We made it…another successful Strata-Hadoop World show for Cisco’s Big Data & Analytics team. This year we had a few unique challenges – the Pope was leaving town when we arrived; then the UN General Assembly made traffic a bit more difficult than normal; finally towards week’s end the threat of ‘The Hurricane’ for the East Coast…
Cisco had an active presence at Strata this year with several newsworthy and interesting highlights:
• Introducing Cisco Data Preparation. Cisco Data Preparation (Data Prep) makes it easy for non-technical business analysts to gather, explore, cleanse, combine and enrich the data that fuels analytics. Read Kevin Ott’s Data Prep blog here. Read More »
Tags: Big Data, Cisco, Cisco Data Preparation, Cisco Data virtualization, Cisco UCS, Cloudera, Hortonworks, IBM, IBM BigInsights, Integrated infrastructure, Intel, MapR, nexus, Splunk, Splunk Enterprise, versastack
SDN (Software Defined Networking) and NFV (Network Functions Virtualization) technologies are expected to help Service Providers gain new efficiencies and previously unimagined speed and agility in cloud services delivery so they can seize new business opportunities and achieve continued growth. Specifically, SDN in the data center helps you abstract services and applications from the complexities of the underlying network, making services operations drastically simpler. However, this abstraction layer, referred to as the SDN overlay, must meet very specific requirements to support today’s dynamic cloud environments.
I’d like to briefly discuss a recently released product, the Cisco Virtual Topology System (VTS), a high performance SDN overlay system designed to meet these requirements.
VTS is an important component of Cisco’s services management and orchestration software portfolio, aligned with Cisco’s Open Network Architecture and the Cisco Evolved Services Platform, a flexible and agile SP cloud service delivery platform. There are a number of capabilities of VTS Read More »
Tags: Cisco, cloud, data center, IOS XR, nexus, NFV, orchestration, SDN, service management, Service Provider, service providers, solution, virtual managed services, virtual services, Virtual Topology, Virtual Topology Forwarder, VTS
Cisco Intelligent Traffic Director (ITD) is an innovative solution to bridge the performance gap between a multi-terabit switch and gigabit servers and appliances. It is a hardware based multi-terabit layer 4 load-balancing, traffic steering and clustering solution on the Nexus 5k/6k/7k/9k series of switches.
It allows customers to deploy servers and appliances from any vendor with no network or topology changes. With a few simple configuration steps on a Cisco Nexus switch, customers can create an appliance or server cluster and deploy multiple devices to scale service capacity with ease. The servers or appliances do not have to be directly connected to the Cisco Nexus switch.
ITD won the Best of Interop 2015 in Data Center Category.
With our patent pending innovative algorithms, ITD (Intelligent Traffic Director) supports IP-stickiness, resiliency, consistent hash, exclude access-list, NAT (EFT), VIP, health monitoring, sophisticated failure handling policies, N+M redundancy, IPv4, IPv6, VRF, weighted load-balancing, bi-directional flow-coherency, and IPSLA probes including DNS. There is no service module or external appliance needed. ITD provides order of magnitude CAPEX and OPEX savings for the customers. ITD is much superior than legacy solutions like PBR, WCCP, ECMP, port-channel, layer-4 load-balancer appliances.
ITD provides :
- Hardware based multi-terabit/s L3/L4 load-balancing at wire-speed.
- Zero latency load-balancing.
- CAPEX savings : No service module or external L3/L4 load-balancer needed. Every Nexus port can be used as load-balancer.
- Redirect line-rate traffic to any devices, for example web cache engines, Web Accelerator Engines (WAE), video-caches, etc.
- Capability to create clusters of devices, for example, Firewalls, Intrusion Prevention System (IPS), or Web Application Firewall (WAF), Hadoop cluster
- Resilient (like resilient ECMP), Consistent hash
- VIP based L4 load-balancing
- NAT (available for EFT/PoC). Allows non-DSR deployments.
- Weighted load-balancing
- Load-balances to large number of devices/servers
- ACL along with redirection and load balancing simultaneously.
- Bi-directional flow-coherency. Traffic from A–>B and B–>A goes to same node.
- Order of magnitude OPEX savings : reduction in configuration, and ease of deployment
- Order of magnitude CAPEX savings : Wiring, Power, Rackspace and Cost savings
- The servers/appliances don’t have to be directly connected to Nexus switch
- Monitoring the health of servers/appliances.
- N + M redundancy.
- Automatic failure handling of servers/appliances.
- VRF support, vPC support, VDC support
- Supported on all linecards of Nexus 9k/7k/6k/5k series.
- Supports both IPv4 and IPv6
- Cisco Prime DCNM Support
- exclude access-list
- No certification, integration, or qualification needed between the devices and the Cisco NX-OS switch.
- The feature does not add any load to the supervisor CPU.
- ITD uses orders of magnitude less hardware TCAM resources than WCCP.
- Handles unlimited number of flows.
- Load-balance traffic to 256 servers of 10Gbps each.
- Load-balance to cluster of Firewalls. ITD is much superior than PBR.
- Scale IPS, IDS and WAF by load-balancing to standalone devices.
- Scale the NFV solution by load-balancing to low cost VM/container based NFV.
- Scale the WAAS / WAE solution.
- Scale the VDS-TC (video-caching) solution.
- Scale the Layer-7 load-balancer, by distributing traffic to L7 LBs.
- ECMP/Port-channel cause re-hashing of flows. ITD is resilient, and doesn’t cause re-hashing on node add/delete/failure.
Documentation, slides, videos:
Email Query or feedback:email@example.com
Please note that ITD is not a replacement for Layer-7 load-balancer (URL, cookies, SSL, etc). Please email: firstname.lastname@example.org for further questions.
Connect on twitter: @samar4
Tags: #BestofInterop, #CiscoITD, #CiscoLive2015, #CLUS, ACE, ACI, ASA, ASA 1000V Cloud Firewall, best of interop, Best of Interop 2015, Best of Interop Finalist, Big Data, cache engines, Cisco, Cisco Nexus, Cisco Nexus 5600, Cisco Nexus 7000, Cisco Nexus 9000, Cisco Nexus Switches, Cisco Prime NAM, Cisco WAAS, ciscolive, citrix, cloud, Cloud Computing, container, data center, Data Center container, F5, FirePOWER, Imperva, Imperva SecureSphere WAF, innovation, interop, IPS, ITD, load balancer, Load Balancing, nexus, Nexus 7000, NFV, SDN, security, server load balancer, Service Provider, Sourcefire, video, Web Application Firewall
ITD (Intelligent Traffic Director) is getting a lot of interest about transparent (Layer 2) mode device support.
Here is a 10 minute video that shows step by step ITD deployment for Transparent mode security devices, such as Firewalls, IPS, IDS, Web application Firewalls (WAF), ASA, Cisco Sourcefire, etc:
ITD is a hardware based multi-Tbps Layer 4 load-balancing, traffic steering and clustering solution on Nexus 5k/6k/7k/9k series of switches. It supports IP-stickiness, resiliency, NAT (EFT), VIP, health monitoring, sophisticated failure handling policies, N+M redundancy, IPv4, IPv6, VRF, weighted load-balancing, bi-directional flow-coherency, and IPSLA probes including DNS. There is no service module or external appliance needed.
Solution Guide: ITD with Layer 2 Firewall / IPS / IDS
Here is more information about ITD: www.cisco.com/go/itd
Please send email to email@example.com if you have any questions.
Tags: #BestofInterop, #CiscoITD, #CiscoLive2015, #CLUS, ACI, ASA, best of interop, Best of Interop 2015, Best of Interop Finalist, Big Data, Cisco, Cisco Nexus, Cisco Nexus 5600, Cisco Nexus 7000, Cisco Nexus 9000, Cisco Nexus Switches, ciscolive, cloud, Cloud Computing, data center, innovation, interop, IPS, ITD, load balancer, nexus, Nexus 7000, NFV, SDN, security, server load balancer, Service Provider, Sourcefire, video
Only on TechWiseTV
This is the first in a multi-part series where we cover ‘programmability’ for networking. The idea is to fully review the programming options now available inside the Nexus switches, (3000, 9000). This first episode covers new access with Linux tools, NX-API and more. Further shows will be diving into the details around Object Models and orchestration partners.
The primary point for any of these is to understand how Cisco Open NX-OS extensibility exposes greater programmability and automation capabilities. It is fascinating and full of new learning opportunities. It does not come without a few career questions of course…usually, something along the lines of: do network engineers need to become programmers now too?
Two answers: Yes. It depends.
Networking knowledge and skill should not be undersold here. Programming capabilities should be additive. They are useful in just about any tech career and obviously affecting the networking space. I think it’s foolish to ever quit learning but it does depend on your aspirations, your current level of satisfaction and perhaps how narrowly defined your skill set might be.
Full disclosure: I am not a programmer. I have been learning the fundamentals of python and a few others as I work on this series but I am not hire-able for this skill by any means. But the distinct feeling I get, and the feedback I hear from you guys: its not that hard. You are probably well versed in scripting for various CLI operations…take it up a few notches and work on some of these ‘readable’ languages that will have similar syntax. This will give you the ability to judge the appeal of what we are offering with ACI and other solutions much more credibly…and I guarantee you will find ways to get rid of redundant crap and stupid errors you may be fighting with yourself or your team.
JOIN US AT THE WORKSHOP
Live, interactive, never dull.
September 21, 2015
Programmable networks will forever change the way you manage infrastructure enabling you to dramatically accelerate configuration and deployment of your network, automate time consuming manual tasks, and allocate IT resources far more efficiently. Are you ready for the revolution?
Discover how to create a programmable network as we discuss and demonstrate the NX-API and NX-API REST (Object Model) in detail. Understand how Cisco Open NX-OS extensibility exposes greater programmability and automation capabilities that eliminate costly manual errors.
– You can sign up at the workshop tab when the date gets a bit closer, http://www.techwisetv.com
Nicolas Delecroix in the TechWiseTV Lab
Two great experts on this episode.
Six Key Points: What OPEN means for NX-OS
Shane Corban shares Six Key Points: What OPEN means for NX-OS
Changes made across the software stack to address Extensibility, Openness, Programmability.
- Auto Deployment (Bootstrap and Provisioning)
- Added support for PXE server, operationalize NX-OS software to match an existing server environment
- Extensibility – how we package software
- We did not use to expose much beyond a bash shell
- Now you can install native RPM’s, and third party applications running processes as they would on a Linux server
- Open Interfaces
- We are now adding support to leverage Linux like tools for debugging, configuration and troubleshooting…manipulate those front panel ports as native Linux interfaces within our switch software stack.
- Application Integration (Adaptable SDK)
- Published an SDK, a build environment that you can install on any Linux server, download the build agent, and put your source into that directory structure and build into an RPM for installation and run it natively.
- Build your own custom automation apps, monitoring agents, and have them run natively on our platform
- Programmability Tool Choice
- We have a native Python shell today that has a Native Cisco Library that you can utilize for automation
- NX-API – the ability to embed CLI commands and structured data (JSON, XML) for execution on the switch via HTTP/HTTPS Interface to get back structured data back on show commands.
- Management Tools
- Support for Chef and Puppet
- Agents will be publicly available on the enterprise sites
- Support for Open Stack, Neutron
NX-OS is now more modular, more open, more capable of third party integration providing a wide variety of programmability choices ideal for Dev-Ops environments.
Five case study examples
Nicolas provides five case study examples.
- Checking Software Version
- Using Python script with NXAPI and JSON to pull version numbers
- Python script to query multiple switches to check compliance against a specific version
- VLAN Provisioning
- Checking for proper VLAN provisioning
Special thanks behind the scenes to Rami Rammaha and Mark Jackson
Cisco Nexus 9000 Programmability Guide
Matt Oswalt is a great writer. You should follow his blog: Keeping it Classless. I enjoy his angles on things. Read up on his blog entry: Evolution of Network Programmability, Nexus 9000 NX-API,NX-API Update.
Some Learning Basics:
What do you think still needs to be covered? I would love any thoughts on how the rest of this series should be shaped. Leave your comments below and just to make sure…tag me on twitter. We are diving into Object Models (taping next week) and then some angle with the Orchestration Partners. Case in point: Puppet Labs is making available today a native Puppet NX-OS agent and Cisco Puppet Module.
Let me know!
Tags: ACI, Awesome, Insieme, JSON, Linux, nexus, NX-OS, Open, Programmable, python, RPC, TechWiseTV, XML