Implementing Container Application Platforms with Cisco ACI
|
|
- Bruce Martin
- 5 years ago
- Views:
Transcription
1
2 BRKDCN-2627 Implementing Container Application Platforms with Cisco ACI Andres Vega Product Manager, Engineering
3 Cisco Spark How Questions? Use Cisco Spark to communicate with the speaker after the session 1. Find this session in the Cisco Live Mobile App 2. Click Join the Discussion 3. Install Spark or go directly to the space 4. Enter messages/questions in the space cs.co/ciscolivebot#brkdcn Cisco and/or its affiliates. All rights reserved. Cisco Public
4 Agenda Introduction ACI Support for Container Application Platforms OpenShift Integration Cloud Foundry Integration Demo Conclusion
5 Openstack node.js OPEN SOURCE IS THE SOURCE OF TECHNOLOGICAL INNOVATION Linux Kernel - Chris Wright, CTO Red Hat 1M+ projects nginx Kubernetes Apache Project KVM aptomi Spinnaker SPIFFE TensorFlow 2018 Cisco and/or its affiliates. All rights reserved. Cisco Public
6 Application Architectural Evolution Service Autonomous Loosely-coupled Microservice Single Purpose Stateless Independently Scalable Automated f() Function Single Action Event Sourced Ephemeral BRKDCN Cisco and/or its affiliates. All rights reserved. Cisco Public 6
7 Pervasive Analytics Pervasive Security Native Support for Container Application Platforms Application Container Orchestration Docker Kubernetes Openshift Pivotal Cloud Foundry Mesosphere Opflex CNI Fast, Secure and Scalable Networking Intent based Infrastructure Automation Cisco ACI Anywhere Physical Virtual Private Any Cloud BRKDCN Cisco and/or its affiliates. All rights reserved. Cisco Public 7
8 Foundational Technologies BRKDCN Cisco and/or its affiliates. All rights reserved. Cisco Public 8
9 Application Centric Infrastructure Any Application Any hypervisor Build to and support open systems and standards Distributed network functions for traffic and service optimization Policy consistency provides for containers running reliably and securely Ease of deploying, scaling and managing BRKDCN Cisco and/or its affiliates. All rights reserved. Cisco Public 9
10 Docker provides a lightweight portable format to ship application images to different environments. Packing up all dependencies at both system and application level, but lacks features for supporting n-tier applications Kubernetes is a free and open source project. It does scheduling, orchestration and runs Docker containers at scale for production workloads, but does not address enterprise security requirements. BRKDCN Cisco and/or its affiliates. All rights reserved. Cisco Public 10
11 Native Platform Integration on ACI BRKDCN Cisco and/or its affiliates. All rights reserved. Cisco Public 11
12 Why ACI and Application Container Platforms Turnkey solution for node and container connectivity Flexible policy: Native platform policy API and ACI policies Hardware-accelerated: Integrated load balancing Fast, easy, secure and scalable networking for your Application Container Platform Visibility: Live statistics in APIC per container and health metrics Enhanced Multitenancy and unified networking for containers, VMs, bare metal BRKDCN Cisco and/or its affiliates. All rights reserved. Cisco Public 12
13 OpenShift BRKDCN Cisco and/or its affiliates. All rights reserved. Cisco Public 13
14 OpenShift is a enterprise grade feature set layer on top of Docker and Kubernetes, that makes it accessible and easy for the developer to create applications, and a platform for operators that simplifies deployments of containers for both development and production workloads. BRKDCN Cisco and/or its affiliates. All rights reserved. Cisco Public 14
15 OpenShift Container Networking and Network Security user request Openshift SDN configures an overlay using Open vswitch (OVS). ROUTER (HAproxy) Network Isolation is performed by use of and in between VXLAN segments. Pods can be assigned to different project networks. All incoming HTTP/S traffic is proxied through a Router Pod. OVS OVS OVS BRKDCN Cisco and/or its affiliates. All rights reserved. Cisco Public 15
16 OpenShift Networking and Network Security with ACI ACI Policy user request APIC Network Policy API Policy applied to OpenShift objects kind: NetworkPolicy apiversion: extensions/v1beta1 metadata: name: allow-orange-to-blue-same-ns spec: podselector: matchlabels: type: blue ingress: - from: - podselector: matchlabels: type: red Network policies supported using standard upstream format but enforced through OpFlex / OVS using APIC Host Protection Profiles. Openshift apps can be moved without modification to/from ACI and non-aci environments. Embedded fabric and virtual switch load balancing: PBR in fabric for external service load balancing OVS used for internal service load balancing OVS OpFlex OVS OpFlex OVS OpFlex VMM Domain for Openshift: Stats per namespace, deployment, service, pod Physical to container correlation BRKDCN Cisco and/or its affiliates. All rights reserved. Cisco Public 16
17 Support for Network Policy in ACI namespace-a Specification of how selections of pods are allowed to communicate with each other and other network endpoints. Network namespace isolation using defined labels directional: allowed ingress pod-to-pod traffic filters traffic from pods in other projects can specify protocol and ports (e.g. tcp/80) In Openshift: Project admin controlled. Capabilities in Openshift moving forward: (automated multitenant network policy, multitenant isolation as default, configure/edit/view policies in UI) namespace-b Policy applied to namespace: namespace-a kind: NetworkPolicy apiversion: extensions/v1beta1 metadata: name: allow-orange-to-blue-same-ns spec: podselector: matchlabels: type: blue ingress: - from: - podselector: matchlabels: type: red BRKDCN Cisco and/or its affiliates. All rights reserved. Cisco Public 17
18 Dual level Policy Enforcement by ACI Native API Default deny all traffic Both Kubernetes Network Policy and ACI Contracts are enforced in the Linux kernel of every server node that containers run on. apiversion: networking.k8s.io/v1 kind: NetworkPolicy metadata: name: default-deny spec: podselector: {} policytypes: - Ingress - Egress Containers are mapped to EPGs and contracts between EPGs are also enforced on all switches in the fabric where applicable. Both policy mechanisms can be used in conjunction. BRKDCN Cisco and/or its affiliates. All rights reserved. Cisco Public 18
19 Mapping Network Policy and EPGs Cluster Isolation Namespace Isolation Deployment Isolation Single EPG for entire cluster. (Default behavior) No need for any internal contracts. Each namespace is mapped to its own EPG. Contracts for inter-namespace traffic. Each deployment mapped to an EPG Contracts tightly control service traffic Key Map EP G NetworkPolicy Contract BRKDCN Cisco and/or its affiliates. All rights reserved. Cisco Public 19
20 Architecture Integration specific Updated Platform Upstream GUI + Stats APIC ACI Container Ctrl (ACC) VMM + APIC Model atomic-openshift-node CNI API Server Host Agent (HA) Opflex Agent (OA) Proxy Etcd OVS Datapath Master Node Leaf BRKDCN Cisco and/or its affiliates. All rights reserved. Cisco Public 20
21 Install Procedure 1. Install provisioning tool (provided as RPM and DEB packages). 2. Provision the fabric for OpenShift and save deployment YAML file. 3. Install OpenShift. 4. Apply the deployment YAML file to use ACI-Openshift CNI. 5. Update Openshift Router to use ACI fabric. BRKDCN Cisco and/or its affiliates. All rights reserved. Cisco Public 21
22 Installation Prerequisites Before installing the OpenShift integration, the following is assumed: A working ACI fabric install on a version 3.1 or later An existing configured Vmware ESXi VMM Domain An L3 Routed Outside, along with an L3 External Network that serves as external access. Any required route reflector configuration for fabric. A next-hop router connected to the l3 external network capable of doing SNAT and which can be configured with the required routes. For the full installation guide please refer to: Cisco ACI and Kubernetes Integration on Cisco.com: BRKDCN Cisco and/or its affiliates. All rights reserved. Cisco Public 22
23 (1/2) Installation: Pre-provisioning 1. Install the ACI containers provisioning tool (available from Cisco.com as RPM and DEB Packages): 2. Create a sample configuration file to be edited: acc_provision --sample > aci-containers-config.yaml 3. Push to the APIC for the fabric to be provisioned: acc_provision --flavor=openshift-3.6 -c aci-containers-config.yaml -o acicontainers.yaml -a -u [apic username] -p [apic password] Note: This will generate the file aci-containers.yaml that you will use after installing OpenShift. It also create files user- [system id].key and user-[system id].crt that contain the certificate used to connect to APIC. The file contents are security-sensitive. Save these files as you ll need them if you need to change the configuration later and want to avoid disrupting a running cluster because of a key change. BRKDCN Cisco and/or its affiliates. All rights reserved. Cisco Public 23
24 Install Procedure Install OpenShift Install Openshift using ansible as in [1], with the following exceptions: 1. Enable CNI, but DO NOT enable Redhat's CNI plugin 2. Open UDP port 8472 on the server s firewall on all nodes [1] BRKDCN Cisco and/or its affiliates. All rights reserved. Cisco Public 24
25 Install Procedure Deploy YAML file Deploy the CNI plugin with the following command on the OpenShift master node: oc apply -f aci-containers.yaml BRKDCN Cisco and/or its affiliates. All rights reserved. Cisco Public 25
26 Install Process Fix Openshift Router 1. Remove old router oc delete svc router oc delete dc router 2. Create container networking router oc adm router --service-account=router --host-network=false 3. Expose router service externally oc patch svc router -p '{"spec":{"type": "LoadBalancer"}}' BRKDCN Cisco and/or its affiliates. All rights reserved. Cisco Public 26
27 Troubleshooting - Cluster report Acikubectl command to override EPG mapping and debug the system. --help presents command help file [root@kube-master ~]# acikubectl This tool provides a simple way to manage Kubernetes objects and annotations for the ACI Containers Controller. This offers a simple way to manage the ACI policy for your containers. Usage: acikubectl [command] Available Commands: debug Commands to help diagnose problems with ACI containers get Get a value help Help about any command set Set a value Export Cluster Report Logs acikubectl debug cluster-report -o cluster-report.tar.gz BRKDCN Cisco and/or its affiliates. All rights reserved. Cisco Public 27
28 Load-balanced Traffic Logical Path ACI L3Out Interface L3Ext /0 Node1 IP Service Contract PBR Service Graph Node2 IP L3Ext /32 NodeN IP BRKDCN Cisco and/or its affiliates. All rights reserved. Cisco Public 28
29 Cloud Foundry BRKDCN Cisco and/or its affiliates. All rights reserved. Cisco Public 29
30 Demo
31 Cloud Foundry is an open source application development plaform that combines CF Application Runtime and CF Container Runtime technologies to run applications of any language or framework. BRKDCN Cisco and/or its affiliates. All rights reserved. Cisco Public 31
32 CF Container Network and Network Security Apps must route via GoRouter no source identify is preserved GoRouter represents a performance bottleneck and loss of source identity. ASGs only enforced on egress. Container-to-Container network policies are only enforced in the overlay network. Isolation segments are not applied within the overlay network. BRKDCN Cisco and/or its affiliates. All rights reserved. Cisco Public 32
33 ACI CF Container Network and Network Security with ACI External traffic SNAT-ed traffic Container to Container traffic Every App gets an IP LB for East-West in Host, North-South performed in fabric with option to bypass GoRouter. Policy control of ingress traffic by enforcement of ACI contracts at ingress. Preservation of source identity with SNAT address per App for outgoing traffic. Security policies enforced end-to-end for C-to-C, Container to VMs/Baremetal by combination of PCF Network Policy and ACI Policies. Enforcement of Isolation Segments as a network construct in overlay. Flexible mapping of Orgs, Spaces and Apps to ACI EPGs for added security. BRKDCN Cisco and/or its affiliates. All rights reserved. Cisco Public 33
34 Architecture BRKDCN Cisco and/or its affiliates. All rights reserved. Cisco Public 34
35 EPG Mapping BRKDCN Cisco and/or its affiliates. All rights reserved. Cisco Public 35
36 Installation Prerequisites Before installing the Cloud Foundry integration, the following is assumed: A working ACI fabric install on a version 3.1 or later An existing configured Vmware ESXi VMM Domain An L3 Routed Outside, along with an L3 External Network that serves as external access. Any required route reflector configuration for fabric. A next-hop router connected to the l3 external network capable of doing SNAT and which can be configured with the required routes. This is a Beta feature in 3.1. For assistance please contact the Cisco Technical Assistance Center. BRKDCN Cisco and/or its affiliates. All rights reserved. Cisco Public 36
37 (1/2) Installation: Pre-provisioning 1. Install the ACI containers provisioning tool: 2. Create a sample configuration file to be edited: acc_provision --sample > cf0-prov-config.yml 3. Push to the APIC for the fabric to be provisioned: acc_provision -c mycf0-prov-config.yaml -o mycf0-vars.yaml -f cloudfoundry-1.0 -a Note: This will generate the file aci-containers.yaml that you will use after installing OpenShift. It also create files user- [system id].key and user-[system id].crt that contain the certificate used to connect to APIC. The file contents are security-sensitive. Save these files as you ll need them if you need to change the configuration later and want to avoid disrupting a running cluster because of a key change. BRKDCN Cisco and/or its affiliates. All rights reserved. Cisco Public 37
38 Install Procedure Deploy CF with ACI Add-ons 1. After deploying Bosh Director, and having created a cloud config file, update the cloud config file using the following command: bosh update-cloud-config \ mycf0-cloud-config.yml \ -o manifest-generation/cloud_config_ops.yml -l mycf0-vars.yaml 2. Upload the required stemcell to BOSH director: export STEMCELL_VERSION=$(bosh int cf-deployment/cf-deployment.yml --path /stemcells/alias=default/version) bosh upload-stemcell 3. Upload the ACI add-ons BOSH release file to Director: bosh upload-release release/aci-containers-release beta1.tar.gz BRKDCN Cisco and/or its affiliates. All rights reserved. Cisco Public 38
39 Install Procedure Deploy CF with ACI Add-ons 4. Choose a DNS name (system domain) for your deployment and ensure that this name resolves to the reserved IP addresses you chose for GoRouter (e.g and ). Also ensure that wildcard DNS resolution is allowed. That is, if your system domain is mycf0.fab15.local, then all names like *.mycf0.fab15.local should resolve to the GoRouter s address. 5. Create a cf-deployment operations file, router-static-cf.yml to assign static address to the GoRoute type: replace path: /instance_groups/name=router/networks/name=default/static_ips? # Replace the addresses below with IPs reserved for GoRouter value: [" ", " "] BRKDCN Cisco and/or its affiliates. All rights reserved. Cisco Public 39
40 Install Procedure Deploy CF with ACI Add-ons 6. Deploy CloudFoundry (remember to replace <your-system-domain>). bosh deploy -d cf cf-deployment/cf-deployment.yml \ -o manifest-generation/cf_ops.yml \ --vars-store=mycf0-vars-store.yml \ -l mycf0-vars.yaml \ -v system_domain=<your-system-domain> 7. Verify that CloudFoundry has been deployed successfully. cf login --skip-ssl-validation -a -u admin -p $(bosh int mycf0-vars-store.yml --path /cf_admin_password) Expected output to look like: API endpoint: Authenticating... OK BRKDCN Cisco and/or its affiliates. All rights reserved. Cisco Public 40
41 Roadmap and Futures BRKDCN Cisco and/or its affiliates. All rights reserved. Cisco Public 41
42 Supported Container Application Platforms Baremetal ESXi KVM Open source Kubernetes Openshift Future Future Pivotal Cloud Foundry 3.1 Beta Future Swarm Future 200 Future Mesosphere Future 400 Future BRKDCN Cisco and/or its affiliates. All rights reserved. Cisco Public 42
43 Roadmap Platform Kubernetes 1.6 Support Features Containers on bare-metal servers PBR and distributed load balancing OVS / OpFlex integration. Platform Pivotal Cloud Foundry Kubernetes Openshift 3.7 ACI 3.0 Today Q2CY18 (F release) Future Platform Openshift 3.6 Kubernetes 1.7 Features Multipod Containers on ESXi Platform Docker EE Mesosphere Feature Multisite BRKDCN Cisco and/or its affiliates. All rights reserved. Cisco Public 43
44 Projects of Interest Istio SPIFFE Open Policy Agent (OPA) Aptomi BRKDCN Cisco and/or its affiliates. All rights reserved. Cisco Public 44
45 Conclusion ACI allows direct access to the ACI policy model, so that Container Orchestration Platforms they can participate as first-class citizens within an ACI fabric. Allow seamless interconnection of containers, VMs, and physical devices on an ACI fabric. Support native policy semantics, so that a container application that is specified using Kubernetes NetworkPolicy will work correctly out of the box. Leverage fabric resources forwarding and policy capabilities to offload and accelarate distributed network functions for scale, performance and density. BRKDCN Cisco and/or its affiliates. All rights reserved. Cisco Public 45
46 Demo
47 Cisco Spark How Questions? Use Cisco Spark to communicate with the speaker after the session 1. Find this session in the Cisco Live Mobile App 2. Click Join the Discussion 3. Install Spark or go directly to the space 4. Enter messages/questions in the space cs.co/ciscolivebot#brkdcn Cisco and/or its affiliates. All rights reserved. Cisco Public
48 Please complete your Online Session Evaluations after each session Complete 4 Session Evaluations & the Overall Conference Evaluation (available from Thursday) to receive your Cisco Live T-shirt All surveys can be completed via the Cisco Live Mobile App or the Communication Stations Complete Your Online Session Evaluation Don t forget: Cisco Live sessions will be available for viewing on-demand after the event at Cisco and/or its affiliates. All rights reserved. Cisco Public
49 Continue Your Education Demos in the Cisco campus Walk-in Self-Paced Labs Tech Circle Meet the Engineer 1:1 meetings Related sessions BRKDCN Cisco and/or its affiliates. All rights reserved. Cisco Public 49
50 Thank you
51
PSOACI Why ACI: An overview and a customer (BBVA) perspective. Technology Officer DC EMEAR Cisco
PSOACI-4592 Why ACI: An overview and a customer (BBVA) perspective TJ Bijlsma César Martinez Joaquin Crespo Technology Officer DC EMEAR Cisco Lead Architect BBVA Lead Architect BBVA Cisco Spark How Questions?
More informationKuber-what?! Learn about Kubernetes
DEVNET-1999 Kuber-what?! Learn about Kubernetes Ashley Roach, Principal Engineer Evangelist Agenda Objectives A brief primer on containers The problems with running containers at scale Orchestration systems
More informationRunning RHV integrated with Cisco ACI. JuanLage Principal Engineer - Cisco May 2018
Running RHV integrated with Cisco ACI JuanLage Principal Engineer - Cisco May 2018 Agenda Why we need SDN on the Data Center What problem are we solving? Introduction to Cisco Application Centric Infrastructure
More informationCisco UCS Director and ACI Advanced Deployment Lab
Cisco UCS Director and ACI Advanced Deployment Lab Michael Zimmerman, TME Vishal Mehta, TME Agenda Introduction Cisco UCS Director ACI Integration and Key Concepts Cisco UCS Director Application Container
More informationCisco Container Platform
Cisco Container Platform Pradnesh Patil Suhail Syed Cisco Spark How Questions? Use Cisco Spark to communicate with the speaker after the session 1. Find this session in the Cisco Live Mobile App 2. Click
More informationAGENDA Introduction Pivotal Cloud Foundry NSX-V integration with Cloud Foundry New Features in Cloud Foundry Networking NSX-T with Cloud Fou
NET1523BE INTEGRATING NSX AND CLOUD FOUNDRY Usha Ramachandran Staff Product Manager, Pivotal Sai Chaitanya Product Line Manager, VMware VMworld 2017 Content: Not for publication #VMworld AGENDA 1 2 3 4
More informationCONTAINERS AND MICROSERVICES WITH CONTRAIL
CONTAINERS AND MICROSERVICES WITH CONTRAIL Scott Sneddon Sree Sarva DP Ayyadevara Sr. Director Sr. Director Director Cloud and SDN Contrail Solutions Product Line Management This statement of direction
More informationDisclaimer This presentation may contain product features that are currently under development. This overview of new technology represents no commitme
NET1522BU Kubernetes Networking with NSX-T Deep Dive #VMworld #NET1522BU Disclaimer This presentation may contain product features that are currently under development. This overview of new technology
More informationCisco ACI and Pivotal Cloud Foundry Integration 2
Cisco ACI and Pivotal Cloud Foundry Integration New and Changed Information 2 Cisco ACI and Pivotal Cloud Foundry Integration 2 Preparation 2 Pivotal Cloud Foundry Compatibility 2 Preparing for Pivotal
More informationCloudCenter for Developers
DEVNET-1198 CloudCenter for Developers Conor Murphy, Systems Engineer Data Centre Cisco Spark How Questions? Use Cisco Spark to communicate with the speaker after the session 1. Find this session in the
More informationDisclaimer This presentation may contain product features that are currently under development. This overview of new technology represents no commitme
NET1522BE Kubernetes Networking with NSX-T Deep Dive Ali Al Idrees Yves Fauser #VMworld #NET1522BE Disclaimer This presentation may contain product features that are currently under development. This overview
More information2018 Cisco and/or its affiliates. All rights reserved. Cisco Public
2018 Cisco and/or its affiliates. All rights reserved. Cisco Public PSODCN-1030 Intent Based Systems Deliver Automation Dave Malik Cisco Fellow and Chief Architect Advanced Services @dmalik2 2018 Cisco
More informationBuilding NFV Solutions with OpenStack and Cisco ACI
Building NFV Solutions with OpenStack and Cisco ACI Domenico Dastoli @domdastoli INSBU Technical Marketing Engineer Iftikhar Rathore - INSBU Technical Marketing Engineer Agenda Brief Introduction to Cisco
More informationDynamic App Services in Containerized Environments
Dynamic App Services in Containerized Environments F5 Government Technology Symposium Mark Dittmer Sr Product Management Engineer Understanding the Container Market and Customer Challenges 1 Organization
More informationPSOACI Tetration Overview. Mike Herbert
Tetration Overview Mike Herbert Cisco Spark How Questions? Use Cisco Spark to communicate with the speaker after the session 1. Find this session in the Cisco Live Mobile App 2. Click Join the Discussion
More informationProject Calico v3.2. Overview. Architecture and Key Components. Project Calico provides network security for containers and virtual machine workloads.
Project Calico v3.2 Overview Benefits Simplicity. Traditional Software Defined Networks (SDNs) are complex, making them hard to deploy and troubleshoot. Calico removes that complexity, with a simplified
More informationDeploying Cloud-Agnostic Applications with Cisco CloudCenter
LTRCLD-2303 Deploying Cloud-Agnostic Applications with Cisco CloudCenter Zack Kielich CloudCenter Product Manager Vince Motto Sr. Technical Leader Andrew Horrigan Consulting Engineer Matt Tarkington Consulting
More informationTetration Hands-on Lab from Deployment to Operations Support
LTRACI-2184 Tetration Hands-on Lab from Deployment to Operations Support Furong Gisiger, Solutions Architect Lawrence Zhu, Sr. Solutions Architect Cisco Spark How Questions? Use Cisco Spark to communicate
More information2018 Cisco and/or its affiliates. All rights reserved. Cisco Public
Cisco ACI App Center Fabrice Servais, Software Engineer, Data Center Networking, Cisco Cisco Spark How Questions? Use Cisco Spark to communicate with the speaker after the session 1. Find this session
More informationAutomation and Programmability using Cisco Open NXOS and DevOps Tools
Automation and Programmability using Cisco Open NXOS and DevOps Tools Jeff Lester Sr. Solutions Integration Architect Matt Tarkington Consulting Engineer Services Cisco Spark How Questions? Use Cisco Spark
More informationVirtual Machine Manager Domains
This chapter contains the following sections: Cisco ACI VM Networking Support for Virtual Machine Managers, page 1 VMM Domain Policy Model, page 3 Virtual Machine Manager Domain Main Components, page 3,
More informationKubernetes Container Networking with NSX-T Data Center Deep Dive
Kubernetes Container Networking with NSX-T Data Center Deep Dive Yasen Simeonov, VMware, Inc. #vmworld NET1677BU #NET1677BU Disclaimer This presentation may contain product features or functionality that
More informationProject Calico v3.1. Overview. Architecture and Key Components
Project Calico v3.1 Overview Benefits Simplicity. Traditional Software Defined Networks (SDNs) are complex, making them hard to deploy and troubleshoot. Calico removes that complexity, with a simplified
More informationIntegration of Hypervisors and L4-7 Services into an ACI Fabric. Azeem Suleman, Principal Engineer, Insieme Business Unit
Integration of Hypervisors and L4-7 Services into an ACI Fabric Azeem Suleman, Principal Engineer, Insieme Business Unit Agenda Introduction to ACI Review of ACI Policy Model Hypervisor Integration Layer
More information5 days lecture course and hands-on lab $3,295 USD 33 Digital Version
Course: Duration: Fees: Cisco Learning Credits: Kit: DCAC9K v1.1 Cisco Data Center Application Centric Infrastructure 5 days lecture course and hands-on lab $3,295 USD 33 Digital Version Course Details
More informationCisco Application Centric Infrastructure and Microsoft SCVMM and Azure Pack
White Paper Cisco Application Centric Infrastructure and Microsoft SCVMM and Azure Pack Introduction Cisco Application Centric Infrastructure (ACI) is a next-generation data center fabric infrastructure
More informationS Implementing DevOps and Hybrid Cloud
S- Implementing DevOps and Hybrid Cloud Srihari Angaluri Lenovo Data Center Group Red Hat Summit // Outline DevOps and Containers Architectural Considerations Lenovo Cloud Technology Center Implementing
More informationACI Multi-Site Architecture and Deployment. Max Ardica Principal Engineer - INSBU
ACI Multi-Site Architecture and Deployment Max Ardica Principal Engineer - INSBU Agenda ACI Network and Policy Domain Evolution ACI Multi-Site Deep Dive Overview and Use Cases Introducing ACI Multi-Site
More informationCustomer s journey into the private cloud with Cisco Enterprise Cloud Suite
Customer s journey into the private cloud with Cisco Enterprise Cloud Suite Peter Charpentier, Senior Solution Architect, Cisco AS Cisco Spark How Questions? Use Cisco Spark to communicate with the speaker
More informationCisco Application Centric Infrastructure
Data Sheet Cisco Application Centric Infrastructure What s Inside At a glance: Cisco ACI solution Main benefits Cisco ACI building blocks Main features Fabric Management and Automation Network Security
More informationSecure Kubernetes Container Workloads
Secure Kubernetes Container Workloads with Production-Grade Networking Cynthia Thomas Irena Berezovsky Tim Hockin CIA IT operations have top secret apps for their agents, most of which require isolation
More informationHybrid Cloud Automation using Cisco CloudCenter API
Hybrid Cloud Automation using Cisco CloudCenter API Ray Doerr, Advanced Services Engineer Cisco Spark How Questions? Use Cisco Spark to communicate with the speaker after the session 1. Find this session
More informationDisclaimer This presentation may contain product features that are currently under development. This overview of new technology represents no commitme
CNA1142BE Developer-Ready Infrastructure from VMware and Pivotal Merlin Glynn (Vmware) Ramiro Salas (Pivotal) #VMworld #CNA1142BE Disclaimer This presentation may contain product features that are currently
More informationDisclaimer This presentation may contain product features that are currently under development. This overview of new technology represents no commitme
CNA1509BU Developer-Ready Infrastructure from VMware and Pivotal Merlin Glynn, VMware Ramiro Salas, Pivotal #VMworld #CNA1509BU Disclaimer This presentation may contain product features that are currently
More informationWolfram Richter Red Hat. OpenShift Container Netzwerk aus Sicht der Workload
Wolfram Richter Red Hat OpenShift Container Netzwerk aus Sicht der Workload Why this session? OpenShift is great for web applications, but we want to do X will this work? X { Analytics, Non-HTTP, High-
More informationConfiguring Cisco Nexus 9000 Series Switches in ACI Mode (DCAC9K) v3.0
Configuring Cisco Nexus 9000 Series Switches in ACI Mode (DCAC9K) v3.0 What you ll learn in this course The Configuring Cisco Nexus 9000 Series Switches in ACI Mode (DCAC9K) v3.0 course is designed for
More informationVirtualization Design
VMM Integration with UCS-B, on page 1 VMM Integration with AVS or VDS, on page 3 VMM Domain Resolution Immediacy, on page 6 OpenStack and Cisco ACI, on page 8 VMM Integration with UCS-B About VMM Integration
More informationLife of a Packet. KubeCon Europe Michael Rubin TL/TLM in GKE/Kubernetes github.com/matchstick. logo. Google Cloud Platform
logo Life of a Packet KubeCon Europe 2017 Michael Rubin TL/TLM in GKE/Kubernetes github.com/matchstick Google Cloud Platform Kubernetes is about clusters Because of that, networking
More information2018 Cisco and/or its affiliates. All rights reserved.
Beyond Data Center A Journey to self-driving Data Center with Analytics, Intelligent and Assurance Mohamad Imaduddin Systems Engineer Cisco Oct 2018 App is the new Business Developer is the new Customer
More informationKubernetes made easy with Docker EE. Patrick van der Bleek Sr. Solutions Engineer NEMEA
Kubernetes made easy with Docker EE Patrick van der Bleek Sr. Solutions Engineer NEMEA Docker Enterprise Edition is More than Containers + Orchestration... DOCKER ENTERPRISE EDITION Kubernetes integration
More informationDeploy Microsoft SQL Server 2014 on a Cisco Application Centric Infrastructure Policy Framework
White Paper Deploy Microsoft SQL Server 2014 on a Cisco Application Centric Infrastructure Policy Framework August 2015 2015 Cisco and/or its affiliates. All rights reserved. This document is Cisco Public.
More informationUsing Network Virtualization in DevOps environments Yves Fauser, 22. March 2016 (Technical Product Manager VMware NSBU)
Using Network Virtualization in DevOps environments Yves Fauser, 22. March 2016 (Technical Product Manager VMware NSBU) 2014 VMware Inc. All rights reserved. Who is standing in front of you? Yves Fauser
More informationOpenShift Dedicated 3 Release Notes
OpenShift Dedicated 3 Release Notes Last Updated: 2018-05-17 OpenShift Dedicated 3 Release Notes Legal Notice Copyright 2018 Red Hat, Inc. The text of and illustrations in this document are licensed by
More informationWHITE PAPER. RedHat OpenShift Container Platform. Benefits: Abstract. 1.1 Introduction
WHITE PAPER RedHat OpenShift Container Platform Abstract Benefits: Applications are designed around smaller independent components called microservices. Elastic resources: Scale up or down quickly and
More informationIntuit Application Centric ACI Deployment Case Study
Intuit Application Centric ACI Deployment Case Study Joon Cho, Principal Network Engineer, Intuit Lawrence Zhu, Solutions Architect, Cisco Agenda Introduction Architecture / Principle Design Rollout Key
More informationNSX Data Center Load Balancing and VPN Services
NET2761BU NSX Data Center Load Balancing and VPN Services Derek Deukyoon Kang, VMware, Inc. Vinay Reddy, VMware, Inc. #vmworld #NET2761BU Disclaimer This presentation may contain product features or functionality
More informationIntroducing Cisco Network Assurance Engine
BRKACI-2403 Introducing Cisco Network Assurance Engine Intent Based Networking for Data Centers Sundar Iyer, Distinguished Engineer Head Cisco Network Assurance Engine Team Dhruv Jain, Director of Product
More informationContiv installation and integration with ACI
Contiv installation and integration with ACI http://contiv.ciscolive.com Haroun Dass Customer Solutions Architect hdass@cisco.com Luis Flores System Engineer luflores@cisco.com @Luis_E_Flores Cesar Obediente
More informationSegmentation. Threat Defense. Visibility
Segmentation Threat Defense Visibility Establish boundaries: network, compute, virtual Enforce policy by functions, devices, organizations, compliance Control and prevent unauthorized access to networks,
More informationwith ACI Any workload anywhere.
Cisco IT: Scalable Enterprise UCS with ACI Any workload anywhere. Hugh Flanagan, Senior IT Engineer Jason Stevens, IT Engineer BRKCOC-0 Agenda Introduction Challenges of Large Scale UCS Deployments in
More informationCisco ACI vcenter Plugin
This chapter contains the following sections: About Cisco ACI with VMware vsphere Web Client, page 1 Getting Started with, page 2 Features and Limitations, page 7 GUI, page 12 Performing ACI Object Configurations,
More informationDisclaimer This presentation may contain product features that are currently under development. This overview of new technology represents no commitme
NET1949BU Seamless Network Connectivity for Virtual and Bare-metal s with NSX Suresh Thiru Sridhar Subramanian VMworld 2017 Content: Not for publication VMworld 2017 - NET1949BU Disclaimer This presentation
More informationCisco Tetration Analytics
Cisco Tetration Analytics Real-time application visibility and policy management using advanced analytics Yogesh Kaushik, Sr. Director Product Management PSOACI-2100 Agenda Market context Introduction:
More informationCisco SDN 解决方案 ACI 的基本概念
Cisco SDN 解决方案 ACI 的基本概念 Presented by: Shangxin Du(@shdu)-Solution Support Engineer, Cisco TAC Aug 26 th, 2015 2013 Cisco and/or its affiliates. All rights reserved. 1 Type Consumption Delivery Big data,
More informationDisclaimer This presentation may contain product features that are currently under development. This overview of new technology represents no commitme
CNA2080BU Deep Dive: How to Deploy and Operationalize Kubernetes Cornelia Davis, Pivotal Nathan Ness Technical Product Manager, CNABU @nvpnathan #VMworld #CNA2080BU Disclaimer This presentation may contain
More informationApplication Centric Microservices Ken Owens, CTO Cisco Intercloud Services. Redhat Summit 2015
Application Centric Microservices Ken Owens, CTO Cisco Intercloud Services Redhat Summit 2015 Agenda Introduction Why Application Centric Application Deployment Options What is Microservices Infrastructure
More informationRouting Underlay and NFV Automation with DNA Center
BRKRST-1888 Routing Underlay and NFV Automation with DNA Center Prakash Rajamani, Director, Product Management Cisco Spark How Questions? Use Cisco Spark to communicate with the speaker after the session
More informationCisco ACI Virtual Machine Networking
This chapter contains the following sections: Cisco ACI VM Networking Supports Multiple Vendors' Virtual Machine Managers, page 1 Virtual Machine Manager Domain Main Components, page 2 Virtual Machine
More informationDevOps CICD for VNF a NetOps Approach
DevOps CICD for VNF a NetOps Approach Renato Fichmann Senior Solutions Architect Cisco Advanced Services Cisco Spark How Questions? Use Cisco Spark to communicate with the speaker after the session 1.
More informationCisco HyperFlex Systems
White Paper Cisco HyperFlex Systems Install and Manage Cisco HyperFlex Systems in a Cisco ACI Environment Original Update: January 2017 Updated: March 2018 Note: This document contains material and data
More informationHybrid Cloud Solutions
Hybrid Cloud Solutions with Cisco and Microsoft Innovation Rob Tappenden, Technical Solution Architect rtappend@cisco.com March 2016 Today s industry and business challenges Industry Evolution & Data Centres
More informationCisco ACI Virtual Machine Networking
This chapter contains the following sections: Cisco ACI VM Networking Supports Multiple Vendors' Virtual Machine Managers, page 1 Virtual Machine Manager Domain Main Components, page 2 Virtual Machine
More informationDevNet Workshop-Hands-on with CloudCenter and Jenkins
DevNet Workshop-Hands-on with CloudCenter and Jenkins Tuan Nguyen, Technical Marketing Engineer, CPSG Cisco Spark How Questions? Use Cisco Spark to communicate with the speaker after the session 1. Find
More informationCisco Virtual Update Container networking. Hans Donnerborg, Lars Granberg, Maj 2018
Cisco Virtual Update Container networking Hans Donnerborg, hdonnerb@cisco.com Lars Granberg, lagranbe@cisco.com Maj 2018 Why ACI for Application Container Platforms Turnkey solution for node and container
More informationLayer 4 to Layer 7 Design
Service Graphs and Layer 4 to Layer 7 Services Integration, page 1 Firewall Service Graphs, page 5 Service Node Failover, page 10 Service Graphs with Multiple Consumers and Providers, page 12 Reusing a
More informationRed Hat JBoss Middleware for OpenShift 3
Red Hat JBoss Middleware for OpenShift 3 OpenShift Primer Get started with OpenShift Last Updated: 2018-01-09 Red Hat JBoss Middleware for OpenShift 3 OpenShift Primer Get started with OpenShift Legal
More informationBuilding Kubernetes cloud: real world deployment examples, challenges and approaches. Alena Prokharchyk, Rancher Labs
Building Kubernetes cloud: real world deployment examples, challenges and approaches Alena Prokharchyk, Rancher Labs Making a right choice is not easy The illustrated children guide to Kubernetes https://www.youtube.com/watch?v=4ht22rebjno
More informationACI Terminology. This chapter contains the following sections: ACI Terminology, on page 1. Cisco ACI Term. (Approximation)
This chapter contains the following sections:, on page 1 Alias API Inspector App Center Alias A changeable name for a given object. While the name of an object, once created, cannot be changed, the Alias
More informationNXOS in the Real World Using NX-API REST
NXOS in the Real World Using NX-API REST Adrian Iliesiu Corporate Development Engineer Cisco Spark How Questions? Use Cisco Spark to communicate with the speaker after the session 1. Find this session
More informationContiv installation and integration with ACI. LTRCLD-2003
Contiv installation and integration with ACI LTRCLD-2003 http://contiv.ciscolive.com Cesar Obediente CCIE#5620 Principal Systems Engineer Gaurav Dalvi Software Engineer Future of IT is Changing People/Process
More informationCisco Virtualized Infrastructure Manager
DEVNET-2570 Virtualized Infrastructure Manager Suhail Syed, Product Manager Vamsi Krihsna Kuppur, Product Manager Spark How Questions? Use Spark to communicate with the speaker after the session 1. Find
More informationCisco ACI with Cisco AVS
This chapter includes the following sections: Cisco AVS Overview, page 1 Cisco AVS Installation, page 6 Key Post-Installation Configuration Tasks for the Cisco AVS, page 43 Distributed Firewall, page 62
More informationDisclaimer This presentation may contain product features that are currently under development. This overview of new technology represents no commitme
CNA1612BU Deploying real-world workloads on Kubernetes and Pivotal Cloud Foundry VMworld 2017 Fred Melo, Director of Technology, Pivotal Merlin Glynn, Sr. Technical Product Manager, VMware Content: Not
More informationCisco IT Compute at Scale on Cisco ACI
Cisco IT ACI Deployment White Papers Cisco IT Compute at Scale on Cisco ACI This is the fourth white paper in a series of case studies that explain how Cisco IT deployed ACI to deliver improved business
More informationENHANCE APPLICATION SCALABILITY AND AVAILABILITY WITH NGINX PLUS AND THE DIAMANTI BARE-METAL KUBERNETES PLATFORM
JOINT SOLUTION BRIEF ENHANCE APPLICATION SCALABILITY AND AVAILABILITY WITH NGINX PLUS AND THE DIAMANTI BARE-METAL KUBERNETES PLATFORM DIAMANTI PLATFORM AT A GLANCE Modern load balancers which deploy as
More informationVMware Integrated OpenStack with Kubernetes Getting Started Guide. VMware Integrated OpenStack 4.0
VMware Integrated OpenStack with Kubernetes Getting Started Guide VMware Integrated OpenStack 4.0 VMware Integrated OpenStack with Kubernetes Getting Started Guide You can find the most up-to-date technical
More informationCisco CloudCenter Solution with Cisco ACI: Common Use Cases
Cisco CloudCenter Solution with Cisco ACI: Common Use Cases Cisco ACI increases network security, automates communication policies based on business-relevant application requirements, and decreases developer
More informationVMWARE ENTERPRISE PKS
DATASHEET AT A GLANCE VMware Enterprise PKS is a productiongrade Kubernetes-based container solution equipped with advanced networking, a private container registry, and full lifecycle management. VMware
More informationVMWARE PIVOTAL CONTAINER SERVICE
DATASHEET VMWARE PIVOTAL CONTAINER SERVICE AT A GLANCE VMware Pivotal Container Service (PKS) is a production-grade Kubernetes-based container solution equipped with advanced networking, a private container
More informationKubernetes Ingress Virtual Service Configuration
Page 1 of 10 Kubernetes Ingress Virtual Service Configuration view online In a Kubernetes cloud, Kubernetes Ingress creation triggers creation of north-south or Ingress Avi Vantage virtual service and
More informationCisco ACI Simulator VM Installation Guide
Cisco ACI Simulator VM Installation Guide New and Changed Information 2 About the Application Policy Infrastructure Controller 2 About the ACI Simulator Virtual Machine 2 Simulator VM Topology and Connections
More informationEASILY DEPLOY AND SCALE KUBERNETES WITH RANCHER
EASILY DEPLOY AND SCALE KUBERNETES WITH RANCHER 2 WHY KUBERNETES? Kubernetes is an open-source container orchestrator for deploying and managing containerized applications. Building on 15 years of experience
More informationCloud Mobility: Meraki Wireless & EMM
BRKEWN-2002 Cloud Mobility: Meraki Wireless & EMM Emily Sporl Cisco Spark How Questions? Use Cisco Spark to communicate with the speaker after the session 1. Find this session in the Cisco Live Mobile
More informationAutomate Application Deployment with F5 Local Traffic Manager and Cisco Application Centric Infrastructure
Automate Application Deployment with F5 Local Traffic Manager and Cisco Application Centric Infrastructure White Paper 2016 Cisco F5 Networks. All rights reserved. Page 1 Contents What You Will Learn...
More informationCisco SD-Access Hands-on Lab
LTRCRS-2810 Cisco SD-Access Hands-on Lab Larissa Overbey - Technical Marketing Engineer, Cisco Derek Huckaby - Technical Marketing Engineer, Cisco https://cisco.box.com/v/ltrcrs-2810-bcn2018 Password:
More informationServices and Networking
This chapter contains the following topics: Load Balancing Kubernetes Services using NGINX, on page 1 Network Policies, on page 6 Load Balancer Services, on page 7 Load Balancing Kubernetes Services using
More informationMulti-Site Use Cases. Cisco ACI Multi-Site Service Integration. Supported Use Cases. East-West Intra-VRF/Non-Shared Service
Cisco ACI Multi-Site Service Integration, on page 1 Cisco ACI Multi-Site Back-to-Back Spine Connectivity Across Sites Without IPN, on page 8 Bridge Domain with Layer 2 Broadcast Extension, on page 9 Bridge
More informationGet Hands On With DNA Center APIs for Managing Intent
DEVNET-3620 Get Hands On With DNA Center APIs for Managing Intent Adam Radford Distinguished Systems Engineer Cisco Spark How Questions? Use Cisco Spark to communicate with the speaker after the session
More informationCisco ACI Multi-Pod/Multi-Site Deployment Options Max Ardica Principal Engineer BRKACI-2003
Cisco ACI Multi-Pod/Multi-Site Deployment Options Max Ardica Principal Engineer BRKACI-2003 Agenda ACI Introduction and Multi-Fabric Use Cases ACI Multi-Fabric Design Options ACI Stretched Fabric Overview
More informationOrchestration: Accelerate Deployments and Reduce Operational Risk. Nathan Pearce, Product Development SA Programmability & Orchestration Team
Orchestration: Accelerate Deployments and Reduce Operational Risk Nathan Pearce, Product Development SA Programmability & Orchestration Team Agenda 1 2 3 Industry Trends Customer Journey Use Cases 2016
More informationDesign Guide for Cisco ACI with Avi Vantage
Page 1 of 23 Design Guide for Cisco ACI with Avi Vantage view online Overview Cisco ACI Cisco Application Centric Infrastructure (ACI) is a software defined networking solution offered by Cisco for data
More informationPractical Applications of Cisco ACI Micro Segmentation
BRKACI-2301 Practical Applications of Cisco ACI Micro Segmentation @JuanLage, Principal Engineer INSBU Cisco Spark How Questions? Use Cisco Spark to communicate with the speaker after the session 1. Find
More informationVMware Integrated OpenStack with Kubernetes Getting Started Guide. VMware Integrated OpenStack 4.1
VMware Integrated OpenStack with Kubernetes Getting Started Guide VMware Integrated OpenStack 4.1 You can find the most up-to-date technical documentation on the VMware website at: https://docs.vmware.com/
More informationCisco Tetration Analytics Demo. Ing. Guenter Herold Area Manager Datacenter Cisco Austria GmbH
Cisco Tetration Analytics Demo Ing. Guenter Herold Area Manager Datacenter Cisco Austria GmbH Agenda Introduction Theory Demonstration Innovation Through Engineering
More informationMP-BGP VxLAN, ACI & Demo. Brian Kvisgaard System Engineer, CCIE SP #41039 November 2017
MP-BGP VxLAN, ACI & Demo Brian Kvisgaard System Engineer, CCIE SP #41039 November 2017 Datacenter solutions Programmable Fabric Classic Ethernet VxLAN-BGP EVPN standard-based Cisco DCNM Automation Modern
More informationLTRDCT-2781 Building and operating VXLAN BGP EVPN Fabrics with Data Center Network Manager
LTRDCT-2781 Building and operating VXLAN BGP EVPN Fabrics with Data Center Network Manager Henrique Molina, Technical Marketing Engineer Matthias Wessendorf, Technical Marketing Engineer Cisco Spark How
More informationTaming your heterogeneous cloud with Red Hat OpenShift Container Platform.
Taming your heterogeneous cloud with Red Hat OpenShift Container Platform martin@redhat.com Business Problem: Building a Hybrid Cloud solution PartyCo Some Bare Metal machines Mostly Virtualised CosPlayUK
More informationBuilding a Video Optimized Private Cloud Platform on Cisco Infrastructure Rohit Agarwalla, Technical
Building a Video Optimized Private Cloud Platform on Cisco Infrastructure Rohit Agarwalla, Technical Leader roagarwa@cisco.com, @rohitagarwalla DEVNET-1106 Agenda Cisco Media Blueprint Media Workflows
More informationContainers, Serverless and Functions in a nutshell. Eugene Fedorenko
Containers, Serverless and Functions in a nutshell Eugene Fedorenko About me Eugene Fedorenko Senior Architect Flexagon adfpractice-fedor.blogspot.com @fisbudo Agenda Containers Microservices Docker Kubernetes
More informationCisco ACI Terminology ACI Terminology 2
inology ACI Terminology 2 Revised: May 24, 2018, ACI Terminology Cisco ACI Term Alias API Inspector App Center Application Policy Infrastructure Controller (APIC) Application Profile Atomic Counters Alias
More information