Cisco Blogs


Cisco Blog > Data Center

Software Defined Networks with L4-L7 ADC Policy Automation

It appears only a short time ago we introduced Cisco ACI to the market, but it is already the one-year anniversary time. In this one-year period, we have seen tremendous momentum on customer adoption and partner eco-system for both the Nexus 9k hardware platform and the ACI software. To date there are more than 1,000 plus Nexus 9k hardware customers and 200 plus ACI software customers. And don’t forget the growing eco-system of partners that now stands at an impressive 34.

To commemorate this one-year anniversary of ACI and its success, we have planned a grand Data Center Webcast to be broadcast on Jan 13 at 9 AM PST. Click here to register for the webcast. Attendees of the webcast will have the opportunity to hear from our ACI ecosystem partners how their solutions integrate to help customize and extend ACI deployments. The audience will also hear from Cisco customers all over the world about the benefits they’ve discovered with our ACI architecture. Check out Cisco exec Shashi Kiran’s blog for more details on the webcast.

For the remainder of this blog I am going to focus on the ACI L4-L7 partner eco-system momentum. Since August 2014, major L4-L7 Application Delivery Controller (ADC) vendors have collaborated with our Insieme Business Unit to build, test, certify joint integrated solutions and introduce publicly downloadable device packages for customers to seamlessly deploy ACI in existing ADC deployments.

servicechainnew

What makes the ACI integration with L4-L7 ADC vendors’ devices so seamless and easy? Well, the answer lies in the flexible and open service policy management inherent in ACI. The highly open and programmable nature of Cisco APIC and the ability to selectively associate service chains with specific applications and data flows, and the flexibility of applying application delivery policies to different applications (Figure-1). This far exceeds that of a traditional network based ADC. To date F5, Citrix, A10 Networks have built FCS versions of device packages for Cisco ACI. I want to take you on a quick tour of each of these ACI joint solutions, and the benefits they uniquely bring to existing customer deployments.

The exciting L4-L7 eco-system ramp began in August 2014 when ADC market leader F5 announced the availability of its device package for ACI. Since then, our partnership has clicked into high gear. We had a very successful F5 Agility event at Copenhagen (June) and New York (early August) showcasing the Cisco ACI-F5 BIG-IP joint solution in breakout sessions, world of solutions Expo, and in keynotes Panels. Cisco also published a jointly written technical whitepaper, a solutions brief and a Design guide with F5. In the webcast planned for Jan 13, we have an exclusive partner panel session featuring F5 exec, Calvin Rowland, and Cisco Exec, Soni Jiandani. I urge you to tune in to this webcast to get the low-down on the customer traction and how customers are benefiting from the policy based automation and application centric approach of our joint solution.

The Citrix and Cisco strategic partnership dates back to early 2010 with a strategic alliance on the UCS-Citrix Desktop Virtualization front. Since then, our alliance has expanded to other technology areas, and in August we introduced the ACI-Citrix NetScaler joint solution to market with the availability of the Citrix device package for Cisco ACI. Citrix and Cisco ACI engineering teams are also actively working in IETF and ODL standards efforts to create thought leadership around NSH and the OpFlex protocols. I can vouch that it will be a rewarding experience for you to listen to Steve Shah of Citrix at the Jan 13 webcast, and get insights on how customers are benefiting from our joint solution featuring open policy model and a programmable infrastructure. Check out the solutions brief and whitepaper from our joint website to gather more details.

A10 Networks is the new kid on the ACI eco-system block. ACI’s SDN paradigm is a natural fit for A10 Networks’s vision and strategy to expose L4-L7 networking features programmatically. As a first step, A10 Networks has successfully certified their device package for ACI and is now available for download. The A10 device package is open source, and can be easily enhanced by customers to create custom value with near ubiquitous programmability. Exciting near term joint engagements include potentially collaborating on an OpFlex and NSH standards effort as well as some advanced ADC features such as WAF, SSL offload, GSLB, and device partitions among others. I do not want to steal all of the webcast’s thunder, so tune in on Jan 13 to get a 360 degree view from A10 CTO Raj Jalan.

As I am writing this blog there is more exciting news. Yes, Radware is also testing their ACI device package with the Insieme Business Unit now. Stay tuned to hear more outcomes on this engagement. The L4-L7 ACI eco-system momentum is truly on a fast track. In closing, I want to re-iterate, do not forget to register for Cisco’s ACI webcast set for Jan 13.

Related Links

http://blogs.cisco.com/datacenter/citrix-netscaler-device-package-for-cisco-aci-goes-fcs

http://blogs.cisco.com/datacenter/f5-device-package-for-cisco-apic-goes-fcs

http://blogs.cisco.com/datacenter/aci_webcast

 

Tags: , , , ,

Red Hat and Cisco bring Application Policy to OpenStack environments

On January 13, 2015, Cisco will celebrate a year of industry adoption of Application Centric Infrastructure (ACI), a ground breaking SDN architecture. It will include a public webcast with ACI customers and ecosystem partners describing a range of new solutions that dramatically simplify data center and cloud deployments . One of these inaugural partners was Red Hat, the leading provider of open source solutions for enterprise IT . Since the ACI launch, Cisco and Red Hat have been working on extending the application policy model, at the heart of Application Centric Infrastructure, to OpenStack. Here is a preview of the Red Hat solution.

Cloud deployments of new mobile, social, and big data applications need a dynamic infrastructure to support higher demand peaks, more distributed users, varying performance needs, 24×7 global usage, and changing security vulnerabilities. These applications need a mix of virtualized and dedicated “bare-metal” resources, to run economically at scale with performance and availability.

To meet these needs, Cisco, Red Hat and other companies, have jointly developed Group Based Policy – a common open policy language that expresses the intent of business and application teams separately from the language of the infrastructure. Group Based Policy offers continuous policy governance while applications are deployed, scaled, recovered and managed for threats. It is ideal for rapidly deploying elastic, secure applications through OpenStack such as CRM, eCommerce, big data, financial reporting, and corporate e-mail.

IT organizations can get several benefits:

o   Dramatically accelerate deployment of business applications and services through OpenStack.

o   Maintain enforcement of business and application policies during frequent changes to scale, tenants, and the infrastructure.

o   Simplify DevOps Release Automation – moving application changes to production.

o   Ideal for hybrid cloud – Preserve user-intent and business policies across different infrastructures.

o   Prevent shadow IT – empowers internal IT to match the agility of the public cloud while complying with corporate controls .

Network administrators can get additional benefits when Group Based Policy is combined with the full capabilities of Cisco Application Centric Infrastructure, including seamless management of heterogeneous infrastructure, policy based network automation, real-time troubleshooting and performance optimization.

RHATOSP GBP

Group Based Policy (GBP) is implemented through a new APIC Group Based Policy plug-in for OpenStack Neutron, the networking service. Since networking connects all compute and storage end points in the data center, it is possible to define groups of endpoints through Neutron that share the same application requirements, regardless of how they are connected.  In addition, GBP:

  • Captures dependencies between applications, tiers and infrastructure so that respective teams can evolve underlying capabilities independently.
  • Works with multiple SDN controllers and extensible to multi-hypervisor infrastructures.
  • Brings application policy-based provisioning to existing networking plug-ins.

Group Based Policy will be available and supported in the upcoming release of Red Hat Enterprise Linux OpenStack Platform 6. Learn more about Group Based Policy here. And register for Cisco’s webcast on January 13th.

 

 

 

 

Tags: , , , , ,

#CiscoChampion Radio S2|Ep 1. Cisco ACI

CiscoChampion2015200PX#CiscoChampion Radio is a series by Cisco Champions as technologists. We’re kicking off Season 2 with Cisco Senior Architect Azeem Suleman, who is talking about Cisco ACI. Lauren Friedman (@lauren) moderates and Scott Morris and Jason Benedicic are this week’s Cisco Champion guest hosts.

Listen to the Podcast.

Learn about the Cisco Champions Program HERE.
See a list of all #CiscoChampion Radio podcasts HERE.

Cisco SME
Azeem Suleman, Cisco Senior Architect

Cisco Champions
Scott Morris, (@ScottMorrisCCIE), Senior Instructor
Jason Benedic, (@jabenedicic), Technical Architect

Highlights
ACI Overview
Benefits of ACI
Use case examples
Why ACI is different (from an SDN perspective)
Best practices for implementing ACI
ACI Contracts
ACI “WOW” factors Read More »

Tags: , , , ,

Video Demo: The Power of ACI Physical Network Visibility in an SDN Overlay Environment

[Note: Register today for our upcoming live ACI webcast: “Is Your Data Center Ready for the Application Economy”, January 13, 2015, 9 AM PT, Noon ET, featuring ACI customers and several key ACI technology partners.]

At the most recent Gartner Data Center Conference in Las Vegas, after some insightful discussions with customers and analysts, we came up with a great demo idea and proof point that highlights a key feature in our Application Centric Infrastructure (ACI) platform. This particular demo centers on the unique visibility of the ACI Fabric to faults in the underlying physical network.

Joe Onisick, Principal Engineer in the ACI team at Cisco, compares this ability in ACI to SDN technologies that employ only virtual overlay networks in the following video. With overlay networks, such as a VXLAN tunnel, the resulting virtual network (and all the management and analytics tools) has a much harder time isolating faults within the physical infrastructure. The overlay is designed to “tunnel” through the physical network, simplifying and obscuring the physical topology and issues with any specific network node. Before going much further, I’ll let Joe provide the details in this quick, 3 minute video:

Read More »

Tags: , , , ,

ACI for Splunk Enterprise: Enabling comprehensive application health

On January 13th, 2015, Cisco will celebrate the 1-year anniversary of its launch of Application Centric Infrastructure (ACI), a ground breaking SDN architecture.  It will include a public webcast with the participation of early ACI adopters and our ecosystems partners.  One of these inaugural partners was Splunk,  the Operational Intelligence company for all types of IT organizations.  At the webcast, Splunk and other partners will describe  a range of new solutions with ACI, that dramatically simplify Data Center operations. Here is a preview of Splunk’s solution.

A large portion of the data center operational effort is consumed in managing application health.  This includes:

  • Ensuring the end-user experience for distributed users with different types of performance needs
  • Discovering the physical and virtual resources associated with applications and the user experience
  • Detailed monitoring of resources and events in the infrastructure that affect application performance

These activities have become more complex as applications have become distributed, interconnected or cloud based because they cause applications to move, scale and evolve rapidly.

Splunk Enterprise can monitor and analyze millions of infrastructure events through logs and agents, in real-time. This can provide rapid visibility and isolation of infrastructure that affect application performance. Cisco has been collaborating with Splunk to combine the application visibility of Cisco Application Centric Infrastructure with operational analytics of Splunk Enterprise. The result is “Cisco ACI for Splunk Enterprise” a highly scalable application that is orderable immediately at Splunk.com.

ACI and Splunk have enabled a comprehensive view of application health with the ability to monitor the entire end-to-end environment in real time and proactively prevent issues from impacting end users.

ACI provides visibility to application health from the network perspective by tracking all network dependencies and events that impact application performance and security. Splunk complements Cisco ACI by bringing actionable intelligence across the entire data center infrastructure including storage, compute, virtualization endpoints, as well as application tiers and components provided by ACI. Splunk’s analytical and visualization tools provide real-time insights to data center teams to optimize performance and ensure security policies in a highly dynamic environment.

How does it work

Cisco ACI exposes a wealth of networking data previously inaccessible to Splunk. The Cisco ACI app for Splunk Enterprise gathers data from APIC (Application Policy Infrastructure Controller) including APIC network events, health scores and inventory of logical constructs (e.g. tenants, application profiles, end point groups) and physical constructs ( e.g spines, leafs, VMs).

SplunkACI_CentralizedApplicationHeath

This data is used to:

  1. Reduce resolution time with accelerated root-cause analysis
  • Splunk enables users to reduce the mean time to investigate/resolve problems up to 70%
  • Centralized management of operational health of ACI environment & underlying entities in real-time
  • Detect issues or anomalies in performance or response times and proactively resolve
  • For multiple tenants, quickly navigate to the source of problems using flexible per-role views, including 1) Help Desk view, 2) Tenant View and 3) Fabric view
  1. Provide Central Proactive Monitoring of Cisco ACI
  • Get real-time proactive notification of network traffic and device faults with location, affected objects.
  • Track trends and anticipate application impact
  1. Operational Analytics across the entire virtual and physical infrastructure
  • Optimize network capacity and prevent service deterioration with detailed visibility into fabric path degradation.
  • Meet compliance/security with user analytics, including authentication tracking reports.
  • Correlate data from Cisco ACI with data from storage resources, operating systems, applications, security devices, endpoint and more for enterprise-wide visibility.
  • Trace and monitor transactions through all tiers of a distributed application architecture
  • Gives application managers a perspective on the underlying Cisco ACI infrastructure’s effect on applications without being directly involved in ACI Ops.
  • Monitor key operational metrics such as end-to-end response times to ensure SLAs met.

As an example, a Fortune 100 company is using Splunk with ACI:

  • for operational visibility for their ACI cluster with ability to quickly identify faults and troublesome tenants and determine corrective action.
  • to provide centralized visibility as ACI expands across multiple data centers and for proactive monitoring to establish baselines and triggered alerts when key thresholds exceeded.

This approach to Application Health is part of the broader discipline of Application Performance Management (APM). According to Gartner, “By 2018, 60% of APM deployments will use and integrate data extracted directly from log  files alongside wire data and agent-derived data as a foundation for reporting, prediction, and analysis, up from less than 5% today.”  With our collaboration, ACI for Splunk Enterprise provides important new capabilities for  Application Performance Management.

Learn more about Cisco ACI for Splunk Enterprise here.  And register for Cisco’s webcast on January 13th.

 

 

Tags: , , , , , , , ,