infoblox cloud solutions - cisco mid-atlantic user group
TRANSCRIPT
1 | © 2014 Infoblox Inc. All Rights Reserved.
Infoblox Cloud Solutions Jim Zelnosky, Sr. SE Channels 08-19-2015
2 | © 2014 Infoblox Inc. All Rights Reserved.
• Overview of Cloud Market Trends • Infoblox Cloud Network Automation Overview • VMware Private Cloud Automation Use Case • Amazon AWS and Hybrid/Public Cloud
Agenda:
3 | © 2014 Infoblox Inc. All Rights Reserved.
About Infoblox
($MM)
Founded in 1999 – Evanston Headquartered in Santa Clara, CA with global operations in 25 countries
Market leadership • DDI Market Leader (Gartner)
• 50% DDI Market Share (IDC)
7,300+ customers 74,000+ systems shipped to 10 countries
45 patents, 27 pending
IPO April 2012: NYSE BLOX
Leader in technology for network control
Total Revenue (Fiscal Year Ending July 31)
$35.0 $56.0 $61.7
$102.2
$132.8
$169.2
$225.0
$0
$50
$100
$150
$200
$250
FY2007 FY2008 FY2009 FY2010 FY2011 FY2012 FY2013
4 | © 2014 Infoblox Inc. All Rights Reserved.
Inhibitors to Enterprise Cloud Adoption Cloud Paradigms Multi-Cloud Adoption Security/Compliance
• Too many service tickets between server & network teams
• Lack of troubleshooting tools • Slow IT execution times
• Multiple management portals • No consistent policies • Any platform change disrupts
implementation/processes
• No correlated infrastructure view for entire cloud
• Lack of auditing capabilities • Requires cross-cloud expertise
Manual processes don’t work for cloud paradigms
Limited support for multi-vendor hybrid clouds
New security/compliance challenges with shift to cloud
5 | © 2014 Infoblox Inc. All Rights Reserved.
Cloud Network Pain Points No visibility to IP address/DNS records for VM/network resources No central reporting on lease history, DNS/IP associations
Lack of reliable DDI for Private Cloud Stability and simplified upgrades of underlying network inhibits Cloud rollout
Requires too much administrator overhead Manual IP address/DNS provisioning is slow, error-prone
Network provisioning is too slow for application delivery No Amazon-like capabilities i.e., on-demand, self-service, DevOps
6 | © 2014 Infoblox Inc. All Rights Reserved.
Infoblox Cloud Solution Enabling the Promise of Hybrid Cloud
DDI Automation Multi-Cloud Visibility
Policy-based automation of DNS, DHCP, IPAM services for virtual servers Open RESTful interfaces for customization
Single management interface for leading cloud solutions Private Cloud: VMware, OpenStack, Microsoft, etc Public/Hybrid Cloud: Amazon
Discovery of VMs, networks for multi-cloud platforms Auditing, reporting across clouds for DHCP leases, DNS records, IP addresses
7 | © 2014 Infoblox Inc. All Rights Reserved.
The Power of Cloud Network Automation
Manual
Traditional Approach
Provision Virtual
Instance
1
Request IP or Use
Allotment
2
Forward IP Data for Tracking
3
Update Database or Spreadsheet
4
Request DNS
Record
5
Allocate and Manually
Enter DNS
6
Clean Up When
De-provisioned
1 6 2 3 4 5
Automated
Provision Virtual
Instance
Automated
Automated
Infoblox Cloud Network Automation ü Implement change anytime Eg: DNS names, IP addresses
ü No tickets between network, server teams for DNS, IP
ü Automatic reclamation of resources upon spin down
8 | © 2014 Infoblox Inc. All Rights Reserved.
Infoblox Cloud Network Automation • Mapping to Your Private Cloud Journey
Stage Appropriate Offerings Value Delivered
Scale-out
Cloud Platform Appliances CP-V800
CP-V1400 CP-V2200
• Resilience with local survivability • Increased DDI scalability and performance for VM
spin ups/downs
Production
Cloud Network Automation License • View/administer cloud tenants, networks, VMs, IP addresses through a single UI
• Monitor IP and network usage • New audit/usage reports
Pilot Infoblox Automation Adapters
• Automate DDI for VMs • No additional cost • Extend existing Grid
Val
ue
9 | © 2014 Infoblox Inc. All Rights Reserved.
Cloud Architecture – Where Infoblox Plays NIOS/vNIOS with DDI Automation
The Cloud Computing Conceptual Reference Model (credit: NIST)
Compute Storage Network
Hypervisors
Cloud Orchestration Layer
Cloud Management Platform
Cloud Consumer
OpenSource: OpenStack
Commercial: VMware vCAC, MS SC/VMM
Network Services: Routing, switching, firewalls, load-balancers
Infoblox Adaptors VMware/Microsoft/OpenStack
Infoblox DNS/DHCP/IPAM Core Network Services
Automa'ng the management, provisioning and de-‐provisioning of IP addresses and DNS services is a cloud best prac'ce.
Alan Chabra, Lead Architect, BMC Cloud Center of Excellence “ ”For our cloud customers automating IP address and DNS service
provisioning is a must have. They tell us repeatedly that they can’t rely on manual/high-risk solutions to run their next gen cloud
infrastructure. Vikul Gupta, Director of Cloud Svcs Orchestration, HP
“ ”
10 | © 2014 Infoblox Inc. All Rights Reserved.
Major BioTech firm Private Cloud Case Study
Background and Challenges: • VM provisioning typically took 3-6 weeks due to network manual network configuration tasks • Frequent errors during provision • Multiple hand offs/approvals for IP addresses and DNS entries
Solution and Results: Infoblox DDI + Cloud Adapters • Reduced time to bring up cloud services • Reduced total provisioning time from weeks to hours • Eliminated discrepancies and errors
Agile delivery of cloud services, no manual overhead
11 | © 2014 Infoblox Inc. All Rights Reserved.
Example - VMware Private Cloud using vRA/vRO with IPAM Plug-in
vCenter Server
vRealize Orchestrator (vCO)
Infoblox vRO Plug-in
3- Infoblox DDI allocates the next available IP address and sends it to the VM along with the DNS host record
2- The Infoblox IPAM Plug-in “Reserve an IP” workflow gets invoked
11
Infoblox Trinzic DDI Appliance
1- A vRAcloud admin/user requests a VM to be created
5- The newly created VM is now running on an ESXi host using the newly allocated IP address and DNS record
4- vCenter creates and spins-up the VM
12 | © 2014 Infoblox Inc. All Rights Reserved.
Infoblox – Help Deliver the Promise of Hybrid Cloud
Accelerates Cloud Projects in Single Platform
• Adapters provide powerful IPAM and DNS automation • Common interface for multiple teams reduces handoffs
Multi-cloud Management Improves Agility
• Enterprise-grade DDI for multiple platforms • Build common policies across different vendors
Security and Audit Capabilities Reduces Risk
• Detailed tracking for auditing and compliance • Consolidated view of cloud and traditional resources
13 | © 2014 Infoblox Inc. All Rights Reserved.
Challenges in Amazon AWS Public Cloud Private DNS Management in AWS • No consistent DNS management for hybrid cloud
(Eg: reverse zone configurations, DNS naming conventions)
• No automation for DNS records for AWS instances
IP Address Management • Limited capability to plan, track, manage IP addresses in AWS VPCs • IP addresses assigned randomly, don’t comply with corporate policy Visibility into IP Addresses and DNS Records for AWS instances • Network team has little visibility on IP address utilization in AWS • No single tool to manage DNS, DHCP & IP addresses (DDI) for Hybrid Cloud
Eg: DDI for AWS, Internal Virtualization, Core Network
No Consistent DDI Management for AWS
Lack of Visibility into AWS Infrastructure
14 | © 2014 Infoblox Inc. All Rights Reserved.
Solution: DNS & IPAM for Amazon AWS
DNS in Public Cloud
Centrally manage DNS servers that are on-premise and in AWS
Automation
Automatically assign & reclaim IP addresses and DNS records for
AWS instances
Visibility
Discover IP and DNS information for AWS instances
Extend Infoblox Grid to AWS EC2 virtual compute
Automate DNS records & IP addresses for AWS instances
Discovery, audit and compliance for AWS instances
15 | © 2014 Infoblox Inc. All Rights Reserved.
Automation Agile Deployment with DNS and IPAM Automation
AWS API Client (Ansible, Puppet, Chef scripts etc.)
AWS instances
AWS API calls
AWS API calls
a.b.c.d abc.xyz.com
Grid Member
• Automate creation/deletion of VPCs, networks, EC2 instances
• IP address assignments and reclamations
• Provisioning/de-provisioning of DNS records
• Configurable DNS names
Grid Master
Data Center
16 | © 2014 Infoblox Inc. All Rights Reserved.
AWS Objects Defined • AWS Cloud (Orange Box) –
This is the AWS Cloud representing the entirety of the AWS services.
• AWS Region (Blue Box) – Set of cloud resources isolated from other regions in AWS. There are multiple geographically dispersed regions.
• AWS Availability Zones (Purple Boxes) – Within a region availability zones isolate resources from one another to protect against failure. Instances can be distributed across availability zones.
• VPC (Green Box) – Virtual Private Clouds allows you to create networks for your workloads (subnets).
• EC2 Instances (Elastic Compute 2) – Virtual machines hosting your workloads deployed from an AMI.
AWS Region
VPC 1
EC2 instances
Availability Zones
*Note: Regions and availability zones are distinct resource segmentation within AWS, used to provide segmentation of workloads for HA and DR purposes.
AWS Object Concepts Explained
17 | © 2014 Infoblox Inc. All Rights Reserved.
AWS Object Concepts Explained AWS Connectivity Concepts • Customer Gateway –
A CGW is the anchor on the customer's side of the VPN connection. It can be a physical or software appliance.
• Virtual Private Gateway – A VGW is the anchor on the AWS side of the VPN connection.
• VPN Tunnel – Connection is used to describe the network connectivity that is established between a single CGW and a single VGW.
• VPC Peering – PC peering connection is a networking connection between two VPCs that enables you to route traffic between them using private IP addresses. Instances in either VPC can communicate with each other as if they are within the same network.
EC2 instances
AWS Region
VPC 1 VPC 2
VPC Peering
EC2 instances
Availability Zones
Availability Zones
On-premise DC
VPN Connection (Tunnel)
AWS Region
18 | © 2014 Infoblox Inc. All Rights Reserved.
DNS and visibility
AWS Region
VPC 1
VPC 2
Shared service/ Management VPC
On-premise DC
GM
Feat
ures
1
2 3
Deployment Scenario Hybrid Cloud
OR
Amazon API calls can be directed to the Grid Master Amazon API calls can be directed Cloud Platform Appliances
19 | © 2014 Infoblox Inc. All Rights Reserved.
Automation for AWS Instances (API Gateway)
AWS API Client (Eg: Ansible, Puppet, Chef scripts etc.)
API Endpoint
1. API: Create EC2 Instance in VPC-Dev for network 10.10.0.0/16
2. GM reserves next available IP in network 10.10.0.0/16 for VPC-Dev and inserts into API request
3. API: Create EC2 Instance in VPC-Dev
4. EC2 Instance spun up with 10.10.10.101 in VPC-Dev
5. API Response: Success
6. GM updates Host records for EC2 Instance
7. API Response: Success
Notes: Amazon API calls can be directed to either the Grid Master or Cloud Platform Appliances GM performs vDiscovery of AWS instances to ensure no duplicate addresses are assigned AWS instance tags assigned as metadata in Infoblox database Policy based IP address assignment via metadata passed in AWS APIs
VPC ID Network IP
VPC-‐Dev 10.10.0.0/16 10.10.10.101
VPC ID Network IP DNS record
VPC-‐Dev 10.10.0.0/16 10.10.10.101 dev1.internal.com
20 | © 2014 Infoblox Inc. All Rights Reserved.
Visibility Discovery and visibility of AWS Networks
AWS VPCs AWS Instances AWS Networks
Single pane of glass to view AWS EC2 instances, VPCs and networks
Periodic discovery of modifications to AWS environment
Detailed view of AWS VPCs and networks
• EC2 instances in a VPC and their attributes
• AWS tags imported as configurable metadata
21 | © 2014 Infoblox Inc. All Rights Reserved.
• Infoblox AMI available for DNS • Hardened virtual appliance for
secure DNS in AWS • Deploy Infoblox DNS servers
in AWS VPCs • Use for External DNS or
Internal DNS • Fault tolerance with support
for Disaster Recovery
Grid Member (Primary DNS)
Grid Master (GM)
AWS Public Cloud
Data Center
Grid Member (Secondary DNS)
Grid Member (Secondary DNS)
Enterprise Premise
Grid Master Candidate
DNS in Public Cloud Enterprise-grade DNS in Amazon AWS
22 | © 2014 Infoblox Inc. All Rights Reserved.
Infoblox Cloud Network Automation Benefits
Features Elastic Scaling • Auto provisioning and elastic scaling of vNIOS Appliances • Ability to auto scale DDI as required by the Cloud
Management Platform
vDiscovery Enhancements • Discover VMs, IP addresses, vswitches, virtual ports,
physical host, tenants etc on OpenStack and Amazon environment in addition to VMware vSphere
Benefits • Simplify Cloud Deployment with on-demand provisioning of
Cloud Members • Elastic scale of IPAM, DNS, and DHCP for Cloud
environments • Single pane of glass for DDI across hybrid cloud
(Vmware, OpenStack and AWS)
Autoscaling
vDiscovery Discover Virtual Machines (VMs)
VMware/OpenStack/AWS
VM VM VM VM API
Infoblox Trinzic Physical/Virtual Appliance
23 | © 2014 Infoblox Inc. All Rights Reserved.
Q&A