There is no disputing that both enterprises and service providers are embracing cloud. What’s different today is that not only are telcos cloud providers, but enterprises and governments are also becoming cloud providers through a community cloud model.
A community cloud model is a collaborative effort where infrastructure is shared and jointly accessed by several organizations from a specific group that share specific computing concerns such as, security, compliance or jurisdiction considerations. The community cloud can be either on-premises or off-premises, and can be governed by the participating organizations or by a third-party managed service provider.
A community cloud model helps offset common challenges across universities, government agencies and enterprises,such as cost pressures, technology complexity, and spending requirements, security concerns and a lack of sector specific services from service providers.
I recently had the chance to participate in a new Cloud Insights Video Podcast to discuss how CIOs can transform their enterprise IT delivery models and how Cisco is supporting service providers in developing their cloud execution strategies.
User Organizations Are Becoming Cloud Vendors
CIOs have recognized that greater business outcomes can be delivered for their customers by working together to resolve common challenges and realize common opportunities. It’s also becoming clear to them that using a community cloud model for cloud services is an innovative way to help deliver on these outcomes.
As we’ve worked with CIOs in governments and universities across various geographies, , we have focused on building a shared understanding of what can be achieved by moving common services, which are not seen as differentiated to the business, into a community cloud model. For example, all universities offer human resources as a service, and student enrollment services and financial aid services are not considered differentiated. So why not have it as a shared community service that reduces cost outlay and redirects the savings to innovative learning experiences for students?
In this week’s very first bilingual episode of Engineers Unplugged, shot in Milan, Matteo Pirelli and Luca Relandini (@lucarelandini) talk about the people part of cloud. This episode is NOT lost in translation: organizational support for cloud has to be in place for projects to succeed.
The Italian Unicorn translates!
This is Engineers Unplugged, where technologists talk to each other the way they know best, with a whiteboard. The rules are simple:
Episodes will publish weekly (or as close to it as we can manage)
What is Next-Gen Workload Mobility for the Private Cloud?
Enterprises across the globe have been asking for simpler ways to provide multi-site Business Continuity and Workload Mobility for applications hosted in their Private Cloud. The Cloud promises a more agile operational environment and that promise has been fulfilled to a large extent within their data centers. But many Enterprises are challenged to unlock this same agility across multi-site Cloud topologies. For example, Enterprise CTOs and CIOs have asked us directly to provide simplified Workload Mobility of critical apps between sites to give their operations teams more flexibility.
Many competitive solutions offer basic VM mobility between sites and storage replication, but do not address the rest of the application environment including: security, stateful services, network containers, tenancy, and most importantly both physical and virtual resources.
What good does it do to move a VM to a new site if the rest of the application environment is left behind causing a potential security hole?
How to move a LIVE 3-tier app like Microsoft SharePoint to a new site (without impacting users)
As we all know, business critical applications require a robust service environment to operate securely across the cloud. In our example below, the application environment provides firewall and load balancing services for each tier of the SharePoint application; web, app, and database tiers. These services are stitched together using a secure Network Container that carve out a slice of resources across the data center for SharePoint. Most Enterprises and SPs use a mix of physical and virtual resources including firewalls, load balancers, VPN termination, IDS, and network switching. Many of these services create stateful connections to users, so….
If you perform a live migration of SharePoint to a new site, stateful connections to firewalls and load balancers need to be preserved to maintain security and TCP connections to active users.
Broken user connections = Service disruption (not good)
You must also provide identical security and services for new SharePoint users even though the application has moved to a new site.
How does Next-Gen Workload Mobility actually work?
Let’s share some test results from our new Business Continuity and Workload Mobility Solutionto illustrate how we performed live SharePoint migrations to a new site (75 km away) while maintaining security, stateful services, and user connections. Oh yes, automatically without manual intervention.
Baseline topology for Microsoft SharePoint deployed in our Private Cloud
We first deployed the SharePoint Web, App, and Database tiers in a secure network container in Data Center 1 using service orchestration, simple and easy. Refer to the figure below for a topology picture.
SharePoint Web Tier is in a Public Zone, and uses a virtual firewall (VSG) and Citrix load balancer
SharePoint App Tier and Database Tier (SQL) are in a Protected Zone and use an ASA Firewall and Citrix load balancer
Our validated design provides LAN extensions, extended clusters, secure network containers, virtual switching, and storage replication between Metro sites
SharePoint is up and running in Data Center 1, supporting hundreds of users with secure connections. Now let’s move SharePoint to a new site without the users knowing it.
Step 1: Perform Live SharePoint Migration to Data Center 2….while maintaining secure user connections!
We performed a Live vMotion of SharePoint (Web, App, Database) to new hosts in Data Center 2, described in the figure below. Data Center 2 is 75 km away. Our SharePoint migration had minimal disruption (2 seconds or less) and maintained security, stateful services, and all user connections across our multi-site Cloud. Pretty sweet! A few highlights from our validated design are provided below.
Our virtual switch (Nexus 1000v), virtual firewall (VSG), and UCS automatically updated Port and Security Profiles at the new site, so our virtual switching and application firewalls were preserved without lifting a finger.
Layer 2 Extensions permit tromboning back to Data Center 1 to maintain connections to physical appliances (stateful firewalls and load balancers), also without manual intervention.
Our Network Container was automatically extended between Metro sites, maintaining security, tenancy, QoS, IP addressing, and user connections. SharePoint was discovered on the new host in Data Center 2 within seconds, using this extended Network Container.
Now let’s move the rest of the network container to Data Center 2 in less than one second!
Step 2: Redirect users to a new Network Container in Data Center 2….in less than 1 second!
With the aid of service orchestration, we simply created a new network container in Data Center 2. This new container included the same configuration, connections, and services (firewalls, load balancers) as the original container in Data Center 1. Once created, we simply redirected external users to the SharePoint application running in Data Center 2, as described below. The redirection of users happened in less than one second, pretty amazing. A simple routing update delivered through service orchestration performed the redirection. In this step, user connections were broken and new connections were re-established to the already running SharePoint application in less than one second! A few highlights from our validated design are provided below.
Layer 2 Extensions allowed the preservation of IP Addressing for Apps and Services during migration. There is no need to “re-IP” your applications just because they’ve moved to a different city.
The complete Network Container including physical and virtual resources was moved with minimal disruption (sub-second) to users
Our Multi-site Cloud solution supports a typical application environment, including both physical and virtual resources, with scaling for large and small private clouds
We also support Cold workload moves of less critical workloads that don’t require these stringent stateful requirements.
For More Info:
We encourage you to follow my blog series and check out our new business continuity and workload mobility solution (VMDC DCI), which describes key business drivers, Cisco DCI innovations, and validated designs that our customers are deploying in their private clouds.
Deploy with confidence! (and sleep better knowing your Cloud is more reliable and secure)
CVD Design Guide -- Cisco Business Continuity and Workload Mobility solution (VMDC DCI )
Solution Overview -- Cisco Business Continuity and Workload Mobility solution (VMDC DCI)
BrightTalk Session -- VMDC DCI for Business Continuity and Workload Mobility in the Private Cloud (webcast)
It’s been a very busy few weeks. The Data Storage Innovations (DSI) conference, the Ethernet Summit conference, EMCWorld, and next week at CiscoLive, I’ve been starting to talk about a new concept in Data Center storage networks called Dynamic FCoE. Understandably, there have been a lot of questions about it, and I wanted to try to get this blog out as quickly as possible.
The TL;DR version: Dynamic FCoE combines the best of Ethernet Fabrics and traditional deterministic storage environments to create massively scalable and highly resilient FC-based fabrics. If you thought you knew what you could do with storage networks, this takes everything to a whole, new level. Read More »
In a few days at the Moscone Center in San Francisco, we will be celebrating the 25th anniversary of Cisco Live. This year we are expecting record attendance exceeding 20,000 participants, 9 amazing keynotes, 600 sessions, live demos at world of solutions, big analyst and partner presence, and last but not least, the opportunity for you to meet and network with top minds in high-tech. If you are new to Cisco Live and feel overwhelmed by the grandness of the event, let me assure you that you are not alone. I have been there before. I have set out in this blog to give you an easy walkabout of Cisco Datacenter highlights, particularly the Cisco ACI key activities over the duration of the event.
Much like you I will also be eagerly looking to attend John Chambers’ majestic keynote that starts the proceedings on Monday, May 19. John in his unique style will lead with the Theme “Tomorrow Starts Here” covering leading industry trends such as Internet of Everything (IOE), Fast IT, and Application Centric Infrastructure (ACI) among many others. So, do not miss this opportunity. I want to shift gears and take you on a fast cruise of Cisco Data Center and Cisco ACI highlights at the event.
In less than a year since the announcement, Cisco ACI has taken the industry by storm with a large customer base and several of the industry’s key partners such as Microsoft, Red Hat, Citrix, F5, et al endorsing and building joint solutions. There is so much excitement around ACI at this year’s Cisco Live. I want to give a structure to how I am planning to cover the topic in this blog. Essentially, I consider them as Cisco-led and Partner led.
Cisco has a packed agenda of ACI activities and announcements. Cisco APIC, which enables ACI Fabric mode on Nexus 9000 networks, will be available this summer along with a robust Go-To-Market (GTM) strategy that includes additional eco-system partners, Cisco Validated Designs (CVD), additional platform support and leading-edge hardware innovations across the portfolio. We are also introducing two new additions to the existing portfolio of Nexus 9000 to meet scalability, flexibility and performance requirements of standalone and ACI mode deployments.
Executive ACI speaking sessions feature prominently this year with Cisco President Rob Lloyd’s session “Infrastructure for the Agile Enterprise” keynote, May 20, 10 AM, at the North Hall. Rob’s keynote also features Soni Jiandani, who will present how ACI delivers agility. Rob Soderbery and Soni Jiandani are presenting a technology trends keynote (GENSK 1109) on May 21, 8.30 am, titled “Fast Track to Fast IT: Cisco’s Application Centric Infrastructure”, another choice from a catalog of exciting offers.