Cisco Blogs


Cisco Blog > Data Center and Cloud

ACI for Splunk Enterprise: Enabling comprehensive application health

On January 13th, 2015, Cisco will celebrate the 1-year anniversary of its launch of Application Centric Infrastructure (ACI), a ground breaking SDN architecture.  It will include a public webcast with the participation of early ACI adopters and our ecosystems partners.  One of these inaugural partners was Splunk,  the Operational Intelligence company for all types of IT organizations.  At the webcast, Splunk and other partners will describe  a range of new solutions with ACI, that dramatically simplify Data Center operations. Here is a preview of Splunk’s solution.

A large portion of the data center operational effort is consumed in managing application health.  This includes:

  • Ensuring the end-user experience for distributed users with different types of performance needs
  • Discovering the physical and virtual resources associated with applications and the user experience
  • Detailed monitoring of resources and events in the infrastructure that affect application performance

These activities have become more complex as applications have become distributed, interconnected or cloud based because they cause applications to move, scale and evolve rapidly.

Splunk Enterprise can monitor and analyze millions of infrastructure events through logs and agents, in real-time. This can provide rapid visibility and isolation of infrastructure that affect application performance. Cisco has been collaborating with Splunk to combine the application visibility of Cisco Application Centric Infrastructure with operational analytics of Splunk Enterprise. The result is “Cisco ACI for Splunk Enterprise” a highly scalable application that is orderable immediately at Splunk.com.

ACI and Splunk have enabled a comprehensive view of application health with the ability to monitor the entire end-to-end environment in real time and proactively prevent issues from impacting end users.

ACI provides visibility to application health from the network perspective by tracking all network dependencies and events that impact application performance and security. Splunk complements Cisco ACI by bringing actionable intelligence across the entire data center infrastructure including storage, compute, virtualization endpoints, as well as application tiers and components provided by ACI. Splunk’s analytical and visualization tools provide real-time insights to data center teams to optimize performance and ensure security policies in a highly dynamic environment.

How does it work

Cisco ACI exposes a wealth of networking data previously inaccessible to Splunk. The Cisco ACI app for Splunk Enterprise gathers data from APIC (Application Policy Infrastructure Controller) including APIC network events, health scores and inventory of logical constructs (e.g. tenants, application profiles, end point groups) and physical constructs ( e.g spines, leafs, VMs).

SplunkACI_CentralizedApplicationHeath

This data is used to:

  1. Reduce resolution time with accelerated root-cause analysis
  • Splunk enables users to reduce the mean time to investigate/resolve problems up to 70%
  • Centralized management of operational health of ACI environment & underlying entities in real-time
  • Detect issues or anomalies in performance or response times and proactively resolve
  • For multiple tenants, quickly navigate to the source of problems using flexible per-role views, including 1) Help Desk view, 2) Tenant View and 3) Fabric view
  1. Provide Central Proactive Monitoring of Cisco ACI
  • Get real-time proactive notification of network traffic and device faults with location, affected objects.
  • Track trends and anticipate application impact
  1. Operational Analytics across the entire virtual and physical infrastructure
  • Optimize network capacity and prevent service deterioration with detailed visibility into fabric path degradation.
  • Meet compliance/security with user analytics, including authentication tracking reports.
  • Correlate data from Cisco ACI with data from storage resources, operating systems, applications, security devices, endpoint and more for enterprise-wide visibility.
  • Trace and monitor transactions through all tiers of a distributed application architecture
  • Gives application managers a perspective on the underlying Cisco ACI infrastructure’s effect on applications without being directly involved in ACI Ops.
  • Monitor key operational metrics such as end-to-end response times to ensure SLAs met.

As an example, a Fortune 100 company is using Splunk with ACI:

  • for operational visibility for their ACI cluster with ability to quickly identify faults and troublesome tenants and determine corrective action.
  • to provide centralized visibility as ACI expands across multiple data centers and for proactive monitoring to establish baselines and triggered alerts when key thresholds exceeded.

This approach to Application Health is part of the broader discipline of Application Performance Management (APM). According to Gartner, “By 2018, 60% of APM deployments will use and integrate data extracted directly from log  files alongside wire data and agent-derived data as a foundation for reporting, prediction, and analysis, up from less than 5% today.”  With our collaboration, ACI for Splunk Enterprise provides important new capabilities for  Application Performance Management.

Learn more about Cisco ACI for Splunk Enterprise here.  And register for Cisco’s webcast on January 13th.

 

 

Tags: , , , , , , , ,

High performance Splunk with VMware on top of EMC ScaleIO and Isilon

I recently did a project involving several moving parts, including Splunk, VMware vSphere, Cisco UCS servers, EMC XtremSF cards, ScaleIO and Isilon. The project goal was to verify the functionality and performance of EMC storage together with Splunk. The results of the project can be applied to a basic physical installation of Splunk, and I added VMware virtualization and scale-out storage to make sure we covered all bases. And I’d now like to share the project results with you, my dear readers.

splunk-plus-emc4-001

 

 

 

 

 

 

 

 

 

 

 

Splunk is a great engine for collecting, indexing, analyzing, and visualizing data. What kind of data you ask? Pretty much everything you think of, including machine data, logs, billing records, click streams, performance metrics and performance data. It’s very easy to add your own metric that you want to measure, all it takes is a file or a stream of data that you enter into your Splunk indexers. When all that data has been indexed (which it does very rapidly as seen in my earlier blog post), it becomes searchable and useful to you and your organization. Read More »

Tags: , , , ,

Summary: High performance Splunk with Vmware on top of EMC ScaleIO and Isilon

I recently did a project involving several moving parts, including Splunk, VMware vSphere, Cisco UCS servers, EMC XtremSF cards, ScaleIO and Isilon. The project goal was to verify the functionality and performance of EMC storage together with Splunk. The results of the project can be applied to a basic physical installation of Splunk, and I added VMware virtualization and scale-out storage to make sure we covered all bases. And I’d now like to share the project results with you, my dear readers. Learn more about it here.

 

Tags: , , , ,

ACI Walkabout at CiscoLive 2014, San Francisco

In a few days at the Moscone Center in San Francisco, we will be celebrating the 25th anniversary of Cisco Live. This year we are expecting record attendance exceeding 20,000 participants, 9 amazing keynotes, 600 sessions, live demos at world of solutions, big analyst and partner presence, and last but not least, the opportunity for you to meet and network with top minds in high-tech. If you are new to Cisco Live and feel overwhelmed by the grandness of the event, let me assure you that you are not alone.  I have been there before. I have set out in this blog to give you an easy walkabout of Cisco Datacenter highlights, particularly the Cisco ACI key activities over the duration of the event.

Much like you I will also be eagerly looking to attend John Chambers’ majestic keynote that starts the proceedings on Monday, May 19. John in his unique style will lead with the Theme “Tomorrow Starts Here” covering leading industry trends such as Internet of Everything (IOE), Fast IT, and Application Centric Infrastructure (ACI) among many others. So, do not miss this opportunity. I want to shift gears and take you on a fast cruise of Cisco Data Center and Cisco ACI highlights at the event.

tile-img-keynote

In less than a year since the announcement, Cisco ACI has taken the industry by storm with a large customer base  and several of the industry’s key partners such as Microsoft, Red Hat, Citrix, F5, et al endorsing and building joint solutions. There is so much excitement around ACI at this year’s Cisco Live. I want to give a structure to how I am planning to cover the topic in this blog. Essentially, I consider them as Cisco-led and Partner led.

Cisco has a packed agenda of ACI activities and announcements. Cisco APIC, which enables ACI Fabric mode on Nexus 9000 networks, will be available this summer along with a robust Go-To-Market (GTM) strategy that includes additional eco-system partners, Cisco Validated Designs (CVD), additional platform support and leading-edge hardware innovations across the portfolio. We are also introducing two new additions to the existing portfolio of Nexus 9000 to meet scalability, flexibility and performance requirements of standalone and ACI mode deployments.

Executive ACI speaking sessions feature prominently this year with Cisco President Rob Lloyd’s session “Infrastructure for the Agile Enterprise” keynote, May 20, 10 AM, at the North Hall.  Rob’s keynote also features Soni Jiandani, who will present how ACI delivers agility. Rob Soderbery and Soni Jiandani are presenting a technology trends keynote (GENSK 1109) on May 21, 8.30 am, titled “Fast Track to Fast IT: Cisco’s Application Centric Infrastructure”, another choice from a catalog of exciting offers.

Read More »

Tags: , , , , , , , , , , , ,

#EngineersUnplugged S5|Ep2: ACI and Traditional Networking

March 12, 2014 at 10:53 am PST

This is an amazing episode of Engineers Unplugged, where two technologists from the community, Hal Rottenberg (@halr9000) and Colin Lynch (@ucsguru) discuss how ACI disrupts traditional networking thinking while leveraging current networking skills. It’s a great tutorial for anyone looking to understand what application centric infrastructure really means.

Will network engineers all become programmers?

Watch and see:

This unicorn comes with birthday wishes--Happy 5th Birthday UCS!

Happy Birthday UCS Unicorn courtesy of Colin Lynch, with commentary by Hal Rottenberg!

Happy Birthday UCS Unicorn courtesy of Colin Lynch, with commentary by Hal Rottenberg!

**The next Engineers Unplugged shoot is at Varrow Madness, Charlotte, NC, March 20, 2014! Contact me now to become internet famous.**

This is Engineers Unplugged, where technologists talk to each other the way they know best, with a whiteboard. The rules are simple:

  1. Episodes will publish weekly (or as close to it as we can manage)
  2. Subscribe to the podcast here: engineersunplugged.com
  3. Follow the #engineersunplugged conversation on Twitter
  4. Submit ideas for episodes or volunteer to appear by Tweeting to @CommsNinja
  5. Practice drawing unicorns

Join the behind the scenes by liking Engineers Unplugged on Facebook.

Tags: , , , , , ,