multi-cloud and application centric modeling, deployment...

Multi-Cloud and Application Centric Modeling, Deployment and Management with Cisco CloudCenter (CliQr)

Jeremy Oakey – Senior Director, Technical Marketing and Integrations

BRKCLD-2008

• Introduction

• Architecture

• Anatomy of an Applicaton Profile

• Integrations

• Demos

• Additional Reference Material

• Q&A

Agenda

© 2017 Cisco and/or its affiliates. All rights reserved. Cisco Public

A widening Cloud Gap

Cloud

applications

Cloud

Gap

IT capabilities

• People

• Processes

• Tools

…and what IT is capable of reliably and confidently

supporting today.

Between what cloud applications require…

Lo

Bre

qu

irem

en

ts

Time

Traditional

applications

BRKCLD-2008


Growing IT complexity: your landscapeUnderstanding the Cloud Gap

Internet of

Things

Data centersHQ BranchHosting / Colocation DevicesPrivate cloud Public Clouds

BRKCLD-2008


The true challenges of hybrid cloudWhat’s in the Cloud Gap?

Internet of

Things


Hybrid Cloud

Multicloud security

Data center automation IT as a brokerNew skillsets

DevOps environments

Application performance

monitoring

Managing both traditional

& cloud applications Application lifecycle management

New network needs

BRKCLD-2008


Internet of

Things


Hybrid Cloud

Reimagine your cloud for a hybrid IT world New requirements

SECURE

CONNECTIVITY

HYBRID IT

OPERATIONS

VISIBILITY

& INSIGHTS

RISK

MANAGEMENT

AGILITY

COST

PERFORMANCE

RISK

BRKCLD-2008


Our Approach

A cloud neutral approach to your hybrid IT world

NETWORKSMANAGEMENT ANALYTICSSECURITY

Scale, agility, and

secure user-cloud

access

Integrated platform,

lifecycle management for

all applications

Infra and application

insights for security and

the customer experience

Users, data, and

applications secured

everywhere

Cloud

Intelligence

BRKCLD-2008


CloudCenter Unique ValueModel Once. Deploy and Manage Anywhere.

Data

Center

DEPLOY

MANAGE

MODEL

Public

Cloud

Private

Cloud

One Integrated

Platform

Lifecycle

Management

New and Existing

Applications

BRKCLD-2008


What Does ”Model Once” Mean?

Infrastructure-Centric

Cloud-Specific

workflows and Scripts

Labor /Services

IntensiveUnique

Script /

Workflow

Application-Centric

Cloud-Agnostic

Low TCOUnique

Script /

Workflow

Unique

Script /

Workflow

Script-Based Application Profile-Based

BRKCLD-2008


Nearly two out of three CIOs (62%) have brought workloadsback to the datacenter

Pacific Crest Securities 2017 Cloud and Infrastructure Priorities

Cloud BoomerangCloud is not the answer for everything

BRKCLD-2008


IT Infra

IT Infra

Developer

Cloud Admin

LOB / IT Apps

Cisco Data Center Reference Stack

Nexus UCS HyperFlex

ACI UCS Director

Multi-Cloud Orchestration

Public Cloud

Hybrid Cloud

CiscoCloud Center

IT ServicesConsumption

Cisco Prime ServiceCatalog (PSC)

Se

cu

rity

an

d A

na

lytics

Security

Cis

co T

etr

ati n

Analy

tics

Cis

co S

ecuri

ty P

ort

folio

Security and Analytics

PaaS + Container

Management and Automation

Infrastructure

13

Contiv

BRKCLD-2008

Architecture


Cloud Agnostic Cloud API-Specific

Hybrid Cloud ManagementOne Platform

Orchestrator

Extendable

Multi-tenant

Secure

Scalable

Orchestrator

Orchestrator

ManagerApplication

Profile

BRKCLD-2008


UI

CLI

API

Enterprise Class

ORCHESTRATORMANAGER PROFILE

Extendable

Multi-tenant

Secure

Scalable

BRKCLD-2008


Secure

MANAGEMENT

PRIVATE

AGENT

MANAGED

APPLICATION VM

80

8443

5671 5671 / 7789

RABBIT MQ

ARTIFACT

REPOSITORY

ORCHESTRATOR

Extendable

Multi-tenant

Secure

Scalable

PROFILEMANAGER

• VM access based on unique C3 generated SSH key

pair for each user per cloud environment

• Ability to use user’s own SSH key

• Network placement and firewall rules

• Support optional SDN integration such as Cisco ACI

•AES-256 Encrypted DB

• Cloud Credentials

• Key Storage

• Optional HSM integration

• Browser-based secure VNC/RDP/SSH

access

BRKCLD-2008

• SAML 2.0 SSO

• User/Group RBAC

• Object-level ACL

• n-level Multi-tenancy


Scalable

10,000 VMs per Environment

VM VM VM

Extendable

Multi-tenant

Secure

Scalable

BRKCLD-2008


DEPLOY

MANAGE

MODEL

HooksScripts

Events

SecuritySSO

HSM

InfrastructureIPAM

DNS

Docker

Puppet, Chef

Components

User Content

Vendor Content

Content Integration

Tool Integration

Extendable

Cloud APIsDatacenter Private and Public Cloud

Platform IntegrationITSM | Build Automation (Jenkins)

Extendable

Multi-tenant

Secure

Scalable

BRKCLD-2008


Groups

Users GroupsSharing

Isolation

Partial

Isolation

Multi-Tenant

Users GroupsSharingUsers GroupsSharing

Peer Tenant Peer Tenant

Sub-Tenant

Extendable

Multi-tenant

Secure

Scalable

BRKCLD-2008

© 2017 Cisco and/or its affiliates. All rights reserved. Cisco Public 21

Cisco CloudCenter Multi-tenancy

Root Tenant

Platform

AdminUsers Groups

Coca-Cola

Tenant

Tenant Admin Users GroupsCoca-America

Sub-tenant

Tenant Admin

Users

Groups

Coca-EMEA Sub-tenant

Tenant Admin

Users

Groups

Pepsi Tenant

BRKCLD-2008

© 2017 Cisco and/or its affiliates. All rights reserved. Cisco Public 22BRKCLD-2008

Cisco CloudCenter Tenant Object Model

Tenant

User Group Sub-TenantApplication

ProfileDeployment Environment

Cloud

Cloud Region

Cloud Account

Image Service

1..n

m..n

n..1

n..1 1..n

1..n

1..n

Anatomy of an Application Profile


• An application profile is comprised of services.

• The services define a function of the application (e.g.- web, firewall, database, etc.)

• Services are instantiated using packages and customized using artifacts.

• Artifacts can consist of scripts, code snippets, applications.

• Repositories contain the artifacts and can contain packages.

BasicsTerminology

Application

Profile

Serv

ices

Repositories

0101

1011

1101

0011

bash

sqlperl

package

Artifacts

BRKCLD-2008


Application Profile

• CloudCenter JSON Format

• General Information

• Global Parameters (optional)

• Global Tags (optional)

• Application-tiers (Topology)• Application service specific settings

• Application-tier parameters (optional)

• Application-tier tags (optional)

• Hardware specification

• Environment variables

• Support REST API to export/import

BRKCLD-2008


Application Profile (cont’d)

Meta Data

Custom Parameters

Windows Red Hat Ubuntu Other

MySQL Apache Active MQ Container RDS

Image Mapping

Reusable Services

Application Packages

Service Settings

Topology

…

…

BRKCLD-2008


Topology Modeling UI

BRKCLD-2008


Service Definitions

Service Library

CloudCenter provides out of box services

• Load balancers - Nginx, HA Proxy

• Open source AppServers, Databases, etc.

• AWS RDS & ELB

Users can extend to add their own

• E.g. – Load Balancers - F5, A10,

AviNetworks

Types of Service Definitions

• Service Packages with lifecycle scripts

• Service gets installed on VMs

• Container based services

• PaaS

BRKCLD-2008


Build Lifecycle Actions – Start

BRKCLD-2008


Build Lifecycle Actions – Stop

BRKCLD-2008


• These issues could be further isolated and resolved by deploying the VM and logging into the VM and looking at the log files.

• One useful tip is to use the cliqrIgnoreAppFailure parameter to

prevent the VM’s from being terminated on Error state.

• http://docs.cloudcenter.cisco.com/display/CCD46/Troubleshooting+Parameters

• Use agentSendLogMessage to send feeback to the UI

• Verify that user params and environment variables is userenv file

• /usr/local/osmosox/etc/userenv

TroubleshootingApplication VMs

Application Profiles <Application> Edit/Update

BRKCLD-2008

http://docs.cloudcenter.cisco.com/display/CCD46/Troubleshooting+Parameters

Integrations

© 2017 Cisco and/or its affiliates. All rights reserved. Cisco Public 33BRKCLD-2008

Examples of Integration Ecosystem

• ServiceNow Scoped Application - certified and available in ServiceNow Store

• Prime Service Catalog

• Cisco ACI

• Configuration ManagementChef, Puppet, Ansible

• DevOpsJenkins plug-in, full API documentation (docs.cloudcenter.cisco.com, APIs)

• IPAM productsie-Infoblox, Bluecat, etc.

• Tetration


Better Together – Cisco ACI

CloudCenterModel-Based Approach

ACIPolicy-Based Approach

Application Network Profile

Seamless Integration

“Zero Touch” automation

Powerful Benefits

• Application Security

• Ops Efficiency

• User Agility

BRKCLD-2008


Security

Dependencies

Application

Service Offering

Service

Service Category

(Service Owner)

What Is Really Running on My Network?Cisco Tetration Analytics Application Insight—Dependency Map

Use Cisco

Tetration Analytics™

outcome to generate

white-list policies

BRKCLD-2008


Additional Inputs for ADM Runs

• Load-Balancer Configurations • DNS Configurations

• IP Address Management Database • Existing CMDB Information

BRKCLD-2008


Application clusters

conversation viewsConversation details

including process bindings

Application Conversation View

BRKCLD-2008


Cloud

Marketplace

Approval

Workflow

Application

Profile

IT Service

Management

IT Ops

Management

IT Business

Management

Cloud API

CloudCenter

API

CMDB

Data Center

Cisco CloudCenter

Public Cloud

Private Cloud

End User

Admin

Manager

Finance

LOB

Procurement

• Inventory Detail

• Deployment status

• Metering Data

Clo

udC

ente

r

Scoped A

pplication

Policies and

Actions

Events

CloudCenter / ServiceNow Integration

BRKCLD-2008

CloudCenter @ Cisco live! EMEA 2017

Tuesday February 21

1:00PM | PSOCLD-2449 - Bridging the cloud gap – Cisco solutions for hybrid cloud

Wednesday February 22

9:00 AM | BRKACI-2820 – How to setup ACI from scratch – includes CloudCenter provisioning

Instructor Led Labs

LTRCLD-2303 – Deploying Cloud-Agnostic Applications with Cisco CloudCenter

LABCLD-2330 – Hybrid Cloud. Migrate your Application from Private ACI cloud to Public AWS Cloud

LTRACI-2700 – Deploying and Integrating Cisco CloudCenter with ACI

Hands-On Labs

LABCLD-1020 – Demystifying CloudCenter, hands-on the Hybrid Cloud

dCloud.cisco.com

Cisco CloudCenter 4.5 - Install, Configure, and Manage Lab v1

Cisco Application Policy Infrastructure Controller 1.2 with CloudCenter 4.5 v1


Complete Your Online Session Evaluation

Don’t forget: Cisco Live sessions will be available for viewing on-demand after the event at CiscoLive.com/Online

• Please complete your Online Session Evaluations after each session

• Complete 4 Session Evaluations & the Overall Conference Evaluation (available from Thursday) to receive your Cisco Live T-shirt

• All surveys can be completed via the Cisco Live Mobile App or the Communication Stations

43BRKCLD-2008

CiscoLive.com/Online

multi-cloud and application centric modeling, deployment...

Documents