Cisco Blogs


Cisco Blog > Data Center and Cloud

Cisco ACI Policy Model spans Physical, Virtual and Container based environments

I find Linux containers among the most fascinating technology trends of recent past. Containers couple lightweight, high performance isolation and security with the ability to easily package services and deploy them in a flexible and scalable way. Many companies find these value-props compelling enough to build, manage and deploy enterprise applications. Adding further momentum to container adoption is Docker, a popular open source platform for addressing key requirements of Linux container deployment, performance and management. If you are into historical parallels, I can equate the Docker evolution and growth to the Java programing language which brought in its wake the promise of “write once run everywhere”.  Docker containers bring the powerful capability of “build once and run everywhere”. It is therefore not surprising to see a vibrant eco-system being built up around Docker.

The purpose if this blog is to discuss the close alignment between Cisco ACI and containers. Much like containers, Cisco ACI provides accelerated application deployment with scale and security. In doing so, Cisco ACI seamlessly brings together applications across virtual machines (VM), bare-metal servers and containers.

Let us take a closer look at how Containers address issues associated with hypervisor based virtualization. Hypervisor based virtualization has been a dominant technology in past two decades, with compelling ROI via server consolidation. However, it is well known that hypervisors bring workload dependent overheads while replicating native hardware behaviors. Furthermore, one needs to consider application portability considerations when dealing with hypervisors.

Linux containers, on the other hand, provide self-contained execution environments and isolate applications using primitives such as namespaces and control groups (cgroups). These primitives provide the ability to run multiple environments on a Linux host with strong isolation between them, while bringing efficiency and flexibility. An architectural illustration of Hypervisor based and Container based virtualization is worth a quick glance. It is apparent from below, Docker based containers bring portability across hosts, versioning and reuse. No discussion on Docker containers is complete without mention of DevOps benefits. Docker framework – altogether with Vagrant, for instance -- aligns tightly with DevOps practices. With Docker, developers can focus on their code without concerning about the side effects of running it in production. Operations teams can treat the entire container as a separate entity while managing deployments.

containergraphic4

ACI and Containers

Cisco Application Centric Infrastructure (ACI) offers a common policy model for managing IT applications across the entire Data Center infrastructure. ACI is agnostic to the form-factors on which applications are deployed. ACI supports bare-metal servers, Virtual machines and containers, and its native portability makes it a natural fit with Containers. Besides, ACI’s unified policy language offers customers a consistent security model regardless of how the application is deployed. With ACI, workloads running in existing bare-metal and VM environments can seamlessly integrate and/or migrate to a Container environment.

The consistency of ACI’s policy model is striking. In ACI, policies are applied across End Point groups (EPG) which are abstractions of network end points. The end points can be bare-metal servers, VMs or Containers. As a result of this flexibility, ACI can apply policies across a diverse infrastructure that includes Linux Containers. I want to draw attention to the ACI flexible policy model applied to an application workload spanning bare-metal servers, VMs and Docker containers as illustrated below.

containergraphic3

You may recall Cisco announced the broad endorsement for OpFlex protocol at Interop Vegas 2014. We are currently working on integrating OpFlex, Open vSwitch (OVS) with ACI to enforce policies across VMs and Containers in earlier part of next calendar year.

As Container adoption matures, managing large number of them at scale becomes critical. Many Open source initiatives are actively working on scalability, scheduling and resource management of containers. OpenStack, Mesos, Kubernetes are among the open source initiatives / communities Cisco is actively engaged in to advance ACI integration with open source tools and solutions.

With containers, we have seen only the tip of the iceberg. Docker containers are beginning to get traction in private clouds and traditional Data centers. Cisco ACI plays a pivotal role in integrating ACI unified policy model across a diverse infrastructure comprising bare-metal, VMs and Containers.

For more information refer:

http://www.cisco.com/c/en/us/solutions/collateral/data-center-virtualization/application-centric-infrastructure/white-paper-c11-732697.html

http://www.cisco.com/c/dam/en/us/solutions/collateral/data-center-virtualization/dc-partner-red-hat/linux-containers-white-paper-cisco-red-hat.pdf

Tags: , , , , , , ,

Software Defined Networking, Cisco Style

As new technologies emerge and replace traditional ones, IT teams are discovering that building an infrastructure around new functionality is advantageous in a slew of ways.

One such disruptive technology gaining ground is software defined networking, or SDN.

clouds

The premise of SDN is to allow the user to determine how the network behaves by decoupling the control plane from the data plane. Control planes are essentially the “data directors,” instructing the data plane on where to transfer packets of data. The data plane then establishes the best path and carries the data to its destination. By separating these two functions, the user can program the open-source network to act in accordance with business requirements—using a central management interface in a vendor-neutral manner.

Not only has Cisco joined the SDN approach, they’ve gone beyond the basics of SDN to include an application-driven infrastructure. It’s called, appropriately, Cisco Application Centric Infrastructure, or Cisco ACI.

Cisco ACI combines hardware, policy-based control systems, and software to deliver management automation, programmatic policy, and dynamic workloads. It’s built around the application, not the network.

What’s the advantage? Doing so enables greater support for scalability, a more dynamic network, and centrally-defined portable policies—all of which lend to faster application provisioning and a more efficient environment.

While many SDN solutions are focused solely on software and virtualization, the reality is that hardware still exists and is an integral part of the network. Cisco ACI leverages existing hardware—because no matter how de-emphasized it may become, the physical infrastructure remains important.

As Cisco senior vice president of marketing Soni Jiandani tells Unleashing IT, “ACI is SDN plus a whole lot more. Other SDN models stop at the network. ACI extends the promise of SDN—namely agility and automation—to the applications themselves. Through a policy-driven model, the network can cater to the needs of each application, with security, network segmentation, and automation at scale. And it can do so across physical and virtual environments, with a single pane of management.”

And Shashi Kiran, senior director of market management at Cisco, shares his views on Cisco ACI in this blog.

As businesses are becoming more dependent on applications, they must stay competitive and relevant by considering updating their infrastructure to speak directly to the needs of the application. Learn more in this edition of Unleashing IT, a special release focused on Cisco ACI -- produced by Cisco and Intel® - and see how early adopters are realizing the benefits it brings to the table.

Subscribe for access to content from customer successes to thought leadership to Cisco ACI-related resources.

 

 

 

Tags: , , , ,

#InnovateThink TweetChat on Friday, September 19 at 10 a.m. PST: The Way Forward for IT Innovation

In the hyper-competitive Internet of Everything (IoE) era, every company must be ready for rapid innovation, sudden market transitions and ever-changing security threats.

But IoE — the explosion in network connections among people, process, data, and things — is about far more than vexing challenges. It is also about tremendous opportunity: Cisco predicts a staggering $19 trillion in IoE-related Value at Stake over the next decade.

The IT organization has a critical role to play in helping companies  capture these staggering opportunities by driving innovation and enabling business agility and growth.

But where does your organization stand in the overall scheme of IT evolution? To what extent is mounting IoE complexity hindering growth? And what kind of IT model is needed support your company’s efforts to innovate and compete at the hyperspeed of the IoE era?

FastIT TweetI invite you to explore all of these topics and more with me on an upcoming TweetChat on Friday, September 19 at 10 a.m. PST. Join the conversation by using #InnovateThink and #FutureOfIT. We will discuss the current state of IT, its challenges and pain points, and how it can enable business innovation. We will also discuss the solution: Fast IT.  

Fast IT is the way forward. It offers immediate steps toward building a more agile, secure, application-centric infrastructure. And transforming the IT organization into a force for rapid innovation and competitive edge. Fast IT is the IT operating model for the Internet of Everything era. Cisco recently released a major global study of Fast IT — how it can address some of the toughest challenges facing IT today, and show the way forward.

By implementing a Fast IT model, organizations can:

  • Respond to supercharged IoE complexity with infrastructure that is application-centric, automated, and programmable.
  • Capture the full benefit of a far-flung “fabric of clouds,” moving seamlessly across even the most extensive hybrid-cloud ecosystems
  • Drive the necessary organizational changes that will raise IT to the status of trusted advisor to the business and a true partner in innovation
  • Reap the benefits of a 20 to 25 percent reduction in costs, which can then be reinvested in new capabilities to drive innovation and business outcomes
  • Meet an ever-expanding threat landscape with dynamic, policy-driven security solutions

 

Tags: , , ,

EVRY protects SAN investment, expands Capabilities

EVRY chooses Cisco MDS 9710 to adapt easily to emerging and future customer demands. EVRY provides IT services to businesses, financial institutions, national public sector entities, municipalities, and health authorities in Norway and other Nordic countries.

EVRY’s virtualization deployments are expanding rapidly and customers deploying more applications placed higher demands on storage environments. EVRY’s requirements include 16-Gbps Fibre Channel connectivity without oversubscription, high reliability storage environment and the system had to support switching for 12 petabytes of storage on more than 100 storage arrays. Of course it had to be easy to manage as they have a very small team.

EVRY chose Cisco MDS 9710 Multilayer Director switches for their SAN core. The new systems were delivered and supported by Cisco storage partner EMC.

Read More »

Tags: , , ,

Summary – Fast IT: Sourcing Disruptive Innovation

The explosion of network connections among people, process, data, and things, now called the Internet of Everything (IoE), is the driver behind much of the disruption and change we see in all industries. It is making innovation more accessible and affordable, while presenting enormous opportunities.

At the same time, IT organizations are contending with significant challenges. Operational costs are rising as budgets fall. Pervasive mobility and an explosion in connected devices are intensifying complexity. Business users are bypassing IT to access cloud-based services while new security threats arise daily. These conditions can stand in the way of greater innovation and agility, and prevent companies from capturing the opportunities in the IoE economy.

Fast IT addresses the following core areas across IT:

  • Simplifying the infrastructure across silos and driving automation to reduce operational costs
  • Using strategically automated policy to build agility and intelligence to fuel growth and respond to changing conditions
  • Connecting the right people to the right information and process at the right time
  • Evolving security to defend against attacks before and while they happen, and to run analysis after they end

Read the full article Fast IT: Sourcing Disruptive Innovation to learn more. Full study findings can be found here.

Tags: , , , ,