Cisco Blogs


Cisco Blog > Data Center and Cloud

Network Design for Automation

20140519-CISCO-spine-and-leafThere has been a lot of recent online discussion about automation of the datacenter network, how we all may (or may not) need to learn programming, the value of a CCIE, and similar topics. This blog tries to look beyond all that. Assume network configuration has been automated. How does that affect network design?

Automation can greatly change the network landscape, or it may change little. It depends on what you’re presently doing for design. Why? The reason is that the programmers probably assumed you’ve built your network in a certain way. As an example, Cisco DFA (Dynamic Fabric Automation) and ACI (Application Centric Infrastructure) are based on a Spine-Leaf CLOS tree topology.

Yes, some OpenFlow vendors have claimed to support arbitrary topologies. Arbitrary topologies are just not a great idea. Supporting them makes the programmers work harder to anticipate all the arbitrary things you might do. I want the programmers to focus on key functionality. Building the network in a well-defined way is a price I’m quite willing to pay. Yes, some backwards or migration compatibility is also desirable.

The programmers probably assumed you bought the right equipment and put it together in some rational way. The automated tool will have to tell you how to cable it up, or it  might check your compliance with the recommended design. Plan on this when you look to automation for sites, a datacenter, or a WAN network.

The good news here is the the Cisco automated tools are likely to align with Cisco Validated Designs. The CVD’s provide a great starting point for any network design, and they have recently been displaying some great graphics. They’re a useful resource if you don’t want to re-invent the wheel — especially a square wheel. While I disagree with a few aspects of some of them, over the years most of them have been great guidelines.

The more problematic part of this is that right now, many of us are (still!) operating in the era of hand-crafted networks. What does the machine era and the assembly line bring with it? We will have to give up one-off designs and some degree of customization. The focus will shift to repeated design elements and components. Namely, the type of design the automated tool can work with.

Some network designers are already operating in such a fashion. Their networks may not be automated, but they follow repeatable standards. Like an early factory working with inter-changeable parts. Such sites have likely created a small number of design templates and then used them repeatedly. Examples: ”small remote office”, “medium remote office”, “MPLS-only office”, or “MPLS with DMVPN backup office”.

However you carve things up, there should only be a few standard models, including “datacenter” and perhaps “HQ” or “campus”. If you know the number of users (or size range) in each such site, you can then pre-size WAN links, approximate number of APs, licenses, whatever. You can also pre-plan your addressing, with, say, a large block of  /25′s for very small offices, /23′s for medium, etc.

On the equipment side, a small office might have one router with both MPLS and DMVPN links, one core switch, and some small number of access switches. A larger office might have one router each for MPLS and one for DMPVN, two core switches, and more access switches. Add APs, WAAS, and other finishing touches as appropriate. Degree of criticality is another dimension you can add to the mix: critical sites would have more redundancy, or be more self-contained. Whatever you do, standardize the equipment models as much as possible, updating every year or two (to keep the spares inventory simple).

It takes some time to think through and document such internal standards. But probably not as much as you think! And then you win when you go to deploy, because everything becomes repeatable.

Read More »

Tags: , , , , , , , , ,

Delivering Policy in the Age of Open Source

This is an exciting time in the history of datacenter infrastructure.  We are witnessing the collision of two major trends: the maturation of open source software and the redefinition of infrastructure policy.
The trend towards open source is self-evident.  Platforms such as OpenStack and OpenDaylight are gaining huge developer mindshare as well as support and investment from major vendors.  Even some newer technologies like Docker, which employs linux kernel containers, and Ceph, a software-based storage solution, offer promising paths in open source.  Given the fundamental requirements of interoperability in architecturally diverse infrastructure environments, its no surprise that open source is gaining momentum.

The second trend around policy is a bit earlier in its evolution but equally disruptive.  Today, there is a huge disconnect between how application developers think about their requirements and the languages and tools through which they are communicated to the infrastructure itself.  For example,  just to handle networking, a simple three tier app must be deconstructed into an array of VLANs, ACLs, and routes spread across a number of devices.  Storage and compute present similar challenges as well.   To simplify this interaction and create more scalable systems, we need to actually rethink how resources are requested and distributed between different components.  This really boils down to shifting the abstraction model away from configuring individual devices to focus on separately capturing user intent, operational, infrastructure, and compliance requirements.

At Cisco, we’ve really embraced both of these trends.  We are active contributors to over 100 open source projects and were founding members of OpenStack Neutron and OpenDaylight.  We’ve also made open source a successful business practice by incorporating and integrating popular projects with our products.  In parallel, Cisco has accumulated a lot of experience in describing policy through the work we’ve done with Cisco Unified Computing (UCS) and most recently with Cisco Application-Centric Infrastructure (ACI).

Building on this foundation, we see a unique opportunity to collaborate with the open source community to deliver a vision for policy-driven infrastructure.  This will enhance the usability, scale, and interoperability of open source software and benefit the entire infrastructure ecosystem.

This vision includes two initiatives in the open source community:

GroupBasedPolicy

  1. Group-Based Policy: An information model designed to express applications’ resource requirements from the network through a hardware-independent, declarative language and leave a simple control and dataplane in place.  This approach replaces traditional networking constructs like VLANs with new primitives such as “groups”, which model tiers or components of an application, and “contracts” describing relationships between them.  Group-Based Policy will be available in the context of OpenStack Neutron as well as OpenDaylight through a plug in model that can support any software or hardware infrastructure.
  2. OpFlex: A distributed framework of intelligent agents within each networking device designed to resolve policies.  These agents would translate an abstract, hardware-independent policy taken from a logically central repository into device-specific features and capabilities.

 

Let’s look a bit more closely at each of these initiatives.

Read More »

Tags: , , , , , , , , , , , , , , ,

Why IT Leaders Stand to Benefit from the Natural Process of Network Programmability

The programming of network resources is not just a trend, but also a way to future-proof IT and business needs.

This blog series examines how infrastructure programmability is providing a faster time to competitive advantage and highlights the differences between programmable infrastructure and traditional infrastructure, and what programmability means for your entire IT infrastructure.

To read the first post in this series that defines infrastructure programmability, click here.  To read the third post in this series that discusses how IT leaders can embrace this change, click here.

By the end of this year, the number of mobile connected devices will exceed the number of people on earth, and U.S. businesses alone will spend more than $13 billion on cloud computing and managed hosting services. In addition, the growing convergence of mobile, cloud and the network is demanding that organizations implement the right combination of strategies, processes, and infrastructure.

As the industry is changing faster than we can imagine, we are shaping the future with a new model for IT. Today’s infrastructure must be simple, smart, and secure.

A piecemeal approach to leveraging new technology—in the midst of a fast-paced market—could leave businesses disaggregated and left on the sidelines by faster competitors.

Unleash Fast IT, an operating model that delivers simplification and orchestration through automated, agile, and programmable infrastructures. The concept of Fast IT embodies IT being agile enough to operate at the speed of business. This means that in order for your organization to be successful in an increasingly complex world you must have an infrastructure that runs at a speed and scale never before seen.

There are three core principles for Fast IT: simplicity, intelligence and security. In some ways, this model is markedly different from the current IT model, which can be highly complex and closed.

Read More »

Tags: , , , , , , , , , , , , , , , , , ,

Cisco ACI’s Multi-Hypervisor + BareMetal Interop with VLAN and VXLAN Routing and Bridging Demonstration

In November last year, I introduced via my blog, the powerful capabilities of the ACI Fabric and the unique hardware based VXLAN implementation in Cisco Nexus 9000 Series switching platform. In this blog, I am happy to present a powerful Video based demonstration of the ACI Fabric. The demo presents a single view of an entire spine-leaf fabric based deployment, and how the fabric allows full integration and full normalization of any encapsulation be it vlan or vxlan, with full bridging/routing capabilities across all of these including bare-metal servers. The demo also shows how data can jump in and out of physical/virtual environment within the Fabric, and how the Fabric treats everything with a consistent policy based approach to deploying apps on top of ACI. Check out the demo here:

Read More »

Tags: , , , , , , , ,

Setting the Stage for the Cisco Mobile Workspace Solution with Citrix CVD

CiscoWotrkSpaceSolutionThe times keep changing: first there were devices, then there were apps, and today, if you don’t develop a strategy for enterprise mobility and get ahead of the trend, the mobile wave will leave you behind. A year ago, after talking with many of our customers, partners, and our own technical sales teams, we realized that IT organizations were facing enormous challenges when making the transition from simple BYOD to adopting an enterprise mobility strategy across the business. As is typical during such tremendous market transitions like mobility, IT organizations were spending a lot of time figuring out how to line up the pieces required to support a mobile workforce, sorting through and weighing the many technology and vendor choices.

Today in conjunction with our friends at Citrix, we are happy to highlight the  Cisco Mobile Workspace Solution with Citrixbuilt on the Citrix Workspace Suite. We are very excited to deliver this first of its kind, comprehensive solution to our customers. Today I’d like to take a step back and set the stage for the Cisco Mobile Workspace Solution with Citrix by taking you through our thought process in creating the right enterprise mobility solution for our customers. Read More »

Tags: , , , , , , , , , , , , , , , , , , , ,