COCACI-2000 2014 Cisco and/or its affiliates. All rights reserved. COCACI-2000 Cisco Public Agenda ACI Technology Overview Cisco ITs Data Centers Cisco ITs ACI DC Architecture Cisco ITs Cloud and ACI Light Weight Applications Cisco ITs Cloud Vision 3 ACI Technology 2014 Cisco and/or its affiliates. All rights reserved. COCACI-2000 Cisco Public Application Centric Infrastructure ACI Vision: Rapid deployment of applications onto networks with Scale, Security and Full Visibility OPEN RESTFUL APIS CENTRALIZED POLICY MODEL OPEN SOURCE CONTROLLER POLICY MODEL NEXUS 9500 and 9300 ACI Bui l di ng Bl oc k s 2014 Cisco and/or its affiliates. All rights reserved. COCACI-2000 Cisco Public Central Controller Northbound and Southbound OPEN RESTFUL APIS CENTRALIZED POLICY MODEL OPEN SOURCE S o u t h b o u n d
N o r t h b o u n d
vCenter VMware CIAC Easier Configuration Visibility Troubleshooting Integration -Compute controllers -Cloud orchestration systems (automation) APIC 6 2014 Cisco and/or its affiliates. All rights reserved. COCACI-2000 Cisco Public Central Controller Northbound and Southbound OPEN RESTFUL APIS CENTRALIZED POLICY MODEL OPEN SOURCE S o u t h b o u n d
N o r t h b o u n d
vCenter VMware CIAC APIC OPFLEX SOFTWARE POLICY EXTENSIONS INSIDE + OUTSIDE OF THE DC 7 2014 Cisco and/or its affiliates. All rights reserved. COCACI-2000 Cisco Public Tenant !"# %& !"# '"" !"# (!& Whats an Application Profile ? External Network End Points End Points End Points QoS Filter QoS Service FW/SLB Filter QoS Service SLB Filter Contract Service Graph Application Profile 8 2014 Cisco and/or its affiliates. All rights reserved. COCACI-2000 Cisco Public Network Enhancements less planned and unplanned application downtime Network Enhancements 40 Gig (100 Gig Future) Network Virtualization (Vxlan) L2 enhancements L3 only No Flooding ZTD True traffic loadbalancing (Flowlets) 9 2014 Cisco and/or its affiliates. All rights reserved. COCACI-2000 Cisco Public F a b r i c
( A C I )
No change Migration from Standalone to Fabric Mode is possible S t a n d a l o n e
No change Code adjustments Topology Forwarding Enhancements Change Change Data Model Policy Model Topology Forwarding (Enhancements) Major Change Standalone Mode devices controlled separately Mode Fabric Mode Central Controller Mode ACI (Application Centric Infrastructure) Common Hardware
40 Gig (100Gig future) 93xx 9504 9508 Nexus: 9516 Nexus 9000 product line 10 Cisco ITs Data Centers 2014 Cisco and/or its affiliates. All rights reserved. COCACI-2000 Cisco Public Global Data Centers A B Tier-III (Redundant) Tier-II (Less Redundant) 2x Texas B B 1x Amsterdam 1 x Singapore B B Globally Centralized: Business Apps Continental Hub: Order Processing, Comms Continental Hub: Communications Cloud Services available Private Cloud, self Service capabilities: IaaS / PaaS B B B B Latency-Sensitive Software Development Cisco ITs ACI Data Center Architecture
2014 Cisco and/or its affiliates. All rights reserved. COCACI-2000 Cisco Public ACI Topology View Flexible Topology Virtual Boundaries Physical and Virtual Services Highly Converged Infrastructure Easier to Manage Vxlan Leaf to Hypervisor 14 2014 Cisco and/or its affiliates. All rights reserved. COCACI-2000 Cisco Public New Virtual Compute Design Vmware only traditional virtual compute design N1KV Domain-1 Physical Leaf pair-1 Physical Leaf pair-2 Physical Leaf pair-3 Physical Leaf pair-4 Logical Pod-2 Logical Pod-3 Logical Pod-4 Logical Pod-1 vCenter Domain-1 vCenter Domain-2 ` vCenter Domain-3 vCenter Domain-4 N1KV Domain-2 N1KV Domain-3 N1KV Domain-4 virtual compute design on ACI VMM Domain VMotion VMotion VMotion VMotion 15 2014 Cisco and/or its affiliates. All rights reserved. COCACI-2000 Cisco Public Mapping of existing network aspects & applications to ACI Model Contracts Bridge Domain Context (VRFs) ACI Subnet(s) IP to IP Communication Tenant(s) ANP(s) EPG(s) Fabric External EPG(s) EPG(s) SLB and FW config Context (VRFs) Current DC Network Subnet ACLs (Permitted / Denied flows) Service Graphs Filters / Labels / Bundles / Interfaces Inner ANP Contract Inner Tenant, Inter ANP Contract Inter Tenant Contract Fabric External Contract Flexible building blocks Grouping Separation Security /Contract Management Framework ANP(s) 16 2014 Cisco and/or its affiliates. All rights reserved. COCACI-2000 Cisco Public Tenant Common Tenant 3 Tenant 2 Tenant 1 Cisco IT ACI Architecture: Logical View (networking elements) EPG to BD to Subnets to VRFs to External EPG-12 EPG-11 EPG-13 EPG-22 EPG-21 EPG-23 EPG-32 EPG-31 EPG-33 VRF-dmz VRF-Int EPG-Corp EPG- Other-DC 1.1.1.0/24 2.2.2.0/24 3.3.3.0/24 BD-Ext-2 BD-Ext-1 9396 9396 DC Core (External) DC Core (Internal) Internet 5.5.5.0/24 BD-int-2 4.4.4.0/24 BD-int-1 EPG-DMZ EPG- Internet 17 2014 Cisco and/or its affiliates. All rights reserved. COCACI-2000 Cisco Public Tenant Common Tenant 3 Tenant 2 Tenant 1 EPG-11 EPG-13 EPG-21 EPG-23 EPG-31 EPG-33 Internet I n f r a
S e r v i c e s
EPG-NTP EPG-DNS EPG- Monitoring EPG-! EPG-12 EPG-22 EPG-32 Cisco IT ACI Architecture: Security to Infrastructure Services EGPs and Contracts EPG-Corp EPG- Internet DC Core (External) DC Core (Internal) 18 2014 Cisco and/or its affiliates. All rights reserved. COCACI-2000 Cisco Public Tenant Common Tenant 3 Tenant 2 Tenant 1 EPG-11 EPG-13 EPG-21 EPG-23 EPG-31 EPG-33 Internet A P P
M W
S e r v i c e s
EPG-OAM EPG-LDAP EPG-OCM EPG-! EPG-12 EPG-22 EPG-32 Cisco IT ACI Architecture: Security to Application Middleware Services EGPs and Contracts EPG-Corp EPG- Internet DC Core (External) DC Core (Internal) 19 2014 Cisco and/or its affiliates. All rights reserved. COCACI-2000 Cisco Public Tenant Common Tenant 3 Tenant 2 Tenant 1 EPG-11 EPG-13 EPG-21 EPG-23 EPG-31 EPG-33 EPG-Corp DC Core (External) DC Core (Internal) Internet EPG- Internet EPG-12 EPG-22 EPG-32 Cisco IT ACI Architecture: Security to outside the ACI Fabric EGPs and Contracts 20 2014 Cisco and/or its affiliates. All rights reserved. COCACI-2000 Cisco Public Tenant Common Tenant 3 Tenant 2 Tenant 1 EPG-11 EPG-13 EPG-21 EPG-23 EPG-31 EPG-33 Internet FW SLB SLB FW SLB FW EPG-12 EPG-22 EPG-32 Cisco IT ACI Architecture: Client level Security and Services EGPs and Contracts and Services (SLB, FW) EPG-Corp EPG- Internet DC Core (External) DC Core (Internal) 21 Cisco IT: ACI and Automation (Cloud) 2014 Cisco and/or its affiliates. All rights reserved. COCACI-2000 Cisco Public Delivering Infrastructure for Applications and what can we automate ? Physical Build in the DC
Racking Stacking patching Basic configuration of DC Infrastructure Client/App specifics ACI for network items ACI for network and network security items ACI & Automation Application Code Specifics
Foundational Aspects UCS Switches Storage SLB FW Functional Aspects (IaaS / PaaS) xVMs CPU/Mem per VM/BM Storage per VM/BM SLB setup FW setup OS Apache/Oracle ! basic code Build Handover to APP teams 1 2 3 4 High Integrity Automation Systems Reduction of extensive (change management) processes 23 2014 Cisco and/or its affiliates. All rights reserved. COCACI-2000 Cisco Public The Future: Private Cloud model We all want to an End-to-End Programmable Infrastructure Block Storage Compute IP File/ IP Block/ IP Object Storage vCenter Controllers Resource Managers Orchestration (Cloud) CIAC ASA Client Security Admin Compute Network Storage Admins PaaS Resources Prime Eman Infra Portal eACLm Network Integrated Security Application Code Portal Application/ Data Policy Network Security Policy 24 2014 Cisco and/or its affiliates. All rights reserved. COCACI-2000 Cisco Public
ACI Program Quarterly Objectives: FY15 FY14Q3 FY14Q4 FY15Q1 FY15Q2 FY15Q3 FY15Q4 1 2 3 4 5 6 SJC-K Engineering DC on N9K (standalone)
ACI Design and ACI Automation (finalization) FY15: +/- 4000 VMs on ACI All workloads on ACI: migration of 2-3 years Migrate SJC-K to Fabric Cisco IT Private Cloud on ACI RTP1 DC Cisco IT Private Cloud on ACI Allen DC RTP1: Traditional Application Migration (non-prod) Allen & RCDN9: Traditional Application Migration to ACI (production apps wave 1) Allen & RCDN9: production apps wave 2 25 Cisco IT: Citeis and ACI 2014 Cisco and/or its affiliates. All rights reserved. COCACI-2000 Cisco Public Client #3 (requires IaaS services only)
Give me the VMs and Storage and Ill manage everything above the OS to build my application Clients order higher order services.
E.g. app. development stack, databases, etc.
These internally use infrastructure APIs to provision compute/storage/network. Client #2 (requires IaaS & PaaS services)
My needs are mixed. Ill take all the goodies I can get, and build the ones that I cant Client #1 (requires PaaS services only)
Give me all the standard goodies, and leave me just to manage my application
Same as use case #1 Same as use case #3 builder of SaaS services What do the clients want from the infrastructure providers ? 27 2014 Cisco and/or its affiliates. All rights reserved. COCACI-2000 Cisco Public Traditional Network Continuous Delivery Lightweight App. Containers API enabled Standard IaaS Application Centric Infra. (ACI) Dedicated Platforms LAE ACI Fabric Mobile Workload Order Mgmt Pricing Waterfall / Agile Development Stationary Applications Application Centric Cloud Policy Control Unified Infrastructure Scalability APIs Intercloud Adaptive Scaling Feature Rich DevOps Open source Quality Releases Distributed Services Cloud Scale 28 Cisco IT: Light Weight Applications 2014 Cisco and/or its affiliates. All rights reserved. COCACI-2000 Cisco Public What What Why Lightweight Application Environment (LAE)? 30 2014 Cisco and/or its affiliates. All rights reserved. COCACI-2000 Cisco Public Note: Stackato is based on Vmwares Cloud Foundry LAE Evaluation Summary 31 2014 Cisco and/or its affiliates. All rights reserved. COCACI-2000 Cisco Public Continuous Delivery Development + Quality ! End to End Workflow TBD Client Involvement Viable Product Cloud, ERP, and Mobile Application Development Prioritized Sprint Commit & Push Code Review, Merge Static / Dynamic, Progression / Regression Unit / Integration, Functional / Performance / Security Build, Test, Report On-demand, Scheduled Product Mgr. Scrum Master Developers Plan Develop Source Control Management Continuous Build Deploy & Release Adapt & Scale Automated Testing Group components Application Snapshot Group Applications Release Control Gates Development
Staging
Production Deployable Artifact 32 Cisco IT: Cloud Vision 2014 Cisco and/or its affiliates. All rights reserved. COCACI-2000 Cisco Public Plan
" Innovation Circles " Architectural Framework " Active Stakeholder Involvement Changing the Way We Work: Continuous Delivery Develop and Build Continuous Integration, On-demand
" Small Teams " Cloud, ERP, Mobile Apps Automated Testing Built by Developers- No Separate Q/A
" Appropriate Risk Taking Deploy and Release Configurable Control Gates, Regularity Compliance
" Working Prototypes " Client Updates Adapt and Scale Policy Enforced Network, Adaptive Infrastructure, Workload Mobility
" Fast Results 34 2014 Cisco and/or its affiliates. All rights reserved. COCACI-2000 Cisco Public Self-Optimizing Cloud Policy based on observed norms 35 CISCO IT DEMO: Emerging Cloud Capabilities ACI, OpenStack
World of Solutions, Booth #735 Today 2:30pm 2:50pm Join Us! We will demonstrate a few of the emerging cloud capabilities enabled for Cisco IT Elastic Infrastructure Services (CITEIS) using technologies like ACI, OpenStack and OpenShift.
We will describe how application policy controls, and programmable infrastructure can enable elasticity, agility and continuous delivery of business capabilities.
2014 Cisco and/or its affiliates. All rights reserved. COCACI-2000 Cisco Public Complete Your Online Session Evaluation Give us your feedback and you could win fabulous prizes. Winners announced daily. Complete your session evaluation through the Cisco Live mobile app or visit one of the interactive kiosks located throughout the convention center. Dont forget: Cisco Live sessions will be available for viewing on-demand after the event at CiscoLive.com/Online 37 2014 Cisco and/or its affiliates. All rights reserved. COCACI-2000 Cisco Public Continue Your Education Demos in the Cisco Campus Walk-in Self-Paced Labs Table Topics Meet the Engineer 1:1 meetings 38 Thank you.