There’s been a lot of news and momentum surrounding VXLAN technology in the last several months, and there is no doubt that VXLAN is becoming a more strategic and pervasive technology across cloud networks as a result. When we rolled out VXLAN about two years ago with the first commercial implementation as part of our Nexus 1000V virtual switch, VXLAN was solely a virtual networking construct and had real constraints in how it could be extended to physical networks and devices. It was also restricted to overlay networks using our Nexus 1000V switch (or other virtual switches supporting the VXLAN overlay protocol).
Now, however, VXLAN is being supported broadly across Cisco networking platforms and devices, across multiple Cisco fabric architectures, and we are even seeing broader support from other vendor ecosystems and non-Cisco switching platforms. Cisco is continuing to expand its support for VXLAN onto the new Nexus 5600 Series switches, as well as Nexus 7700 Series using the F3 line card.
For those of you not fully up to speed on VXLAN, VXLAN stands for Virtual eXtensible Local Area Network, and started out as vastly more scalable Layer 2 LAN and tenant isolation construct for data center and cloud networks. Where cloud networks were running out of only 4000+ VLAN IDs to segment application networks, VXLAN gave them over 16 Million logical network segments.
Cisco announced last week that its rapidly expanding ACI ecosystem now includes the A10 NetworksaCloud Services Architecture based on the Thunder ADC Application Delivery Controllers, as well as the Catbird IDS/IPS virtual security solutions. These new ACI ecosystem vendors are announcing support for the ACI policy model and integration with the Application Infrastructure Policy Controller (APIC) which will accelerate and automate deployment and provisioning of these services into application networks. This should also resolve any speculation that the ACI ecosystem would not be including technology vendors that compete with Cisco’s other lines of business, as Cisco expands the solution alternatives for customers.
Each of the solutions will rely on two primary capabilities of the APIC and ACI to provide a policy-based automation framework and policy-based service insertion technology. A policy-based automation framework enables resources to be dynamically provisioned and configured according to application requirements. As a result, core services such as firewalls, application delivery controllers (ADC) and Layer 4 through 7 switches can be consumed by applications and made ready to use in a single automated step.
A policy-based service insertion solution automates the step of routing network traffic to the correct services based on application policies. The automated addition, removal, and reordering of services allows applications to quickly change the resources that they require without the need to rewire and reconfigure the network or relocate the services. For example, if the business decision is made to use a web application firewall found in a modern ADC as a cost-effective way of achieving PCI compliance, administrators would simply need to redefine the policy for the services that should be used for the related applications. The Cisco APIC can dynamically distribute new policies to the infrastructure and service nodes in minutes, without requiring the network be manually changed.
As cloud-enabled services transform IT departments everywhere, your path to success as an IT professional was made easier today with Cisco’s announcement to expand its cloud portfolio. With Cisco’s comprehensive cloud portfolio offerings, you can easily and securely combine workloads to manage cloud services across different clouds. By increasing your flexibility for strategic sourcing of cloud-enabled IT services, you can increase your influence as a trusted business partner to your stakeholders. And, as you take on these new strategic roles, Cisco and our channel partners can help you and your organization gain control of cloud services.
While defining and deploying a comprehensive cloud architecture presents tremendous opportunity for IT chiefs, this task is not without its challenges. Successful cloud implementation requires a cloud governance model fueled by strategic vision and a holistic approach that addresses all aspects of your data center and IT operations in the new application economy fueled by cloud.
Following on the heels of our launch last fall of Application Centric Infrastructure, our enhanced Cisco Services for cloud portfolio provides strategic assistance to transition to a cloud governance model within your organization based on business outcomes. With our solutions spanning the plan, build, manage, and go-to-market phases of the cloud project lifecycle, Cisco Services has been recognized as an industry leader in cloud services by both IDC and Forrester.
Cisco and CA Technologies have been solution partners for years integrating CA IT management solutions with Cisco Data Center and cloud infrastructure. On Jan. 27th, at CiscoLive Milan, the two companies will demonstrate the next generation data center – highlighting synergies in DevOps automation and Unified Infrastructure management. Why is this, a turning point in IT evolution?
In a recent blog, I talked about the growing agility gap in mid-to-large data centers -- that in spite of a decade of unified fabrics, virtualized services and controller abstractions, the demands for scale, performance and security are growing faster than IT can satisfy them. This is due to new mobile, social and Big-Data applications that are much more dynamic due to multi-tenancy, higher demand peaks, more distributed users, broader device support, varying performance needs, 24x7 global usage, and changing security vulnerabilities.
I also said that while the evidence of the agility gap is showing up in ballooning network reconfigurations (such as ports, VLANs, subnets, security services, load-balancing, flow optimizations, monitoring), the solution lies in accelerating DevOps – the relatively new discipline of translating dynamic application and tenant needs into an optimal data center topology – and not just in a controller based programming.
CA Technologies is now showing that DevOps processes can be accelerated by orders of magnitude using Cisco Application Centric Infrastructure (ACI). This is resulting in application optimized infrastructure, much lower TCO and faster time to new services.
DevOps, the frontline in closing the agility gap
DevOps evolved from the need of global enterprises to meet competitive application demands with “continuous application delivery.” Financial services, Healthcare, Hospitality and Retail are among the sectors for whom the frequency of application changes have shrunk from 18 months, to daily and even multiple times a day!
Drivers include mobile apps that need continuous enhancements, cloud scaling, Big-Data and the use of Agile Methodology where major code changes occur in weekly or daily “sprints.” DevOps brings continuous integration and operational processes to allow several Developer, Quality Assurance and Application-production teams to collaborate to improve agility of application deployments.
As IT departments move to private cloud offerings, DevOps methodologies, and continuous integration capabilities, many segments of the data center market have a strong need for more open, programmable, and application-led networks. In these fully automated environments, network automation for infrastructure as a service (IaaS) or applications on demand is becoming essential. As discussed in a recent blog postby Ravi Balakrishnan, the Cisco Nexus 9000 offers the industry’s 1st open and extensible application policy model helping businesses increase agility, flexibility, and scalability and automate repetitive manual tasks, reducing the time to deployment and easing maintenance tasks.
A recently-issued Lippis Report provides validation that the Cisco Nexus 9000 product line offers the most comprehensive open programming tools and functions available that can either be leveraged independently, or put to work in unison with other platform capabilities. The report found that the benefits of Cisco Nexus 9000 programming environment include investment protection and improved business agility through support of open protocols, APIs and standards that leverage customers’ existing networking, services including security, physical and virtual compute, and storage assets and accelerate network application deployment times to minutes improving business agility through centralized management.
Cisco 9000 programmability enables use cases across the whole IT delivery chain in terms of being able to orchestrate and automate provisioning of network infrastructure. Applications now have special, real-time access to network buffers, congestion and state information, so that they can actually make better choices and decisions on how they’re delivering services to end-users. In addition, troubleshooting can be automated through applications having much deeper visibility into the network.
The specific use cases for Cisco NX-OS API enhancements span data center network engineers and experienced DevOps personnel in cloud and large enterprise IT organization. For network engineers, NX-OS APIs can simplify and automate common network infrastructure provisioning challenges as well as offer automated troubleshooting through enhanced network visibility.
DevOps personnel may leverage NX-OS APIs and automation tools to create their own custom scripts and leverage the NX-API into other tools with which they are already familiar to customize network device data and use it in the way that’s important for them to either deliver competitive business value or to reduce OpEx through automation.
Cisco 9000 Programmability Highlights
The Cisco NX-OS enhancements for the Cisco Nexus 9000 Series supports numerous capabilities that aid automation and orchestration including providing investment protection through the support of new automation capabilities in the future. Centralized, fine-grained access to Cisco 9000 networking resources is enabled through support for XML, JSON, representational state transfer (REST), remote procedure call (RPC), NetConf, Python scripting, Bash and Broadcom chip-level shell access, and Linux containers for development of custom applications. These APIs have full read and write access to the Cisco 9000 platform, providing programmability, automation, and system access. Cisco-NX-OS also supports APIs enabling rapid integration with existing management and orchestration frameworks. These include OpenStack interfaces to provide Cisco policy consistency across physical, virtual, and cloud environments.