Cisco Intelligent Automation For Cloud


Published on

This presentation will discuss cloud automation, cisco cloud automation stack, and cloud in a box.

Published in: Technology, Business
  • Be the first to comment

No Downloads
Total views
On SlideShare
From Embeds
Number of Embeds
Embeds 0
No embeds

No notes for slide

Cisco Intelligent Automation For Cloud

  1. 1. Cisco IntelligentAutomation For Cloud
  2. 2. Housekeeping• We value your feedback• Please dont forget to complete session evaluation• Please remember this is a non-smoking venue!• Please switch off your mobile phones
  3. 3. Abstract• Attendees should have a basic knowledge of Data Center, Network Management and Automation• Knowing VMware, UCS and SAN concepts is good for this session• 90 min session• Will not be able to cover configuration and troubleshooting detailsQ/A Policy • Questions may be asked during the session • But due to time limit, flow and respecting every one‟s interest, some questions might be deferred towards the end
  4. 4. Agenda• Cloud Automation?• Cisco Cloud Automation Stack• Cloud In a Box• Case-Study #CiscoPlusCA
  5. 5. Cloud Automation? #CiscoPlusCA
  6. 6. And what about – The Cloud?
  7. 7. Let‟s Start with a Definition of CloudIT Resources and Services thatAre Abstracted from the UnderlyingInfrastructure and Provided“On Demand” and “At Scale” in aMultitenant and Elastic Environment A Style of Computing Where Massively Scalable IT-Enabled Capabilities Are Delivered “As a Service” to Multiple External Customers Using Internet Technologies Source: Gartner “Defining and Describing an Emerging Phenomenon” June 2008 Anywhere, Anyone, Any Service
  8. 8. Cloud ArchitectureCloud Foundation Blocks Visual Model of NIST’s Working Definition of Cloud Computing Measured Service Rapid Elasticity Essential Characteristics On-Demand Broad Network Resource Self Service Access Pooling Service Software as a Platform as a Infrastucture as a Models Service (SaaS) Service (PaaS) Service (IaaS) Deployment Public Private Hybrid Community Models
  9. 9. Cloud ArchitectureElements of Cloud Computing• Self-Service Interface: Provides ability Automated for users to order and Very fast fulfillment provisioning/ Standardized track metered services Web-based de-provisioning Metered front end usage offerings of resources• Service Delivery Automation: Broad Automates provisioning and meters Rapid Measured On-Demand Network Elasticity Service Self-Service usage of services Access• Resource Management: Resource Pooling Resources are provisioned and managed as per service needs • Dynamic resource allocation• Operational Process Automation: • Capacity management Automates operational processes such • Resource utilization as user management, capacity management, service level • Performance management management, service desk integration, • Maintenance alerting… Lifecycle Management of Cloud Services• Lifecycle Management
  10. 10. Cloud ArchitectureWhat a Cloud Should Deliver
  11. 11. Cloud ArchitectureDelivering a (complex) service – faster with end-to-end automation Architect it Architect it Design it Design it Where can we put it? Where can we put it? Procure it Procure it Install it Cloud Install it Configure it Configure it Secure it Automated Secure it Manual Self-service Is it ready? On-demand Is it ready? Before After • Machine-oriented • Service-oriented • Manual provisioning • Self-service; automated provisioning • Hard to control utilization • Elasticity (capacity-on-demand) • High provisioning & ops cost • Optimized provisioning & ops cost • Extended provisioning time • Rapid provisioning • Configuration risk • Increased Resiliency and Availability
  12. 12. What is Cloud Computing From An End-User Perspective Take an example of electricity, where every household easily accesses the electric grid and consumes power for various applications (e.g., lightbulb, refrigerator, dishwasher) without having to build and maintain a personal power generator.
  13. 13. Use Case: Application Dev/TestComplex, Time-Consuming, Expensive Provisioning Process Application Development IT Infrastructure/Ops Call or email IT One-Off Operations Custom Server Builds $ Architecture Incomplete Reviews Requirements ? Approval Add Security, Process Back-UP, etc. ? ? Track Down Exception Status Management ? ?
  14. 14. End User Self-Service Governance Service Orchestration Compare Element Managers Service Tiers and Options UCS Manager Guided Shopping Cisco Tidal Enterprise „Wizard‟ Orchestrator newScale VMWare vCenter Catalog Policy-Based Global Controls Orchestration Service Rich Requests Interactive EMC/ NetApp Forms Storage Provisioning Ordering and Approvals Cisco Server Provisioner Status Updates
  15. 15. Cisco Cloud Automation Stack #CiscoPlusCA
  16. 16. About CIAC• Pre-packaged cloud content and orchestration workflows – Self-service portal build on Cisco Cloud Portal (CCP) aka newScale – Orchestration built using Cisco Process Orchestrator (CPO) aka Tidal/TEO• Designed to accelerate – Implementation of the self-service portal – Automation of common infrastructure/platform provisioning tasks• Features –Lifecycle activities, i.e., provision, power off, power on, reboot, add resources, de- provision virtual machines – Physical machine provisioning – Comprehensive view of service items, i.e., virtual machines, storage, etc. – Capability to integrate other content (not preconfigured) #CiscoPlusCA
  17. 17. Cisco Intelligent Automation for CloudOff-the-shelf IaaS Cloud Solution with Integration Capability Service Catalog and Self-Service Portal Intelligent Automation for Cloud Cloud Automation Pack Cisco Cloud Portal CMDB Global Orchestration Cisco Process Orchestrator IT Service Management Tools Adapter Framework Billing/ Chargeback Infrastructure Virtualization OS/Software Provisioning Management Management Cisco Server Monitoring e.g. UCS Manager Provisioner Compute Virtual Network Storage Resources Machines Resources Resources
  18. 18. Cisco Intelligent Automation for Cloud Self-Service Portal and Service Catalog Define and Publish Track and Manage Standard Options Chargeback Architecture & IT or ShowbackManagementManagement Policies & Self-Service Request Approvals & Controls Governance Developers Orchestrate Report Delivery ConsumptionLifecycle Management Security Operations Process Orchestration and DR Automated Provisioning
  19. 19. Cisco Cloud Portal #CiscoPlusCA
  20. 20. Source: Cisco Cloud Portal product screenshot
  21. 21. • User-facing modules: – MyServices™ enables customers to find services, create requisitions, and track service requests. – ServiceManager™ enables service teams and their outsource providers to manage and track service requests and service level agreements. – Reporting provides a set of reports, metrics and Key Performance Indicators (KPIs) for monitoring service delivery operations. – Advanced Reporting provides ad hoc reporting and report authoring to enable root cause analysis and customized reporting for monitoring and managing service delivery operations. Uses IBM Cognos reporting and data management tools. – ServicePortal™ provides a customizable portal for RequestCenter that can replace or supplement the MyServices home page.
  22. 22. • Service: A service “product” that can be requested by a customer• Requisition: A “shopping cart” that can contain one or more requested services• Category: (Display Category) A heading that exists within the MyServices catalog to help customers find a service that meets their needs• Keywords: Words associated with a service that are used to support searching for a service within MyServices• Initiator: The person who initiates a request for a service• Customer: The designated recipient of a requested service• Order on Behalf: Request a service for someone else
  23. 23. Cisco Cloud Portal (CCP)An Online Catalog of IT Services The catalog should promote your standard offers and options – it‟s your brochure, menu, and storefront for IT consumers. Include your branding, images, service tiers, SLAs, pricing, etc.Source: newScale product screenshots.
  24. 24. CCP ArchitectureTenant User
  25. 25. CCP ArchitectureTenant Administrator
  26. 26. CCP ArchitectureService Portal for Cloud Administrators
  27. 27. CCP ArchitectureManage Cloud Page for Cloud Administrator
  28. 28. Cisco Process Orchestrator #CiscoPlusCA
  29. 29. Cisco Tidal Intelligent Cisco Intelligent Automation Cisco Intelligent Cisco BI Go to Market Automation for SAP for Cloud, for Compute Automation for Networks Appliance in Domains Automation Packs Delivery via CPO Business App (ex. SAP) Cloud Intelligence Engine Cisco UCS Cisco Network Storage • Role-based accessDelivery IT Processes Automation • Task Delegation Day 0 Service Assessment • Process Execution • Web Based Portal Day 1 Day 2 Day 3 • Scheduling• Client Console Service Service Service • Event triggering Delivery Operations Optimization• Reporting • Human Approvals• Ticketing Integration Automation Core Platform • Assignments &• Operations Managers Set of Core Processes, Activities, Events & Tasks Notifications • Auditing & Reporting• CLI Adapters Network & Servers Applications Storage Data Center – Physical and Virtual Infrastructure
  30. 30. Automation PlatformDocumented, Repeatable, and Auditable Processes Configure (Processes, Activities) • Drag-n-drop Studio • Out-of-the-box flow activities, processes re-use • Out-of-the-box integration adapters Value Points  Rich workflows that go beyond modeling just alert notifications  Ability to perform corrective actions  Ability to incorporate human and assigned tasks (i.e. approvals)  Ability to enable improved process re-use, less dependable on scripting and coding  Enables operational process modeling (i.e. system refresh)
  31. 31. CPO System Architecture Service Desk CMDB Adapters Web UI Remedy Central Event Manager Reports Expert UI Web CLI Microsoft SCOM Global IT Infrastructure Server SNMP AD / LDAP Web Service Interface Change & Configuration AD-integrated Role-Based Security Email (SMTP, POP, IMAP) Applications CPO Server Web Services (Process Engine) Software Infrastructure SAP ABAP, CCMS App ServerReportingDatabase SAP JMX / Telnet Database(s) Data Holding Bin OLAP (SAP BI) OSes Oracle, DB2, MS SQLReporting Editor Generic DB (OleDB) Virtualization Support Windows Servers VMWare Process DB Network (configuration, audit) Cisco UCS Automation Pack Terminal (SSH, Telnet) Storage
  32. 32. CPO Key Concepts • Process • Targets • Triggers • Process Inputs • Process Outputs • Global Variables • Process Variables • Activities • Logic • Approvals • Assignments
  33. 33. Intelligent Process Editor No Code Setup Adapter Toolbox Drag and Drop Activities Automation Summary Approvals, Human Interface, Alert, Incident, Change Request Drag and Drop Logic
  34. 34. Execution (Run-Time Model)• Visually-guided mode Value Points Provides visibility across functional teams Easier to troubleshoot processes
  35. 35. CIAC 2.0 Packaged Content #CiscoPlusCA
  36. 36. • Commission a New Application Server on Linux • Decommission a Physical Server• Commission a New Application Server on Windows • Decommission a Virtual Server• Commission a New Database Server on the Linux • Modify Virtual Server Configuration - CPU Count• Commission a New Database Server on the Windows • Modify Virtual Server Configuration - Memory Size• Commission a New Physical Server with Linux • Power off a Virtual Server• Commission a New Physical Server with Windows • Power recycle a Virtual Server• Commission a New Virtual Server with Linux • Snapshot - Take a Snapshot of a Virtual Server• Commission a New Web Server on the Linux • Snapshot - Revert to a Snapshot of a Virtual Server• Commission a New Web Server on the Windows• Commission a VMware ESX Host
  37. 37. • OS – Windows 2008 64-bit – Linux (CentOS)• “T-Shirt” Sizing – Small – Medium – Large• Service Levels – Gold – Silver – Bronze
  38. 38. *Partial table view
  39. 39. © 2010 Cisco and/or its affiliates. All rights reserved. Cisco Confidential 42
  40. 40. • Administrative Login/Password Policy – Set to default to Administrator/Root Login – Generic password from template• Approvals – None configured• Catalog Views Configurable – Use role-based access controls to filter catalog views – Set service item management controls• Service Item Ownership Configurable – “Owned” by individual – “Owned” by organization
  41. 41. • Single-tiered Organization Structure – Configured and maintained using OrganizationDesigner • Every user must be assigned to a business unit as their “Home Organization Unit” (Home OU) • Organizational Unit ID registered in CPO (manual process) • Need to create service teams and associated work queues • Organization authorization structure would have to be created• Authentication – CCP login page – LDAP and single sign-on possible but not configured out-of-the-box• Role-based Access Control – Common portal administrator/user roles • Customer Administrator • Portal User • Organization Administrator • Cloud Administrator • Site Administration
  42. 42. • Resources assigned in Cloud Governor Database at “onboarding” time One per organization Required Data* Organization ID Organizational Unit ID from CCP organization creation Organization Name Organization Name from CCP organization CPO Owner CPO web service target name Server Domain Domain that will house customer VMs. Public Network Path From vCenter inventory. The network assigned for VMs. For example “DatacenterName/Network Name VMware vCenter Owner The name of from vCenter Target that was defined. Maps to the vCenter Target in CPO. VMware Default ESX Host The host that will be assigned to the customer for them to use to provision VMs VMware Resource Pool Path vCenter Resource Pools. Compute resources, i.e., vCPU, Memory, assigned to the customer VMware Datastore Path The assigned storage resource for the customer. VM Inventory Path vCenter folder for customer VMs. All folders have to be preconfigured in vCenter. CPO does not create. * Additional required data for Physical Server provisioning
  43. 43. • IP Addresses Defined in CPO at Required Data* “onboarding” time for eventual assignment Starting IP Address to VMs. Ending IP Address• One or more public IP address pools for Subnet Mask each defined organization. Default Gateway• CPO expands the IP Address range in DNS Governor database to use to assign to customer VMs during provisioning and then to reclaim during deprovisioning. * Additional required data for Physical Server provisioning-Management IP Allocation.• No firewall or network management.• No static IP assignment.• If two network interfaces required, could use public IP and management IP.
  44. 44. • One or more VMware templates must be pre-built and configured within VMware vCenter to use for cloning new virtual servers.• Templates attributes must be added to the CCP standards table according to the type of template – Application server – DB server – Web server• Templates must also be registered in the Cloud Governor database.
  45. 45. Case Study #CiscoPlusCA
  46. 46. Requirements• IaaS Public Cloud Design• Network Virtualization – Core/Distribution Nexus 7000 – Access Layer - Nexus 1000v – Load Balancing - ACE – Firewall – ASA• Server Virtualization – Vmware vCenter• Compute – Cisco UCS• Storage - EMC #CiscoPlusCA
  47. 47. IaaS Software Orchestration LDAP Authentication Cisco Cloud Microsoft Portal Active Directory Cisco Process Orchestrator (CPO) Adapters Cisco UCS vCenter CA Microsoft Billing Networking Manager MRTG Monitoring TicketingMS AD SQL Exchange ESXi Hosts
  48. 48. Key Design Points – Portal• Content/Orchestration built in Cisco lab designed to simulate customer architecture – Small-scale network – Stub-outs in Orchestrator (CPO) for some next phase network and billing requirements• Portal and Orchestration is custom built – Portal organization structure designed to meet hierarchical requirements – Eliminated integration/message chatter in portal Comments section – Created parameter-driven agents for bi-directional communications between orchestrator/portal
  49. 49. Key Design Points - Orchestrator• Orchestrator (CPO) using Change Request based workflow triggers• Multiple workflows can subscribe to events and react • Parent workflow creates change request object and assigns parameters to it • Change request creation triggers other workflows that listen to object• Using Orchestrator (CPO) Target as Data Model Object • Allows a way to access, create and update cloud data model • Targets have strings or integers (IP address, name, ID, etc) • Targets can have reference pointers targets to other targets which can transverse and walk down the object graph.• Orchestrator (CPO) automated workflow for regression testing • Orchestrator custom built unit test workflows running daily testing code differences
  50. 50. Extensible POD Design SQL Server CCP SQL Server Process-M DB Process-S DB CPO-Master Cloud Governor DB SQL Server SQL Server CPO-POD1 CPO-POD2 UCS VMware UCS VMware SAN Storage SAN Storage Manager vCenter Manager vCenter#CiscoPlusCA
  51. 51. Error Handling• Extensive error handling implemented• Error handling task for all orchestration tasks. Activated when error message is returned to portal• Resource rollback on failed tasks: VMs deleted in vCenter, IP Address released to IP Pool, Service Targets deleted• “Take-2” tasks available for Virtual Machine and Storage Services if support team can fix the source of the error• Organizational maintenance tasks allow support team to update form data in the event work must be manually processed #CiscoPlusCA
  52. 52. Integrations – Adapters/Agents Implemented• REX - Used for Portal automation to create Organizational Units and hierarchy• HTTP/WS - Standard Product adapter for communicating with Orchestrator• Agent and workflow to interact with CA Help Desk• Agent and workflow to interact with MRTG Monitoring tool (open source)• Agent and workflow to interact with Active Directory• Agent and workflow to collect data for billing in a mediation server (Comptel)
  53. 53. Onboard a New Customer Establishes the Multi-tiered Business Unit OU Structure Defines the Commit Levels that control billing Creates a Customer Administrator in • RC • AD • CA • MRTG Establishes the service items/governor DB items for • Customer • Contracts • Network • Accessibility Options
  54. 54. Customer Onboarding Process• Onboard Tenant – OU and Admin – For Billing – For Monitoring – For CA Help Desk – vCenter Properties• Onboard Admin/User – Tenant MRTG Admin – AD Cloud User – CA Admin #CiscoPlusCA
  55. 55. Provision a Virtual Machine Work Plan Manual Error Handling Task for each automation task Error message posting in service form for service teams Service target and resource allocation (VM, IP) rollback per automation task if failure Take 2 opportunity to restart failed workflows
  56. 56. Provision a Virtual Machine Orchestration - Success Different types of VM actions are handled Each of these steps in the workflow check for errors This trigger “newScale Complete ServiceRequest” work to provide on SUCCESS of VM related workflows Creates multiple parameters and sends to Cloud Portal
  57. 57. Provision a Virtual Machine Orchestration - Failure Different types of VM actions are handledEach of these steps in theworkflow check for errors This workflow “newScale Complete Service Request Failed” runs if VM related worfklow fails
  58. 58. Provision a Virtual Machine Orchestration –Targets as Data Model Objects Reference pointers other targets. Creates an object graph to walk down the object path and access other related objects String/integer type properties
  59. 59. Deprovision a Virtual Machine Work Plan• Shameless borrowing from C&W project• Disable access to VM and stop billing when request submitted, delayed removal• Timed warning before actual deprovision/ deletion provides opportunity for reinstatement• Service targets and resource allocation release moved to final steps to eliminate duplications
  60. 60. Decommission a Virtual Server
  61. 61. Customer Change Management Process• Disable CA Admin• Disable MRTG Admin• Change MRTG Password• Disable AD Cloud User• Change AD User Department• Change AD User Password #CiscoPlusCA
  62. 62. Q&A #CiscoPlusCA
  63. 63. We value your feedback.Please be sure to complete the Evaluation Form for this session. Access today‟s presentations at Follow @CiscoCanada and join the #CiscoPlusCA conversation
  64. 64. ACME Customer DesignCisco Intelligent Automation for Cisco Cloud Portal Cloud Automation CCP Cisco Process Orchestrator Pack CPO (Master-Slave Model) Cloud Adapter Billing UCS VMware vCenter Monitoring Manager Ticketing Compute Virtual Network Storage Resources Infrastructure Resources Resources