Post on 26-Jul-2015
Cisco Confidential 1
The Power of Orchestration Inside Cisco IT – DC Cloud from IaaS to Fast IT
In partnership with:
Cisco Confidential 2
Cisco Stakeholder & IT Landscape
4,469 Cloud Partner Services 71K+ Employees Stakeholders: 70K Partners 17K+ Sales 500K+ Customers
135K Laptops Data and Things: 31 Data Centers 18PB Data 66K Mobile Devices
Security Productivity Business Capabilities: Innovation Enablement Growth
Cisco Confidential 3
Pace of change2
Today’s Landscape: Challenges or Opportunities?
Video adoption will increase IP traffic to a
CAGR of 18%, growing a factor of 2 by 2018
By 2018, over 55% of all Internet traffic will cross
content delivery networks
By 2017, Cloud to grow to 69% of total DC Traffic
Over 50% of all IP traffic will originate with non-PC
devices (e.g. smartphones, tablets) by 2018
Today, malicious traffic is visible on 100% of corporate networks
CIOs report that at least 25% of IT spending will happen outside the IT
budget in 2014
Source: Visual Networking Index 2013 - 2018
Cisco Confidential 5
Services Everything: Technology, Process, and People
Architectural Transitions
Services- Oriented
Everything
Talent Strategy
Accountability Checkpoint Architectural Reviews
Strategic Investment Planning
Organizational Health
Services Review
Organizing Principles
Cisco Confidential 6
Cisco Information Technology
Power the #1 IT Company Future proof our business through adaptive services
Adaptive Experience: Pervasive Experience Upgrade Adaptive Technology: Internet of Everything
Unified Architecture Advantage
Adaptive Process: Commercial Transformation Adaptive People: Workforce Development S
V
Cisco Performance Measurements
Architecture/Services Operating Framework
Growth Speed Productivity
Software and Cloud Capabilities
Field Enablement Next-Generation Collaboration Platform
IoE Foundation E
M
Continuous Delivery Process and Mindset
Stakeholder Experience Security Resiliency
Cisco Confidential 7
Lessons Learned § The high level outcomes must be made obvious. § You have to architect for change, at an accelerating pace. • If you don’t change your fundamental processes, you won’t change.
• People make change if they identify with the intended outcomes.
• Everything you do = communication.
Cisco Confidential 9
Growth Enablement
Global Data Center Strategy Policy Based is Key
§ New markets and business models
§ Global expansion § User experience § Enable customer
success
§ Increase data center tiers
§ Multi-site architecture § Move out of high
risk geographies § Improve availability
and recoverability
Resiliency
Capacity
§ Build and occupy data center
§ Optimize demand § Consolidate where
appropriate
§ Run IT as a business § Internal service
provider model § Service-oriented
architecture § Product & technology
transformation § Focus on operational
excellence
Transformation
Cisco Confidential 10
Building DC Capacity Worldwide Company-Wide Bundled Investment Approach
RTP Mountain View
Texas
APAC
Amsterdam TBD
Bundle 1 (Jan-08)
Critical resiliency, critical capacity
Bundle 2 (July-09)
SaaS European growth, bridging immediate
capacity
Bundle 3 (TBD)
Continental hub, SaaS growth
Bundle 0 (Pre-07)
IT Foundation, critical capacity,
early adopter
TIME
Cisco Confidential 11
Cisco IT’s infrastructure organization With Global Infrastructure Services Group
OPERATIONS IMPLEMENTATION ARCHITECTURE DESIGN
Network
UC/Video
Infrastructure as a Service Private Cloud
Virtu
al T
eam
s
NETWORK COMPUTE &
VIRTUALIZATION
SECURITY STORAGE CLOUD PaaS
Infrastructure Groups
Cisco Confidential 12
Large Programs Services
Infrastructure Organization Today
Virtual Acceleration Teams
ACI and IoE
Head of Infrastructure
Cross-Service Functions
Business Strategy and
Security
Automation Software
Development
Architecture and Design
Implementation and Operations
IT Delivery Transformation
Unified Communications
and Video Service
Data Centre Service
Network Service
Cisco Confidential 14
Application and Service Migration
Total Cost of Ownership
End-User Experience
Operational Excellence
Configuration and Policy
Implementation
Security
Infrastructure Challenges
Cisco Confidential 15
Cloud Services Stack – Taxonomy
Cloud Delivery Models
SaaS Software as a Service SalesForce CRM, WebEx, Ironport
PaaS Platform as a Service JVM, Database, Apache
IaaS Infrastructure as a Service Compute, storage, networking
Data Center as a Service Data center facilities, power, cooling DCaaS
CIT
EIS
Cisco Confidential 16
VMWare ESX/ESXi Network Virtualization
PaaS • Web Server • Application Server • Database Server • Integration Services
Logical Segmentation Control, Security and Fault Isolation
CITEIS – Journey to the Infrastructure Services Cloud
Cisco Nexus
Cisco UCS x86
Virtualization Automation Self-service Multi-tenancy Elasticity Unified Infrastructure
Cisco IT Elastic Infrastructure Service (CITEIS) Cisco Intelligent
Automation for Cloud
Image Repository Service Catalog
Show/chargeback Change Management
Cisco Confidential 17
Continuous Real-Time Response
OpenStack OpenShift
OPFLEX
E2E Infra Programmability
CIAC APIC
Nexus 9000
Integrated Security
Agility, Lower TCO
Business Benefits
Technologies * Cloud operations include elasticity, mobility & security
Cisco Intercloud, Identity and Data
Awareness, Service
Awareness
Fabric Integrated Compute
Traditional Cloud (PaaS, IaaS)
Fabric Integrated Storage
We Are
HERE
Intercloud Application-Driven
Cloud Operations*
Big Data, Analytics
Fast IT Seamless Workload Mobility,
Catalog Driven
Policy-Based Learning Network
Evolution to the Intercloud Fabric
Policy-Based Fabric Control Next-Gen Fabric
Integrated Security
Cisco Confidential 18
ACI Relevance to Cisco IT
Application Centric Infrastructure
Adaptive Security: Data Center • Policy Model
• Fine Grain Network Security Enablement
• Simplified Network Security Management
• Unified Policy Model for Hybrid Clouds
Application Centric Infrastructure Speed and Agility: Adaptive Infrastructure
• Revolutionize End to End Infrastructure significantly reducing provisioning time
• Deliver “Just-in-Time” and “Elastic” Infrastructure
• Self Service provisioning • Policy Model
Adaptive User Experience:
• Reduced Downtimes for Planned changes
• Operational Simplicity • Visibility on Infra
dependencies • Health Metrics by
Application • Robust and Resilient
Infrastructure
Cisco Confidential 19
Cisco IT’s ACI Design
L3 IP out to IP Core
multiple IP Storage Leaf PairsBorder LeafsLeaf Pairs
Virtual Compute
NAS CDOT
Netapp backend network
Bare Metal Compute41
36
31
26
21
16
11
6
1
42
40
39
38
37
35
34
33
32
30
29
28
27
25
24
23
22
20
19
18
17
15
14
13
12
10
9
8
7
5
4
3
2
41
36
31
26
21
16
11
6
1
42
40
39
38
37
35
34
33
32
30
29
28
27
25
24
23
22
20
19
18
17
15
14
13
12
10
9
8
7
5
4
3
2
41
36
31
26
21
16
11
6
1
42
40
39
38
37
35
34
33
32
30
29
28
27
25
24
23
22
20
19
18
17
15
14
13
12
10
9
8
7
5
4
3
2
41
36
31
26
21
16
11
6
1
42
40
39
38
37
35
34
33
32
30
29
28
27
25
24
23
22
20
19
18
17
15
14
13
12
10
9
8
7
5
4
3
2
41
36
31
26
21
16
11
6
1
42
40
39
38
37
35
34
33
32
30
29
28
27
25
24
23
22
20
19
18
17
15
14
13
12
10
9
8
7
5
4
3
2
41
36
31
26
21
16
11
6
1
42
40
39
38
37
35
34
33
32
30
29
28
27
25
24
23
22
20
19
18
17
15
14
13
12
10
9
8
7
5
4
3
2
41
36
31
26
21
16
11
6
1
42
40
39
38
37
35
34
33
32
30
29
28
27
25
24
23
22
20
19
18
17
15
14
13
12
10
9
8
7
5
4
3
2
41
36
31
26
21
16
11
6
1
42
40
39
38
37
35
34
33
32
30
29
28
27
25
24
23
22
20
19
18
17
15
14
13
12
10
9
8
7
5
4
3
2
41
36
31
26
21
16
11
6
1
42
40
39
38
37
35
34
33
32
30
29
28
27
25
24
23
22
20
19
18
17
15
14
13
12
10
9
8
7
5
4
3
2
41
36
31
26
21
16
11
6
1
42
40
39
38
37
35
34
33
32
30
29
28
27
25
24
23
22
20
19
18
17
15
14
13
12
10
9
8
7
5
4
3
2
41
36
31
26
21
16
11
6
1
42
40
39
38
37
35
34
33
32
30
29
28
27
25
24
23
22
20
19
18
17
15
14
13
12
10
9
8
7
5
4
3
2
41
36
31
26
21
16
11
6
1
42
40
39
38
37
35
34
33
32
30
29
28
27
25
24
23
22
20
19
18
17
15
14
13
12
10
9
8
7
5
4
3
2
41
36
31
26
21
16
11
6
1
42
40
39
38
37
35
34
33
32
30
29
28
27
25
24
23
22
20
19
18
17
15
14
13
12
10
9
8
7
5
4
3
2
41
36
31
26
21
16
11
6
1
42
40
39
38
37
35
34
33
32
30
29
28
27
25
24
23
22
20
19
18
17
15
14
13
12
10
9
8
7
5
4
3
2
41
36
31
26
21
16
11
6
1
42
40
39
38
37
35
34
33
32
30
29
28
27
25
24
23
22
20
19
18
17
15
14
13
12
10
9
8
7
5
4
3
2
41
36
31
26
21
16
11
6
1
42
40
39
38
37
35
34
33
32
30
29
28
27
25
24
23
22
20
19
18
17
15
14
13
12
10
9
8
7
5
4
3
2
APIC APICAPIC
Citrix VPX
41
36
31
26
21
16
11
6
1
42
40
39
38
37
35
34
33
32
30
29
28
27
25
24
23
22
20
19
18
17
15
14
13
12
10
9
8
7
5
4
3
2
41
36
31
26
21
16
11
6
1
42
40
39
38
37
35
34
33
32
30
29
28
27
25
24
23
22
20
19
18
17
15
14
13
12
10
9
8
7
5
4
3
2
41
36
31
26
21
16
11
6
1
42
40
39
38
37
35
34
33
32
30
29
28
27
25
24
23
22
20
19
18
17
15
14
13
12
10
9
8
7
5
4
3
2
41
36
31
26
21
16
11
6
1
42
40
39
38
37
35
34
33
32
30
29
28
27
25
24
23
22
20
19
18
17
15
14
13
12
10
9
8
7
5
4
3
2
41
36
31
26
21
16
11
6
1
42
40
39
38
37
35
34
33
32
30
29
28
27
25
24
23
22
20
19
18
17
15
14
13
12
10
9
8
7
5
4
3
2
41
36
31
26
21
16
11
6
1
42
40
39
38
37
35
34
33
32
30
29
28
27
25
24
23
22
20
19
18
17
15
14
13
12
10
9
8
7
5
4
3
2
41
36
31
26
21
16
11
6
1
42
40
39
38
37
35
34
33
32
30
29
28
27
25
24
23
22
20
19
18
17
15
14
13
12
10
9
8
7
5
4
3
2
41
36
31
26
21
16
11
6
1
42
40
39
38
37
35
34
33
32
30
29
28
27
25
24
23
22
20
19
18
17
15
14
13
12
10
9
8
7
5
4
3
2
41
36
31
26
21
16
11
6
1
42
40
39
38
37
35
34
33
32
30
29
28
27
25
24
23
22
20
19
18
17
15
14
13
12
10
9
8
7
5
4
3
2
41
36
31
26
21
16
11
6
1
42
40
39
38
37
35
34
33
32
30
29
28
27
25
24
23
22
20
19
18
17
15
14
13
12
10
9
8
7
5
4
3
2
41
36
31
26
21
16
11
6
1
42
40
39
38
37
35
34
33
32
30
29
28
27
25
24
23
22
20
19
18
17
15
14
13
12
10
9
8
7
5
4
3
2
41
36
31
26
21
16
11
6
1
42
40
39
38
37
35
34
33
32
30
29
28
27
25
24
23
22
20
19
18
17
15
14
13
12
10
9
8
7
5
4
3
2
Citrix VPX
Cisco Confidential 20
Building Blocks &Transformation
Fabric (Insieme)
Load Balancer GSS/Citrix
Firewall (V)ASA Application Centric
Infrastructure (ACI)
Security Policy Model
Traditional Network (Nexus)
Load Balancer GSS/ACE
Firewall ASA
Security (ACL’s)
Compute(UCS) Compute (UCS)
Storage (SAN,NAS) Storage (SAN,NAS)
CEPH Storage OpenStack
Hypervisor VMware
Hypervisor(KVM) OpenStack Hypervisor
VMware
Existing Platforms Application Transformation
Storage/Compute/Cloud
Existing Applications
Application Life-Cycle Mgmt Software delivery automation P
lan
Bui
ld
Ope
rate
Cisco Confidential 21
Proposed Tenancy Model for IT Services
Organizing Principle
Service Category
Service
Service Offering (SO)
Service Asset
Service Asset
Service Offering (SO)
Service Asset
Service Asset
Organizing Principle
Tenant
Application Profile
Mapping
Mapping
Application Profile
1:1
Application Profile
Mapping
OR
Cisco Confidential 22
Speed of Delivery
Platform as a Service Platform as
a Service
Compute
Networking
Storage Storage
Compute
Networking
Orchestration
Without ACI With ACI
End-to-End Automated
Provisioning S
ecur
ity
Partial Automated
Provisioning
Cisco Confidential 23
Application Centric Infrastructure (ACI) – Summary Value Case Network Operations & Management Network Provisioning
Type of Saving %
CAPEX Savings 25%
Power Savings 45%
Space Savings 19%
Compute Optimization Storage (NAS) Optimization
12 % Optimization
20 % Optimization
Automation Savings
Provisioning SLA Improvement
Data Center Access 38 %
Access Control List (ACL) 43 %
Local/Global Server Load Balancing 41 %
Incident Management
Problem Management
Event Management
4x Increase in Bandwidth (10Gbs > 40Gbs)
Data Center Network Compute Storage
* Single Fabric * Single Fabric
58% Cost Savings
Data Center Access
Access Control List (ACL) Local/Global Server Load Balancing
21% Cost Savings
Service Management
Cisco Confidential 24
CITEIS Solution Components
Network Management APIC, PNSC, N1Kv
Cisco UCS
DC Resources Storage Management
Cloud Management vCenter, OpenStack
Resource Managers
Automation Packs
Cisco Process Orchestrator
Prime Service Catalog
Cisco Intelligent Automation for Cloud
Provisioning Automation
Self-Service—Service Catalog
PaaS Management OpenShift, Puppet
CITEIS API Server
Message B
us APIC
Customer Support Incident Mgmt, Change Mgmt
Enterprise Management Address Mgmt, Host Mgmt
Cisco Confidential 25
$0
$2,000
$4,000
Legacy (rackmount); all physical
Legacy; medium virtualization (54%)
46/54% Legacy/UCS; 75% Virtualized
100% UCS/Cloud; 80% virtualization
Delivery Time
12+ weeks 2-3 weeks 15 minutes VM 8 minutes (self-service)
TCO Physical
Compute TCO ($/Qtr/OS instance)
Virtualization Unified Computing Cloud
Average TCO
-37% -27%
-27%
CITEIS Brings Agility and Cost Benefits
Cisco Confidential 27
IT Delivery Transformation Framework Vertical, Disparate, and Unconnected stacks à transformed into Horizontal Integrated Services
P L A N
BUILD
OPERATE
Order Mgmt myCisco Pricing
Dev. Stack Testing Software
Dev’ment
IDE Software Release
Source Cntl Mgt. Quality
Storage Compute Network
Database
Replication Entitlement Integration
App / Web
Infrastructure Infrastructure
Service Assurance Operations Security
XaaS
PaaS
IaaS
SDaaS
Cisco Confidential 28
Plan
Innovation Circles Architectural Framework
Active Stakeholder Involvement
Changing the Way We Work: Continuous Delivery
Develop and Build Continuous
Integration, On-demand
Small Teams Cloud, ERP, Mobile Apps
Automated Testing Built by Developers-
No Separate Q/A
Appropriate Risk Taking
Deploy and Release Configurable Control
Gates, Regularity Compliance
Working Prototypes
Client Updates
Adapt and Scale Policy Enforced Network, Adaptive Infrastructure,
Workload Mobility
Fast Results
Cisco Confidential 29
Continuous Delivery End to End Workflow for Cloud Applications
TBD
Prioritized Sprint
Product Mgr. Scrum Master
Developers
Plan Develop Continuous Build
Automated Testing
Deploy & Release
Adapt & Scale
Source Code Management Application Snapshot
Release Control Gates
Development
Staging
Production
Cisco Confidential 30
IT Delivery Transformation
30% adoption in Q1FY15 release
SDaaS & Vir. DB POC
LAE GA, Just In Time DB
OpenShift on Openstack POC LAE Express CITEIS on Openstack Express
Q1FY14 Q2FY14
Q3FY14 Q4FY14 Q1FY15
SDaaS Phase 1 (Cont. Integ + SRA)
Adoption use case prototypes
OpenShift on Openstack POC Openstack VDC
SDaaS Phase 2 (Automated Tests) Integrated App Development
Multi-DC LAE (High Availability)
Traditional Network
LAE
Fabric
Pla
n
Bui
ld
Ope
rate
Agile Application Development
Lightweight Application Environment
API Enabled Standard IaaS
Application Centric Infra. (ACI)
Existing Platforms
Policy Control Unified Infrastructure
Scalability APIs Intercloud
Autonomic Feature Rich
Continuous Delivery
PaaS
IaaS
SDaaS
Cisco Confidential 31
Continuous Delivery
Develop Branch, Merge, Code Review
Build Continuous Integration, On-demand, Nightly, …
Deploy & Release Configurable control gates Regulatory compliance
Runtime Stacks Programmable Network (Access) Disposable Infrastructure Adaptive Platforms
Test Developer Built Unit Tests.
Virtual Databases
PROD
STG
DEV
Cloud, ERP, and Mobile Apps
Static Unit, Compliance, Performance, Security, Regression, tests ..
Cisco Confidential 32
Develop in CITEIS Cloud
Development as a Service
Platform as a Service
Source Control Build & Review
Deploy
1. Download (Pre-configured) IDE 2. Request Application Development Stack 3. Develop, version control, test, code review, deploy without leaving the IDE
1
2
3
Cisco Confidential 33
Integrated Services - IT Delivery Transformation Transform IT Delivery Services into a Strategic Competitive Advantage
(accelerate time-to-capability, pervasive quality and optimized cost of delivery)
Traditional Network
LAE
Fabric
Pla
n
Bui
ld
Ope
rate
Agile Application Development
Lightweight Application Environment
API Enabled Standard IaaS
Application Centric Infra. (ACI)
Existing Platforms
Policy Control Unified Infrastructure
Scalability APIs Intercloud
Autonomic Feature Rich
Continuous Delivery
PaaS
IaaS
SDaaS
Cisco Confidential 34
PaaS Evolution
Adapative Adaptive configuration
Disposable Infrastructure stacks Start Automated Provisioning of Middleware Platforms
Finish Hybrid Cloud
Distributed workload
Self-healing services
Q3F12 Express
(self-service)
Q1-Q2FY15 Integrated
Development Stack
Automation Adaptive Autonomic
Q1FY13 Top 6 services
automated / self-service
Q3FY13 Top 15 services. 65% of client requests via
self-service
Q2FY14 Opensource
Platform
JIT database provisiong.
Q3-Q4FY14 SDaaS, GPM
Messaging, Virtual Databases
Q3-Q4FY15 Programmable
Network (access) Openstack
adoption, NoSQL databases
Cisco Confidential 35
Development in the CITEIS Cloud (and migration of existing workload)
CCIX
OOB (optimized)
IT Integration
Developer Pool
§ Capabilities from a single developer pool
§ Limited flexibility. But, utmost guarantee.
CITEIS VDC
Developer Pool
OOB
IT Integration
Origin Online
Enterprise
LAE
OOB Open source additions
IT Integration OR
§ Capability enhancements from a much much larger pool of developers
§ Greater flexibility, without compromising too much on guarantees.
§ A very very large pool of developers
§ Greatest level of flexibility. Along with the greatest level of accountability.
migration
Cisco Confidential 35 © 2013-2014 Cisco and/or its affiliates. All rights reserved.
Cisco Confidential 36
Fully Self Contained Apps: Portable, and Lightweight
Private Interface
App Private Interface
App
Private Interface
App Private Interface
App
App App
Routing + Access Policy (EPG) (EPG) Routing +
Access Policy
(EPG) Routing + Access Policy
(EPG) Routing + Access Policy
(EPG) Routing + Access Policy
OpenShift (Current) OpenShift + ACI + Apcera (Policy Mgmt)
Only the node (VM) is addressable Individual apps are not directly accessible.
Each app has a directly addressable IP Routing service a separate “app” by itself.
Linked containers
Public Interface
Addressable IP Addressable IP
App Addressable IP
App Addressable IP
Cisco Confidential 37
Self Service
Elastic
Rapid
Is it ready?
Architect it Design it
Procure it Install it
Configure it Secure it
QA it
Design it
Is configured
IT IS READY!
Is procured
Architect it
Is installed Is secured
Is QA’d
Service Transformation Through PaaS
Manual Scripted
Automated
Bundled Integrated
Today
Cisco Confidential 38
Data Center Transformation Sustained YoY TCO reduction – provisioning from days to minutes
$98,930
$66,009
$41,349
$30,729
$0
$25000
$50000
$75000
$100000
Q2 CY12 Q2 CY14 Q2/Q3 CY16 Circa 2009
Virt. Rate (%)
25%
50%
75%
100%
E2E Prov. (Days)
15
30
45
60
E2E I+P(1) = 45 days
E2E I+P(1) = 17 days
E2E I+P(1) = 7 days VM = 15 mins.
E2E I+P(1) Automated
Provisioning 5%
70%
92%
Virtualization 95% -33%
-37%
-26%
Legacy Bare Metal based Data Center
• CITEIS Gen 2 • PaaS enablement • Storage optimization
TCO ($ Per Qtr)
• UCS adoption • Compute Virtualization
• ACI Network architecture • Process automation • Open Stack/ Open Shift • SAN/NAS/CEPH
TCO ($ per Qtr) Virtualization Rate E2E Provisioning (Days)