Cisco Silicon One Enables the Best Routers

It’s not every day you get to work on products that continue to evolve so quickly that before you finish talking about one device the next generation comes out. However, with Cisco Silicon One™ that’s exactly what we’ve done.

We recently announced our 19.2 Tbps P100 piece of routing silicon and I wanted to spend some time going over what it means from a system perspective.

Cisco Silicon One P100—In a class of its own

There are several types of routing silicon available on the market today from third-party silicon providers to full system vendors. This silicon covers a variety of market needs but broadly speaking routing silicon breaks down into silicon that is built for core, peering, and aggregation markets versus those focusing on broadband aggregation. If we take a look at all the silicon currently available on the market, it’s clear that Cisco Silicon One is in a class of its own, and still today there’s no routing silicon that achieves higher bandwidth, even than our original Q100 announced back in 2019. Since then, we rolled out the Q200 with higher bandwidth and lower power consumption than the Q100. Today, less than 24 months from our initial Q100 launch and just 12 months from our Q200 announcement, we released the P100, further increasing our lead over the competition. We believe the Cisco Silicon One P100 is 2.6 times higher ethernet bandwidth than other routing silicon in the market.

The Cisco Silicon One P100 builds upon the great foundation that we created with Cisco Silicon One but continues to add features, buffering, scale, and programmability enhancements while growing the bandwidth.

Figure 1. Routing silicon available in 2021

Because Cisco Silicon One devices can flexibly assign ports to be generic ethernet or a fully scheduled fabric, the Cisco Silicon One architecture enables optimized fixed boxes and modular systems.

Figure 2. Cisco Silicon One – Common architecture across form factors

This capability is unique in the industry, and it allows us to offer products from a fixed box measuring just one rack-unit with a single piece of silicon, to a massive modular chassis with many pieces of silicon, to a fully disaggregated chassis with even more pieces of silicon. This is all accomplished with a common architecture, SDK, and P4 forwarding code.

This means that when we come out with a new piece of routing silicon, we enable our customers to enjoy benefits across their portfolio and network.

If I try to oversimplify the impacts of the Cisco Silicon One P100 in the market, we see that:

◉ P100 enables high bandwidth fixed boxes with 6–12 times less silicon. This leads to massive power, space, and cost savings while simultaneously reducing latency.

◉ P100 enables modular systems that are more than 2 times higher bandwidth than anything else available on the market, with the industry’s first 36×800, 28.8 Tbps modular line cards, while significantly improving power efficiencies of modular systems.

Figure 3. Cisco Silicon One P100 vs. competition

Fixed box advantages

Because we can use a single piece of silicon to create a 19.2 Tbps, 24x800G, or 48x400G router we can drive a level of efficiency unheard of in the industry today. The next best piece of routing silicon on the market tops out at 7.2 Tbps.

This means that you need to use between six and 12 devices to build an equivalent system. This difference means Cisco Silicon One enables a smaller, lower latency, more power-efficient router at the system level.

Figure 4. Cisco Silicon One P100 fixed box advantage

Modular line card advantages

Modular systems are built with multiple pieces of silicon. Based on limitations on the faceplate, Printed Circuit Board (PCB), optics form factors, silicon, and orthogonal connector densities, most system vendors produce 36x400G line cards with customer-facing 14.4 Tbps of bandwidth.

Using our advanced architecture, coupled with 100G PAM4 Serializer/Deserializer (SerDes) technology, Cisco Silicon One P100 enables line cards to push through previous limitations in front panel optics, PCB technologies, and orthogonal connectors, resulting in line card hardware that’s two times higher bandwidth than other modular line cards. When combined with our 25.6 Tbps fabric element, the Cisco Silicon One G100 is 2.6 times higher bandwidth than other fabric elements, so customers can build modular routers that are up to three times higher bandwidth.

Table 1. Cisco Silicon One P100 modular system bandwidth

The bandwidth increase coupled with the power efficiency of Cisco Silicon One drives significant power efficiency gains compared to all other routing silicon in the market.

Figure 5. Cisco Silicon One P100 modular line card advantage

Building the future of the internet

Cisco Silicon One P100 enables the highest bandwidth and most efficient fixed box routers based on a single piece of silicon. It also enables the highest bandwidth modular line cards that are two times higher bandwidth than what can be built with our competitors’ silicon.

Source: cisco.com

Continue reading

Plug & Play (PnP) enables faster onboarding of new offices

Most IT engineers can agree that device provisioning for new offices is tedious, time-consuming, and error-prone. Fortunately, our Cisco IT Customer Zero team—which tries out the latest Cisco solutions and integrations to prove value and share experiences—has discovered that it doesn’t need to be that way.

By leveraging the Plug & Play (PnP) capability in Cisco DNA Center, we’ve managed to slash provisioning time by over 50%, while improving the engineer/user experience, reducing configuration issues, and enhancing security.

Prior to PnP, provisioning new offices was tedious and error-prone

Before PnP, our process was manual and slow, with a high risk of producing errors. In the weeks before we set up a switch, engineers had to scour a 501-page playbook to find the right configuration for the device model and office size. They would then travel to the office and paste in the appropriate code snippets via the command-line interface (CLI).

During this process, engineers could easily type an incorrect character or miss a line/s of code. These types of mistakes were responsible for the vast majority of Day-1 problems. The process also required engineers to remain for Day-1 support.

PnP provides the ability to automate onboarding, eliminating errors and saving time

Today, Cisco DNA Center’s PnP capability allows us to onboard new sites much faster by automating the onboarding of devices and the configuration of underlay routing (Figure 1). Switches automatically connect to Cisco DNA Center and retrieve the correct template, based on their serial number and tags. Engineers no longer have to engage in the time-consuming activity of searching through the playbook for the right configuration. PnP also reduces the need to type command-line instructions and cut-and-paste blocks of code. We are now able to standardize our configuration with the use of templates and version control. Instead of using Microsoft Word or Excel spreadsheets, we can create templates that are used across multiple devices with the concept of variables allowing us to be adaptable to each device using templates and tags, saving time and ensuring compliance. Finally, with PnP, engineers no longer need to go on-site for Day-1 support.

Figure 1: Day-0 provisioning with PnP

PnP enables zero-touch device provisioning – ensuring simplicity, security, and consistency:

◉ Simplicity: When the device boots up for the first time, it automatically reaches out to the PnP Connect Cloud, then is redirected to Cisco DNA Center. From there, we can easily push the required Day-0 and Day-1 configs as well as the software images to the device—lowering the risk of an accidental input.

◉ Security: The device securely connects to the PnP cloud via https and is verified and redirected using its product ID and serial number.

◉ Consistency: This process enables a consistent workflow across all platforms— switches, routers, and wireless LAN controllers—regardless of the number of devices that need to be staged.

The Cisco IT Customer Zero team recently conducted a detailed value analysis to quantify the benefits of Cisco DNA Center PnP (Figure 2). Here is what the Customer Zero team found:

◉ Significant time savings: PnP cut the provisioning time of wireless controllers by 54 percent—from 130 minutes using the manual approach, to 60 minutes using Cisco DNA Center with PnP. Similarly, PnP reduced onboarding time for Cisco Catalyst 9300/9400 switches by 43 percent—from 180 minutes manually to 77 minutes with PnP.

◉ Enhanced NetOps experience: Because PnP does not require actual monitoring during device provisioning, only 45 percent of the provisioning process requires “active engineering time.” As a result, the experience is less tedious and stressful for network engineers.

◉ Better end-user experience: By automating initial provisioning and underlay routing configurations, PnP ensures faster site readiness and seamless user onboarding.

◉ Improved security: PnP enables end-to-end security, from Cisco DNA Center to network devices, from Day-0 to Day-N, with no physical access required.

Figure 2. Key findings: Cisco DNA Center Plug & Play benefits

The Cisco Customer Zero team is committed to exploring other ways that Cisco DNA Center PnP can further drive value by leveraging automation to fuel greater efficiency, better user experiences, and improved security. We are working towards initiatives such as configuration management across multiple Cisco DNA Centers and other automated use cases. Stay tuned…

Source: cisco.com

Continue reading

The Future of Broadcast: The All-IP Olympics

This summer, we witnessed the future of broadcasting, and it wasn’t the first time the Olympics were involved. When the Games were first held in Tokyo in 1964, it made history for being the first live televised broadcast. Fifty-seven years later, with the help of 6,700 pieces of Cisco equipment, NBC Olympics was able to deliver more than 7,000 hours of coverage across multiple platforms. The ingenuity behind the scenes was Cisco helping power the first all-IP production in the host city for NBC Olympics’ coverage of the Games.

IP networking is a proven and robust technology, as evidenced by the IP-based enterprise networks that support so many businesses and organizations. The tremendous benefit of IP is that it enables new workflows that simply aren’t possible with legacy video technology. These new workflows enable broadcasters to fundamentally transform how they create and deliver content while lowering their operating expenses. And they can do this without negatively impacting the reliability or real-time delivery of content.

Improving Capabilities & Visibility

Consider a workflow like distributed production (see Figure 1). Traditionally, all participants in a live broadcast, from those being filmed to those doing the filming, had to be in the same location. With distributed production, each group can be in its own location. A host or commentator could be on one continent while athletes are on another, and the production team is yet again somewhere else. This allows for a lighter onsite crew and for production teams to work in their home production studios with full access to all of their usual tools and equipment.

Figure 1: A distributed production workflow allows production, participants, and commentators to be located anywhere in the world.

This was truer than ever for NBC Olympics because of COVID-19. Production was split between crews in Tokyo and employees back at NBC Olympics’ studios in Stamford, New York, Englewood Cliffs, Miami, and Sky Sports in the UK. There was increased importance on being able to send content back to the video team for editing and post-production before being distributed. Reliability, always important, was even more vital due to the scale of these Games.

Delivering Live Production

To deliver live production, the IP network at the IBC had to guarantee reliable transport of uncompressed video (SMPTE 2110). Cisco’s Nexus 9000 switches, deployed in a hybrid spine-leaf network, made this possible running with Cisco’s innovative Non-Blocking Multicast (NBM) technology. NBM provides end-to-end bandwidth guarantees for all multicast flows without relying on the traditional “equal cost, multipath-based” load balancing of flow. The flexibility of IP ensured that all flows within the IBC were reliable while meeting the capacity demands. Along with NBM, the Nexus 9000 switches distributed timing at scale using Precision Time Protocol (PTP). This ensured all endpoints were always in sync with nanosecond precision.

In addition, Cisco Nexus 9000 switches powered by Cisco’s Cloud scale ASICs, provided granular visibility into critical aspects of the network, including tracking the bitrate of every multicast flow and following flow paths as signals travelled through the network and streaming all of this information real-time using software and hardware telemetry to Nexus Dashboard Fabric Controller (see Figure 2).

Figure 2: Flow analytics track the bitrate of every single flow in the network.

Simplification and automation were critical given the live nature of the Olympics. There wasn’t time for a tech to log into a switch and scan a session log to figure out an issue. Using the Nexus Dashboard and Cisco Nexus Dashboard Fabric Controller (NDFC) gave NBC Olympics a single pane of glass approach to network management. Combined with the granular visibility of Cisco Nexus 9000 switches (see Figures 3 and 4), NDFC provided real-time insights into network performance, all the way to the application level. This enables NBC Olympics to identify and resolve issues before they became problems that can impact the quality of broadcasting.

Figure 3: The Cisco Nexus Dashboard provides flow information.

Figure 4: Monitoring precision time protocol performance on Cisco Nexus 9000 switches.

In addition to increasing reliability and simplifying management, NBC Olympics also recognized substantial operational savings with an all-IP distributed production approach. While COVID-19 necessitated a reduced crew on the ground in Tokyo, the technology enabled teams in different countries or regions to do their work from their home base.

The flexibility of all-IP production also enables network and production investment to be used in different events around the world. This reduces the overall carbon footprint of the entire industry and create long-term operational savings while optimizing workflows.

Source: cisco.com

Continue reading

Secure and Simplify Your Programmable Edge and Industrial Sensors

The Cisco IoT Operations Dashboard provides operations teams with a centralized, cloud-based dashboard to securely deploy, monitor, and troubleshoot device connectivity. Using this secure connectivity as a foundation, that same dashboard then enables you to extract, transform, govern and deliver data from IoT edge devices to the cloud with Cisco Edge Intelligence, install and manage your containerized edge applications and to deploy a broad range of industrial IoT sensors with Cisco Industrial Asset Vision.

Once your solution is in place, or as part of your solution development process, IoT Operations Dashboard enables you to securely and simply access remote connected equipment and to monitor its connectivity status, using nothing more than your browser.  This simplifies maintenance, solution development and updates, and ensures business continuity without the need for frequent and costly truck rolls to remote sites and locations.

With IoT Operations Dashboard, scaling up is straightforward.  Using the cloud-based dashboard, Cisco Industrial Routers and Gateways can be zero-touch provisioned at remote sites, and automatically configured with proven solution templates and configurations, helping you to streamline configuration of your devices, and reduce errors. You can then deploy your industrial IoT solutions, applications and sensors using that same dashboard. Once in operation, Dashboard provides an Operations Technology (OT) focused user experience and is simple and easy to use. Directly from the browser-based dashboard you can see map-based views of your deployments, equipment status, sensor data, events and alerts, which greatly simplifies monitoring and gaining insights into your operations.

Operations Dashboard offers a rich set of capabilities for developers and systems integrators, as well as custom solutions. And you can start right now on DevNet! The new DevNet IoT Operations Dashboard sandbox includes components such as Edge Device Manager (EDM) and Industrial Asset Vision, and we also offer an IoT Cisco Edge Intelligence (EI) sandbox.

Create templates and test remote access with the Edge Device Manager Sandbox

Custom forms called eCVDs allow you to configure Cisco Industrial Routers and Gateways to meet the exact needs of your solution. Use predefined eCVD configuration forms to leverage Cisco-provided zero-touch provisioning (ZTP) and best security practices. These can then be easily customized using the open-source Freemarker template language on which they are based.  This makes it straightforward for you to create a custom configuration form which is specific to your solution with ZTP, security and solution-specific configuration options and in-form guidance.

Using the built-in Secure Equipment Access (SEA) feature of IoT Operations Dashboard, you can then use RDP, VNC, SSH or HTTP/S to securely access remote connected equipment using just the dashboard and your browser.  SEA provides this ability for simple and secure remote access even if you are in a different organization and network to your customer’s solution, for example as a solution developer or equipment vendor.  This greatly simplifies solution development, especially for those real-world proof-of-concepts and in-field development and update activities that are often so challenging and time consuming.

Reserve our all-new EDM sandbox today for access to a real Cisco IR1101 and your own IoT Operations Dashboard organization! Test on-boarding, deploy applications, and connect via the dashboard to the Linux DevBox without any VPN configuration.

Extract all your IoT sensor data via MQTT with Industrial Asset Vision

Cisco Industrial Asset Vision (IAV) provides a complete full-stack solution that includes all hardware and software components, pre-integrated and delivered as a cloud SaaS offer. IAV includes an end-user dashboard application, network management tools, LoRaWAN network devices, and Cisco industrial sensors for collecting environmental and GPS location data.

Cisco IAV exposes APIs through which global independent software vendors (ISVs) and applications developers can integrate with systems such as enterprise resource planning (ERP), service management, manufacturing execution systems, and analytics. Asset and sensor information can also be published to 3rd party data brokers via MQTT and to Azure IoT Hub.

Industrial Asset Vision – IoT Operations Dashboard Documentation

Simplify IoT Edge-to-Multi-Cloud Data Flow with Cisco Edge Intelligence

As part of IoT Operations Dashboard, the IoT data orchestration software, Cisco Edge Intelligence, connects assets at the edge to multi-cloud application destinations in a very easy way for the user and can even extend its functionality with a transformation engine at the edge.

Source: cisco.com

Continue reading

Cisco IT accelerates its transformation with CX Cloud

As any CIO with a digital transformation agenda can attest, success relies upon establishing clearly defined objectives for each step of the journey – with visibility into the entire IT infrastructure. Also critical is the ability to receive the right information at the right time to help achieve desired outcomes faster. This was especially true during the pandemic when, for example, Cisco enabled – within 10 days – 140,000 employees and partners to work from home.

In Cisco IT, we’re meeting these goals with CX Cloud – a one-stop destination that combines Cisco expertise and best practices with telemetry, AI-/ML-driven insights, use cases, and contextual learning. This cloud-based Software as a Service (SaaS) portal is smoothing the bumps in our digital journey by removing complexity, filling skills gaps, and ultimately accelerating technology adoption.

It accomplishes this by providing:

◉ Full visibility into all of our network assets and contracts

◉ Automated risk detection and mitigation

◉ Actionable data and insights

◉ Ready access to targeted learning resources and expertise, and much more

Let’s take a closer look at how we’re leveraging these and other CX Cloud capabilities to benefit our business.

‘Single source of truth’ with 360-degree insights

CX Cloud provides a secure, single source of truth that enables full visibility of our 100,000-plus IT assets (see Figure 1). CX Cloud’s telemetry ensures we always have the latest information pertaining to purchased and connected assets, security advisories, support cases, and individual success tracks.

Because we now have all of our asset information and security advisories in one place, our engineers no longer need to build reports manually or reconcile across platforms. As a result, they expect to boost their efficiency and improve their operational scale by 50 to 60 percent, allowing them to spend more time on innovation. The bottom line: We’re accomplishing much more with the same number of people.

CX Cloud also lets us keep track of on-premises and cloud-based infrastructure across multiple deployments — with tools to search, filter, and see a 360-degree view of an asset’s hardware and software details. We can access contract and coverage details with key support milestones, while also receiving on-demand diagnostic scans and updated advisories.

Figure 1. CX Cloud provides a “single plane of glass” for viewing 100,000+ Cisco IT assets.

Timely expertise with quick resolution and enhanced security

CX Cloud leverages machine learning to analyze our network and generate a prioritized listing of security advisories (alerts), field notices, and priority bugs (see Figure 2). Each security advisory shows the vulnerabilities, the number of affected assets, IP addresses, and actionable data – ultimately helping us drive faster resolution and enhanced security.

Before we had this tool, our engineers would spend as many as three hours analyzing each potentially impacted device. CX Cloud is dramatically reducing the majority of the time it takes to gather the information from multiple sources, giving our engineers opportunities to focus on higher-value activities.

Figure 2. CX Cloud’s advisories help to eliminate security vulnerabilities

With CX Cloud, we can access use-case-guided expertise and lifecycle resources to help us deploy, manage, and optimize our technology while reducing risks. We can leverage a guided adoption journey to help us deploy and optimize specific use cases, with expert advice tailored to our specific progress (see Figure 3).

CX Cloud enables us to gauge our deployment progress using a combination of telemetry insights and manual actions. We can engage with Cisco and partner expert resources such as best-practices webinars and 1-to-1 coaching. We also enjoy access to extensive eLearning catalog and remote practice labs (Level 2), as well as product documentation and communities.

We’ve found the lifecycle section of CX Cloud to be especially useful when we onboard new people. This feature helps keep us moving forward in our transformation journey, without having to backtrack.

Figure 3. CX Cloud’s lifecycle resources provide expert advice, when and where it’s needed

Speedy resolution and simplified case management

With CX Cloud, we can see all open support cases in a handy list view (provided that each viewer on our team is eligible to review those cases). This easy access is available regardless of whether a viewer is the case owner or not. This built-in support is akin to always having a high-touch operations manager at our fingertips, accelerating collaboration and issue resolution.

Figure 4. CX Cloud makes case management easy

Minimize risks with tailored recommendations and insights

CX Cloud delivers deep intelligence and insights into our network and security posture, allowing us to reduce our operational risk. We can view targeted insights and suggestions that help us optimize our business and solve problems before they happen.

For our Catalyst 9500 switches, we receive software recommendations tailored to our assets and configuration – by risk profile. Combined with Cisco DNA Center software image management (SWIM), this helps us automate software upgrades and ensure all the assets are on the same Golden Image.  Our engineering leaders can also see potential crash risks based on known contributing factors, along with tailored recommendations to minimize risks. With Integrated Secure Operations, we also have visibility into license consumption information and features used.

CX Cloud even lets us quickly identify devices with regulatory compliance (e.g., HIPAA, PCI) violations and view recommended fixes.

Figure 5. CX Cloud’s deep insights help solve problems – before they happen

Ultimately, CX Cloud’s comprehensive suite of use-case-driven solutions work together to help us drive business value across architectures. CX Cloud digitally connects us to the right expertise at the right time, with the right level of engagement to achieve our goals – faster.

Source: cisco.com

Continue reading

Create, Document, and Share Live Code Examples with Jupyter Notebook

Q: How do you eat a whale?

A: One bite at a time… or so the saying goes. Admittedly, I don’t know of anyone who eats whale one bite at a time (or any way otherwise for that matter). But we can all agree that breaking large problems into smaller pieces is a valuable arrow in the quiver of problem-solving techniques. It’s a practice that certainly applies in the world of programming.

Once the problem is broken down and implemented, however, how can we convey what we learned to others? One way is using Jupyter Notebook to combine documentation authored in markdown together with live code. As an example, a developer writes small blocks of Python to vet an algorithm, a function, or syntax. Once verified, it is documented, saved, and the code is then added to the IDE, such as VSCode, where the main Python code is developed.

This post shows a simple Python example that retrieves physical compute inventory claimed in Cisco Intersight. In this example, the items in the inventory are UCS X-Series compute nodes managed by IMM (Cisco Intersight Managed Mode).

What is Jupyter Notebook?

Jupyter Notebook is an open-source web application used to create and share code along with narrative text. It’s used extensively in academia especially by data scientists. If you have experience with Python you may be familiar with IDLE (see the screenshot below). IDLE lets you execute Python code directly from the command line without needing to run a *.py file. You run your line(s) of code and verify things work and when you are finished, you close your session with <cntrl><d> and you move on with life. What if you wanted to share what you tried with someone else? Assuming you copy/pasted the contents of your shell session, would someone else be able to understand what the flow of what you were trying? Could you refer to it later and understand the flow of what you did?

IDLE does the job but it has limitations when it comes to documenting and sharing ideas. Enter Jupyter Notebook, an interactive way of documenting and executing live code from a web-based interface. It runs as an interactive web application supporting markdown and code execution with support for over 100 programming languages (called “kernels”) including Python, PowerShell, and Matlab just to name a few. I’ll show you examples in both Python and PowerShell since those are commonly used to interface with Cisco compute API’s.  

How Jupyter Notebook works – A very simple tutorial

First, be sure to first install Jupyter Notebook if it’s not already on your machine. Once installed, you can launch the browser by entering the command jupyter notebook from the command line. When the command is executed a new browser tab opens with the Jupyter notebook interface. 

In the example below, we use Python 3 as our language of choice with the first entry authored with markdown and the second “hello world” passed to the print function. For the first entry, select Markdown as the type of content to run, enter markdown syntax, followed by simultaneously pressing the <shift> and <enter> keys and voila! The markdown is rendered.

In the next entry, select Code from the highlighted pulldown, enter one or more lines of code, followed by simultaneously pressing <shift> and <enter>. The code runs and the results are displayed just below the code. Well, that was easy!

Pro Tip: Not sure what to pass else you can pass to print? Select the field where you entered the print function and followed by simultaneously pressing the <shift> and <tab> keys. You will see a documentation snippet describing the function.

Show Me a Real-World Example

The examples above are right up there with the ‘hello world’ examples you undoubtedly encountered when learning a new language. Next, let us dive into the real-world scenario of calling the Intersight API to retrieve a list of physical compute items from claimed inventory while documenting how you accomplished it.

The specifics of how to go about making the code authenticate and such are covered in the file itself for this post, the example is cut back for brevity, but you can download the code from DevNet’s Code Exchange if you would like to follow along and try it. The examples available in Python and PowerShell.

Here are the steps taken to retrieve physical compute inventory:

◉ Import the necessary Python modules

◉ Populate the AUTH variable and define the base URL

◉ Run a GET operation on the URI of compute/PhysicalSummaries

◉ Inspect the JSON data returned by the call

◉ Print the results

Documenting and Executing Code

In step 1 below, you see these steps in action broken apart into smaller pieces along with documentation explaining what each step does along with the live code. If fact, we do not need to discuss the steps in this blog since it is already contained in the Jupyter Notebook. Instead, we pass along a few pro tips.

In Step 2, instructions for installing the Python SDK and importing modules are provided with the code for each just below it. Pressing <shift><enter> runs the code and produces a result. The number of lines to execute is up to you and the instructions executed remain in memory.

Pro tip: JSON responses are often lengthy. To manage how you view the output, click the output cell, in this case cell 23. Click once and you see the smaller scrollable window, click twice and you see the full-length listing. If you double-click, the data is hidden. The screenshot below shows the cells with the results hidden.

Finally, if you skip ahead to step 6 you will see the number of UCS X-Series compute nodes currently in our inventory along with how the hardware is completely managed by Intersight by virtue of its management mode also known as IMM (Intersight Management Mode).

Source: cisco.com

Continue reading

Flexible Hybrid Cloud Networking with Infrastructure as Code and Cisco Nexus Dashboard

Applications are becoming the most visible aspect of an organization’s brand. The performance, usability, and reachability of branded apps are of utmost importance since they are a primary interface to customers. To keep up with evolving customer expectations, developers and operations teams are rapidly adopting design patterns using containers and microservices for continuous integration and continuous delivery (CI/CD). In order to enable these innovations to deliver a competitive customer experience, IT relies more and more on a hybrid cloud model.

The enterprise cloud network—including the WAN—keeps application components securely connected and operating in a predictable and performant way. In this sense, the network is an intrinsic part of modern application design and plays an essential role in maintaining KPIs that protect the brand as customers depend on applications to accomplish their daily tasks, including essential services where availability is crucial. Being able to safely automate workflows and have deep visibility into the cloud network, compute infrastructure, and applications has always been a critical need for IT organizations—and even more so in the new hybrid world.

But Hybrid Cloud Gets Challenging

Deploying applications in the cloud is relatively simple for new cloud-native applications. According to IDC research, to gain business agility, enterprises are committing to modernize more than half of their existing applications by 2022, leveraging cloud-native application architectures as a means of achieving their goals.* That’s a significant portion of existing application deployments. For many organizations refactoring these applications to a cloud-native foundation will include integration with exisiting data center services and data repositories, while taking advantage of embedded security policies to protect payment and personal information. This is accelerating the rise of hybrid applications.

The transition to hybrid-cloud introduces new challenges, like the many individual services on a smart watch pulling data from a plethora of sources, but hyper-scaled to serve millions of clients. Established services in an on-premises data center need to be easily accessible to cloud application containers, such as when a cloud-native shopping cart needs to access the payment information on the PCI island in the private data center. The entire communication path needs protection with guaranteed levels of service.

Hybrid cloud requires a simple-to-use, centralized cloud networking platform built to support multiple operator personas—NetOps, DevOps, and CloudOps—to manage a constantly changing constellation of services, data sources, and connections. Historically, provisioning a new application required a handshake between DevOps and NetOps, with NetOps configuring the network before DevOps could deploy the application. This was a manual, error prone process, assuming static dependencies, thus reducing the velocity of change. Thankfully, the increasing adoption of Infrastructure as Code (IaC) tools is helping automate and simplify management of the complex interactions among data centers, hybrid-clouds, networks, and compute infrastructure.

Infrastructure as Code Is the Operational Link Between DevOps and NetOps

IaC automation capabilities are critical for DevOps teams for automating provisioning of cloud infrastructure. DevOps teams can rely on a consistent automation model for infrastructure and workloads across the edge, co-locations, data centers, and public clouds. Depending on the desired outcome, IT teams can leverage IaC tools such as HashiCorp Terraform and Red Hat Ansible, interacting with either Cisco Nexus Dashboard for managing cloud networking services or through Cisco Intersight to manage compute resources.

NetOps can now expose infrastructure services for consumption by the DevOps and CloudOps teams via the Cisco Nexus Dashboard. Using HashiCorp Consul Terraform Sync with Nexus Dashboard, DevOps can directly drive the infrastructure changes needed for application deployment and management while enabling NetOps to monitor the progress in real time, across the global infrastructure. This is made possible by the automation capabilities of Cisco Nexus Dashboard enabling rapid deployment of services, CI/CD pipelines, and seamless collaboration between DevOps, CloudOps, and NetOps.

Take, for example, a Development Team working with the Nexus Dashboard owner to package connectivity permissions for a hybrid-cloud application in an IaC Plan/Playbook. NetOps can use Nexus Dashboard to define the secure connections needed for the application to function among clouds and on-premises services—and only those services. This alleviates the need for DevOps to define and keep track of the network permissions needed for the application. DevOps can make functional changes to a Plan/Playbook using the existing infrastructure and connectivity requirements or NetOps can add new resource connections as needed for updates.

Integrating On-Premises IaC with Cisco Nexus Dashboard

Learning the Ways of IaC for Network Operations

NetOps teams, one of the key operators of Nexus Dashboard, have an opportunity to not only provide valuable assists to DevOps to keep applications up to date and running efficiently, but also to advance their professional career. Learning the principles of IaC by using Terraform or Ansible is an essential skillset that will become even more valuable as organizations continue their move to hybrid application architectures and hybrid cloud operations. To support this learning journey, Cisco DevNet provides classes, learning labs, videos, and sandboxes for experimenting with IaC and Nexus Dashboard services such as Nexus Dashboard Orchestrator. These educational opportunities enable a more productive partnership between NetOps and DevOps teams, improving the deployment and upkeep of vital applications.

Working Together with Cisco Nexus Dashboard and Cisco Intersight

Today, IT teams that base workflows on Cisco Intersight can seamlessly take advantage of Cisco Intersight Service for HashiCorp Terraform. Likewise, network operation teams using Nexus Dashboard as their cloud networking platform will be able to take advantage of Cisco Nexus Dashboard support for HashiCorp Terraform cloud agents. Cisco offers IT teams the flexibility to incorporate IaC models no matter which infrastructure management platform or toolchains they employ to ensure the desire outcomes. With both approaches, Cisco Solution Support provides a single point of contact to support the integration of Nexus Dashboard and Intersight with Terraform Cloud for Business.

Integrating On-Premises IaC with Cisco Intersight

Source: cisco.com

Continue reading