

PaaS -DevOps Accelerator

PaaS - DevOps

Accelerator Enables SPs to offer

application-centric PaaS

through multi-tier application

stack definition and ordering

canvas; Configure the

OS and applications by

leveraging the success

of Puppet and Chef

IAC 4.0 (Advanced Cloud

Models with Pricing) Support advanced multi-tenancy,

VMDC 4.X Virtual Services

Architecture, OpenStack support

OOB, cloud bursting use cases

through Prime Network Controller

(VNMC) Intercloud

4.0

C

onte

nt

Virtual Services Architecture VMDC 4.X Enabled VDC Prime Network

Controller (VNMC)

IAC 4.0

InterCloud Enabled

Multi-Tenant

UCS Director / Cloupia

IAC 4.0

(Infrastructure Clouds) SPs can differentiate cloud

offers through Cloupia

integration for bare-metal and

storage provisioning

Run in Slideshow

DevOps

Heterogeneous VDC Providers

Multi-Cloud Accelerator

72

cloud orchestration in the service provider with...

Documents