multi-cloud and application centric modeling, deployment...
TRANSCRIPT
Multi-Cloud and Application Centric Modeling, Deployment and Management with Cisco CloudCenter (CliQr)
Jeremy Oakey – Senior Director, Technical Marketing and Integrations
BRKCLD-2008
• Introduction
• Architecture
• Anatomy of an Applicaton Profile
• Integrations
• Demos
• Additional Reference Material
• Q&A
Agenda
© 2017 Cisco and/or its affiliates. All rights reserved. Cisco Public
A widening Cloud Gap
Cloud
applications
Cloud
Gap
IT capabilities
• People
• Processes
• Tools
…and what IT is capable of reliably and confidently
supporting today.
Between what cloud applications require…
Lo
Bre
qu
irem
en
ts
Time
Traditional
applications
BRKCLD-2008
© 2017 Cisco and/or its affiliates. All rights reserved. Cisco Public
Growing IT complexity: your landscapeUnderstanding the Cloud Gap
Internet of
Things
Data centersHQ BranchHosting / Colocation DevicesPrivate cloud Public Clouds
BRKCLD-2008
© 2017 Cisco and/or its affiliates. All rights reserved. Cisco Public
The true challenges of hybrid cloudWhat’s in the Cloud Gap?
Internet of
Things
Data centersHQ BranchHosting / Colocation DevicesPrivate cloud Public Clouds
Hybrid Cloud
Multicloud security
Data center automation IT as a brokerNew skillsets
DevOps environments
Application performance
monitoring
Managing both traditional
& cloud applications Application lifecycle management
New network needs
BRKCLD-2008
© 2017 Cisco and/or its affiliates. All rights reserved. Cisco Public
Internet of
Things
Data centersHQ BranchHosting / Colocation DevicesPrivate cloud Public Clouds
Hybrid Cloud
Reimagine your cloud for a hybrid IT world New requirements
SECURE
CONNECTIVITY
HYBRID IT
OPERATIONS
VISIBILITY
& INSIGHTS
RISK
MANAGEMENT
AGILITY
COST
PERFORMANCE
RISK
BRKCLD-2008
© 2017 Cisco and/or its affiliates. All rights reserved. Cisco Public
Our Approach
A cloud neutral approach to your hybrid IT world
NETWORKSMANAGEMENT ANALYTICSSECURITY
Scale, agility, and
secure user-cloud
access
Integrated platform,
lifecycle management for
all applications
Infra and application
insights for security and
the customer experience
Users, data, and
applications secured
everywhere
Cloud
Intelligence
BRKCLD-2008
© 2017 Cisco and/or its affiliates. All rights reserved. Cisco Public
CloudCenter Unique ValueModel Once. Deploy and Manage Anywhere.
Data
Center
DEPLOY
MANAGE
MODEL
Public
Cloud
Private
Cloud
One Integrated
Platform
Lifecycle
Management
New and Existing
Applications
BRKCLD-2008
© 2017 Cisco and/or its affiliates. All rights reserved. Cisco Public
What Does ”Model Once” Mean?
Infrastructure-Centric
Cloud-Specific
workflows and Scripts
Labor /Services
IntensiveUnique
Script /
Workflow
Application-Centric
Cloud-Agnostic
Low TCOUnique
Script /
Workflow
Unique
Script /
Workflow
Script-Based Application Profile-Based
BRKCLD-2008
© 2017 Cisco and/or its affiliates. All rights reserved. Cisco Public
Nearly two out of three CIOs (62%) have brought workloadsback to the datacenter
Pacific Crest Securities 2017 Cloud and Infrastructure Priorities
Cloud BoomerangCloud is not the answer for everything
BRKCLD-2008
© 2017 Cisco and/or its affiliates. All rights reserved. Cisco Public
IT Infra
IT Infra
Developer
Cloud Admin
LOB / IT Apps
Cisco Data Center Reference Stack
Nexus UCS HyperFlex
ACI UCS Director
Multi-Cloud Orchestration
Public Cloud
Hybrid Cloud
CiscoCloud Center
IT ServicesConsumption
Cisco Prime ServiceCatalog (PSC)
Se
cu
rity
an
d A
na
lytics
Security
Cis
co T
etr
ati n
Analy
tics
Cis
co S
ecuri
ty P
ort
folio
Security and Analytics
PaaS + Container
Management and Automation
Infrastructure
13
Contiv
BRKCLD-2008
© 2017 Cisco and/or its affiliates. All rights reserved. Cisco Public
Cloud Agnostic Cloud API-Specific
Hybrid Cloud ManagementOne Platform
Orchestrator
Extendable
Multi-tenant
Secure
Scalable
Orchestrator
Orchestrator
ManagerApplication
Profile
BRKCLD-2008
© 2017 Cisco and/or its affiliates. All rights reserved. Cisco Public
UI
CLI
API
Enterprise Class
ORCHESTRATORMANAGER PROFILE
Extendable
Multi-tenant
Secure
Scalable
BRKCLD-2008
© 2017 Cisco and/or its affiliates. All rights reserved. Cisco Public
Secure
MANAGEMENT
PRIVATE
AGENT
MANAGED
APPLICATION VM
80
8443
5671 5671 / 7789
RABBIT MQ
ARTIFACT
REPOSITORY
ORCHESTRATOR
Extendable
Multi-tenant
Secure
Scalable
PROFILEMANAGER
• VM access based on unique C3 generated SSH key
pair for each user per cloud environment
• Ability to use user’s own SSH key
• Network placement and firewall rules
• Support optional SDN integration such as Cisco ACI
•AES-256 Encrypted DB
• Cloud Credentials
• Key Storage
• Optional HSM integration
• Browser-based secure VNC/RDP/SSH
access
BRKCLD-2008
• SAML 2.0 SSO
• User/Group RBAC
• Object-level ACL
• n-level Multi-tenancy
© 2017 Cisco and/or its affiliates. All rights reserved. Cisco Public
Scalable
10,000 VMs per Environment
VM VM VM
Extendable
Multi-tenant
Secure
Scalable
BRKCLD-2008
© 2017 Cisco and/or its affiliates. All rights reserved. Cisco Public
DEPLOY
MANAGE
MODEL
HooksScripts
Events
SecuritySSO
HSM
InfrastructureIPAM
DNS
Docker
Puppet, Chef
Components
User Content
Vendor Content
Content Integration
Tool Integration
Extendable
Cloud APIsDatacenter Private and Public Cloud
Platform IntegrationITSM | Build Automation (Jenkins)
Extendable
Multi-tenant
Secure
Scalable
BRKCLD-2008
© 2017 Cisco and/or its affiliates. All rights reserved. Cisco Public
Groups
Users GroupsSharing
Isolation
Partial
Isolation
Multi-Tenant
Users GroupsSharingUsers GroupsSharing
Peer Tenant Peer Tenant
Sub-Tenant
Extendable
Multi-tenant
Secure
Scalable
BRKCLD-2008
© 2017 Cisco and/or its affiliates. All rights reserved. Cisco Public 21
Cisco CloudCenter Multi-tenancy
Root Tenant
Platform
AdminUsers Groups
Coca-Cola
Tenant
Tenant Admin Users GroupsCoca-America
Sub-tenant
Tenant Admin
Users
Groups
Coca-EMEA Sub-tenant
Tenant Admin
Users
Groups
Pepsi Tenant
BRKCLD-2008
© 2017 Cisco and/or its affiliates. All rights reserved. Cisco Public 22BRKCLD-2008
Cisco CloudCenter Tenant Object Model
Tenant
User Group Sub-TenantApplication
ProfileDeployment Environment
Cloud
Cloud Region
Cloud Account
Image Service
1..n
m..n
n..1
n..1 1..n
1..n
1..n
© 2017 Cisco and/or its affiliates. All rights reserved. Cisco Public
• An application profile is comprised of services.
• The services define a function of the application (e.g.- web, firewall, database, etc.)
• Services are instantiated using packages and customized using artifacts.
• Artifacts can consist of scripts, code snippets, applications.
• Repositories contain the artifacts and can contain packages.
BasicsTerminology
Application
Profile
Serv
ices
Repositories
0101
1011
1101
0011
bash
sqlperl
package
Artifacts
BRKCLD-2008
© 2017 Cisco and/or its affiliates. All rights reserved. Cisco Public 25
Application Profile
• CloudCenter JSON Format
• General Information
• Global Parameters (optional)
• Global Tags (optional)
• Application-tiers (Topology)• Application service specific settings
• Application-tier parameters (optional)
• Application-tier tags (optional)
• Hardware specification
• Environment variables
• Support REST API to export/import
BRKCLD-2008
© 2017 Cisco and/or its affiliates. All rights reserved. Cisco Public 26
Application Profile (cont’d)
Meta Data
Custom Parameters
Windows Red Hat Ubuntu Other
MySQL Apache Active MQ Container RDS
Image Mapping
Reusable Services
Application Packages
Service Settings
Topology
…
…
BRKCLD-2008
© 2017 Cisco and/or its affiliates. All rights reserved. Cisco Public 27
Topology Modeling UI
BRKCLD-2008
© 2017 Cisco and/or its affiliates. All rights reserved. Cisco Public 28
Service Definitions
Service Library
CloudCenter provides out of box services
• Load balancers - Nginx, HA Proxy
• Open source AppServers, Databases, etc.
• AWS RDS & ELB
Users can extend to add their own
• E.g. – Load Balancers - F5, A10,
AviNetworks
Types of Service Definitions
• Service Packages with lifecycle scripts
• Service gets installed on VMs
• Container based services
• PaaS
BRKCLD-2008
© 2017 Cisco and/or its affiliates. All rights reserved. Cisco Public
Build Lifecycle Actions – Start
BRKCLD-2008
© 2017 Cisco and/or its affiliates. All rights reserved. Cisco Public
Build Lifecycle Actions – Stop
BRKCLD-2008
© 2017 Cisco and/or its affiliates. All rights reserved. Cisco Public
• These issues could be further isolated and resolved by deploying the VM and logging into the VM and looking at the log files.
• One useful tip is to use the cliqrIgnoreAppFailure parameter to
prevent the VM’s from being terminated on Error state.
• http://docs.cloudcenter.cisco.com/display/CCD46/Troubleshooting+Parameters
• Use agentSendLogMessage to send feeback to the UI
• Verify that user params and environment variables is userenv file
• /usr/local/osmosox/etc/userenv
TroubleshootingApplication VMs
Application Profiles <Application> Edit/Update
BRKCLD-2008
© 2017 Cisco and/or its affiliates. All rights reserved. Cisco Public 33BRKCLD-2008
Examples of Integration Ecosystem
• ServiceNow Scoped Application - certified and available in ServiceNow Store
• Prime Service Catalog
• Cisco ACI
• Configuration ManagementChef, Puppet, Ansible
• DevOpsJenkins plug-in, full API documentation (docs.cloudcenter.cisco.com, APIs)
• IPAM productsie-Infoblox, Bluecat, etc.
• Tetration
© 2017 Cisco and/or its affiliates. All rights reserved. Cisco Public
Better Together – Cisco ACI
CloudCenterModel-Based Approach
ACIPolicy-Based Approach
Application Network Profile
Seamless Integration
“Zero Touch” automation
Powerful Benefits
• Application Security
• Ops Efficiency
• User Agility
BRKCLD-2008
© 2017 Cisco and/or its affiliates. All rights reserved. Cisco Public
Security
Dependencies
Application
Service Offering
Service
Service Category
(Service Owner)
What Is Really Running on My Network?Cisco Tetration Analytics Application Insight—Dependency Map
Use Cisco
Tetration Analytics™
outcome to generate
white-list policies
BRKCLD-2008
© 2017 Cisco and/or its affiliates. All rights reserved. Cisco Public
Additional Inputs for ADM Runs
• Load-Balancer Configurations • DNS Configurations
• IP Address Management Database • Existing CMDB Information
BRKCLD-2008
© 2017 Cisco and/or its affiliates. All rights reserved. Cisco Public
Application clusters
conversation viewsConversation details
including process bindings
Application Conversation View
BRKCLD-2008
© 2017 Cisco and/or its affiliates. All rights reserved. Cisco Public
Cloud
Marketplace
Approval
Workflow
Application
Profile
IT Service
Management
IT Ops
Management
IT Business
Management
Cloud API
CloudCenter
API
CMDB
Data Center
Cisco CloudCenter
Public Cloud
Private Cloud
End User
Admin
Manager
Finance
LOB
Procurement
• Inventory Detail
• Deployment status
• Metering Data
Clo
udC
ente
r
Scoped A
pplication
Policies and
Actions
Events
CloudCenter / ServiceNow Integration
BRKCLD-2008
CloudCenter @ Cisco live! EMEA 2017
Tuesday February 21
1:00PM | PSOCLD-2449 - Bridging the cloud gap – Cisco solutions for hybrid cloud
Wednesday February 22
9:00 AM | BRKACI-2820 – How to setup ACI from scratch – includes CloudCenter provisioning
Instructor Led Labs
LTRCLD-2303 – Deploying Cloud-Agnostic Applications with Cisco CloudCenter
LABCLD-2330 – Hybrid Cloud. Migrate your Application from Private ACI cloud to Public AWS Cloud
LTRACI-2700 – Deploying and Integrating Cisco CloudCenter with ACI
Hands-On Labs
LABCLD-1020 – Demystifying CloudCenter, hands-on the Hybrid Cloud
dCloud.cisco.com
Cisco CloudCenter 4.5 - Install, Configure, and Manage Lab v1
Cisco Application Policy Infrastructure Controller 1.2 with CloudCenter 4.5 v1
© 2017 Cisco and/or its affiliates. All rights reserved. Cisco Public
Complete Your Online Session Evaluation
Don’t forget: Cisco Live sessions will be available for viewing on-demand after the event at CiscoLive.com/Online
• Please complete your Online Session Evaluations after each session
• Complete 4 Session Evaluations & the Overall Conference Evaluation (available from Thursday) to receive your Cisco Live T-shirt
• All surveys can be completed via the Cisco Live Mobile App or the Communication Stations
43BRKCLD-2008