Manage Hybrid Clouds with a Cisco CloudCenter, Cisco Application Centric Infrastructure, and Cisco UCS Director Solution

Size: px
Start display at page:

Download "Manage Hybrid Clouds with a Cisco CloudCenter, Cisco Application Centric Infrastructure, and Cisco UCS Director Solution"

Transcription

1 White Paper Manage Hybrid Clouds with a Cisco CloudCenter, Cisco Application Centric Infrastructure, and Cisco UCS Director Solution 2017 Cisco and/or its affiliates. All rights reserved. This document is Cisco Public Information. Page 1 of 38

2 Contents Overview... 3 What Is Cisco ACI?... 3 What Is Cisco CloudCenter?... 3 What Is Cisco UCS Director?... 5 Private and Hybrid Cloud Requirements... 5 Main Features of the Cisco Solution Suite... 6 Reference Design... 7 Topology... 7 Reference Architecture Components... 8 Network Topology Day-1 Administration Workflow Prerequisites Summary of Cisco UCS Director Workflows Cisco CloudCenter Setup and Integration with Cisco ACI Clouds Cloud Accounts Regions Extensions Deployment Environment Application Profile Creation and Application Deployment IP Address Management Static Provisioning DHCP Provisioning F5 Load-Balancer Integration Conclusion For More Information Appendix: Cisco UCS Director Workflows Bare-Metal Startup and Association with VMware vcenter Cisco ACI Pre-Provisioning Infoblox Provisioning and Integration with Cisco ACI F5 Provisioning Cisco and/or its affiliates. All rights reserved. This document is Cisco Public Information. Page 2 of 38

3 Overview This document provides an approach to building a cohesive hybrid cloud solution using a suite of Cisco technologies including Cisco CloudCenter (formerly CliQr CloudCenter), Cisco Application Centric Infrastructure (Cisco ACI ), and Cisco UCS Director products. What Is Cisco ACI? With Cisco ACI, data center infrastructure is deployed, monitored, and managed fundamentally to meet the needs of ever-changing application requirements. Cisco ACI reduces complexity by abstracting much of the networking infrastructure and implementing a policy-based framework based on the needs of the application, helping the data center adapt in ways that address the revenue goals of the business. Cisco ACI works to solve the business problem of slow application deployment due to manual, error-prone technical network provisioning and change management by enabling rapid deployment of applications to meet changing business demands. It delivers an integrated approach by providing application-centric, end-to-end visibility from the software overlay to the physical switching infrastructure. It also accelerates and optimizes Layer 4 through Layer 7 (L4-L7) service insertion to build a system that brings the language of applications to the network, automated all the way up the stack. Cisco ACI delivers automation, programmability, and centralized provisioning by allowing the network to be automated and configured based on business-level application requirements. It supports accelerated, cohesive deployment of applications across network and L4-L7 infrastructure and provides visibility and management at the application level. Advanced telemetry for visibility into network health, and simplified day-2 operations also enhance troubleshooting of the application itself. The diverse and open Cisco ACI ecosystem allows organizations to work with any upper- or lower-level management or orchestration system and attracts a broad community of developers through an open, representational state transfer (REST) API. Through integration and automation of both Cisco and third-party L4-L7 virtual and physical service devices, organizations can use a single tool to manage the entire application environment. With Cisco ACI, customers can deploy the network based on application requirements in the form of policies, removing the need to translate the complexity of current network constraints. Cisco ACI also helps organizations ensure security and performance while maintaining complete visibility into application health for both virtual and physical resources. What Is Cisco CloudCenter? Cisco CloudCenter is a centralized self-service application portal that securely provisions infrastructure resources and deploys applications across more than 19 data center, private, and public cloud environments. Cisco CloudCenter improves IT speed and agility while also reducing complexity by separating and optimizing workloads for users, who can quickly and easily model, deploy, and manage applications in any environment, and for administrators, who get visibility and governance control across boundaries of applications, clouds, and users. Cisco CloudCenter provides a single-platform solution with unique application-centric technology that abstracts the application from the underlying cloud environment and helps ensure that the infrastructure adapts to meet the deployment and management needs of each application. Users no longer have to deal with cloud-specific APIs or configuration. Cisco CloudCenter abstracts away the back-end infrastructure, making the application the focal point of the user experience Cisco and/or its affiliates. All rights reserved. This document is Cisco Public Information. Page 3 of 38

4 With Cisco CloudCenter, enterprise IT organizations can migrate and manage applications starting with a single application on a single cloud, or many applications on multiple clouds. Or organizations can use Cisco CloudCenter to automate DevOps and continuous-delivery operations, provide dynamic capacity augmentation, or deliver IT as a service (ITaaS). The power of Cisco CloudCenter comes from its patented application-centric technology. The solution combines a cloud-independent application profile, which defines deployment and management requirements for the application stack. Cisco CloudCenter uses cloud-specific orchestrators that know how to talk to all the supported clouds on the back end, which deploys both the infrastructure and the application using the best practices for each environment without user knowledge of the clouds. Cisco CloudCenter has three major components: Cisco CloudCenter Manager is a centralized management portal that allows users to quickly and easily model, deploy, and manage applications. It gives administrators enterprise-class visibility and governance control over applications, clouds, and users. Cisco CloudCenter Orchestrator is a cloud-specific, multitenant orchestration tier that is transparent to users and is installed in each data center private cloud or public cloud environment. It securely deploys both the infrastructure and the application, manages the deployment including run-time policies, and aggregates use and cost information. The Cisco CloudCenter application profile is a user-created model of an application s deployment and management requirements in a portable format. Each application profile is easily created with a simple, visual, drag-and-drop topology modeler using a library of predefined and customized services, images, and containers. As shown in Figure 1, Cisco CloudCenter users can create and deploy an application profile to the target cloud environment. The cloud-specific, multitenant orchestrator natively deploys the application profile in a way that optimizes security, increases application performance, and maintains application portability. By using cloud-specific orchestrators, Cisco CloudCenter can abstract away the specifics of the configuration. Figure 1. Cisco CloudCenter Components Unlike cloud management solutions that aren t centered on the needs of applications, Cisco CloudCenter does not use cloud-specific scripting. It does not require any manual writing of orchestration workflows or modification of application code. There is no cloud lock-in because Cisco CloudCenter is cloud independent. By using a single platform, IT doesn t need to invest in multiple cloud-specific management stacks and teams Cisco and/or its affiliates. All rights reserved. This document is Cisco Public Information. Page 4 of 38

5 What Is Cisco UCS Director? Cisco UCS Director delivers unified provisioning and management across enterprises computing, network, storage, and virtualization layers. It significantly accelerates the process of deploying new infrastructure and launching applications. Cisco UCS Director is a workflow-based tool that automates and orchestrates processes that implement an organization s best practices. It works transparently with a wide range of IT infrastructure, making it easy to integrate with most enterprises existing infrastructure, both physical and virtual. Cisco UCS Director provides: Single-pane infrastructure management: Through a single interface, you can automate and orchestrate IT infrastructure, including computing, network, and storage infrastructure, with physical and virtual resources treated equally. This holistic management approach makes provisioning and management processes consistent and reliable. Policy-based infrastructure provisioning: Cisco UCS Director is role and policy based, so your subjectmatter experts can work together to define your policies one time. After the policies are created, any level of administrator can use the policies to provision resources. End-to-end infrastructure process automation: Cisco UCS Director deploys solutions quickly and accurately, orchestrating the steps to prepare the network, computing, and storage resources needed to support an application. Deployment time is reduced, shortening time to revenue. Complete infrastructure lifecycle management: Cisco UCS Director implements your processes to deliver IT infrastructure as a service (IaaS), monitor service operation, and decommission the service when it is no longer required. This process helps you reclaim time and resources to make better use of your IT investments. Private and Hybrid Cloud Requirements Enterprises today are migrating their virtualized and physical infrastructure to the cloud, using both private and public clouds. In adopting cloud environments, enterprises are seeking to address use cases such as cloud bursting, management of peak demand, the differing requirements for development and test applications and for production applications, and the desire for full-fledged ITaaS to emulate all the use cases supported by public clouds. Enterprises that are building private and hybrid clouds require a suite of features to enable them to build and manage the cloud, provide functions to users, and integrate with the enterprise s systems and processes. Private and hybrid cloud requirements include the following: Infrastructure lifecycle management for converged infrastructure: Lifecycle management is a basic and important function of a cloud from the cloud administrator s point of view. Administering clouds requires transparently managing a large pool of servers and network and storage infrastructure resources and enabling users to manage the lifecycles of their virtual machines and containers in the cloud. Self-service portal: A central management portal is essential from a cloud user s point of view. This portal offers features such as the following: User management, including user login through integration with enterprise single sign-on (SSO) protocols (Security Assertion Markup Language [SAML], Lightweight Directory Access Protocol [LDAP], etc.), user inventory, and metering 2017 Cisco and/or its affiliates. All rights reserved. This document is Cisco Public Information. Page 5 of 38

6 Image and application profile management, providing users with access to a wide range of virtual machine and application templates and defining complex application profiles consisting of multiple individual applications and the application s networking and storage properties Lifecycle management of virtual instances Application provisioning, elastic scaling, quality of service (QoS), and security: These advanced features require a tight coupling between the orchestrator and the underlying network and storage infrastructure. Use cases include setup of automatic configuration of security and policy groups for applications, configuration of load balancing for elastic scaling, and setup of multiple data stores with different storage service-level agreements (SLAs) to provide user choice. Multicloud management: Multicloud management is becoming an important feature because of the increased adoption of hybrid clouds and the use of multiple private cloud options. Users need a single pane that abstracts the configuration of the underlying clouds to operate their virtual instances and applications transparently and easily. Integration with enterprise systems and processes: Cloud resource utilization provisioning cannot be automated effectively without including the enterprise approval processes, metering the use of resources, and applying the enterprise s cost accounting policies for the resources used. This feature is especially important when public cloud resources are used. Enterprise policies are enforced through integration with service catalog applications such as ServiceNow for automated approval workflow management, user quota management, and IT service management. Main Features of the Cisco Solution Suite Cisco CloudCenter, Cisco UCS Director, Cisco UCS servers, and Cisco ACI fabric infrastructure together provide enterprise IT with a solution suite to transparently integrate a private cloud stack and orchestrate multicloud, private cloud, and hybrid cloud environments. The main features include the following: Converged infrastructure lifecycle management: The Cisco CloudCenter solution provides lifecycle management for Cisco UCS servers, Cisco ACI fabric, industry-standard storage solutions, and VMware vcenter integrated with Cisco UCS Director. User self-service portal: Cisco CloudCenter provides sophisticated workflows that include the following: Image management: Cisco CloudCenter provides a suite of predefined images and the means to easily enrich and refine images with a configurable rules engine SSO integration: Cisco CloudCenter integrates with most popular SSO protocols, including LDAP and SAML Complex application profiles: Users can create and maintain multitiered application profiles that can be provisioned transparently across multiple clouds Lifecycle management: Cisco CloudCenter provides full lifecycle management for instances and applications Tight integration between application models and the underlying Cisco ACI environment: Cisco CloudCenter allows organizations to define application groups, enforce security policies between application tiers, and define elastic scaling tiers. These capabilities are supported through close integration with Cisco ACI fabric and L4-L7 devices such as load balancers. Policy-based network model: The Cisco ACI policy-based framework significantly simplifies day-2 network provisioning and ongoing management by decoupling the logical and physical network configurations Cisco and/or its affiliates. All rights reserved. This document is Cisco Public Information. Page 6 of 38

7 Through its multitenant model and capability to segment using objects such as endpoint groups (EPGs), Cisco ACI abstracts the network properties (routing, security, load balancing, firewalling, QoS, etc.) that applications or endpoints need and enables holistic provisioning at the application or virtual machine orchestration layer. Integration with enterprise policy and processes: Cisco CloudCenter provides features for metering and enforcement of quotas and for integration with service catalogs such as ServiceNow to incorporate enterprise processes. Reference Design This section provides a reference design for building, deploying, and managing a private or hybrid cloud. Topology This document presents the architecture used to build, deploy, and manage a private or hybrid cloud using Cisco CloudCenter, Cisco ACI, and Cisco UCS Director (Figure 2). Figure 2. Cisco CloudCenter Solution Topology Cisco UCS Director is used for day-1 infrastructure deployment and for ongoing infrastructure management. Cisco CloudCenter is used for day-2 management, including: Image management Virtual machine and application provisioning Configuration of Cisco ACI and load balancers to help ensure application security, policy, and scaling User onboarding Multicloud management Metering, quota enforcement, and integration with ServiceNow for linkage to enterprise processes and IT service management (ITSM) 2017 Cisco and/or its affiliates. All rights reserved. This document is Cisco Public Information. Page 7 of 38

8 Cisco ACI provides the group- and policy-based network fabric, which provides a model that cleanly interfaces with the application and tenancy models that cloud orchestrators need. Security policies for a specific endpoint group or between two endpoint groups are enforced through contracts, and L4-L7 integration is achieved through service chains. Cisco ACI also supports device packs with leading vendors. These components play the following roles in the reference architecture: Cisco UCS Director performs the day-1 configuration of Cisco ACI in this reference design. Cisco CloudCenter performs the ongoing application-specific configurations such as creation of EPGs and contracts for external routing and configuration of load balancers for elastic scaling. Reference Architecture Components Table 1 provides an overview of the components used in the reference architecture. Table 1. Reference Architecture Components Item Cisco UCS C-Series Rack Servers Linux storage Cisco ACI solution Cisco UCS Director Description and Role The reference architecture uses Cisco UCS C-Series servers with the VMware ESX hypervisor. Each server has two 10-Gbps network interface cards (NICs) bonded on the server side, and each server is connected to two Cisco ACI leaf switches in a virtual port channel (vpc) configuration. The management NIC is connected to an out-of-band (OOB) network and is used for both OOB management and pre-execution environment (PXE) boot. The current design uses Linux server-based storage The underlying storage is exposed through the Network File System (NFS) and attached to vcenter as a data store through the storage network. A leaf-and-spine fabric with 2 leaf switches and 2 spine switches is used in the setup. The fabric is managed by 3 Cisco Application Policy Infrastructure Controllers (APICs) used in a highly available cluster. Cisco ACI day-1 configuration is managed using Cisco UCS Director workflows. Ongoing day-2 configurations are managed using Cisco CloudCenter. Configurations shown as a part of this design are: Orchestrated setup of tenants, virtual routing and forwarding (VRF), bridge domains, subnets, Layer 3 outside (L3Out) connectivity, storage networks, and EPGs through Cisco UCS Director and Cisco CloudCenter Dynamic Host Configuration Protocol (DHCP) enablement Service chaining of F5 load balancer vpc configuration of bare-metal connectivity Integration with vcenter through a Cisco ACI virtual machine manager (VMM) domain Cisco UCS Director is used for day-1 setup of servers, storage, and Cisco ACI administration. Configurations illustrated in this design are: PXE boot of ESXi hosts using the Cisco UCS Director bare-metal agent (BMA) Addition of ESXi hosts and Linux data store to vcenter Export of management virtual machines into vcenter: Cisco CloudCenter virtual machines Infoblox IPAM virtual machine F5 load balancer virtual machine Cisco ACI initial configuration: Tenant activation vpc setup VMM domain setup DHCP setup Provisioning of storage EPG and vzany contract L4-L7 setup 2017 Cisco and/or its affiliates. All rights reserved. This document is Cisco Public Information. Page 8 of 38

9 Item Cisco CloudCenter solution VMware vcenter Infoblox IP address management (IPAM) F5 load balancer Description and Role Cisco CloudCenter is used as a service portal for application and user management. The main features illustrated in this design are: Application modeling, deployment, and management across multiple clouds. User onboarding using SSO, metering, and enforcement of user policies and metering. Cisco ACI provisioning by creating or mapping of virtual machines or applications with Cisco ACI EPGs. The user can either map a virtual machine to a previously created EPG or create a new EPG for the virtual machine Note: Cisco CloudCenter requires tenants to be previously created along with L3Out and storage EPGs. Integration with vcenter for virtual machine provisioning. Integration with F5 load balancer to configure elastic applications. vcenter is managed by Cisco CloudCenter for virtual machine and volume provisioning. A vcenter instance maps to Cisco CloudCenter as a VMware cloud instance. A cloud instance can be further divided into specific tenant groups within Cisco CloudCenter through its mapping to vcenter clusters, data centers, and data stores. Virtual machines are associated with specific networks through an interaction among Cisco ACI, VMware vcenter, and Cisco CloudCenter. The main elements of this flow include the following: A VMM domain is defined in Cisco ACI and mapped to all the ESXi hosts that need to be managed as part of a group. This process leads to creation of a virtual distributed switch (vds) for these hosts in vcenter. Any port group that is set up in a vds is visible to all the hosts that share the vds. Every EPG that is created within Cisco ACI translates to a port group on the vds. When a virtual machine is attached to a port group, it automatically belongs to the corresponding EPG and inherits all its properties. Note: Inter-EPG routing decisions are made by Cisco ACI. Cisco CloudCenter enables users to define an application and either map the application to an existing EPG or create a new EPG. This reference design uses Infoblox for IPAM for IP assignment for virtual machines. Infoblox is provisioned by Cisco UCS Director in the management network. This design offers two approaches to IPAM integration: DHCP relays: DHCP messages are propagated to Infoblox through DHCP relays. In this approach, Cisco UCS Director is used to provision the necessary DHCP configurations in Cisco ACI Infoblox can perform DHCP provisioning within one VRF instance or across multiple VRF instances as long as there is no overlapping IP space Infoblox also performs automatic Domain Name System (DNS) updates Infoblox APIs: Cisco CloudCenter provisions static IP addresses for the virtual machines and updates Infoblox using Infoblox APIs. F5 is used as a load balancer for this reference design. The F5 load-balancer setup initially requires administrator setup. It also requires ongoing configuration for specific applications at provisioning time. The steps include the following: The F5 load balancer instance is provisioned in the Cisco ACI Common tenant using Cisco UCS Director workflows. A logical F5 node is created within each EPG in which it needs to be used, and service graphs are set up within Cisco ACI using Cisco UCS Director workflows. Cisco CloudCenter is used to provision virtual IP addresses and target IP addresses for a specific application at provisioning time Cisco and/or its affiliates. All rights reserved. This document is Cisco Public Information. Page 9 of 38

10 Network Topology Figure 3 shows the network topology used in this reference design. Figure 3. Network Topology Day-1 Administration Workflow This section describes the day-1 administration tasks. Prerequisites The reference design requires the following prerequisites to be in place: A leaf-and-spine fabric needs to be set up with the required switch images and cabling. APICs need to be connected to the fabric. The fabric needs to be discovered by the APIC and be ready for configuration. By default, Cisco ACI has Common and Infrastructure tenants pre-provisioned. The management EPG and L3Out need to be created in the Common tenant. The management EPG contains all the management and shared services components. To perform bootstrapping, the following minimum components need to be in place: VMware vcenter must be installed Cisco UCS Director and BMA must be installed. For information about BMA installation, see bma_install_config_guide 2017 Cisco and/or its affiliates. All rights reserved. This document is Cisco Public Information. Page 10 of 38

11 The management EPG and Cisco Integrated Management Controller (IMC) for all the ESX hosts and storage nodes need to be connected to Cisco ACI. Deploy the management EPG on all the management and IMC interfaces Create a storage EPG in the Common tenant and deploy the EPG on the vpc of the storage node Create a storage client EPG in the Common tenant and create a contract between the storage client EPG and the storage EPG VMware vcenter Server needs to be installed and connected to the OOB network. Cisco UCS Director must have the following images: ESXi image Red Hat Enterprise Linux (RHEL) image for storage F5 load-balancer image Infoblox image Summary of Cisco UCS Director Workflows Cisco UCS Director includes existing prebuilt tasks that address most of the infrastructure provisioning requirements for this design. The user or operator needs to combine the tasks into workflows as needed. Table 2 lists the steps required for provisioning and the corresponding Cisco UCS Director tasks. Table 2. Cisco UCS Director Workflows Workflow Steps Link to Cisco UCS Director Workflow Bare-metal implementation with ESXi and addition of hosts to vcenter Cisco ACI preprovisioning 1. Register the Cisco UCS C-Series server with Cisco UCS Director. 2. Initiate PXE boot with ESXi. 3. Wait for PXE boot to complete. 4. Add the ESXi host to vcenter. 5. Add a vnic on ESX and place it in the port group corresponding to the storage client EPG. 6. Remove PXE boot from the server. 1. Configure the VMM domain. a. Create a dynamic VLAN pool. b. Create an access entity profile (AEP). c. Use the previously created VLAN pool and AEP to configure the VMM domain. This will result in creation of a vds in the connected vcenter. 2. Create a vpc. a. Create a vpc protection group and interface profile: Create the vpc protection group as consecutive. Create an interface profile for the vpc. b. Create a vpc policy group and interface selector: Create a vpc policy group. Attach the interface selector to the policy group and interface profile created earlier. For a given vpc pair, the number of policy groups and interface selectors are the same as the number of hosts that are part of that vpc. Each policy group represents a member of the port channel. c. Attach the interface profile to a switch profile: Create a switch profile. Associate the switch selector with the switch profile. Associate the previously created interface profile with the switch profile. Appendix - Section 4.1 Appendix - Section 4.2 Appendix - Section Cisco and/or its affiliates. All rights reserved. This document is Cisco Public Information. Page 11 of 38

12 Workflow Steps Link to Cisco UCS Director Workflow Infoblox provisioning and integration with Cisco ACI F5 provisioning 3. Create the user tenant and utilities. a. Create the tenant, VRF instance, and bridge domain. b. Configure L3Out in the tenant: Create the physical domain with a static pool. Create the policy group, interface, and switch profile. Create an external routed network in the client s tenant. 1. Create the VRF instance, bridge domain, and DHCP EPG in the Common tenant. 2. Provision the Infoblox virtual machine with 2 vnics: one in the management network port group, and the other in the DHCP EPG port group. 3. Add the DHCP relay label to the client s bridge domain. 4. For each user tenant, configure DHCP relays in the bridge domain. 1. Deploy the F5 local traffic manager (LTM) ISO image with 2 vnics. Place network adapter 1 in the management network port group, and network adapter 2 in the quarantine port group. 2. Add the F5 LTM virtual appliance to the Common tenant and configure a service graph template and logical device context in the client s tenant. a. Create an L4-L7 device in the Common tenant to deploy the device in one-arm mode. b. Create an L4-L7 service graph template in the client s tenant for onearm deployment using the HTTP virtual server profile. c. Create a logical device context in the client s tenant on any contract using the service graph template created in the previous step. Appendix - Section 4.2 Appendix - Section 4.3 Appendix - Section 4.4 Cisco CloudCenter Setup and Integration with Cisco ACI Organizations can use Cisco CloudCenter Manager to manage multiple private and public clouds from a single cloud management system. Internally, Cisco CloudCenter has a hierarchy of cloud constructs that enable definition of clouds and application templates and association with physical infrastructure and users and role-based access control (RBAC) policies. Clouds The user first defines a logical cloud of type VMware, OpenStack, AWS, Azure, etc. There is no association with a physical cloud infrastructure at this point Cisco and/or its affiliates. All rights reserved. This document is Cisco Public Information. Page 12 of 38

13 A cloud has two components: a cloud account and regions. These constructs are at the same hierarchical level and are mapped to each other when a deployment environment is defined. The user can define multiple cloud accounts and regions in a cloud. Cloud Accounts A cloud account is one of multiple user accounts used to access the cloud. In the case of VMware clouds, each account can be mapped to a separate vcenter instance. For example, if a cloud has three vcenter environments, each would represent a separate cloud account: VMware Cloud 1, Cloud 2, and Cloud 3. Although it is possible to create multiple cloud accounts within a single vcenter, this option is not recommended. A VMware cloud account is defined through: Account name vcenter IP address vcenter credentials To enable Cisco CloudCenter to operate the cloud account, the vcenter credentials should have all the permissions needed to perform the operations Cisco and/or its affiliates. All rights reserved. This document is Cisco Public Information. Page 13 of 38

14 Regions For public clouds, the definition of the region is obvious and refers to the public cloud region as defined by the public cloud provider. For VMware clouds, a region is a logical grouping of cloud accounts with common properties as described here. The linkage between a region and a cloud account is established through a deployment environment, in which case the deployment environment inherits the properties of the region. Each region is managed by a separate Cisco CloudCenter Orchestrator. Cloud Settings specifies: Whether the region should use IPAM The host naming strategy where the user can choose from Default where Cloud Center automatically generates a host name or through the use of a host name call-out script Whether instances spawned should be full clones or linked clones The root disk resize configuration Instance Types specifies the instance type associated with a region (small, medium, large, or extra large). Image Mappings specifies the image repository associated with each image type published. Cisco CloudCenter uses scripts to manage the instance provisioning lifecycle. The script repository needs to be maintained for each region and associated with the region when it is created Cisco and/or its affiliates. All rights reserved. This document is Cisco Public Information. Page 14 of 38

15 Extensions For networking, Cisco CloudCenter allows the user to provision an instance s NIC on a vswitch port group or a Cisco ACI EPG and bridge domain. To integrate with Cisco ACI, the user must create an extension, which is a subset of the Cisco ACI fabric and maps to a VRF instance and bridge domain defined in Cisco ACI. After an extension is created, it is mapped to a deployment environment. The user needs to specify the following to create an extension: Cisco ACI IP address and credentials. Managed Orchestrator: The name of the Cisco CloudCenter Orchestrator that manages the APIC. Bridge Domain Templates, adding templates that define the following fields: VRF; use the existing VRF instance or dynamically create a new VRF instance List of subnets that belong to the bridge domain Properties of subnets: private or advertised externally, neighbor discovery or route advertisement, and prefix or querier IP address 2017 Cisco and/or its affiliates. All rights reserved. This document is Cisco Public Information. Page 15 of 38

16 Deployment Environment The deployment environment is an important building block in Cisco CloudCenter. It binds regions, cloud accounts, and networks to define a physical cloud that consists of vcenter, data center, cluster, underlying network, orchestrator, image, repository, and other properties. A deployment environment is defined by an administrator. After the environment is defined, it can be shared with individual users, user groups, and tenants with permissions to view, modify, and manage the environment. A user can view only those deployment environments to which that user has access and can provision applications only in these environments. The administrator can also limit the configurations that the user can change when that user deploys an application. For example, if an enterprise has five vcenter clusters that Cisco CloudCenter needs to manage, the deployment environments can be segmented as follows: The administrator creates a cloud account for each vcenter. The administrator creates one region, which is managed through a Cisco CloudCenter Orchestrator, and defines all the images, repositories, and policies for the region. The administrator creates five deployment environments that map one region to each of the five cloud accounts Cisco and/or its affiliates. All rights reserved. This document is Cisco Public Information. Page 16 of 38

17 The administrator shares these deployment environments with users, user groups, or tenants. The administrator can restrict a deployment environment to a specific combination of data center, cluster, target deployment folder, and data store if needed by selecting the appropriate combination for the environment. The administrator can also lock these settings and make them invisible to the general user, helping ensure that any deployments in the environment use only the selected vcenter segment. The administrator needs to define the network to associate it with the deployment environment. Two approaches can be used: VMware networking: In this approach, the administrator specifies the vcenter port group to which the virtual machine NICs should be mapped. If Cisco ACI is used as the fabric, the administrator creates the tenants, VRF instances, bridge domains, EPGs, and VMM domains manually and then selects the port group associated with the EPG to map it to the deployment environment Cisco ACI networking: If this approach is used, the administrator works directly with the Cisco ACI constructs: Specify the Cisco ACI extension to use: This step links the APIC, VRF instance, and bridge domain to the environment Choose the VMM domain: The VMM domain is a Cisco ACI construct that groups vcenter hosts that share a common vds. Port groups created on the vds are visible to all the hosts in the same VMM domain. Whereas the data center or cluster groups the nodes from the computing perspective, the VMM groups the nodes from the network perspective. For a valid deployment, the administrator needs to help ensure that both the VMM and the computing cluster contain the same set of nodes Choose the Cisco ACI tenant and EPG: The administrator can choose an existing tenant and EPG to associate with the instance s NIC or create a new EPG The steps for creating a deployment environment are as follows: 1. Navigate to deployments/view/environments and create a new deployment Cisco and/or its affiliates. All rights reserved. This document is Cisco Public Information. Page 17 of 38

18 2. Deselect Use Simplified Networks and click Define Default Cloud Settings. Specify settings as follows: 1. The administrator usually should lock the settings for Cloud Settings to make these fields invisible to the end users. 2. The user can further limit a deployment environment to a specific data center or cluster by selecting these options. 3. The administrator should select Use ACI Extension and specify the Cisco ACI extension earlier created. This step links the VRF instance and bridge domain to the deployment environment. 4. The administrator should specify the appropriate VMM to use to map it to the vcenter data center and clusters. 5. The administrator should choose the tenant and EPGs to map them to the environment. 6. The administrator choose L3Out if this connection is used. If an L3Out connection is specified, a contract is automatically created between the EPG and the L3Out interface Cisco and/or its affiliates. All rights reserved. This document is Cisco Public Information. Page 18 of 38

19 3. After a deployment environment has been created, the administrator needs to share the environment with the users to make the environment visible to the end users. Hover the cursor over the deployment environment and select Share from the Actions menu. Application Profile Creation and Application Deployment Cisco CloudCenter allows the administrator or users to create application profiles that can be deployed in the deployment environment. For detailed steps, see the following links: Cisco and/or its affiliates. All rights reserved. This document is Cisco Public Information. Page 19 of 38

20 The steps for creating an application profile are summarized here: 1. Create the application profile in Cisco CloudCenter in either of these two ways: a. Use a base OS image and install packages and applications over the base image through the lifecycle actions in the application profile or through service definition (choose Admin > Services). b. Create an image that contains all the necessary packages and configurations. 2. Upload the image template in vcenter. For VMware clouds, virtual machine images are uploaded to vcenter. Application profiles can be created either from the image directly or from a snapshot of the image. 3. Define images in Cisco CloudCenter. The user needs to create a new image entity in Infrastructure > Image and link the entity to the actual image path in vcenter. 4. Define services and link the image to the service. Cisco CloudCenter uses the concept of a service to define a tier. A service consists of a base OS image plus lifecycle actions and other properties. The user needs to associate the image template created with the appropriate service. 5. Create a web repository. The user needs to create a web repository to host all the scripts that are needed for lifecycle actions. The repository needs to be hosted on a web server that is accessible to the Cisco CloudCenter Orchestrator and Manager. With Linux, the scripts are usually in.sh format. Scripts are associated with an instance through lifecycle actions in the application profile or through service definition (Admin > Services). Association through service definition is preferred when the action is globally required across all application profiles created from the service. Association through a specific application profile is preferred for configurations that are local to a specific application. IP Address Management This section presents approaches to IP address management. Static Provisioning Static provisioning is the preferred and recommended option for IP address management. It involves the following process: Cisco CloudCenter Orchestrator leases an IP address from a central enterprise DHCP server. The instance is statically provisioned with the IP address. Cisco CloudCenter Orchestrator updates the enterprise DNS with the IP address and host name mapping. This approach is explained at Use these steps to statically provision IP addresses: 1. Configure Infoblox. In the Infoblox interface, on the IPAM dashboard, click Add Networks. Type the name of the desired network. If the Add Networks button is not visible, verify that your Infoblox installation is properly configured Cisco and/or its affiliates. All rights reserved. This document is Cisco Public Information. Page 20 of 38

21 After creating the network, choose Data Management > DHCP and click Grid DHCP Properties. Map the dynamic DNS (DDNS) to a DNS that you have defined. Refer to the Infoblox documentation for details about setting up a DNS. 2. Set up Cisco CloudCenter Orchestrator. Cisco CloudCenter Orchestrators must have network connectivity to Infoblox Manager. The orchestrators must have the Infoblox Python library, along with python-requests, installed. The Infoblox Python library can be found at Create the following directory structure on the orchestrators. This structure will be used to deploy the application profiles. /usr/local/osmosix/callout/ipam 2017 Cisco and/or its affiliates. All rights reserved. This document is Cisco Public Information. Page 21 of 38

22 Insert the Infoblox library callout.conf and the attendant script file that will be called by callout.conf. The scripts are described in step Configure Cisco CloudCenter. This step is necessary only in vcenter environments. In OpenStack and AWS environments, drop-down menus are available to configure the IPAM settings in the Cisco CloudCenter interface. Edit Instance IPAM Strategy in the regions in which you want to deploy the application profile to change the setting to IPAMCallout. 4. Invoke scripts during application deployment. When an application is deployed, Cisco CloudCenter Manager invokes a set of scripts required to deploy the application. Callout.conf is called when the Cisco CloudCenter Orchestrator service starts. The orchestrator maps the script that needs to be used for a service. For example, in script shown here, createhost.py is mapped to infoblox callout. name=infoblox type=exec topic=ipam debug=true executable=createhost.py reinject=true disabled=false In this example, the Infoblox script createhost.py is invoked when an application is deployed and IPAMCallOut is enabled. The script chooses the network specified in the user interface and uses the parameter to obtain the IP address in the subnet from IPAM. The IP address obtained is configured in the host as a static IP address. #!/usr/bin/env python import infoblox, sys, os #Check to see if command line included enough arguments. ''' if (len(sys.argv) < 3): print "Usage: createhost.py <fqdn> <network CIDR>" quit() ''' 2017 Cisco and/or its affiliates. All rights reserved. This document is Cisco Public Information. Page 22 of 38

23 #Assign command line arguments to named variables #fqdn = sys.argv[1] + '.test.local' #network = sys.argv[2] fqdn = os.environ['vmname'] + '.test.local' network = os.environ['ipamnetwork'] #network = ' /24' #Setup connection object for Infoblox iba_api = infoblox.infoblox(' ', 'admin', 'infoblox', '1.6', 'default', 'default', False) try: #Create new host record with supplied network and fqdn arguments ip = iba_api.create_host_record(network, fqdn) print 'domainname=test.local' print 'DnsServerList= ' print 'nicdnsserverlist_0= ' print 'nicgateway_0= ' print 'nicnetmask_0= ' print "niccount=1" print "nicip_0=" + ip print 'hwclockutc=true' print 'timezone=canada/eastern' print 'oshostname=%s' % os.environ['vmname'] except Exception as e: print e DHCP Provisioning The process for configuring DHCP services in Cisco ACI is explained at DHCP configuration requires configuration in Cisco ACI as well as in the Infoblox DHCP server. In the reference design discussed here, the DHCP server is provisioned centrally in the Common tenant and provides DHCP to endpoints across multiple tenants and EPGs (Figure 4) Cisco and/or its affiliates. All rights reserved. This document is Cisco Public Information. Page 23 of 38

24 Figure 4. DHCP Server Provisioning Configure DHCP using the following steps: 1. Create the DHCP EPG in the Common tenant. 2. Define DHCP relay for the EPG. DHCP relay is a logical construct used to associate the DHCP server with the bridge domains that will consume its services. 3. For each individual bridge domain that requires DHCP services, associate the bridge domain with its target DHCP server through DHCP relay. A bridge domain can support DHCP requests from only one subnet within its scope, referred to as the primary subnet. This behavior implies the following: An EPG that is associated with a bridge domain subnet other than the primary subnet will not be serviced by DHCP. If a tenant has multiple EPGs that require distinct DHCP subnets, they will need to be associated with distinct bridge domains. For example, EPG3 in Figure 4 does not support overlapped subnets. For a multi- VRF design with overlapped subnets, multiple DHCP servers with corresponding relays need to be provisioned. When an application or an instance is provisioned in Cisco CloudCenter, the application needs to be associated with the correct bridge domain, and the instances will obtain the IP addresses configured in the bridge domain s primary subnet. F5 Load-Balancer Integration To integrate a load balancer, you initially need to set up the load-balancer instance managed by Cisco UCS Director in the reference design described here. You also need to specify a deployment-time configuration managed by Cisco CloudCenter closely integrated with Cisco ACI. Figure 5 summarizes the process Cisco and/or its affiliates. All rights reserved. This document is Cisco Public Information. Page 24 of 38

25 Figure 5. Load-Balancer Integration Using F5 Follow these steps to integrate the load balancer: 1. Add a device in Cisco ACI Cisco and/or its affiliates. All rights reserved. This document is Cisco Public Information. Page 25 of 38

26 2. Create a service graph template. 3. Define the load-balancer application template in Cisco CloudCenter Cisco and/or its affiliates. All rights reserved. This document is Cisco Public Information. Page 26 of 38

27 4. Deploy the application template in Cisco CloudCenter. Conclusion Cisco s product suite comprising CloudCenter, Application Centric Infrastructure and Cisco UCS Director enables an enterprise to seamlessly build and operate a full-featured hybrid cloud as well as automate the definition, deployment and lifecycle management of multi-tier applications. Typical enterprise uses cases addressed by this solution suite include: Application or Database-as-a-Service Clouds Automation of Dev Test environments Single Pane of Glass for Multi-Cloud Management Build-up and Management of Sandbox or Demo Environments While the scope of the reference design outlined in this document is a vcenter based cloud, salient feature of CloudCenter is its support for multiple clouds such as OpenStack, AWS, Azure, Google etc. Most of the features outlined in this reference design cannot be supported for these other clouds as well Cisco and/or its affiliates. All rights reserved. This document is Cisco Public Information. Page 27 of 38

28 For More Information Cisco Cloud Center: Cisco Application Specific Infrastructure: Cisco UCS Director: Appendix: Cisco UCS Director Workflows This appendix summarizes the Cisco UCS Director workflows for the reference design discussed in this document. Bare-Metal Startup and Association with VMware vcenter 1. Register the Cisco UCS C-Series Server with Cisco UCS Director. 2. Initiate PXE boot with the ESX hypervisor. 3. Wait for PXE boot to complete. 4. Add the ESX hypervisor to vcenter. 5. Remove PXE boot from the server Cisco and/or its affiliates. All rights reserved. This document is Cisco Public Information. Page 28 of 38

29 Cisco ACI Pre-Provisioning 1. Create a VMM domain. a. Create a dynamic VLAN pool. b. Create the AEP. c. Use the previously created VLAN pool and AEP to configure the VMM domain. This process will create the vds in the specified vcenter. 2. Create a vpc. Three workflows are created for vpc configuration for modularity. You can combine these workflows together to create a single workflow if needed. a. Create a vpc protection group and interface profile. i. Create the vpc protection group as consecutive. ii. Create the interface profile for the vpc Cisco and/or its affiliates. All rights reserved. This document is Cisco Public Information. Page 29 of 38

30 b. Create a vpc policy group and interface selector. i. Create the vpc policy group. ii. Attach the interface selector to the policy group and interface profile created earlier. For a given vpc pair, the number of policy groups and interface selectors are the same as the number of hosts that are part of that vpc. Each policy group represents a member of the port channel Cisco and/or its affiliates. All rights reserved. This document is Cisco Public Information. Page 30 of 38

31 c. Attach an interface profile to a switch profile. i. Create the switch profile. ii. Associate the switch selector with the switch profile. iii. Associate the previously created interface profile with the switch profile. 3. Create the user tenant and utilities. a. Create the tenant, VRF instance, and bridge domains Cisco and/or its affiliates. All rights reserved. This document is Cisco Public Information. Page 31 of 38

32 b. Configure L3Out within the tenant. i. Create the physical domain with a static pool Cisco and/or its affiliates. All rights reserved. This document is Cisco Public Information. Page 32 of 38

33 ii. Create the policy group, interface, and switch profile Cisco and/or its affiliates. All rights reserved. This document is Cisco Public Information. Page 33 of 38

34 iii. Create the external routed network in the client s tenant Cisco and/or its affiliates. All rights reserved. This document is Cisco Public Information. Page 34 of 38

35 Infoblox Provisioning and Integration with Cisco ACI 1. Create the VRF instance, bridge domain, and DHCP EPG in the Common tenant. 2. Provision the Infoblox virtual machine with two vnics: one in the management network port group and the other in the DHCP EPG port group Cisco and/or its affiliates. All rights reserved. This document is Cisco Public Information. Page 35 of 38

36 3. Add the DHCP relay label to the clients bridge domain. 4. For each user tenant, configure DHCP relays in the bridge domain Cisco and/or its affiliates. All rights reserved. This document is Cisco Public Information. Page 36 of 38

37 F5 Provisioning 1. Deploy the F5 LTM ISO image with two vnics: network adapter 1 in the management network port group and network adapter 2 in the quarantine port group. 4. Add the F5 LTM virtual appliance to the Common tenant and configure a service graph template and logical device context in the client s tenant. a. Create an L4-L7 device in the Common tenant to deploy the device in one-arm mode. b. Create an L4-L7 service graph template in the client s tenant for one-arm deployment using the HTTP virtual server profile. c. Create a logical device context in the client s tenant on any contract using the service graph template previously created Cisco and/or its affiliates. All rights reserved. This document is Cisco Public Information. Page 37 of 38

38 Printed in USA C / Cisco and/or its affiliates. All rights reserved. This document is Cisco Public Information. Page 38 of 38

Cisco HyperFlex Systems

Cisco HyperFlex Systems White Paper Cisco HyperFlex Systems Install and Manage Cisco HyperFlex Systems in a Cisco ACI Environment Original Update: January 2017 Updated: March 2018 Note: This document contains material and data

More information

Cisco Application Centric Infrastructure and Microsoft SCVMM and Azure Pack

Cisco Application Centric Infrastructure and Microsoft SCVMM and Azure Pack White Paper Cisco Application Centric Infrastructure and Microsoft SCVMM and Azure Pack Introduction Cisco Application Centric Infrastructure (ACI) is a next-generation data center fabric infrastructure

More information

Cisco CloudCenter Solution with VMware

Cisco CloudCenter Solution with VMware Cisco CloudCenter Solution with Extend, any application, and any cloud The Cisco CloudCenter hybrid cloud management platform securely provisions infrastructure resources and deploys application components

More information

Deploy Microsoft SQL Server 2014 on a Cisco Application Centric Infrastructure Policy Framework

Deploy Microsoft SQL Server 2014 on a Cisco Application Centric Infrastructure Policy Framework White Paper Deploy Microsoft SQL Server 2014 on a Cisco Application Centric Infrastructure Policy Framework August 2015 2015 Cisco and/or its affiliates. All rights reserved. This document is Cisco Public.

More information

Layer 4 to Layer 7 Design

Layer 4 to Layer 7 Design Service Graphs and Layer 4 to Layer 7 Services Integration, page 1 Firewall Service Graphs, page 5 Service Node Failover, page 10 Service Graphs with Multiple Consumers and Providers, page 12 Reusing a

More information

Tenant Onboarding. Tenant Onboarding Overview. Tenant Onboarding with Virtual Data Centers

Tenant Onboarding. Tenant Onboarding Overview. Tenant Onboarding with Virtual Data Centers Overview, page 1 with Virtual Data Centers, page 1 with Resource Groups, page 5 Overview In Cisco UCS Director, tenants enable you to securely control and allocate the virtual and physical infrastructure

More information

Cisco CloudCenter Solution with Cisco ACI: Common Use Cases

Cisco CloudCenter Solution with Cisco ACI: Common Use Cases Cisco CloudCenter Solution with Cisco ACI: Common Use Cases Cisco ACI increases network security, automates communication policies based on business-relevant application requirements, and decreases developer

More information

Cisco UCS Director and ACI Advanced Deployment Lab

Cisco UCS Director and ACI Advanced Deployment Lab Cisco UCS Director and ACI Advanced Deployment Lab Michael Zimmerman, TME Vishal Mehta, TME Agenda Introduction Cisco UCS Director ACI Integration and Key Concepts Cisco UCS Director Application Container

More information

Cisco ACI with Cisco AVS

Cisco ACI with Cisco AVS This chapter includes the following sections: Cisco AVS Overview, page 1 Cisco AVS Installation, page 6 Key Post-Installation Configuration Tasks for the Cisco AVS, page 43 Distributed Firewall, page 62

More information

Data Center and Cloud Automation

Data Center and Cloud Automation Data Center and Cloud Automation Tanja Hess Systems Engineer September, 2014 AGENDA Challenges and Opportunities Manual vs. Automated IT Operations What problem are we trying to solve and how do we solve

More information

Virtual Machine Manager Domains

Virtual Machine Manager Domains This chapter contains the following sections: Cisco ACI VM Networking Support for Virtual Machine Managers, page 1 VMM Domain Policy Model, page 3 Virtual Machine Manager Domain Main Components, page 3,

More information

Automate Application Deployment with F5 Local Traffic Manager and Cisco Application Centric Infrastructure

Automate Application Deployment with F5 Local Traffic Manager and Cisco Application Centric Infrastructure Automate Application Deployment with F5 Local Traffic Manager and Cisco Application Centric Infrastructure White Paper 2016 Cisco F5 Networks. All rights reserved. Page 1 Contents What You Will Learn...

More information

Cisco ACI Virtual Machine Networking

Cisco ACI Virtual Machine Networking This chapter contains the following sections: Cisco ACI VM Networking Supports Multiple Vendors' Virtual Machine Managers, page 1 Virtual Machine Manager Domain Main Components, page 2 Virtual Machine

More information

Cisco Application Centric Infrastructure (ACI) Simulator

Cisco Application Centric Infrastructure (ACI) Simulator Data Sheet Cisco Application Centric Infrastructure (ACI) Simulator Cisco Application Centric Infrastructure Overview Cisco Application Centric Infrastructure (ACI) is an innovative architecture that radically

More information

Cisco ACI vcenter Plugin

Cisco ACI vcenter Plugin This chapter contains the following sections: About Cisco ACI with VMware vsphere Web Client, page 1 Getting Started with, page 2 Features and Limitations, page 7 GUI, page 12 Performing ACI Object Configurations,

More information

5 days lecture course and hands-on lab $3,295 USD 33 Digital Version

5 days lecture course and hands-on lab $3,295 USD 33 Digital Version Course: Duration: Fees: Cisco Learning Credits: Kit: DCAC9K v1.1 Cisco Data Center Application Centric Infrastructure 5 days lecture course and hands-on lab $3,295 USD 33 Digital Version Course Details

More information

Hybrid Cloud Solutions

Hybrid Cloud Solutions Hybrid Cloud Solutions with Cisco and Microsoft Innovation Rob Tappenden, Technical Solution Architect rtappend@cisco.com March 2016 Today s industry and business challenges Industry Evolution & Data Centres

More information

Cisco ACI Virtual Machine Networking

Cisco ACI Virtual Machine Networking This chapter contains the following sections: Cisco ACI VM Networking Supports Multiple Vendors' Virtual Machine Managers, page 1 Virtual Machine Manager Domain Main Components, page 2 Virtual Machine

More information

Cisco Application Centric Infrastructure

Cisco Application Centric Infrastructure Data Sheet Cisco Application Centric Infrastructure What s Inside At a glance: Cisco ACI solution Main benefits Cisco ACI building blocks Main features Fabric Management and Automation Network Security

More information

Configuring APIC Accounts

Configuring APIC Accounts This chapter contains the following sections: Adding an APIC Account, page 1 Viewing APIC Reports, page 3 Assigning an APIC account to a Pod, page 15 Handling APIC Failover, page 15 Adding an APIC Account

More information

Cisco ACI and Cisco AVS

Cisco ACI and Cisco AVS This chapter includes the following sections: Cisco AVS Overview, page 1 Installing the Cisco AVS, page 5 Key Post-Installation Configuration Tasks for the Cisco AVS, page 14 Distributed Firewall, page

More information

Cisco ACI App Center. One Platform, Many Applications. Overview

Cisco ACI App Center. One Platform, Many Applications. Overview White Paper Cisco ACI App Center One Platform, Many Applications Overview Cisco Application Centric Infrastructure (Cisco ACI ) is a comprehensive software-defined networking (SDN) solution designed from

More information

F5 BIG-IP Local Traffic Manager Service Insertion with Cisco Application Centric Infrastructure

F5 BIG-IP Local Traffic Manager Service Insertion with Cisco Application Centric Infrastructure F5 BIG-IP Local Traffic Manager Service Insertion with Cisco Application Centric Infrastructure Deployment Guide December 2015 2015 Cisco F5. All rights reserved. Page 1 Contents Introduction... 4 Preface...

More information

ACI Terminology. This chapter contains the following sections: ACI Terminology, on page 1. Cisco ACI Term. (Approximation)

ACI Terminology. This chapter contains the following sections: ACI Terminology, on page 1. Cisco ACI Term. (Approximation) This chapter contains the following sections:, on page 1 Alias API Inspector App Center Alias A changeable name for a given object. While the name of an object, once created, cannot be changed, the Alias

More information

Virtualization Design

Virtualization Design VMM Integration with UCS-B, on page 1 VMM Integration with AVS or VDS, on page 3 VMM Domain Resolution Immediacy, on page 6 OpenStack and Cisco ACI, on page 8 VMM Integration with UCS-B About VMM Integration

More information

Cisco Enterprise Cloud Suite Overview Cisco and/or its affiliates. All rights reserved.

Cisco Enterprise Cloud Suite Overview Cisco and/or its affiliates. All rights reserved. Cisco Enterprise Cloud Suite Overview 2015 Cisco and/or its affiliates. All rights reserved. 1 CECS Components End User Service Catalog SERVICE PORTAL Orchestration and Management UCS Director Application

More information

Application Provisioning

Application Provisioning Overview, page 1 Application Categories, page 1 Application Containers, page 2 Catalogs, page 7 Self-Service Provisioning, page 8 Overview After you have allocated your resources among your user groups,

More information

Service Graph Design with Cisco Application Centric Infrastructure

Service Graph Design with Cisco Application Centric Infrastructure White Paper Service Graph Design with Cisco Application Centric Infrastructure 2017 Cisco and/or its affiliates. All rights reserved. This document is Cisco Public Information. Page 1 of 101 Contents Introduction...

More information

Multi-Cloud and Application Centric Modeling, Deployment and Management with Cisco CloudCenter (CliQr)

Multi-Cloud and Application Centric Modeling, Deployment and Management with Cisco CloudCenter (CliQr) Multi-Cloud and Application Centric Modeling, Deployment and Management with Cisco CloudCenter (CliQr) Jeremy Oakey - Sr. Director, Technical Marketing & Integrations BRKCLD-2008 Agenda Introduction Architecture

More information

Transform Your Business with Hybrid Cloud

Transform Your Business with Hybrid Cloud Transform Your Business with Hybrid Cloud Cisco gives you greater choice and cost savings, so you can transform IT operations in a way that works best for your organization. We offer an open framework

More information

Service Insertion with ACI using F5 iworkflow

Service Insertion with ACI using F5 iworkflow Service Insertion with ACI using F5 iworkflow Gert Wolfis F5 EMEA Cloud SE October 2016 Agenda F5 and Cisco ACI Joint Solution Cisco ACI L4 L7 Service Insertion Overview F5 and Cisco ACI Integration Models

More information

Cisco UCS Director Tech Module Cisco Application Centric Infrastructure (ACI)

Cisco UCS Director Tech Module Cisco Application Centric Infrastructure (ACI) Cisco UCS Director Tech Module Cisco Application Centric Infrastructure (ACI) Version: 1.0 September 2016 1 Agenda Overview & Architecture Hardware & Software Compatibility Licensing Orchestration Capabilities

More information

Cisco Solution for Private Cloud

Cisco Solution for Private Cloud Dubrovnik, Croatia, South East Europe 20-22 May, 2013 Cisco Solution for Private Cloud Sascha Merg Technical Solutions Architect 2011 2012 Cisco and/or its affiliates. All rights reserved. Cisco Connect

More information

Quick Start Guide (SDN)

Quick Start Guide (SDN) NetBrain Integrated Edition 7.1 Quick Start Guide (SDN) Version 7.1a Last Updated 2018-09-03 Copyright 2004-2018 NetBrain Technologies, Inc. All rights reserved. Contents 1. Discovering and Visualizing

More information

Introducing Cisco Cloud Administration CLDADM v1.0; 5 Days; Instructor-led

Introducing Cisco Cloud Administration CLDADM v1.0; 5 Days; Instructor-led Introducing Cisco Cloud Administration CLDADM v1.0; 5 Days; Instructor-led Course Description Introducing Cisco Cloud Administration (CLDADM) is a new 5-day ILT course designed to help students prepare

More information

Taming the Multi-Cloud With Simplicity and Openness. Minh Dang Cisco Systems Vietnam 2018 January

Taming the Multi-Cloud With Simplicity and Openness. Minh Dang Cisco Systems Vietnam 2018 January Taming the Multi-Cloud With Simplicity and Openness Minh Dang Cisco Systems Vietnam 2018 January Multi-Cloud Challenge Growth in Applications and Infrastructure Many Operating Env COST Data Center Many

More information

Quick Start Guide (SDN)

Quick Start Guide (SDN) NetBrain Integrated Edition 7.1 Quick Start Guide (SDN) Version 7.1 Last Updated 2018-07-24 Copyright 2004-2018 NetBrain Technologies, Inc. All rights reserved. Contents 1. Discovering and Visualizing

More information

Cisco ACI Virtual Machine Networking

Cisco ACI Virtual Machine Networking This chapter contains the following sections: Cisco ACI VM Networking Supports Multiple Vendors' Virtual Machine Managers, page 1 Virtual Machine Manager Domain Main Components, page 2 Virtual Machine

More information

UCS Director: Tenant Onboarding Cisco ACI & Microsoft HyperV. Dec. 2016

UCS Director: Tenant Onboarding Cisco ACI & Microsoft HyperV. Dec. 2016 UCS Director: Tenant Onboarding Cisco ACI & Microsoft HyperV Dec. 2016 The following presentation covers tenant onboarding in UCS Director with ACI and a HyperV-based VMM Domain Tenant Onboarding: Quick

More information

Cisco ACI Terminology ACI Terminology 2

Cisco ACI Terminology ACI Terminology 2 inology ACI Terminology 2 Revised: May 24, 2018, ACI Terminology Cisco ACI Term Alias API Inspector App Center Application Policy Infrastructure Controller (APIC) Application Profile Atomic Counters Alias

More information

Orchestrating the Cloud Infrastructure using Cisco Intelligent Automation for Cloud

Orchestrating the Cloud Infrastructure using Cisco Intelligent Automation for Cloud Orchestrating the Cloud Infrastructure using Cisco Intelligent Automation for Cloud 2 Orchestrate the Cloud Infrastructure Business Drivers for Cloud Long Provisioning Times for New Services o o o Lack

More information

Cisco ACI Multi-Site Fundamentals Guide

Cisco ACI Multi-Site Fundamentals Guide First Published: 2017-08-10 Last Modified: 2017-10-09 Americas Headquarters Cisco Systems, Inc. 170 West Tasman Drive San Jose, CA 95134-1706 USA http://www.cisco.com Tel: 408 526-4000 800 553-NETS (6387)

More information

Creating Application Containers

Creating Application Containers This chapter contains the following sections: General Application Container Creation Process, page 1 Creating Application Container Policies, page 2 About Application Container Templates, page 5 Creating

More information

Integration of Hypervisors and L4-7 Services into an ACI Fabric. Azeem Suleman, Principal Engineer, Insieme Business Unit

Integration of Hypervisors and L4-7 Services into an ACI Fabric. Azeem Suleman, Principal Engineer, Insieme Business Unit Integration of Hypervisors and L4-7 Services into an ACI Fabric Azeem Suleman, Principal Engineer, Insieme Business Unit Agenda Introduction to ACI Review of ACI Policy Model Hypervisor Integration Layer

More information

Cisco Cloud Architecture with Microsoft Cloud Platform Peter Lackey Technical Solutions Architect PSOSPG-1002

Cisco Cloud Architecture with Microsoft Cloud Platform Peter Lackey Technical Solutions Architect PSOSPG-1002 Cisco Cloud Architecture with Microsoft Cloud Platform Peter Lackey Technical Solutions Architect PSOSPG-1002 Agenda Joint Cisco and Microsoft Integration Efforts Introduction to CCA-MCP What is a Pattern?

More information

Securing Containers Using a PNSC and a Cisco VSG

Securing Containers Using a PNSC and a Cisco VSG Securing Containers Using a PNSC and a Cisco VSG This chapter contains the following sections: About Prime Network Service Controllers, page 1 Integrating a VSG into an Application Container, page 4 About

More information

Integrating Cisco UCS with Cisco ACI

Integrating Cisco UCS with Cisco ACI Integrating Cisco UCS with Cisco ACI Marian Klas, mklas@cisco.com Systems Engineer Data Center February 2015 Agenda: Connecting workloads to ACI Bare Metal Hypervisors UCS & APIC Integration and Orchestration

More information

Design Guide for Cisco ACI with Avi Vantage

Design Guide for Cisco ACI with Avi Vantage Page 1 of 23 Design Guide for Cisco ACI with Avi Vantage view online Overview Cisco ACI Cisco Application Centric Infrastructure (ACI) is a software defined networking solution offered by Cisco for data

More information

Cisco ACI with Red Hat Virtualization 2

Cisco ACI with Red Hat Virtualization 2 Cisco ACI and Red Hat Virtualization New and Changed Information 2 Cisco ACI with Red Hat Virtualization 2 Software Compatibility 2 Cisco ACI and Red Hat Terminology 3 Workflow for Red Hat Virtualization

More information

Securing Containers Using a PNSC and a Cisco VSG

Securing Containers Using a PNSC and a Cisco VSG Securing Containers Using a PNSC and a Cisco VSG This chapter contains the following sections: About Prime Network Service Controllers, page 1 Integrating a VSG into an Application Container, page 3 About

More information

Configuring Layer 4 to Layer 7 Resource Pools

Configuring Layer 4 to Layer 7 Resource Pools Configuring Layer 4 to Layer 7 Resource Pools About Layer 4 to Layer 7 Resource Pools, page 1 About External IP Address Pools, page 2 About External Layer 3 Routed Domains and the Associated VLAN Pools,

More information

Multi-Cloud and Application Centric Modeling, Deployment and Management with Cisco CloudCenter (CliQr)

Multi-Cloud and Application Centric Modeling, Deployment and Management with Cisco CloudCenter (CliQr) Multi-Cloud and Application Centric Modeling, Deployment and Management with Cisco CloudCenter (CliQr) Jeremy Oakey Senior Director, Technical Marketing and Integrations Agenda Introduction Architecture

More information

Virtual Tech Update Intercloud Fabric. Michael Petersen Systems Engineer, Cisco Denmark

Virtual Tech Update Intercloud Fabric. Michael Petersen Systems Engineer, Cisco Denmark Virtual Tech Update Intercloud Fabric Michael Petersen Systems Engineer, Cisco Denmark michaep2@cisco.com Agenda Introduction Intercloud and Intercloud Fabric Intercloud Fabric - New Features Intercloud

More information

Running RHV integrated with Cisco ACI. JuanLage Principal Engineer - Cisco May 2018

Running RHV integrated with Cisco ACI. JuanLage Principal Engineer - Cisco May 2018 Running RHV integrated with Cisco ACI JuanLage Principal Engineer - Cisco May 2018 Agenda Why we need SDN on the Data Center What problem are we solving? Introduction to Cisco Application Centric Infrastructure

More information

Easily Managing Hybrid IT with Transformation Technology

Easily Managing Hybrid IT with Transformation Technology White Paper White Paper Managing Public Cloud Computing in the Enterprise Easily Managing Hybrid IT with Transformation Technology A Quick Start Guide 1 Table of Contents Abstract... 3 Traditional Approaches

More information

Table of Contents 1.1. Introduction. Overview of vsphere Integrated Containers 1.2

Table of Contents 1.1. Introduction. Overview of vsphere Integrated Containers 1.2 Table of Contents Introduction Overview of vsphere Integrated Containers 1.1 1.2 2 Overview of vsphere Integrated Containers This document provides an overview of VMware vsphere Integrated Containers.

More information

Disclaimer This presentation may contain product features that are currently under development. This overview of new technology represents no commitme

Disclaimer This presentation may contain product features that are currently under development. This overview of new technology represents no commitme MGT1799BE Full-Stack Automation: Streamlining, Delivering and Managing App- Centric IT Kim Ranyard Steffen Moen Jad El-Zein #world #MGT1799BE world 2017 Content: Not for publication Disclaimer This presentation

More information

Integrating with Prime Service Catalog

Integrating with Prime Service Catalog This chapter consist of the following topics: Overview, page 1 Integrating with Third Party Applications, page 4 Creating Custom Integrations, page 7 Providing Infrastructure as a Service (IaaS) using

More information

Copyright 2015 EMC Corporation. All rights reserved. Published in the USA.

Copyright 2015 EMC Corporation. All rights reserved. Published in the USA. This Reference Architecture Guide describes, in summary, a solution that enables IT organizations to quickly and effectively provision and manage Oracle Database as a Service (DBaaS) on Federation Enterprise

More information

Network Programmability and Automation with Cisco Nexus 9000 Series Switches

Network Programmability and Automation with Cisco Nexus 9000 Series Switches White Paper Network Programmability and Automation with Cisco Nexus 9000 Series Switches White Paper August 2016 2016 Cisco and/or its affiliates. All rights reserved. This document is Cisco Public Information.

More information

Active System Manager Version 8.0 User s Guide

Active System Manager Version 8.0 User s Guide Active System Manager Version 8.0 User s Guide Notes, Cautions, and Warnings NOTE: A NOTE indicates important information that helps you make better use of your product. CAUTION: A CAUTION indicates either

More information

Cisco ACI Virtual Machine Networking

Cisco ACI Virtual Machine Networking This chapter contains the following sections: Cisco ACI VM Networking Supports Multiple Vendors' Virtual Machine Managers, page 1 Virtual Machine Manager Domain Main Components, page 2 Virtual Machine

More information

Build application-centric data centers to meet modern business user needs

Build application-centric data centers to meet modern business user needs Build application-centric data centers to meet modern business user needs Citrix.com Table of contents Meeting current business challenges...3 Device package integration...5 Policy-based service insertion...6

More information

Genomics on Cisco Metacloud + SwiftStack

Genomics on Cisco Metacloud + SwiftStack Genomics on Cisco Metacloud + SwiftStack Technology is a large component of driving discovery in both research and providing timely answers for clinical treatments. Advances in genomic sequencing have

More information

DevOps and Continuous Delivery USE CASE

DevOps and Continuous Delivery USE CASE DevOps and Continuous Delivery USE CASE CliQr DevOps and Continuous Delivery Page 2 DevOps and Continuous Delivery In the digital economy, increasing application velocity is key to success. In order to

More information

Cisco Application Centric Infrastructure (ACI) - Endpoint Groups (EPG) Usage and Design

Cisco Application Centric Infrastructure (ACI) - Endpoint Groups (EPG) Usage and Design White Paper Cisco Application Centric Infrastructure (ACI) - Endpoint Groups (EPG) Usage and Design Emerging IT technologies have brought about a shift from IT as a cost center to IT as a business driver.

More information

Customer s journey into the private cloud with Cisco Enterprise Cloud Suite

Customer s journey into the private cloud with Cisco Enterprise Cloud Suite Customer s journey into the private cloud with Cisco Enterprise Cloud Suite Peter Charpentier, Senior Solution Architect, Cisco AS Cisco Spark How Questions? Use Cisco Spark to communicate with the speaker

More information

Intuit Application Centric ACI Deployment Case Study

Intuit Application Centric ACI Deployment Case Study Intuit Application Centric ACI Deployment Case Study Joon Cho, Principal Network Engineer, Intuit Lawrence Zhu, Solutions Architect, Cisco Agenda Introduction Architecture / Principle Design Rollout Key

More information

Cisco ACI Virtualization Guide, Release 2.2(1)

Cisco ACI Virtualization Guide, Release 2.2(1) First Published: 2017-01-18 Last Modified: 2017-07-14 Americas Headquarters Cisco Systems, Inc. 170 West Tasman Drive San Jose, CA 95134-1706 USA http://www.cisco.com Tel: 408 526-4000 800 553-NETS (6387)

More information

Introducing VMware Validated Design Use Cases. Modified on 21 DEC 2017 VMware Validated Design 4.1

Introducing VMware Validated Design Use Cases. Modified on 21 DEC 2017 VMware Validated Design 4.1 Introducing VMware Validated Design Use Cases Modified on 21 DEC 2017 VMware Validated Design 4.1 You can find the most up-to-date technical documentation on the VMware website at: https://docs.vmware.com/

More information

Modelos de Negócio na Era das Clouds. André Rodrigues, Cloud Systems Engineer

Modelos de Negócio na Era das Clouds. André Rodrigues, Cloud Systems Engineer Modelos de Negócio na Era das Clouds André Rodrigues, Cloud Systems Engineer Agenda Software and Cloud Changed the World Cisco s Cloud Vision&Strategy 5 Phase Cloud Plan Before Now From idea to production:

More information

Creating Application Containers

Creating Application Containers This chapter contains the following sections: General Application Container Creation Process, page 1 Creating Application Container Policies, page 3 About Application Container Templates, page 5 Creating

More information

Cisco ACI vpod. One intent: Any workload, Any location, Any cloud. Introduction

Cisco ACI vpod. One intent: Any workload, Any location, Any cloud. Introduction Cisco ACI vpod One intent: Any workload, Any location, Any cloud Organizations are increasingly adopting hybrid data center models to meet their infrastructure demands, to get flexibility and to optimize

More information

2018 Cisco and/or its affiliates. All rights reserved.

2018 Cisco and/or its affiliates. All rights reserved. Beyond Data Center A Journey to self-driving Data Center with Analytics, Intelligent and Assurance Mohamad Imaduddin Systems Engineer Cisco Oct 2018 App is the new Business Developer is the new Customer

More information

Automation of Application Centric Infrastructure (ACI) with Cisco UCS Director

Automation of Application Centric Infrastructure (ACI) with Cisco UCS Director Automation of Application Centric Infrastructure (ACI) with Cisco UCS Director Raju Penmetsa @RajuPenmetsa1 Data Center Group Agenda IT Complexity Solution for ACI Automation Cisco UCS Director Application

More information

Automate Datacenter Service Delivery

Automate Datacenter Service Delivery Automate Datacenter Service Delivery Cisco UCS Director Mihai Gagea mihai.gagea@datanets.ro About Datanet Systems Datanet is one of the most important integrators of complex IT solutions; Leader in the

More information

Cisco ACI Virtualization Guide, Release 2.1(1)

Cisco ACI Virtualization Guide, Release 2.1(1) First Published: 2016-10-02 Last Modified: 2017-05-09 Americas Headquarters Cisco Systems, Inc. 170 West Tasman Drive San Jose, CA 95134-1706 USA http://www.cisco.com Tel: 408 526-4000 800 553-NETS (6387)

More information

IaaS Integration for Multi- Machine Services. vrealize Automation 6.2

IaaS Integration for Multi- Machine Services. vrealize Automation 6.2 IaaS Integration for Multi- Machine Services vrealize Automation 6.2 You can find the most up-to-date technical documentation on the VMware website at: https://docs.vmware.com/ If you have comments about

More information

Cisco Nexus 1000V Switch for Microsoft Hyper-V

Cisco Nexus 1000V Switch for Microsoft Hyper-V Q&A Cisco Nexus 1000V Switch for Microsoft Hyper-V Overview Q. What are Cisco Nexus 1000V Switches? A. Cisco Nexus 1000V Switches provide a comprehensive and extensible architectural platform for virtual

More information

Introducing VMware Validated Designs for Software-Defined Data Center

Introducing VMware Validated Designs for Software-Defined Data Center Introducing VMware Validated Designs for Software-Defined Data Center VMware Validated Design 4.0 VMware Validated Design for Software-Defined Data Center 4.0 You can find the most up-to-date technical

More information

Cisco and VMware: Integrated Management Solutions for the Virtualized Data Center

Cisco and VMware: Integrated Management Solutions for the Virtualized Data Center White Paper Cisco and VMware: Integrated Management Solutions for the Virtualized Data Center March 2014 2014 Cisco and/or its affiliates. All rights reserved. This document is Cisco Public. Page 1 of

More information

Cisco Application Policy Infrastructure Controller Data Center Policy Model

Cisco Application Policy Infrastructure Controller Data Center Policy Model White Paper Cisco Application Policy Infrastructure Controller Data Center Policy Model This paper examines the Cisco Application Centric Infrastructure (ACI) approach to modeling business applications

More information

Introducing VMware Validated Designs for Software-Defined Data Center

Introducing VMware Validated Designs for Software-Defined Data Center Introducing VMware Validated Designs for Software-Defined Data Center VMware Validated Design for Software-Defined Data Center 4.0 This document supports the version of each product listed and supports

More information

CLOUD INFRASTRUCTURE ARCHITECTURE DESIGN

CLOUD INFRASTRUCTURE ARCHITECTURE DESIGN CLOUD INFRASTRUCTURE ARCHITECTURE DESIGN Dan Radez OpenStack Red Hat Brad Ascar CloudForms Red Hat Agenda Red Hat OpenStack Platform Installation OpenStack Architecture Highly Available OpenStack Red Hat

More information

Cisco ACI Simulator Release Notes, Release 1.1(1j)

Cisco ACI Simulator Release Notes, Release 1.1(1j) Cisco ACI Simulator Release Notes, This document provides the compatibility information, usage guidelines, and the scale values that were validated in testing this Cisco ACI Simulator release. Use this

More information

IaaS Integration for Multi-Machine Services

IaaS Integration for Multi-Machine Services IaaS Integration for Multi-Machine Services vcloud Automation Center 6.1 This document supports the version of each product listed and supports all subsequent versions until the document is replaced by

More information

Cisco SDN 解决方案 ACI 的基本概念

Cisco SDN 解决方案 ACI 的基本概念 Cisco SDN 解决方案 ACI 的基本概念 Presented by: Shangxin Du(@shdu)-Solution Support Engineer, Cisco TAC Aug 26 th, 2015 2013 Cisco and/or its affiliates. All rights reserved. 1 Type Consumption Delivery Big data,

More information

Configuring Cisco Nexus 9000 Series Switches in ACI Mode (DCAC9K) v3.0

Configuring Cisco Nexus 9000 Series Switches in ACI Mode (DCAC9K) v3.0 Configuring Cisco Nexus 9000 Series Switches in ACI Mode (DCAC9K) v3.0 What you ll learn in this course The Configuring Cisco Nexus 9000 Series Switches in ACI Mode (DCAC9K) v3.0 course is designed for

More information

Foundations and Concepts. 04 December 2017 vrealize Automation 7.3

Foundations and Concepts. 04 December 2017 vrealize Automation 7.3 Foundations and Concepts 04 December 2017 vrealize Automation 7.3 You can find the most up-to-date technical documentation on the VMware website at: https://docs.vmware.com/ If you have comments about

More information

Cisco Prime Data Center Network Manager Release 7.1

Cisco Prime Data Center Network Manager Release 7.1 Product Bulletin Cisco Prime Data Center Network Manager Release 7.1 PB733518 Cisco Prime Data Center Network Manager (DCNM) software is an advanced network management system (NMS) for storage, LAN, and

More information

Cisco Cloud Application Centric Infrastructure

Cisco Cloud Application Centric Infrastructure Cisco Cloud Application Centric Infrastructure About Cisco cloud application centric infrastructure Cisco Cloud Application Centric Infrastructure (Cisco Cloud ACI) is a comprehensive solution for simplified

More information

Installing or Recovering Cisco APIC Images

Installing or Recovering Cisco APIC Images Installation s, on page 1 Usage Guidelines, on page 2 Conditions for Recovering or Installing Cisco APIC Software Image, on page 5 Installing Cisco APIC Software Using a PXE Server, on page 5 Installing

More information

Cisco ACI Virtualization Guide, Release 2.2(2)

Cisco ACI Virtualization Guide, Release 2.2(2) First Published: 2017-04-11 Last Modified: 2018-01-31 Americas Headquarters Cisco Systems, Inc. 170 West Tasman Drive San Jose, CA 95134-1706 USA http://www.cisco.com Tel: 408 526-4000 800 553-NETS (6387)

More information

Table of Contents 1.1. Overview. Containers, Docker, Registries vsphere Integrated Containers Engine

Table of Contents 1.1. Overview. Containers, Docker, Registries vsphere Integrated Containers Engine Table of Contents Overview Containers, Docker, Registries vsphere Integrated Containers Engine Management Portal Registry Roles and Personas 1.1 1.1.1 1.1.2 1.1.2.1 1.1.2.2 1.1.2.3 1.1.2.4 2 Overview of

More information

Cisco CloudCenter Solution Use Case: Application Migration and Management

Cisco CloudCenter Solution Use Case: Application Migration and Management Cisco CloudCenter Solution Use Case: Application Migration and Management Application migration and management Cloud computing is here to stay. According to recent Gartner research 1, from 2011 to 2014

More information

Introducing VMware Validated Designs for Software-Defined Data Center

Introducing VMware Validated Designs for Software-Defined Data Center Introducing VMware Validated Designs for Software-Defined Data Center VMware Validated Design for Software-Defined Data Center 3.0 This document supports the version of each product listed and supports

More information

Integrating NetScaler ADCs with Cisco ACI

Integrating NetScaler ADCs with Cisco ACI Docs.Citrix.com Integrating NetScaler ADCs with Cisco ACI http://docs.citrix.com/content/docs/en-us/netscaler/10-1/ns-solutions-con/cisco-aci-wrapper.html Jan. 28, 2011 citrix.com 1 Integrating NetScaler

More information

VMware vsphere with ESX 6 and vcenter 6

VMware vsphere with ESX 6 and vcenter 6 VMware vsphere with ESX 6 and vcenter 6 Course VM-06 5 Days Instructor-led, Hands-on Course Description This class is a 5-day intense introduction to virtualization using VMware s immensely popular vsphere

More information

When (and how) to move applications from VMware to Cisco Metacloud

When (and how) to move applications from VMware to Cisco Metacloud White Paper When (and how) to move applications from VMware to Cisco Metacloud What You Will Learn This white paper will explain when to migrate various applications running in VMware virtual machines

More information

Networking Domains. Physical domain profiles (physdomp) are typically used for bare metal server attachment and management access.

Networking Domains. Physical domain profiles (physdomp) are typically used for bare metal server attachment and management access. This chapter contains the following sections:, on page 1 Bridge Domains, on page 2 VMM Domains, on page 2 Configuring Physical Domains, on page 4 A fabric administrator creates domain policies that configure

More information