3 SDN lessons in 3 years of production – Learn from Cisco ACI and Citrix NetScaler best practices
This blog has been developed in collaboration with Citrix. Primary Author – Steve Shah, VP Product Management. Secondary Author – Ravi Balakrishnan, storyboard, blog style and content adaptation.
Bring out your dead!
This, among many other quotable lines from Monty Python and the Holy Grail, was wafting through my home last weekend as we introduced the kids to it. However, unlike the many other irreverent lines from the movie, I’ve found myself repeating this one a lot lately when I talk to my customers about their datacenter planning. If you’re buying new, why are you buying anything that isn’t SDN-ready? The former generation of infrastructure may as well be filed with quotes from The Walking Dead.
Citrix has worked closely with the Cisco ACI team since the Insieme days. We had the pleasure of working closely with the ACI team to help define use cases that needed to be focused on, expanding the scope from just trivial load balancing to complete ADC functional coverage with production customers.
So we’re coming up on 3 years since we started this effort. Three years and three takeaways on making the transition to the automated datacenter with SDN at the ground floor:
1.Plan big, but start small.
You really need to have a clear strategy up front for your end to end SDN vision. This will serve as your guiding principle. That said, set your expectations in line – you’re not going to swallow that change all in one go. In fact, for that first step you’ll want to start small. It’s not whether the technology works – we are well past that point of needing proving out – it’s a matter of getting your team over the transition to grasp all the conceptual changes happening.
This includes L4-7. Plan your L4-7 strategy for datacenter-wide automation, but setting up trivial load balancing to start with is a good place to start. You can add the rest of the ADC feature set over time.
2. Start Clean.
Legacy. We all have it, and it powers our current production network. Mess it up and badness will befall you. So pro-tip: don’t. The most successful rollouts we are seeing start with a clean slate. The hardware may only be a rack apart but they may as well be a world apart as the L2-3 domains don’t touch. Gateways (firewalls, load balancers, proxy servers, etc) stand between the old and the new which allows network architects to take the lessons of years past and apply them in a pure / tidy environment free of the incremental hacks that make up our current networks like coronary plaque.
It’s not just the L2-3 domains that are getting a clean start, L4-7 infrastructure are getting a fresh look too. Many of our customers wiped away any assumptions they had about the state of load balancing and took a fresh look at the market to find that their incumbent was no longer meeting the bar.
The common theme for L4-7 is software. For a L4-7 vendor to boast about their latest big iron chassis is absurd in this day and age. This transformation has led many customers to look to NetScaler for their solution to transition from hardware to software without having to retrain their teams, learn new APIs, or re-architect.
3. One Step at a Time
So we have a clean slate, a sound strategy, and a small start… When do we go big? Well hold on there.
Your architect who has been immersing herself in SDN for the last several years groks it. The leadership that traveled to vendor-land and attending executive briefings understand it. But what about the rest of the team? The bulk of the team is seeing a lot of stuff for the first time. If your job is maintaining uptime, the last thing you want is to wake up and find yourself surrounded by some infrastructure designed in an ivory tower. That is revolt material right there.
You can see where this is going. If education wasn’t in your plan already, add it. Like learning how to configure a large scale BGP network wasn’t a training room skill and required some on the job time, learning a real SDN like ACI isn’t something that is casually picked up. In particular, the change of expectations in datacenter automation and DevOps orientation take some time to understand.
Several NetScaler customers found themselves relearning how configuration would work in an ACI world. It wasn’t a small change and the start slow helped, but at some point understanding how to go hands off on the NetScaler and manage by way of ACI was a hard fought skill. Take Woolworths Australia as an example where ACI and NetScaler is deployed.
When they started down the path of datacenter automation, they started with smaller projects that could essentially “fit in a rack”. That became an environment where the team could find out what they didn’t know about operationalizing the new architecture. As the team’s skills grew, their overall confidence grew, and the adoption of the new architecture grew with it. They are now well on their way to broad based deployment.
So what’s next?
When ACI and NetScaler first integrated, SDN itself was at the bleeding edge of technology. Today, it has reached a level of maturity for broad based adoption. So what’s the next big thing?
With a framework for a highly malleable network in place, we are now able to really move to a far more flexible applications environment. Microservices will be a key dimension of that with containerized infrastructure for L4-7 becoming part of the norm. NetScaler has introduced the NetScaler CPX which is a Docker container and early customer engagements have been very exciting as we’re watching hyper-scale hit the Enterprise.
As container based infrastructure evolves, the value of ACI’s single pane of glass evolves with it. Using an application oriented view of the network as opposed to an infrastructure-centric view, ACI + NetScaler will be able to help abstract away the transition from hardware to software. This will maximize the value of the existing infrastructure our customers have already invested in while enabling them to gradually move towards the next-generation.
So there you have it. Three years in, three big takeaways. One big next step. If you want to learn more about the success we’ve had with NetScaler and ACI, visit https://www.citrix.com/content/dam/citrix/en_us/documents/products-solutions/implementing-cisco-application-centric-infrastructure-with-citrix-netscaler-application-delivery-controllers.pdf.
For more about Cisco ACI, visit cisco.com/go/aci.