Guest post from Lori Mac Vittie (@lmacvittie) from F5 Networks
How you provision all the network things matters
Polymorphism is a concept central to object-oriented programming. The notion of polymorphism is used to extend the capabilities of a basic object, like a mammal, to specific implementations, like cats or dogs or honey badgers, even though they don’t care about such technical distinctions. A good example of this is cats and dogs, which are both of the type “mammal” but that “speak” in a different voice.
This becomes important as we consider the way in which Cisco Application Policy Infrastructure Controller (APIC) enables the extension of automation across the network, particularly to the application layers (L4-7), because it deviates from traditional protocol-based methods as a way to facilitate and automation service insertion in a common way without limiting the robust capabilities of best-of-breed solutions. In other words, it doesn’t require all mammals to speak in the same voice.
Traditional protocol-based methods rely on a common data model. A TCP packet, for example, contains a specific set of headers that describe a variety of options and characteristics of the flow. The specific format is prescribed by RFCs and no deviation is allowed. Network integration has generally followed this model and you can see the results in a variety of ongoing efforts to provide orchestration and automation across the network. All devices are treated like mammals. There are no dogs, there are no cats, and there are certainly no honey badgers. The result is a commoditized set of network capabilities which do not allow the differentiation in services or enable the per-application attention required to address application-specific challenges with security, performance and scalability.
Which brings us back to Cisco APIC and its Application Centric Infrastructure (ACI) approach, which lets honey badgers be honey badgers and cats be cats while still both being mammals.
The Cisco ACI approach is very object-oriented. Its integration model requires the existence of a set of functions, but in no way prescribes how those functions act. This means that a variety of solutions in the same market can all integrate with Cisco APIC, but any capabilities that go above and beyond the lowest common denominator are not lost. Because of the dynamic nature of the integration – via device packages that can be loaded at any time – that also means that integrations can continue to be developed that enable even greater ranges of flexibility and choices for customers. In other words, you aren’t stuck with just cats, dogs or honey badgers. You can also bring in guinea pigs, rabbits and horses, as long as they’re mammals and each implements the basic set of functions required of a device package deployable on Cisco APIC.
It is that extensibility that has enabled F5 to continue to expand the choices available for integrating the automation of L4-7 application service insertion with Cisco APIC. Initially our focus was on direct integration with BIG-IP, providing the means by which prescriptive provisioning and configuration of services was easily accomplished. But the reality is that the applications central to driving the application economy are not all one size fits all. An approach that enables more specific, per-application service provisioning is necessary to achieve the operationalization of app deployments needed to relieve the increasing pressure faced by 9 out of 10 executives to release apps more quickly (CA and Vanson Bourne, Global Application Economy Study 2014).
Because of the approach Cisco has taken to enabling that provisioning via Cisco APIC, F5 Networks is able to provide another integration path through its orchestration and management solution, BIG-IQ. This new integration option facilitates the use of per-app service templates, iApps, to ensure not only rapid deployment but custom and consistent configuration. Consistency is an important capability necessary for maintaining stability in an infrastructure ultimately responsible for delivering the hundreds of applications supported by the average enterprise that must be balanced against the need for faster, more frequent deployments. Customization is required by the very concept of application-centricity, as no two applications are alike in terms of the services and characteristics of those services required to meet business and customer expectations.
This application-focused approach to provisioning allows network and application operators alike to codify per-application service requirements along with common policy such as base security using an app template approach. These templates then become the core of a custom device package that can be loaded and executed via Cisco APIC, resulting in a rapid, consistent deployment of the app services critical to ensuring the performance, security and scalability of the applications driving the application economy.
We are as excited today with the introduction of our BIG-IQ integration with Cisco APIC as we were with our BIG-IP integration. We’re particularly pleased with Cisco’s model of integration precisely because it enables us to continue to protect our customers’ investment in the technologies and capabilities that go above and beyond the basics when it comes to delivering application services.
You can experience the integration between Cisco APIC and both F5 BIG-IQ and BIG-IP in a live demonstration covering design and deployment options, troubleshooting and monitoring as well as customer use case scenarios in our upcoming SDx Central Demo Friday, March 13th at 10am PST
We also have workshops for you to attend in case you happen to be in Toronto March 24, Montreal March 25 or Ottawa March 26. Register now for the Cisco and F5 Synthesis Workshop: Accelerating Application Deployments.