Cisco Blogs


Cisco Blog > Data Center and Cloud

Going Native with OpenStack Centric Applications: Murano

November 18, 2014 at 9:58 pm PST

Following on our previous discussion surveying the projects supporting applications within OpenStack, let’s continue our review with an in-depth look at the OpenStack-native Application Catalog: Murano, currently an incubation status project, having seen its functionality and core services integration advanced over the past few OpenStack releases.

OpenStack Centric Applications - Murano Logo

What is it?

An application catalog developed by Mirantis, HP and others (now Cisco), that allows application developers and cloud administrators to publish applications in a categorized catalog to be perused and deployed by application consumers. The selection of applications available within the catalog is intended to be that of released versions (ready-state) of applications (cloud-native or enterprise-architected), not application versions that are mid-development. Ideally, these are applications ready to be consumed and run by application users. Read More »

Tags: , , , ,

Application Configuration Management: What’s your Approach?

October 21, 2014 at 7:27 pm PST

Last we spoke, it was about network device configuration management. Let’s move our focus up the stack to applications and management of their configuration. Whether enterprise or cloud-architected, running on physical servers, in virtual machines or in containers, how are you managing your applications?

Puppet, Chef, Ansible and Salt are popular answers to this question and leading contenders for initial provisioning and management of configuration drift of data center applications -- whether they be common off the shelf (COTS) or custom built applications. Two of these configuration management technologies, Puppet and Chef, are supported by Cisco Intelligent Automation for Cloud 4.1. The collection of features enveloping these two Ruby-based technologies within Cisco IAC is referred to as Application Configuration Management (ACM).

Approach to Agent Bootstrapping

Puppet and Chef are similar in nature -- in more ways that we’ll discuss in this post. An example of similarity being that both of these ACM technologies require an agent (Puppet) or client (Chef) installed on the server under management (node).

cisco-iac-agent-bootstrapping

Agent Bootstrapping Methods

Both types of ACM technologies support client-only and client/server deployment models, referred to as agent/master for Puppet and client/server for Chef installations. Whether only using an agent-only (client-solo -- Chef) or using an agent/master deployment model, unless your virtual or physical server image has the agent preinstalled, you’ll need to go perform the prerequisite work of agent installation.

IAC performs this dirty work by bootstrapping the appropriate agent (or client) whether on initial server provisioning or on-demand on any existing server when a user assigns an application to a server. Mechanics used to perform agent installation varies. The mechanics used within IAC are listed in the “Agent Bootstrapping Methods” chart. Initially, IAC used WinRM as its mechanism to bootstrap agents on Windows severs until customer feedback drove use of an alternative mechanism -- psexec. We found that customer security teams were either uncomfortable with or had policy in place against the use of WinRM as a method to execute scripts remotely and made the switch to psexec, which “is a light-weight telnet-replacement that lets you execute processes on other systems, complete with full interactivity for console applications, without having to manually install client software”.

Part of the agent installation involves establishing a connection between the ACM server (Puppet Master or Chef Server) and the node (server with agent/client installed). IAC orchestrates the registration of the node with it’s respectively, assigned ACM server. This process is different depending on whether Puppet or Chef is used.  In the case of Chef, IAC has the chef-client register with the Chef server using the private key assigned to the chef-validator, which IAC loads into the node during client installation. In the case of Puppet, IAC performs an initial puppet agent run, which lodges a certificate authorization request on the Master, which IAC subsequently orchestrates the signing of on the Master. With agent bootstrap complete and authorized, secure communication between the ACM server and client, attention is turned to the management of connections IAC may have established with number of Puppet or Chef servers.

Cisco IAC System Health - ACM

System Health -- ACM

Connection and System Health

In the case of client/server deployments, IAC will establish connection to one or more Puppet Masters and one or more Chef Servers. Each connection is treated with care as the health of each connection facilitates IAC’s ability to successfully orchestrate applications. Connections are established using a service account permissioned appropriately. The health of the connection between each ACM server is evaluated once every 30 minutes by default. Connection health is determined by performing connectivity, authentication and authorization tests. Details of these tests and a screenshot of the System Health console can be seen in the  “System Health -- ACM” chart.

Cisco IAC CloudSync Finite State Machine

CloudSync Finite State Machine

Cloud Object Model and CloudSync

Immediately after establishing a healthy connection, CloudSync runs. CloudSync is a synchronization process driven by a finite state machine whose responsibility is to not only perform initial object discovery and granular fingerprinting -- essentially a deep interrogation of cloud objects and their attributes -- but also, manage ongoing reconciliation of infrastructure changes with respect to their representation of the provider’s cloud infrastructure as modeled within the service catalog. Note the “CloudSync Finite State Machine” chart, which is laced with Extension Points, where cloud administrators may insert custom logic on state transition for any given object within the model. Once collected, this inventory (e.g. a Chef Role) is presented to the cloud administrator for  the ACM server for use within their cloud. Cloud administrators may choose to register the discovered objects for use by end users.

Cisco IAC Cloud Object Model - Chef

Cisco IAC Cloud Object Model -- Chef

Cisco IAC Cloud Object Model - Puppet

Cisco IAC Cloud Object Model -- Puppet

For example, the cloud administrator may choose to register a Puppet Role as being available for end users to assign to a server. Registration of this role may include assignment of additional metadata, including price of the role as a one-time or recurring charge for use of the application and assignment of tenant permissions (whether to make the role available to all tenants or only select tenant(s)).

It’s through the relationships derived within the Cloud Object Model and assignment of tenant permissions that the specific applications are presented to a given end user. Service Resource Containers are used as a logical construct owned by the cloud administrator wherein tenant-specific resources may be hosted. Applications delivered to tenants may be created in a virtual data center that is serviced by either a Puppet Master or Chef Server. See the Cisco IAC documentation for further details on other constructs within these and other models.

Cisco IAC My Servers - Manage Applications - Node Classification

Manage Applications -- Node Classification

Approach to Node Classification

Once registered for use, applications become visible to end users, who may assign applications to their servers whether during initial server provisioning or to an existing server. Upon selection of application(s) by the end user, IAC classifies the node by writing a hiera file (Puppet) or by writing a run-list (Chef) on the respective ACM server and forces an immediate agent run to ensure application configuration is promptly enforced.

In this sense, IAC provides a common user experience for node classification irrespective of the underlying technology chosen by the cloud provider (the organization running and administering IAC). As the IAC product suite evolves, so has our approach in terms of classification via Puppet and the more programmatically effective use of a custom-written External Node Classifier, taking advantage of the ability for the node_terminus configuration to to interact with an ENC.

Application Configuration Management Highlights

Cisco IAC CloudSync'ed Application Infrastructure

CloudSync’ed Applications

  • Integration with Puppet and Chef
    • Connections to number of servers
    • System health checks for these servers
    • Application infrastructure discovery (CloudSync)
    • Bootstrapping of agents (green and brownfield)
  • Financial Management
    • Pricing of applications
    • Showback for application orders
    • Run rates including application consumption by user, org, tenant
  • Multi-tenancy
    Financial Management - Application Pricing & Showback

    Financial Management -- Application Pricing & Showback

    • Tenant-specific application catalogs
    • Tenant/application consumption dashboards
  • Provisioning
    • Application provisioning for virtual machines, physical servers
    • “My Applications” interface for application management
  • Service Offering Elections
    • 3-tiers of control on enable/disable application configuration management services at provider, tenant and organization levels
  • Multi-Cloud Platform Support
    • Support same services ubiquitously across all platforms

    Financial Management - Application Run Rates

    Financial Management -- Application Run Rates

  • Application User Persona
    • “My Application” interface for application management
    • ACM Server and application usage dashboard

Cognizant of the plethora of application configuration management tools available to Cisco customers, including commercial, open source, and homegrown tools, we’re very interested to hear which ones you have found to be the best fit in your environment. Have you established revision control practices as you manage infrastructure as code?Having reviewed Cisco’s approach within its cloud management platform, IAC, whether you manage configuration of physical servers, virtual machines or use CM to build containers or hosts that run containers, how does your approach compare?

Tags: , , , , , ,

Cisco UCS® Claims SAP SD and SPECjbb 2013 World- Record Benchmarks

Cisco UCS continues its tradition of performance leadership with the announcement of three world –record benchmark performance results:

  1. Cisco UCS B260 M4 blade servers achieved the best 2-processor 2-tier SAP Sales and Distribution (SD) Benchmark performance
  2. Cisco UCS C460 M4 Rack Server set new world-record SPECjbb®2013 MultiJVM 4-socket max-jOPS performance result.
  3. Cisco UCS  B260 M4 Blade Server claimed  a new world-record SPECjbb®2013 MultiJVM 2-socket x86/64 max-jOPS performance result

Let’s take a closer look at each of these world-record benchmark performance results:

1.      World-Record: Fastest Two-Processor Result for SAP

Cisco UCS B260 M4 blade servers delivered the best 2-processor SAP Sales and Distribution (SD) Benchmark result, in a two-tier configuration, with performance accelerated by Cisco UCS Invicta™ Series Solid State Systems. The Cisco UCS B260 M4 Blade Server running Microsoft Windows Server 2012 delivered a world-record two-tier SAP SD Benchmark result on SAP Enhancement Package 5 for SAP ERP 6.0 and Microsoft SQL Server 2012. The solution supported 12,280 SAP SD Benchmark users while maintaining a consistent application response time of less than one second. Published results can be found on the SAP website at http://global.sap.com/solutions/benchmark/sd2tier.epx, SAP SD Benchmark Result Certificate Number 2014018.

Cisco UCS B260 M4 delivered a SAPS score of 67,020. This result is an 18 percent improvement over the 54,700 SAPS score delivered by IBM x3690 X5 servers configured with previous-generation processors and a 22 percent improvement over an IBM FlexSystem p260 running two IBM POWER 7+ processors as reflected in the graph below:

SAP SD 2014

Check out the Performance Brief for additional information on the benchmark configuration. The detailed official benchmark disclosure report is available at the SAP website.

 2.       The Same Processors: Greater SPECjbb2013 Performance with the Cisco UCS C460 M4

Cisco UCS C460 M4 Rack Server captured the top 4-socket MultiJVM score for maximum Java operations (max-jOPS)  with results of 201,117 max-jOPS and 52,784 critical-jOPS.

The test configuration consisted of a controller and four groups, each consisting of a transaction injector and back end, all running across nine JVM instances within a single operating system image. The JVM instances ran on a Cisco UCS C460 M4 Rack Server powered by four 2.8-GHz, 15-core Intel Xeon processor E7-4890 v2 CPUs running the Red Hat Enterprise Linux (RHEL) 6.5 operating system and 64-bit Oracle Java HotSpot Virtual Machine (VM) server on Linux Version 1.8.0.

The benchmark results of 201,117 max-jOPS and 52,784 critical-jOPS place the Cisco UCS C460 M4 at the top of the max-jOPS scores for 4-socket servers running multiple JVMs  and outperforms the Dell PowerEdge R920 and HP ProLiant DL580 Gen8 servers, as shown in the graph below:

SPECjbb 4 socket 2014

Check out the Performance Brief for additional information on the benchmark configuration. The detailed official benchmark disclosure report is available at spec.org website.

 3.      Cisco Improves Performance by Up to 47 Percent in World-Record SPECjbb2013 Results

Cisco UCS  B260 M4 Blade Server captured the top 2-socket x86/64 MultiJVM score for maximum Java operations (max-jOPS)  with results of 91,499 concurrent Java operations per second and 30,021 concurrent critical Java operations per second on SPECjbb2013.

The Cisco configuration consisted of a controller and two groups, each consisting of a transaction injector and back end, all running across multiple JVM instances within a single operating system image. The JVM instances ran on a Cisco UCS B260 M4 Blade Server powered by two 2.8-GHz, 15-core Intel Xeon processor E7-4890 v2 CPUs running the Red Hat Enterprise Linux (RHEL) 6.4 operating system and Oracle Java HotSpot 64-Bit Server Virtual Machine (VM) on Linux Version 1.8.0.

The benchmark result of 91,499 max-jOPS and 30,021 critical-jOPS places the Cisco UCS B260 M4 at the top of the max-jOPS scores for 2-socket x86/64 servers running multiple JVMs  delivering  a 47 percent increase in SPECjbb®2013 max-jOPS and a 28 percent increase in critical-jOPS compared to Cisco’s recent results with the Intel Xeon processor E5 v2 powered servers as depicted in the graph below:

SAP 2-socket 2014

Check out the Performance Brief for additional information on the benchmark configuration. The detailed official benchmark disclosure report is available at spec.org website.

These results join the more than 90 previous world-record performance results set by Cisco UCS since it was announced five years ago. Many of these world-record results use real-world workloads, including business applications, Java middleware, database performance, high-performance computing, and virtualized and cloud computing environments. Check out the Cisco UCS Performance Benchmarks website for additional details.

For additional information on Cisco UCS and Cisco UCS solutions please visit Cisco Unified Computing & Servers web page.

Competitive claims based on results posted at http://www.spec.org/, and at http://www.cisco.com/c/en/us/products/servers-unified-computing/industry_benchmarks.html as of 05/29/2014. SPEC and SPECjbb are trademarks or registered trademarks of Standard Performance Evaluation Corporation.

SAP Results referenced are from the SAP website at http://global.sap.com/solutions/benchmark/sd2tier.epx and are current as of 5/29/2014: Cisco UCS B260 M4, 2 Processors / 30 Cores / 60 Threads, Intel Xeon Processor E7-4890 v2, 2.8 Ghz, 64 KB L1 cache and 256 KB L2 cache per core, 37.5 MB L3 cache per processor, 512 GB of main memory, Microsoft Windows Server 2012 Datacenter Edition, Microsoft SQL Server 2012, and SAP Enhancement Package 5 for SAP ERP 6.0; certification number 2014018, IBM Flex System p260 Compute Node, 2 processors, 16 cores, 64 threads, IBM POWER7+, 4.10 GHz, 32-KB (I) and 32-KB (D) L1 cache and 256-KB L2 cache per core, 10- MB L3 cache per core, 256 GB of main memory, IBM AIX 7.1, IBM DB2 10, and SAP Enhancement Package 5 for SAP ERP 6.0; certification number 2012035, IBM System x3690 X5, 2 processors, 20 cores, 40 threads, Intel Xeon processor E7-2870, 2.40 GHz, 64- KB L1 cache and 256-KB L2 cache per core, 30-MB L3 cache per processor, 256 GB of main memory, Microsoft Windows Server 2008 Enterprise Edition, IBM DB2 9.7, and SAP Enhancement Package 4 for SAP ERP 6.0; certification number 2011032

Girish Kulkarni

Senior Marketing Manager,

Unified Computing System 

gikulkar@cisco.com

Tags: , , , , ,

Cisco UCS vRack on Full Display at PASS Summit

October 6, 2013 at 10:55 pm PST

Cisco is proud to be a Platinum sponsor and exhibitor at PASS Summit this year. If you aren’t familiar with PASS Summit, it “is the world’s largest, most-focused, and most-intensive conference for Microsoft SQL Server and BI professionals.”

Gary Serda has done an excellent job in detailing what the Cisco UCS team will be sharing with attendees in his blog post Guide to Cisco at the PASS Summit, so I wanted to highlight our 3D, interactive vRack of our Unified Computing System which is always a highlight at trade shows and will be on display at PASS Summit.

 

Stop by booth #300 Read More »

Tags: , , , , , , , , , , , ,