Cisco Kick Start to Cloud Workshop
 

Cisco Kick Start to Cloud Workshop

on

  • 2,201 views

 

Statistics

Views

Total Views
2,201
Views on SlideShare
1,534
Embed Views
667

Actions

Likes
1
Downloads
129
Comments
0

1 Embed 667

http://blogs.cisco.com 667

Accessibility

Categories

Upload Details

Uploaded via as Microsoft PowerPoint

Usage Rights

© All Rights Reserved

Report content

Flagged as inappropriate Flag as inappropriate
Flag as inappropriate

Select your reason for flagging this presentation as inappropriate.

Cancel
  • Full Name Full Name Comment goes here.
    Are you sure you want to
    Your message goes here
    Processing…
Post Comment
Edit your comment
  • Primary message point for slide:Explosive growth is measureable now and will continue trending upwards rapidly for at least the next 3-7 years. These are just four examples looking at year 2015, of this worldwide phenomenon.Along with the business impacting transitions, we are able to see distinct trends in explosive IP traffic growth and changeCisco’s projections for four significant indicators or numbers in 2015 are:767 Quintrillion – the projected number of bytes of global IP traffic – up from 176 quintrillion in 20097 Billion – the number of mobile-connected devices in an overall population of 12 billion connected devices18000 – the 5 year (to 2015)percentage growth in web video conferencing91 – the percentage share of video in all consumer traffic – across all devices
  • Primary message point for slide:A perfect storm of technology and economics have brought about the confluence of computing and networking again to propel the industry into yet another major transition which represents both a threat and an opportunity for network operators, and it is fast movingOur industry is seeing a significant change in how computing is doneThis represents both threat and opportunity for network operatorsA recent Cisco IBSG demand-side study worldwide revealed a projection of $43B revenue in 2013 for outsourced IT services via a cloud business model, including the three major categories: SaaS, PaaS, IaaSA market this size and growth rate is a big opportunity for network operators but also a threat because such transitions attract new market entrants which can disrupt current businessAmazon Cloud is an example of a successful new entrant and one which demonstrates that cloud can scale and is growing rapidly. Amazon Cloud operated at >200,000 requests per second at end of 2010 and supported 262B objects up from 14B objects just in 2007Cisco’s IBSG study also revealed that netowrk operators do have an inherent advantage; the top 3 differentiators in the minds of CIOs across several industry segments are: end-to-end SLA,s provisioning across access network and IT data centers, enterprise-ready billing. All these are core capabilities of network operators should they choose to leverageOne more significant number for 2015 is 0 (Zero) – according to Saugatuch technology, this is the number of business computing categories NOT moved to cloud by 2015The average monthly traffic in 2014 will be equivalent to 32 million people streaming Avatar in 3D, continuously for the entire month.From Amazon.com:Stats, measured at the end of the fourth quarter of each year:2006 - 2.9 billion objects2007 - 14 billion objects2008 - 40 billion objects2009 - 102 billion objects2010 - 262 billion objectsThe peak request rate for S3 is now in excess of 200,000 requests per second.
  • Cloud Computing started with the needs of the largest Internet Companies serving millions of users everyday. Could only be accomplished with very large scale data centers, ten’s of thousands and servers, and fully automated management systems. In such an environment there will always be components that fail yet the application needs to survive.
  • Definition of Private Cloud Computing for purposes of this presentation: Cloud infrastructure and processes for the exclusive usage of one enterprise/entity, hosted within the scope of the enterprise, and encompassing physical as well as virtual resources.Basis of this diagram is in Gartner’s document: Q&A: The Many Aspects of Private Cloud Computing authored by Thomas Bittman in October 2009 in response to the question ‘What are the basic elements of a private cloud service?’
  • Part of a larger story that goes to down to the infrastructure includes HCS, SP-Wifi,
  • So what is it about the cloud computing that makes it so much more desirable as a model for how data centers are run? Here we have a simplified model of an enterprise IT organization supporting multiple departments. This same approach works for managed service providers if you imagine the departments are actually different customers or tenants.Watch what happens when the data center grows as more applications are added. As each new application is added, a new system configuration is created consisting of a server, operating system, storage, and the app itself. As more applications are added, the system grows in complexity. There is very little scaling advantage. Because each application setup took getting approval, and months of development, even those apps that are only used occasionally never leave for fear the department wouldn’t ever get the servers back again. This leads to the so-called “server hugging” and the resulting poor utilization and inflexible infrastructure.(While we are showing this for an enterprise, the same holds true for a managed services provider by viewing each application as a different tenant.)
  • In the cloud computing model things are different. In this case, the services organization provides a cloud infrastructure service, on top of which applications are deployed fully configured with their own operating system and configuration. We have de-coupled the complexity of applications from the underlying infrastructure. The application layer and the infrastructure layer are managed independently.
  • As shown in green, the infrastructure service provider is now responsible for provisioning and managing physical resources and running in essence the single “cloud infrastructure application” as a service across all resources. This organization can therefore become very very efficient and almost completely automated, which dramatically reduces their costs.Of course, in a way, all we’ve done is to push the problem of application management up to the individual application owners or another part of the organization. For some organizations, like the engineering department, this is just the way they want it anyway. They would rather manage their applications without interference. For others, this self-service model means they only have to pay for what they use. This makes it possible for them to move more quickly and be less dependent. The need for application management doesn’t go away, but by separating it from the management of the infrastructure, it can be performed in a much more cost effective way.This de-coupling of the application layer from the physical infrastructure, along with self-service and automation is what makes cloud computing so much more cost effective.
  • The impact for our customers is taking what was very long and complex legacy management process – that can take weeks for end-to-end, often manual delivery of a request, from the upfront architecture and design of the system to the deployment – to minutes in an automated self-service provisioning environment.And this is exactly what we did at Cisco IT, which deployed Cisco UCS and Nexus – together with Cisco Intelligent Automation for their private cloud.
  • John M
  • How we are gonna use it
  • Dependencies outside of the MT/IaaS boundaries are subject to their local add/move/change policies and procedures, including freezes Tenants likely to have dependencies outside the MT/IaaS pod which won’t be covered by the no-freeze SLAServices run in the MT/IaaS pod are exempt from external change and freeze restrictions Services and applications external to the MT/IaaS environment may over time develop dependencies inside the MT/IaaS environment These dependencies will be difficult to predict/trackComparision to external cloud providNOTE: Above applies to both freeze and maintenance policies
  • To enable automation, virtualize the server environment and design a wire-once network that eliminates the need to individually cable new servers.Use commercial, off-the-shelf components instead of developing the software internally. “Using the Cisco Intelligent Automation Cloud accelerated development from 24 months to 2 months,” says Morgan. “In addition, we didn’t have to train internal IT resources to maintain custom software, and have the option to out-task management of the IaaS program to Cisco Services or a third party.” Develop the operational model early. Map out every step for a service before you take it live.Hide the complexities of the offering by creating short, simple online forms. Know your clients and their expectations. “Early communication with customers is essential,” says Jim Heil, with the CITEIS Client Engagement Team. “They will always want additional capabilities, so you have to draw a line for the first release and constantly follow up, keeping a close eye on the competition.”Start small. Make sure you can provision the simplest resource end-to-end before offering more complex resources.Make a simple user experience a high priority. “It doesn’t matter how great the automation is if the service portal isn’t easy to use,” says Cinque.Calculate the TCO for the environment if you are going to implement a chargeback model.

Cisco Kick Start to Cloud Workshop Cisco Kick Start to Cloud Workshop Presentation Transcript

  • Ciscos "Kickstart-to-Cloud"WorkshopThe Dirty Little Secret of Private Cloud: Why Many Fail andWhat to Do About It November 2012© 2010 Cisco and/or its affiliates. All rights reserved. Cisco Cisco Public Confidential 1
  • • 8:30-9:00 Meet and Greet• 9:00-9:45 To Cloud and the Big Themes• 9:45-10:30 Private Cloud Success: Cisco IT• 10:30-11:00 What type of Cloud are you building (and for whom)?• 11:00-11:30 Best practices of successful cloud builders• 11:30-12:00 Panel: Storytelling about other successful clouds© 2010 Cisco and/or its affiliates. All rights reserved. Cisco Public 2
  • To Cloud and the BigThemesRodrigo Flores, Cloud Architectrodrflor@cisco.com, @RFFlores© 2010 Cisco and/or its affiliates. All rights reserved. Cisco Confidential 3
  • 767 Quintillion 7 Billion Bytes of Global IP traffic * Mobile-connected Devices * 176 Q in 2009 Quintillion =1018 12B all connected devices 18000 91 5 Year Percentage Percentage Share of Growth in Web Video Video in Consumer Traffic * Conferencing *© 2010 Cisco and/or its affiliates. All rights reserved. Cisco Public 4 * Source: Cisco 2011
  • $43B Advantage Network Operator * 2013 SP Global Top 3 Differentiators per CIOs Revenue * Amazon Cloud *** 0 >200,000 requests Number of business per second 262B computing categories NOT moved to Cloud by 2015 ** Stored Objects 762B 14B 2007 2010 2011© 2010 Cisco and/or its affiliates. All rights reserved. Cisco Public 5 * Source: Cisco 2011 ** Source: Saugatuck Technology 2011 *** Source: Amazon 2011
  • • 2.5 connections for every person on earth (19 billion) by 2016• 3.4 billion Internet users (45% of the planet’s population) by 2016• 1.3 zettabytes of annual IP traffic (Zettabyte = one sextillion or 1E+21) by 2016. This is four times as much traffic as in 2011.• There were 500 million global gamers in the World 18 months ago. This summer it doubled to a billion• YouTube’s users upload about two days worth of video per minute• http://gigaom.com/video/youtube-48-hours- of-video-per-minute/• 6-30/11: Twitter does 1.3 Million writes a second• Wu: China Unicom 3G traffic grew 62% ... in a single quarter. China Mobiles data 10x in one year.© 2010 Cisco and/or its affiliates. All rights reserved. Cisco Public 6
  • Marketing Campaign: Super Bowl commercial offered every American a FREE Grand Slam Breakfast if they signed up on their website while the game was being played. Issue: No idea how many people would come…they spent $25M on the Ad Campaign! Result: 59M Americans went to site on Super Sunday…Site stayed up…This story is now in Denny’s Annual Report. Source: SOASTA© 2010 Cisco and/or its affiliates. All rights reserved. Cisco Public 7
  • Source: CloudScaling© 2010 Cisco and/or its affiliates. All rights reserved. Cisco Public 8
  • Google’s data center on the Columbia river, Oregon© 2010 Cisco and/or its affiliates. All rights reserved. Cisco Public 9
  • To the CloudIf we can…© 2010 Cisco and/or its affiliates. All rights reserved. Cisco Confidential 10
  • Self-Service Portal and Service Catalog Track and Manage Define and Publish Standards Chargeback Architecture & IT or Showback Management Management Policies & Self-Service Request Policies Governance Developers Orchestrate Report Delivery Consumption Lifecycle Management Security Operations Process Orchestration and DR Automated Provisioning© 2010 Cisco and/or its affiliates. All rights reserved. Cisco Public 11
  • • Self-Service Interface: Provides Automated ability for users to order and Very fast fulfillment provisioning/ track metered services Web-based de-provisioning Metered Standardized front end of resources usage offerings• Service Delivery Automation: Automates provisioning and meters usage of services Broad Rapid Measured On-Demand Network Elasticity Service Self-Service Access• Resource Management: Resources are provisioned and managed as per service needs Resource Pooling• Operational Process Automation: Automates operational • Dynamic resource allocation processes such as user • Capacity management management, capacity • Resource utilization management, service level • Performance management management, service desk • Maintenance integration, alerting…• Lifecycle Management Lifecycle Management of Cloud Services© 2010 Cisco and/or its affiliates. All rights reserved. Cisco Public 12
  • IT-as-a-Service Requires a New Management Approach Business Applications and IT Services Self-Service Portal and OrchestrationOperations Business Support On-Demand Provisioning Service Governance Lifecycle Management SupportEcosystem Ecosystem Service Catalog Integration and Automation Pay-Per-Use Service Billing, CustomAssurance, Co ermpliance, Confi Management, guration FinancialManagement, Infrastructure Resource Mgmt Management,Cisco Prime for Pooled Resources Seamless Physical-Virtual … SP and Enterprise Policy-Based Compute Policy-Based Network Service Profiles Network Containers Physical-Virtual, Multi-Hypervisor Dynamic Network Provisioning Compute Storage Network © 2010 Cisco and/or its affiliates. All rights reserved. Cisco Public 13
  • Agility 4 Availability Predictability Application-as-a-Service: 3 Business DriversDifferentiation Holistic Automation, Operational Optimization Platform-as-a-Service: Advanced Automation, Holistic Process Optimization Scale 2 Utilization Infrastructure-as-a-Service: Siloes of Automation, Basic Process Optimization Control 1 Compute-as-a-Service:Consolidation Basic Automation, Basic Process Optimization Transition Stages 1 2 3 4 Server Private Public Hybrid Virtualization Cloud Cloud Cloud © 2010 Cisco and/or its affiliates. All rights reserved. Cisco Public 14
  • Complexity Grows With Number of Apps Corp Mktg Finance Engineering HR App App App App App App App OS OS OS OS OS OS OS Physical Physical Physical Physical Physical Physical Physical Server Server Server Server Server Server Server DB DB DB Storage DB DB Poor Utilization Inflexible Infrastructure© 2010 Cisco and/or its affiliates. All rights reserved. Cisco Public 15
  • Applications Run on Virtualized Infrastructure Corp Mktg Finance Engineering HR App App App App App App App OS OS OS OS OS OS OS Virtual Virtual Virtual Virtual Virtual Virtual Virtual Machine Machine Machine Machine Machine Machine Machine Cloud Infrastructure Service Cloud Infrastructure Service Physical Server Physical DB Service Queue Server Storage Storage Physical Server Physical Server© 2010 Cisco and/or its affiliates. All rights reserved. Cisco Public 16
  • Corp Mktg Finance Engineering HR App App App App App App App OS OS OS OS OS OS OS Virtual Virtual Virtual Virtual Virtual Virtual Virtual Machine Machine Machine Machine Machine Machine Machine API-driven services Self-service portal Selective application mgmt Cloud Infrastructure Service Pool of shared resources Physical Server Physical DB Service Queue Server Storage Storage Physical Server Physical Server© 2010 Cisco and/or its affiliates. All rights reserved. Cisco Public 17
  • Today’s Architectural Web Battle Enterprise Approach Approach Scale-out Vertical scaling Architecture HA failover model Design for Failure Transactional Information- centric Application specific Commodity Infrastructure systems Commercial Open Source Software Innovation© 2010 Cisco and/or its affiliates. All rights reserved. Cisco Public 18
  • Example developer application API API API Virtual Infrastructure Virtual Virtual Virtual Waas Firewall VPN App App OS OS VM VM Application Layer • Each tenant is responsible for requesting and managing their own set of virtual resources • May call other services through APIs Infrastructure as a Service – Developer API IaaS (Cloud stack) Layer • Allocates virtualized resources to tenants Compute Storage User and through end-user portal and developer APIs Service Service System • Each tenant only sees their own resources Servers Disks Admin UCS Manager – Network Containers– System Level API Resource Virtualization Layer • Creates virtualized compute, storage and Hypervisor: KVM, Xen, ESX - Nexus 1000v + Open vSwitch networking resources • Manages resource creation, isolation, and non- Network Virtualization: L2-LISP, vPath, OpenFlow, VLAN interference Physical Resource Layer • Networking, Storage and Compute resources • Management, monitoring, etc.© 2010 Cisco and/or its affiliates. All rights reserved. Cisco Public 19
  • • Finally, some good high-class problems! What is the service?• What does the rest of the orchestration?• Support? Install? Day 0? Day 1? Day 2? Day before I get fired?• What are the policies I will automate?• What risks will I run?© 2010 Cisco and/or its affiliates. All rights reserved. Cisco Public 20
  • HD VoIP VDI Video Ap p OS Optimal Experience Cloud Security Simplified Operations UNIFIED MANAGEMENT AND POLICYBranch Office IaaS Cisco and Third Party Cloud Connectors App OS Hosted ScanSafe Collaboration Web Security Cloud Storage … SaaS Home Physical Virtualized (ISR G2, ASR 1000, WAVE) (CSR, vWAAS) Mobile User Cloud-Ready Platforms Collaboration© 2010 Cisco and/or its affiliates. All rights reserved. Cisco Public 21
  • Cloud Enabled IaaS, CaaS, PaaS, HCS, HVD, DR, …Applications & (including software to automate & orchestrate theServices application)Cloud Infrastructure Orchestration SoftwareOrchestration & Infrastructure Abstraction / Management Software Assurance SoftwareManagement Data Center Interconnect Scalable, Multi-Tenant Scalable, Multi-Tenant L2/3 DC Networking L2/3 DC NetworkingCloud L4-7 L4-7 Security Features Security Features Services ServicesInfrastructure(aka VMDC) Integrated Integrated Integrated Compute Stack Integrated Compute Stack Integrated Compute Stack – Vblock, Integrated Integrated Compute Stack – Vblock, Integrated Compute Stack – Vblock, FlexPod, etc. Compute Stack – Vblock, FlexPod, etc. FlexPod, etc. Stack –Compute Vblock, FlexPod, etc. Stack –Compute Vblock, – Vblock, FlexPod, etc. – Vblock, FlexPod, etc. FlexPod, etc. FlexPod, etc. Data Center 1 Data Center n© 2010 Cisco and/or its affiliates. All rights reserved. Cisco Public 22
  • 30 30 90% Less Cost Faster % % Less Time Deploy2x 60 Capacity % Less Cost No Staff IncreaseInfrastructure Application Deployment IT Power Costs Performance Times Staffing Cooling© 2010 Cisco and/or its affiliates. All rights reserved. Cisco Public 23
  • Private Cloud Success:Cisco ITCITEIS: CiscoIT Elastic Infrastructure Services Brian Cinque Cisco IT Solutions Architect Email: brcinque@cisco.com, @bcinque© 2010 Cisco and/or its affiliates. All rights reserved. Cisco Confidential 24
  • CITEIS – Cisco IT Elastic Infrastructure Services Software as a Service Applications, collaboration, etc. SaaS Cloud Platform as a Service Delivery Middleware, directories, etc. PaaS Models CITEIS Infrastructure as a Service Compute, storage, networking IaaS Data Center as a Service Data center facilities, power, cooling DCaaS© 2010 Cisco and/or its affiliates. All rights reserved. Cisco Confidential 25
  • Typical Users • Database Centric • Security Collection Services • Customer Portal • Web Services • Internal Development • Engineering IT • Customer Facing • Replacement for Physical Lab • Software Delivery • Innovation Center • Demonstrations • Security • Ironport • Data Warehousing • Support Teams • Solutions Factory • Internal Labs • Sales • Smart Services Customer Experiences Group Ability to “control their destiny” with a self-managed VDC Typical lead-time cut from several • Legal weeks or months to hours • Finance Competitive savings over all other alternatives© 2010 Cisco and/or its affiliates. All rights reserved. Cisco Confidential 26
  • CITEIS has enabled our application and business teams to deploy capabilities easier and quicker. Infrastructure is no longer in the critical path! • John Manville – Cisco IT Senior Vice PresidentDemo:http://www.youtube.com/watch?v=5m2CJjSpb9Q&feature=relmfu © 2010 Cisco and/or its affiliates. All rights reserved. Cisco Confidential 27
  • Unified Management – Automated Self-Service Provisioning FROM 8 WEEKS TO 15 MINUTESArchitect Design Where Procure Install Configure Secure Is It Can We Automated Ready? Put It? Self-Service Provisioning Manual Capacity Policy-Based Built-In On-Demand Provisioning Governance © 2010 Cisco and/or its affiliates. All rights reserved. Cisco Confidential 28
  • Client #1 Client #2 Client #3 (requires IaaS services (requires IaaS & PaaS (requires PaaS services only) services) only) “Give me the VMs and “My needs are mixed. I’ll “Give me all the standard Storage and I’ll manage take all the goodies I can goodies, and leave me just everything above the OS” get, and build the ones to manage my application” that I can’t” PaaS Application Middleware Services (e.g. Appserver, Database, …) Infrastructure Resources IaaS Services Infrastructure Resources (e.g. VDC, VM, Storage) (some bundled, some not) (not ordered directly by client)© 2010 Cisco and/or its affiliates. All rights reserved. Cisco Confidential 29
  • The Essence of CITEIS© 2010 Cisco and/or its affiliates. All rights reserved. Cisco Confidential 30
  • Operational SLA Maintenance Windows Managed & Self Managed Environments Technology & Services Ops Model Operations Domain Technologies Integration Points Service Portfolio Definition Service Catalog Service Portfolio Lifecycle Workflow Engine Catalog Governance PaaS Costing & Billing Technology Service Management© 2010 Cisco and/or its affiliates. All rights reserved. Cisco Confidential 31
  • CITEIS Gen2o Gen 2 Service Offerings Based on the Following Models o CITEIS Virtual Data Centers (vDCs) (tenant pre-paid resource pools) o CITEIS Express (personal infrastructure services or On Demand)o CITEIS VDCs - Pre-Defined Resource Pools with Bundled Services o Virtual Resources Reserved and Guaranteed o Tenants Allocate and Manage Resources Based on Their Specific Needs o Minimum One (1) Quarter Subscription Commitment Requiredo CITEIS “Express” for Individual Cloud Based Services o Minimal SLAs and Support Provided; Best Efforto Value Add Offerings o Enhanced Infrastructure Services Available for Additional Charges o Compliments CITEIS VDC Subscriptions Only© 2010 Cisco and/or its affiliates. All rights reserved. Cisco Confidential 32
  • CITEIS VDC Building Block(s) Mini Small Medium Large Jumbo Maximum # of Virtual Machines 10 25 55 120 250 Reserved Compute Power 20 vCPUs/ 50 vCPUs/ 110 vCPUs/ 240 vCPUs/ 500 vCPUs/ (performance equivalent) 10 GHz 25 GHz 55 GHz 120 GHz 250GHz Total Reserved Memory for 50 GB 125 GB 275 GB 600 GB 1250 GB Tenant Virtual Machines Storage Allocation 250 GB 500 GB 1375 GB 3000 GB 6250 GB Engagement Model Self Service Self Service Self Service Self Service Self Service Base Container Cost $ $$ $$$ $$$$ $$$$$ Select Network Container Network Segmentation (IP based) 5,10,25,55,120,250 Select Support Options (must select one)  Client-Managed OS Support  IT Managed OS Support (Add $$) (No Additional Charge) (Support for Cisco Enterprise Linux, Windows 2003, 2008 Based Images Only) Base Service AgreementsService Availability 99.9% Maintenance Occurs 1800-0800 Local Business Hours OnlyMonthly Maintenance Window Monthly Window: Second Thursday of Each Month© 2010 Cisco and/or its affiliates. All rights reserved. Cisco Confidential 33
  • o Individual Cloud Based Services : o Virtual Resources Reserved and Guaranteed o Tenants Allocate and Manage Resources Based on Their Specific Needs o Minimum One (1) Hour Subscription Commitment Required o Maximum Ninety Day lease period• © 2010 Cisco and/or its affiliates. All rights reserved. Cisco Confidential 34
  • End User requested and provisioned Services from Shared Pool Maximum Number of Virtual Machines per User 2 Maximum IP Addresses 1 Address per VM Option 1: 1 vCPU x 2GB Virtual Machine Supported Configurations Option 2: 2 vCPU x 4GB Supported Images Client Provided and Uploaded into CITEIS Express Virtual Machine Expiration 30 Days (Default) Storage Options OS and Data Storage 25 GB Increments Snapshots Not Available Backup and Recovery Not Available Service Agreements Service Availability Target 99.9% Standard Support Window Best Effort Maintenance Occurs 1800-0800 Local Business Hours Only Monthly Maintenance Window Monthly Window: Second Thursday of Each Month Order Fulfillment SLA On Demand via Service Catalog Service Costs 1cpu x 2GB VM Option $ per Month (does not include storage) 2cpu x 4GB VM Option $$ per Month (does not include storage) Per GB of Storage Allocated© 2010 Cisco and/or its affiliates. All rights reserved. $ per GB per Month Cisco Confidential 35
  • • Resource environment will be shared by multiple clients with varying demand types  Analysis into each domain to support and enable sharing of resources  Analysis into the creation composite based solutions that spans network, compute & storage  Analysis into the demand commitments from clients • Services provided will support and honor service level agreements  Analysis into the specific service level agreements around resiliency, performance, price, capacity & security  Analysis into the infrastructure foundational and functional services to support the service offerings and SLAs  Analysis into the lifecycle management of the IaaS based offerings  Analysis into the solutions that will monitor service offerings and ensure service assurance. • Services provided will be priced and based on multiple demand models  Analysis into the component and composite infrastructure elements  Analysis into methods to meter client usage models at a granular levels (i.e per hour)  Analysis into total cost of ownership that includes: management costs, infrastructure costs, operating costs, and operations costs, etc. • Resource environment will be operated and supported by new support models  Analysis into how foundational infrastructure will be operated and supported  Analysis into how the functional infrastructure will be operated and supported  Analysis into the incident and problem management for environment and services offered  Analysis into the customer demand and impact into existing change management IT policies© 2010 Cisco and/or its affiliates. All rights reserved. Cisco Confidential 36
  • Operations P1 Support for POD P1 Support for IT Managed Environments Self IT P1 Support for IT Managed App Managed Managed Freeze Periods: No IT support for Self Managed - POD: Hardware change only App App - Virtual: IT Managed – Impacted Self Managed – No Impact Maintenance Windows: - POD – Every 2 weeks for Low Impact - POD – Every Month for High Impact Self IT P1 Support for IT Managed VM - CITEIS Mgmt – Every 2 weeks (Client Service not Managed Managed No IT support for Self Managed interrupted) VDC VDC - VDC Env: IT Managed driven by CR’s Infrastructure CITEIS Mgmt Network Network Standard Built POD Portal Portal Orchestrator NAS POD P1 Support for POD App Support – P3 Compute Compute DB DB DB Support – P3No mixing of IT Managed & Self Managed Clients must patch OS & Apps –environments proactive security scansIT Managed must leverage Change Mgmt process © 2010 Cisco and/or its affiliates. All rights reserved. Cisco Confidential 37
  • • Multi-tenancy enables sharing of resources and costs across a large pool of users thus CITEIS Gen2 allowing for separation, utilization and efficiency improvements Tenant A VDC 1 Tenant B VDC 1 • What are the keys to making multi-tenancy work? Separation – meet security requirements, allow for operational policy autonomy, service level assurance Fault isolation – avoid fate sharing and control • The consumer does not manage or control the underlying cloud infrastructure but has control over operating systems & deployed applications© 2010 Cisco and/or its affiliates. All rights reserved. Cisco Confidential 38
  • • Freeze Periods vs Maintenance Windows Fixed monthly No tenant approval required Posted windows 1 year in advance Reserve right to take environment down • Ad-Hoc Change Requests • Break Fix Efforts Exempt from maintenance windows Document work via formalized Change Requests (audit trail) • External POD Dependencies • Tenant Roles & Responsibilities • Provider Roles & Responsibilities Sign End Use License Agreement© 2010 Cisco and/or its affiliates. All rights reserved. Cisco Confidential 39
  • Key Takeaways • Automation is about “doing more with less” Do not automate “yesterday’s standards” nor “today’s exceptions” Automate for the future: Opportunity for driving new, scalable standards • Integration play: Data model and consistent interfaces (APIs) are key • Off-the-shelf Products Maturing Rapidly Manageable orchestration through enterprise-class products Moved from 20 resources in Gen1 to 6 resources in Gen2 • Focus on operations, e.g. change management transformation • PaaS integration is needed to meet application team expectations • New skill sets: data modeling, virtualization, software development • Communication, Communication & Communication • Simplicity is a lost art – Know your user base!© 2010 Cisco and/or its affiliates. All rights reserved. Cisco Confidential 40
  • Thank you.
  • What Type of Cloud areYou Building (and ForWhom)?Yair Dolev, Product Managerydolev@cisco.com, @CiscocloudY© 2010 Cisco and/or its affiliates. All rights reserved. Cisco Confidential 42
  • • Multi-tenancy business cases• Tenants• Account types• The changing relationship between cloud users and operators• Tenant isolation• Tenant user roles• Self-management• Federating user authentication and SSO• Hierarchy of control© 2010 Cisco and/or its affiliates. All rights reserved. Cisco Confidential 43
  • Dimensions of Multi- What Cloud Business? Cloud Features tenancy • Enterprise starter cloud • Tenant account types • Roles • Enterprise private cloud • Hierarchical tenant / • Resource pools • SP providing SMB public organizational structure • Physical and virtual servers cloud • Multi-tier catalog • Storage and network POD • SP providing Managed • Delegation of mgmt hosted private cloud for administration (technical • Application provisioning enterprises and business) • Lease, quota and capacity • SP providing managed on • Network isolation of user mgmt premise private cloud traffic • Pricing mgmt • Tenant/user on/off boarding • Integrations • Performance management • Bursting© 2010 Cisco and/or its affiliates. All rights reserved. Cisco Confidential 44
  • Business Case Key Use Cases Key Required Capabilities Enterprise IT runs a private cloud All of SMB SP + hosting different BUs as • Hierarchy levels • Multi-site support tenants • Tenant self-management • Tenant specific offers SMB Service Runs a public cloud for Access restricted to tenant scope, small size clients Dedicated resources, Namespace Provider isolation, Personalization, Consumption reporting, Quota mgmt., Cost reporting Tier 1 Service Runs a public cloud All of Enterprise + Provider hosting managed private • Authorization/SSO data center for enterprises Managed On- Runs a cloud on Many managed services use cases Prem Cloud SP enterprise customer premises and manages it for the customer© 2010 Cisco and/or its affiliates. All rights reserved. Cisco Confidential 45
  • • A set of cloud users that operates as one consuming entity (account or business) and is separate from the cloud operator organization and isolated from other consuming entities.© 2010 Cisco and/or its affiliates. All rights reserved. Cisco Confidential 46
  • • Important: Provider-tenant relationships differ• Enterprise tenant: runs a hosted private datacenter on a public cloud Self-managed: provider is hands-off Managed: provider fills daily role of tenant administrator• Internal tenant: both in private and public cloud cases. A BU that is part of the same business/organization as the cloud provider.• Individual user tenant: casual walk-in account, single user• Let’s put it in context of Cloud Business Types Tenants Types Enterprise 1 Internal Large Enterprise Many Internal SMB Service Provider Many Enterprise SP hosting clouds for enterprises Many Enterprise, Internal© 2010 Cisco and/or its affiliates. All rights reserved. Cisco Confidential 47
  • • Private Cloud: Cost charging IT is responsible for assigning right costs per service Cost can be showback only or actually assigned to consuming organization• Public Cloud: Pricing Starts with a standard pricing structure Factored by service levels Modified per tenant based on contract terms, depending on committed usage, scale of usage, etc.• Charge models Pay as you go (usage-based) Commit for a period + overage charge Other (special arrangement)© 2010 Cisco and/or its affiliates. All rights reserved. Cisco Confidential 48
  • Enterprise Cloud Provider Administrator OU 1 OU 2 OU User A User B User C Enterprise private cloud: all part of same organization© 2010 Cisco and/or its affiliates. All rights reserved. Cisco Confidential 49
  • Cloud Provider Tenant X Tenant Y Administrator OU Tenant X Tenant Y OU 1 OU 2 OU Y1 OU Y2 ... Admins Admins User A User B User C Multi-tenancy separates the operators from users, and users from each other through tenants© 2010 Cisco and/or its affiliates. All rights reserved. Cisco Confidential 50
  • • No visibility across tenants Tenant users cannot see or find other tenant user or entities For example, when searching for users, or viewing “my servers”.• No awareness across tenants Tenant users cannot know or find out about other tenants• Isolated name spaces Tenant entities can have same names as other• No network access Tenant servers cannot access other tenant servers or data (except through the Internet) Separate VLANs, mandatory firewall rules, etc.• No resource impact Tenant dedicated, reserved resource pools (e.g, VDC) cannot be impacted by any action of other tenants that might share the underlying infrastructure© 2010 Cisco and/or its affiliates. All rights reserved. Cisco Confidential 51
  • Service Provider Catalog Provider Catalog Provider CatalogCatalog Org Catalog Tenant Catalog Org CatalogAdmin Cloud Org CloudOrg dmin Admin Tenant Admin Cloud AdminRoles & Admin Admin Org AdminPrivilegesNetwork Fixed Manual Self-ServiceAutomation AutomatedNetwork Single Network Multiple NetworksPathIsolation Shared VLANs (no isolation) (L2 Isolation) Network Container (L3 Isolation)© 2010 Cisco and/or its affiliates. All rights reserved. Cisco Confidential 52
  • • Shared provider managed networks • Shared provider managed firewall • May assign a network per tenant© 2010 Cisco and/or its affiliates. All rights reserved. Cisco Confidential 53
  • • Tenant VDC • Internet connectivity • Tenant owned edge firewall • Tenant owned load balancer (optional)© 2010 Cisco and/or its affiliates. All rights reserved. Cisco Confidential 54
  • • Tenant VDC • Internet & VPN connectivity • Tenant owned edge firewall • Tenant owned load balancers (optional)© 2010 Cisco and/or its affiliates. All rights reserved. Cisco Confidential 55
  • • Tenant VDC • Internet & VPN connectivity • Tenant owned edge firewall • Tenant owned host firewall • Tenant owned load balancers (optional)© 2010 Cisco and/or its affiliates. All rights reserved. Cisco Confidential 56
  • • Tenant Technical Administrator Creates tenant user organizations Assigns user organization-level administrator Creates tenant-wide shared resources, libraries, and policies• Tenant Business Administrator Controls subscription against the provider (such as SLAs, pricing discount) Approves new charges (such as new VDC order) Views consumption / cost reports• Financial Controller Oversees expenses in assigned project(s) Approval point for expenses related to project© 2010 Cisco and/or its affiliates. All rights reserved. Cisco Confidential 57
  • • Service Class: Category of • Service Standard: Specific services offered service option Virtual servers, Physical VM templates, VDC size, OS servers, Virtual data templates, Network QoS, etc centers, PaaS, etc.Provider Providerdetermines globalcloud offers are,by service class Provider determines a set of global standard options Tenant blocksProvider can limit Tenant some globalclasses for tenant Tenant 1 standards, addsas per agreement 2 local ones User User User Org A Org B Org © 2010 Cisco and/or its affiliates. All rights reserved. Cisco Confidential 60
  • Private Cloud Public Cloud Multi-tenancy No (Single tenant) Yes Who managed the tenant Cloud Provider Tenant administrators administrators Tenant bring-up & mgmt functions Disabled Enabled Migratable to Public cloud, at any Private cloud, if only 1 point internal tenant exists Tenant terminology in UI Avoided Used Tenant level service options and None (all derives from Yes standards global) Federated user authentication No Yes Pricing and charging Optional Yes Cross-tenant views and reports No Yes© 2010 Cisco and/or its affiliates. All rights reserved. Cisco Confidential 62
  • Best practices ofsuccessful cloud buildersWayne Greene, Director of Product Managementwagreene@cisco.com, @Cloud_Wayne© 2010 Cisco and/or its affiliates. All rights reserved. Cisco Confidential 63
  • From: http://www.eweek.com/c/a/Cloud- Computing/Cloud-System-Builders- 12-Habits-That-Aid-Successful- Deployment-Projects-628178/© 2010 Cisco and/or its affiliates. All rights reserved. Cisco Confidential 64
  • © 2010 Cisco and/or its affiliates. All rights reserved. Cisco Confidential 65
  • © 2010 Cisco and/or its affiliates. All rights reserved. Cisco Confidential 66
  • © 2010 Cisco and/or its affiliates. All rights reserved. Cisco Confidential 67
  • © 2010 Cisco and/or its affiliates. All rights reserved. Cisco Confidential 68
  • © 2010 Cisco and/or its affiliates. All rights reserved. Cisco Confidential 69
  • © 2010 Cisco and/or its affiliates. All rights reserved. Cisco Confidential 70
  • © 2010 Cisco and/or its affiliates. All rights reserved. Cisco Confidential 71
  • © 2010 Cisco and/or its affiliates. All rights reserved. Cisco Confidential 72
  • © 2010 Cisco and/or its affiliates. All rights reserved. Cisco Confidential 73
  • © 2010 Cisco and/or its affiliates. All rights reserved. Cisco Confidential 74
  • © 2010 Cisco and/or its affiliates. All rights reserved. Cisco Confidential 75