SCOPED CERTIFIED APPLICATION ESIGN · Integration Design Document Template Page: 7 of 10 5...
Transcript of SCOPED CERTIFIED APPLICATION ESIGN · Integration Design Document Template Page: 7 of 10 5...
Page:1of10
SCOPEDCERTIFIEDAPPLICATIONDESIGNCiscoTetrationApplication(1.0.0)
Templateeffectivedate:August2017
IntegrationDesignDocumentTemplate
Page:2of10
TableofContents1 Overview.........................................................................................................................3
1.1 References...............................................................................................................................32 Applicationoverviewandintendeduse...........................................................................3
2.1 Third-partydependencies.......................................................................................................4
3 Softwarearchitectureoverview.......................................................................................44 Softwaredesigndescription.............................................................................................4
5 Performanceconsiderationsandconcerns.......................................................................76 Securityconsiderationsandconcerns...............................................................................7
7 Applicationcomponents..................................................................................................7
7.1 Componentscreatedbytheapplication:................................................................................77.2 Integrationcomponentscreatedbytheapplication:..............................................................8
8 Futureplans.....................................................................................................................99 ServiceLevelAgreementDefinition..................................................................................9
10 Debuggingandtroubleshooting.......................................................................................9
10.1 Debuggingtips:..........................................................................Error!Bookmarknotdefined.10.2 Failuremodes:.......................................................................................................................10
IntegrationDesignDocumentTemplate
Page:3of10
1 Overview
CiscoTetrationAnalyticsusesrichtrafficflowtelemetrytoaddresscriticaldatacentreoperationalusecases.Itusesbothhardwareandsoftwareagentsastelemetrysourcesandperformsadvancedanalyticsonthedatacollected.CiscoTetrationAnalyticssystemusesRolebasedaccesscontrolandvisibilityofdatadependontheroleassignedtotheuser.RolescontainsetsofCapabilitiesandareassigned to users on theUserspage. A user can have any number of roles. Roles can have anynumberofcapabilities.
This rich information in the cluster is discovered through RESTful interfaces supported by CiscoTetrationAnalyticstopopulateServiceNowCMDB.
1.1 References
# DocumentIdentifier DocumentTitle
[1] http://www.cisco.com/c/en/us/products/data-center-analytics/tetration-analytics/index.html?stickynav=5
CiscoTetrationAnalytics
Table1
2 ApplicationoverviewandintendeduseTheapplicationisintendedtodothefollowing:• Import Tetration Analytics discovered devices into ServiceNow CMDB (utilizing Cisco
TetrationAnalyticsclusterasasourceoftruth)• Annotate required devices with the class, instance and discovery source information on
TetrationAnalyticsfromServiceNow
TheInventorydiscoveredbythisapplicationare:
TetrationAnalytics-Thesearetheminimalinformationthatareextracted:
§ ListofallVRFsfromTetration§ ListofallendpointswithSensoragentsinstalled§ ListofallEndPointsdiscoveredbyTetrationAnalyticswithfollowinginformation-
- IPAddress- MACAddress- AddressType- IFaceName- HostName- OperatingSystemanditsversion- ScopetowhichtheEndpointbelongs
This application helps customers maintain a single repository of the endpoints and post annotations based on requirement.
IntegrationDesignDocumentTemplate
Page:4of10
2.1 Third-partydependenciesThisapplicationusesHTTPSRESTAPIstoretrieveinformationfromCiscoTetrationAnalyticsClusterasdefinedin[1].ThisapplicationiscompatiblewithCiscoTetrationAnalyticsrelease2.0orhigherreleases.
3 SoftwarearchitectureoverviewTheapplicationcontainsthefollowingcomponents:
• StagingtablesthatextendsImportSetRow
• CItablethatextendsthebaseCI(cmdb_ci)forendpointelements.
• TransformmaptomovedatafromstagingtablestoCItables
• Script Includes – define REST messages and retrieve the response. The Responses areparsedandstagingtablespopulatedusingtheSNOWRESTAPI.
• ScheduledJobs-toexecutediscoveryondemand.
CiscoTetrationApplicationCITables Extends
CiscoTetrationVRFs ConfigurationItems(cmdb_ci)
CiscoTetrationSensors ConfigurationItems(cmdb_ci)
CiscoTetrationEndPoints ConfigurationItems(cmdb_ci)
CiscoTetrationServiceNowDiscoveredEndpoints ConfigurationItems(cmdb_ci)
CiscoTetrationIPSets -
Table2
4 SoftwaredesigndescriptionAttheheartofCiscoTetrationAnalyticsplatformisabigdataplatform,designedtodealwithlargevolumes of streaming rich telemetry, map thousands of applications spanning across tens ofthousandsofworkloads,enforcementmillionsofpolicyrulesforapplications.UsingUnsupervisedMachineLearning,algorithmicapproachesandautomatedenforcement,customersgeta turnkeysolutionwiththisplatform.DataiscollectedandfedintoTetrationafewdifferentways-
1) IsbyusingaSoftwareagentonahost.2) Isbyusinghardwaresensorslocatedinour9KswitchingplatformASIC.Itisrecommended
that you use both sensors together to get the best coverage, but you can implementTetrationwithonlytheSoftwareorHardwaresensor.
3) Inaddition to thecollectionsensors,wecanadd3rdpartydata. LikeSLBconfigs,ACE,F5information, HA-Proxy, Route-Tags, etc. to Tetration to increase its full understanding ofyourenvironment.
TetrationPlatformisdesignedtobeopen. ItsOpenAccessmethodprovideRESTAPI foruserstoquery the information from a northbound system, Publish notifications to northbound systemsusing Kafkamessage bus, for example trigger a notificationwhen an application communicationdeviates from thepolicy. CustomAppsenablesdevelopers towrite their ownapplicationon the
IntegrationDesignDocumentTemplate
Page:5of10
platform using python or Scala. It provides access to the deep store within the platform anddevelopers[Figure1].CiscoTetrationAnalyticsarchitecture:
Figure 1
CiscoTetrationAnalyticsAnnotations:Usersdefinetags/annotationsforinventories:
• Easytofindinventoriesorsearchflows • Easyforenforcement • Easytoapplypoliciesonsensors
Figure 2 CiscoTetrationApplication: CiscoTetrationApplicationinitiatesadiscoveryofCiscoTetrationAnalyticsClusterusingscheduledjobsandscriptsdetailedinlatersections.TheapplicationusesCiscoTetrationRESTAPIstoimporttheinformationandmaptodifferentCMDBtablesdetailedinlatersections[Figure3].Currentlytheapplicationinitiatestheimportofdataon-demandbyuser.
IntegrationDesignDocumentTemplate
Page:6of10
Figure 3 Cisco Tetration Application uses MID server interfaces to communicate with Cisco TetrationAnalytics Cluster. The user using scheduled jobs initiates discovery. This schedule job importsinformationfromTetrationAnalyticsClusterandmapsthemtoServiceNowCMDBtables[Figure4].
Figure4
IntegrationDesignDocumentTemplate
Page:7of10
5 Performanceconsiderationsandconcerns• Dataimporttimedependsonthevolumeofdataineachcustomerenvironment.
• TheinboundwebservicesareusedtoextractdatafromTetrationCluster.Averagenumberofrecordsextractedpertransactionis150.
6 Securityconsiderationsandconcerns• TetrationAPIKeys
1. Userupdates the table “CiscoTetration IP Sets”with theAPIKeyandSecretKeygenerated fromTetrationsweb interfacewithother information.ThesekeyswillbeusedtomakeRESTrequeststothecluster.
§ NOTE – Please ensure the keys are generated with proper roles. PleasereferUserGuidesonTetrationWebInterfaceformoreinformation.
7 ApplicationcomponentsBelowarethenewlycreatedartifactsandmodificationstobaseServiceNowartifacts:
7.1 Componentscreatedbytheapplication:• Listofscriptincludes:
§ CiscoTetrationVRFs
§ CiscoTetrationSensors
§ CiscoTetrationInventory
§ CiscoTetrationAnnotations
§ CiscoAnnotationEndPoints
• ListofAllUIActions:
§ CiscoTetrationDiscovery
§ CiscoTetrationAnnotations
• Listallnewlydefinedtables:
§ CiscoTetrationVRFs
§ CiscoTetrationSensors
§ CiscoTetrationEndPoints
§ CiscoTetrationServiceNowDiscoveredEndpoints
UserInputformstables
§ CiscoTetrationIPsets
• Listallgauges
§ CiscoTetrationApplication
IntegrationDesignDocumentTemplate
Page:8of10
• Listallpages
§ CiscoTetrationDashboard
§ CiscoTetrationSupportContacts
• Thescope(s)used:x_caci_cisco_tetr
• Theapplicationmenu(s)used:CiscoTetrationApplication
7.2 Integrationcomponentscreatedbytheapplication:• Listallimportsettables:
§ CiscoTetrationVRFStages
§ CiscoTetrationSensorStages
§ CiscoTetrationEndPointsStages
§ CiscoTetrationAnnotationsStages
• Listalltransformationmaps:
§ CiscoTetrationVRFTM
§ CiscoTetrationSensorsTM
§ CiscoTetrationEndPointsTM
§ CiscoTetrationAnnotationsTM
• ListofAllRESTMessages:
§ CiscoTetrationVRFs
§ CiscoTetrationSensors
§ CiscoTetrationInventory
§ CiscoTetrationAnnotations
• ListofAllScriptedRESTAPIs:
§ CiscoTetrationAPI
§ Inventories
§ Sensors
§ VRFs
• Listanyscheduledjobsfordataexports:
§ CiscoTetrationDiscovery
§ CiscoTetrationApplicationCleanup
§ CiscoTetrationAnnotations
IntegrationDesignDocumentTemplate
Page:9of10
8 FutureplansCiscoTetrationApplicationcurrentlysupportsdiscoveryoftheEndPoints,SensorsandVRFsintheinfrastructuretovisualizethe inventorycomponentsandpostannotations intothecluster. Inthelatterphase,thisapplicationwilldevelopfeaturestosupport:
§ IncidentManagement
§ ADMMappingusingServiceNow‘sServiceWatch
9 ServiceLevelAgreementDefinitionInthissection,youdefinetheServiceLevelAgreement(SLA)foryourcustomers.
Customerswill be instructed to contact the integrationprovider (yourorganization) for technicalsupport. If a customer first contacts ServiceNow Customer Support, then ServiceNow CustomerSupport will isolate the problem and instruct the customer to resolve the issue with yourorganization.
• SupportHoursofOperation:8am–5pmEST
• SupportDaysofOperation:Monday–FridayExcludingholidays
• PromisedCallResponseTime:4Hours
• PromisedCallResolutionTime:5BusinessDays
• ContactMethod:Email
• ContactDetails:[email protected]
10 Debuggingandtroubleshooting
10.1 Debugging:• ServiceNowLogs:
Thescriptsusesgs.error()andgs.info()methodstoprinterrorsandinformationmessagesrespectively.
The “application logs” under “system logs” will contain all the logs for the application.CriticalerrormessagesarelistedasErroranddebugstatementsarelistedasInformation.
• MidServerLogs
TheerrorlogsarepopulatedinthefileAgent0.logontheMidServer.
Path=“/servicenow/<mid server name>/agent_folder/logs/agent0.log”
These logs are also available from the instance.Go to, ‘Mid Server -> Server -> [SpecificRecord]MidServer’.Clickon‘GrabMidLogs’undertheRelatedLinks[Figure5].
IntegrationDesignDocumentTemplate
Page:10of10
Figure5
• APIServerLogs
API Sever logs are available in the same directory the API Server is installed on and hascomplete information about API calls being made to the Tetration Cluster and theirresponses.
Path=“/<API Server Path>/Tetration_API/TET_API_Server.log”
10.2 Failuremodes:Forproperfunctioningoftheapplication,ensure:
• MIDservermustbeaccessiblefromServiceNowinstance
• TheMidServerneedsbeabletocommunicatewiththeServiceNowinstancedirectly
• Ensuretheproxiesaresetproperly
• Tetration_APIServerfromCiscoTetrationApplicationshouldbeinstalledonMidServer
• CiscoTetrationAnalyticsmustbeaccessiblefromMIDserver
• CiscoTetrationAnalyticsAPIsmustbeallowedfromMIDserver
Applicationwilltimeoutwaitingforresponsesifanyoftheabovearenotconfiguredcorrectly.
END OF DOCUMENT