Multi-Cloud and Application Centric Modeling, Deployment and Management with Cisco CloudCenter (CliQr) Jeremy Oakey Senior Director, Technical Marketing and Integrations
Agenda Introduction Architecture Anatomy of an Applicaton Profile Integrations Demos Additional Reference Material Q&A
LoB requirements A widening Cloud Gap Cloud applications Cloud Gap Between what cloud applications require Traditional applications IT capabilities People Processes Tools and what IT is capable of reliably and confidently supporting today. Time
Growing IT complexity: your landscape Understanding the Cloud Gap HQ Data centers Hosting / Colocation Private cloud Public Clouds Branch Devices Internet of Things
The true challenges of hybrid cloud What s in the Cloud Gap? Managing both traditional & cloud applications Application lifecycle management Application performance monitoring Data center automation New skillsets IT as a broker DevOps environments Multicloud security New network needs Hybrid Cloud HQ Data centers Hosting / Colocation Private cloud Public Clouds Branch Devices Internet of Things
Reimagine your cloud for a hybrid IT world New requirements AGILITY PERFORMANCE RISK COST HYBRID IT OPERATIONS RISK MANAGEMENT VISIBILITY & INSIGHTS SECURE CONNECTIVITY Hybrid Cloud HQ Data centers Hosting / Colocation Private cloud Public Clouds Branch Devices Internet of Things
Our Approach MANAGEMENT Integrated platform, lifecycle management for all applications SECURITY Users, data, and applications secured everywhere Cloud Intelligence ANALYTICS Infra and application insights for security and the customer experience NETWORKS Scale, agility, and secure user-cloud access A cloud neutral approach to your hybrid IT world
CloudCenter Unique Value Model Once. Deploy and Manage Anywhere. Data Center DEPLOY MODEL Private Cloud MANAGE Public Cloud One Integrated Platform Lifecycle Management New and Existing Applications
What Does Model Once Mean? Script-Based Application Profile-Based Infrastructure-Centric Application-Centric Cloud-Specific workflows and Scripts Cloud-Agnostic Labor /Services Intensive Unique Script / Workflow Unique Script / Workflow Unique Script / Workflow Low TCO
Cloud Boomerang Cloud is not the answer for everything Nearly two out of three CIOs (62%) have brought workloads back to the datacenter Pacific Crest Securities 2017 Cloud and Infrastructure Priorities
Security and Analytics Cisco Tetrati n Analytics Cisco Security Portfolio Cisco Data Center Reference Stack Cisco Prime Service Catalog (PSC) IT Services Consumption Security and Analytics Security Cisco Cloud Center Multi-Cloud Orchestration PaaS + Container Public Cloud Hybrid Cloud Contiv LOB / IT Apps Cloud Admin Developer ACI Management and Automation UCS Director IT Infra Infrastructure Nexus UCS HyperFlex IT Infra 13
Architecture
Hybrid Cloud Management One Platform Cloud Agnostic Cloud API-Specific Secure Orchestrator Scalable Orchestrator Extendable Manager Application Profile Orchestrator Multi-tenant
Enterprise Class UI Secure CLI API Scalable MANAGER PROFILE ORCHESTRATOR Extendable Multi-tenant
Secure SAML 2.0 SSO User/Group RBAC Object-level ACL n-level Multi-tenancy ORCHESTRATOR Secure MANAGER PROFILE 8443 RABBIT MQ 5671 5671 / 7789 MANAGED APPLICATION VM AGENT Scalable 80 MANAGEMENT PRIVATE Extendable AES-256 Encrypted DB Cloud Credentials Key Storage Optional HSM integration Browser-based secure VNC/RDP/SSH access ARTIFACT REPOSITORY VM access based on unique C3 generated SSH key pair for each user per cloud environment Ability to use user s own SSH key Network placement and firewall rules Support optional SDN integration such as Cisco ACI Multi-tenant
Scalable Secure VM VM VM Scalable 10,000 VMs per Environment Extendable Multi-tenant
Extendable Platform Integration ITSM Build Automation (Jenkins) Content Integration Docker Puppet, Chef Components User Content Vendor Content MODEL DEPLOY MANAGE Tool Integration Hooks Scripts Events Security SSO HSM Secure Scalable Cloud APIs Datacenter Private and Public Cloud Infrastructure IPAM DNS Extendable Multi-tenant
Multi-Tenant Peer Tenant Isolation Peer Tenant Secure Users Sharing Groups Users Sharing Groups Groups Scalable Partial Isolation Sub-Tenant Extendable Users Sharing Groups Multi-tenant
Cisco CloudCenter Multi-tenancy Root Tenant Platform Admin Users Groups Coca-Cola Tenant Pepsi Tenant Tenant Admin Users Groups Coca-America Sub-tenant Coca-EMEA Sub-tenant Tenant Admin Tenant Admin Users Users Groups Groups 21
Cisco CloudCenter Tenant Object Model Tenant 1..n User Group Sub-Tenant Application Profile Deployment Environment Cloud Image Service m..n n..1 n..1 1..n 1..n Cloud Region 1..n Cloud Account 22
Anatomy of an Application Profile
Basics Terminology An application profile is comprised of services. The services define a function of the application (e.g.- web, firewall, database, etc.) Services are instantiated using packages and customized using artifacts. Artifacts can consist of scripts, code snippets, applications. Repositories contain the artifacts and can contain packages. Services Application Profile bash Repositories 0101 1011 1101 0011 sql Artifacts package perl
Application Profile CloudCenter JSON Format General Information Global Parameters (optional) Global Tags (optional) Application-tiers (Topology) Application service specific settings Application-tier parameters (optional) Application-tier tags (optional) Hardware specification Environment variables Support REST API to export/import 25
Application Profile (cont d) Meta Data Custom Parameters Application Packages Service Settings Topology Reusable Services MySQL Apache Active MQ Container RDS Image Mapping Windows Red Hat Ubuntu Other 26
Topology Modeling UI 27
Service Definitions Service Library CloudCenter provides out of box services Load balancers - Nginx, HA Proxy Open source AppServers, Databases, etc. AWS RDS & ELB Users can extend to add their own E.g. Load Balancers - F5, A10, AviNetworks Types of Service Definitions Service Packages with lifecycle scripts Service gets installed on VMs Container based services PaaS 28
Build Lifecycle Actions Start
Build Lifecycle Actions Stop
Troubleshooting Application VMs These issues could be further isolated and resolved by deploying the VM and logging into the VM and looking at the log files. One useful tip is to use the cliqrignoreappfailure parameter to prevent the VM s from being terminated on Error state. http://docs.cloudcenter.cisco.com/display /CCD46/Troubleshooting+Parameters Use agentsendlogmessage to send feeback to the UI Verify that user params and environment variables is userenv file /usr/local/osmosox/etc/userenv Application Profiles <Application> Edit/Update
Integrations
Examples of Integration Ecosystem ServiceNow Scoped Application - certified and available in ServiceNow Store Prime Service Catalog Cisco ACI Configuration Management Chef, Puppet, Ansible DevOps Jenkins plug-in, full API documentation (docs.cloudcenter.cisco.com, APIs) IPAM products ie-infoblox, Bluecat, etc. Tetration 33
Better Together Cisco ACI Seamless Integration Zero Touch automation Powerful Benefits Application Security Ops Efficiency User Agility CloudCenter Model-Based Approach ACI Policy-Based Approach Application Network Profile
35
What Is Really Running on My Network? Cisco Tetration Analytics Application Insight Dependency Map (Service Owner) Service Category Use Cisco Tetration Analytics outcome to generate white-list policies Service Service Offering Application Dependencies Security
Additional Inputs for ADM Runs Load-Balancer Configurations IP Address Management Database DNS Configurations Existing CMDB Information
Application Conversation View Application clusters conversation views Conversation details including process bindings
CloudCenter Scoped Application CloudCenter / ServiceNow Integration Cisco CloudCenter Admin End User Cloud Marketplace Approval Workflow CloudCenter API Application Profile Manager Cloud API Data Center Private Cloud Finance LOB Procurement CMDB IT Service Management IT Ops Management IT Business Management Inventory Detail Deployment status Metering Data Policies and Actions Public Cloud Events
Demo
CloudCenter @ Cisco live! EMEA 2017 Tuesday February 21 1:00PM PSOCLD-2449 - Bridging the cloud gap Cisco solutions for hybrid cloud Wednesday February 22 9:00 AM BRKACI-2820 How to setup ACI from scratch includes CloudCenter provisioning Instructor Led Labs LTRCLD-2303 Deploying Cloud-Agnostic Applications with Cisco CloudCenter LABCLD-2330 Hybrid Cloud. Migrate your Application from Private ACI cloud to Public AWS Cloud LTRACI-2700 Deploying and Integrating Cisco CloudCenter with ACI Hands-On Labs LABCLD-1020 Demystifying CloudCenter, hands-on the Hybrid Cloud dcloud.cisco.com Cisco CloudCenter 4.5 - Install, Configure, and Manage Lab v1 Cisco Application Policy Infrastructure Controller 1.2 with CloudCenter 4.5 v1
Q & A
Complete Your Online Session Evaluation Please complete your Online Session Evaluations after each session Complete 4 Session Evaluations & the Overall Conference Evaluation (available from Thursday) to receive your Cisco Live T-shirt All surveys can be completed via the Cisco Live Mobile App or the Communication Stations Don t forget: Cisco Live sessions will be available for viewing on-demand after the event at CiscoLive.com/Online 43