Enterprise SDN - APIC Enterprise Module

Similar documents
Get Hands On With DNA Center APIs for Managing Intent

Network Automation and Branch Agility The Network Helps Enable Digital Business. Rajinder Singh Product Sales Specialist June 2016

Cisco APIC-EM Components and Architecture, page 3. About the Cisco Application Policy Infrastructure Controller Enterprise Module (APIC-EM), page 1

Simplify and automate your network with Cisco DNA

IWAN APIC-EM Application Cisco Intelligent WAN

DNA Automation Services Offerings

Delivering Enterprise SDN. Now. Simplify and Automate Your Network for Digital Transformation

Cisco APIC Enterprise Module Simplifies Network Operations

Networking in the Digital Era

Cisco IWAN Application on DNA Center Quick Start Guide, Release 1.1 Patch 1, Limited Availability

Cisco IWAN Application 2.2 on DNA Center, Quick Start Guide

Simplify and Automate Your Network with Cisco DNA. Brink Sanders Managing Director, Software and Network Transformation 12 May 2017

APIC-EM. Adam Radford Distinguished Systems Engineer

Pradeep Kathail Chief Software Architect Network Operating Systems Technology Group, Cisco Systems Inc.

Distributed Branch Deployment Costs

Enabling Quality of Service with Cisco SDN. Jon Snyder

Routing Underlay and NFV Automation with DNA Center

APIC-EM / EasyQoS - End to End Orchestration of QoS in Enterprise Networks

SDN Security BRKSEC Alok Mittal Security Business Group, Cisco

Cisco APIC-EM Network Path Visualization v1

Cisco Application Policy Infrastructure Controller Enterprise Module Administrator Guide, Release 1.6.x

APIC-EM Vedran Hafner Systems Engineer

Performing Path Traces

SDN Led IT Operations Management with APIC-EM and Prime Infrastructure Ronnie Ray BRKNMS-1036

Cisco Path Trace Application on APIC-EM User Guide, Release x

Cisco Digital Network Architecture The Network Enables Digital Business. Rene Andersen Cisco DK

Configuring the Cisco APIC-EM Settings

Cisco Path Trace Application on APIC-EM User Guide, Release x

Accelerate Service Delivery with Network Service Orchestration

Read the following information carefully, before you begin an upgrade.

Multi-Cloud and Application Centric Modeling, Deployment and Management with Cisco CloudCenter (CliQr)

Borderless Networks. Tom Schepers, Director Systems Engineering

Cisco Wide Area Bonjour Solution Overview

Supported Platforms for Cisco Path Trace, Release x. This document describes the supported platforms for the Cisco Path Trace, Release x.

UCS Management Architecture Deep Dive

Več kot SDN - SDA arhitektura v uporabniških omrežjih

Deploying and Administering Cisco s Digital Network Architecture (DNA) and Intelligent WAN (IWAN) (DNADDC)

Optimising SP Networks with WAN Automation Engine

CCNA ICND Exam Updates

Intelligent WAN: Leveraging the Internet Secure WAN Transport and Internet Access

Simulating Networks Using Cisco Modelling Labs

Cisco ONE Software Overview. October 2017

PnP Deep Dive Hands-on with APIC-EM and Prime Infrastructure

Next Gen Enterprise Management and Operations with Cisco DNA

Configuring Cisco Network Plug and Play

Multi-Cloud and Application Centric Modeling, Deployment and Management with Cisco CloudCenter (CliQr)

THE NETWORK. INTUITIVE. Powered by intent, informed by context. Rajinder Singh Product Sales Specialist - ASEAN August 2017

Fast IT - Policy Driven Infrastructure for the Intercloud World

Cisco DNA. Digital Network Architecture.

Sourcefire Network Security Analytics: Finding the Needle in the Haystack

Release Notes for Cisco Application Policy Infrastructure Controller Enterprise Module, Release x

Use Plug and Play to Deploy New Devices

Cisco pxgrid: A New Architecture for Security Platform Integration

Cisco UCS Director and ACI Advanced Deployment Lab

PSOACI Tetration Overview. Mike Herbert

Inside Cisco IT: Zero Touch Deployment Using Cisco Prime Infrastructure

Orchestration: Accelerate Deployments and Reduce Operational Risk. Nathan Pearce, Product Development SA Programmability & Orchestration Team

Digital Network Architecture

2018 Cisco and/or its affiliates. All rights reserved. Cisco Public

Internet of Things Field Network Director

Cisco Prime Infrastructure 3.0

Cisco Tetration Analytics

Cisco SD-Access Building the Routed Underlay

DC: Le Converged Infrastructure per Software Defined e Cloud Cisco NetApp - Softway. Luigi MARCOCCHIA SOFTWAY

Transforming the Network for the Digital Business

Using Event-Driven SDN for Dynamic DDoS Mitigation

vbranch Introduction and Demo

Cisco.Network.Intuitive FastLane IT Forum. Andreas Korn Systems Engineer

Get Started with Cisco DNA Center

Intelligent WAN : CVU update

Cisco SD-WAN (Viptela) Migration, QoS and Advanced Policies Hands-on Lab

Tetration Hands-on Lab from Deployment to Operations Support

Fundamentals and Deployment of Cisco SD-WAN Duration: 3 Days (24 hours) Prerequisites

Reviewing the API Documentation

2018 Cisco and/or its affiliates. All rights reserved. Cisco Public

APIs Assist Troubleshooting in Manufacturing

Modelos de Negócio na Era das Clouds. André Rodrigues, Cloud Systems Engineer

Cisco ACI Simulator VM Installation Guide

Cisco ONE Enterprise Cloud Suite

Cisco SD-WAN and DNA-C

Policy Driven Data Centre with ACI

Deploying IWAN Routers

Enterprise Network Compute System (ENCS)

Cisco Virtual Managed Services

Cisco Day Hotel FourPoints Mons Ljubljana, Slovenia. Cisco Slovenia

Autonomic Networking BRKGEN Michael Behringer

UCS Management Deep Dive

Cisco Prime for Enterprise Innovative Network Management

Cisco Modelling Labs Lessons from a Virtual World

Customer s journey into the private cloud with Cisco Enterprise Cloud Suite

Deploying Cloud Network Services Prime Network Services Controller (formerly VNMC)

Cloud Intelligent Network

LiveAction IWAN Management

CREATING A CLOUD STRONGHOLD: Strategies and Methods to Manage and Secure Your Cloud

Cisco Exam Questions & Answers

Cisco CloudCenter Solution with Cisco ACI: Common Use Cases

Get Started with Cisco DNA Center

Deploying Devices. Cisco Prime Infrastructure 3.1. Job Aid

The Road to Digital Transformation: Increase Agility Building and Managing Cloud Infrastructure. Albert Law Solution Architect Manager

Applications of SDN in Cisco

Transcription:

Enterprise SDN - APIC Enterprise Module Adam Radford Distinguished Systems Engineer #clmel

Agenda Introduction APIC-EM NB API Scale out Interaction with Prime Infrastructure Conclusion

Introduction

Maturity Model Level 0/10 Level 1 Level 2 Level 3

Cisco ACI Common Policy Model APPLICATION PROFILE USER ACCESS APIC EM

Cisco APIC Enterprise Module Architecture Security QoS ZTD Path Selection Cisco and Third Party Applications REST API Cisco APIC Enterprise Module Exposes Network Intelligence For Business Innovation Network Info Database Policy Infrastructure CLI, Netconf, etc API Automation Abstracts Network Devices to Mask Complexity Treat Network as a System Network Devices Catalyst, ASR, ISR

Policy Engine Business Intent Intent Policies High Level Constructs Translation Translation of high level constructs to network control functions reduces skills gaps and clarifies policy procedures Network Control Functions QoS Configuration ACL

An Example Intent Policies UI:: BradWebAllow: Brad Web allow High Level Constructs Policy Manager:: Business Policy -> Network Policy Translation Policy Programmer:: Network Policy-> Network Cmds Network Control Functions Scanner-Service:: Network Commands -> device QoS Configuration ACL

configuration Evolution to a Campus/WAN Policy Model Today ACI policy policy policy traditional traditional traditional Time

configuration Reality of Adoption Today policy traditional Traditional Read Only Apps Earn Trust traditional Time

APIC-EM

APIC-EM: Services Layered View APIC-EM Services APIC-EM Apps NETWORK MODEL DEVICE MODEL DEVICE INTERFACE Easy QoS Visualiser Discovery Easy QoS Business Intent to Network Intent Conversion Policy Programmer (QoS, ACL) Inventory Application Visualiser Inventory Visualiser Policy Analysis Policy Manager Network Tapping Network Discovery Network Tapping Visualiser Topology Visualiser NB REST API Conflict Detection and Resolution (BI and NI) Application Visibility Network Events Policy Manager Compliance Check Pxgrid Client + LDAP client Topology PfR Network Programmer IWAN Services Network PnP ACL Visualiser Radius Proxy + LDAP client PnP APIC-EM Services IWAN Services Basic Services for Controller Availability 13 NETWORK

Controller Home Page

Topology

Path Trace Application 5 Tuple Exact path through network - Netflow - Cef - Traceroute for unknown

MapCollab Server Use Case: Path Visualisation via Collaboration App MapCollab App CUCM Cluster SIP Registration SIP Registration SIP Messages SIP Messages 1 5 tuple Information on active calls: WWW & REST API 4 User Sees Path (UI) 5 Tuple 2 APIC Path 3 MapCollab Clients 17

Path Trace CAPWAP Tunnels

Cisco Intelligent WAN (IWAN) App for the APIC-EM Enables IT automation through centrally managed policies Simplified workflows use case driven with step-by-step provisioning Zero touch provisioning plug & play for remote devices without user intervention Business - level policies application rules drive network actions and abstraction of underlying policy configurations Open architecture northbound API Network and application monitoring status, alerting of network issue 19

Cisco Intelligent WAN App for APIC-EM Business Policy: App SLA APP DMVPN SLA QoS Security Path Selection NETWORK IT Admin Access Application Network Profile SDN Simple Workflow Templates Zero Touch Provisioning Network, Applications Monitoring Business Level Policies Open Architecture Business Policy Dictates Network Action

Site topology choices in IWAN app

Link type selection in IWAN app

Application priority policy setting in IWAN app

Network Plug-N-Play Simple, Secure, Scalable Today s Process Network PnP Ships equipment Reseller/Part ner Central Staging Facility Network Admin Install OS Install base config 2 1 Pre Provision Projects/Sites Network Admin Install & Power-on devices 3 Monitor device installation Installer Installer Network Admin Site-1 Site-2 Site-3 Site(s) Unskilled Installer GUI Based Consistent for devices & PIN(Campus/Branch) Secure Zero-touch RMA Greenfield & Brownfield

NB API

Three Classes of Use Case NetOps Net Integration Net Innovation Cultural change: "TEST and VERIFY" "TRUST" "HOW" to "WHAT"

RESTful Services Exposed

API: VERBS + NOUNS + SYNTAX GET POST PUT DELETE /host /link /network-device /interface JSON Syntax: { "policyowner": "Admin", "networkuser": {"useridentifiers":["40.0.0.15"], "applications":[{"raw": "12340;UDP"}] } } Header: Content-Type: Application/JSON https://test-apic/api/v0/policy GET/POST

General Structure GET /noun/count, /noun/{id}, /noun?offset=1&limit=500, /noun/1/500 POST Now Asynchronous. Returns 202 status code and a taskid GET /api/v0/task/{taskid} to find out result PUT Now Asynchronous. Returns 202 status code and a taskid GET /api/v0/task/{taskid} to find out result DELETE Now Asynchronous. Returns 202 status code and a taskid GET /api/v0/task/{taskid} to find out result

Swagger

Try it out!!!

Postman URI (Noun) Verb Syntax Response Code Body

API Structure 2 /ztd-site/ /device 1 /file-service/ file/config file/image /ztd-device 3 33

Create a Rule https://adam-ztd:443/api/v0/ztd-site/device POST { "hostname" : "test-switch6", "site" : "Sydney", "platformid" : "WS-C2960X-48FPD-L" } IMPORTANT: Name of "site" rather than UUID These are only three mandatory attributes Default "status" is PENDING "serialnumber", "configid", "imageid", are often used 34

User Interface 35

More on API developer.cisco.com

Scale Out

Grapevine Console service Start/stop

Architecture Physical Host Root VM: Manage client spin-up. Operation and update of services. Service catalog Client VM(s): Controlled by root. Where services run Client VM(s): Controlled by root. Where services run

Stateless Services $./bin/harvest_all_clients Harvesting client b2c1f0f0-b616-4606-a5ea-60d0a4edc33c... Harvesting client 6a699442-201e-4d4f-a558-dc1125010bdb... Harvesting client 76dca644-be38-43ea-bb37-c24e595f38bd... Harvesting client 4c230bed-bd2f-4582-90e2-36e3bd5961e7... Task 'b75745a2-ba72-11e4-a41d-005056b1beb8' completed successfully (grapevine) Shutdown/resume $./bin/grow_all_services Growing reverse-proxy latest... Growing router latest... Growing telemetry-service latest... Growing postgres latest... Growing cas-service latest... Growing data-access-service latest... Growing rbac-service latest... Growing task-service latest... Growing data-uploader latest... Growing file-service latest... Growing identity-manager-pxgrid-service latest... Growing inventory-manager-service latest... Growing network-discovery-service latest... Growing network-poller-service latest... Growing policy-analysis-service latest... Growing port-stats-service latest... Growing topology-service latest... Growing ui latest... Task 'd182b83a-ba72-11e4-a41d-005056b1beb8' completed successfully

Service Upgrades (1) Cloud Store Cisco deploys new version of service to the cloud Physical Host Physical Host Physical Host and service catalogs are updated with new version

Service Upgrades (2) Grapevine automatically deploys the new version of the service Physical Host Physical Host Physical Host

Interaction with Prime Infrastructure

What About Network Management? Traditional Management Customer developed provisioning tools, manual CLI changes, and run book automation for IT Operations support Feature Configuration Management (NMS) NE NE NE NE SDN Led Management Customer input on business / service intent Automation (Workflow / Orchestration) Policy Automation Management (Provisioning and Assurance) Controller (APIC-EM) NE NE NE NE

Systemic View of Management / Control Roles Orchestrates sequential changes and enables IT process execution Network Infra Stores, processes and visualises all historical data for monitoring and network change Owns the communication to/from the network and drives programmability

Key Milestones to SDN Led Management Evolution in 2015 Q1 2015 Mid-2015 Q4 2015 APIC-EM CA Path Visualisation application for network path tracing Prime Infra 2.2 FCS (Dec 2014) Cross domain monitoring across WAN, Access, DC APIC-EM Apps IWAN app EFT with policy based provisioning of Secure WAN APIC-EM GA Scalable controller foundation supporting multiple use case / apps Prime Infra Niihau Integration with APIC-EM for core network service automation APIC EM Apps IWAN App GA with dynamic QoS changes; BSA app EFT APIC-EM Updates Expanded application support across multiple enterprise use cases Prime Infra Lanai Integration with APIC-EM and Automation as System of Record APIC-EM Apps Multiple apps across Wireless, Access, Collab, Security and Automation

Cisco Controller and Management System Portfolio for the Campus/Branch in 12-24 Months Common Automation Layer System of Automation Branch Service Automation Common Monitoring / Assurance Feature Configurable Provisioning Policy Prescriptive Provisioning Common Controller Layer for Campus/ Branch System of Record System of Change Prime Infrastructure Prime Infrastructure APIC-EM Multiple APIC-EM Apps NE NE NE NE NE NE NE NE NE NE

Summary

Q & A

Complete Your Online Session Evaluation Give us your feedback and receive a Cisco Live 2015 T-Shirt! Complete your Overall Event Survey and 5 Session Evaluations. Directly from your mobile device on the Cisco Live Mobile App By visiting the Cisco Live Mobile Site http://showcase.genie-connect.com/clmelbourne2015 Visit any Cisco Live Internet Station located throughout the venue T-Shirts can be collected in the World of Solutions on Friday 20 March 12:00pm - 2:00pm Learn online with Cisco Live! Visit us online after the conference for full access to session videos and presentations. www.ciscoliveapac.com

Thank you.

2024 © technodocbox.com Privacy Policy | Terms of Service | Feedback