BRKCLD-1823

Building Cisco IT Cloud

Tom Deckers – Principal Engineer Cloud Infrastructure & Platform Services What does your cloud look like? What cloud?

BRKCLD-1823 © 2019 Cisco and/or its affiliates. All rights reserved. Cisco Public 3 Agenda • It’s a Multicloud world

• Introducing Cisco IT Cloud

• User experience

• Day 1 – onboarding & provisioning

• Day 2 – assurance & policies

• Cloud Operating Model

• Getting smarter

• Looking ahead

BRKCLD-1823 © 2019 Cisco and/or its affiliates. All rights reserved. Cisco Public 4 Speaker

Tom Deckers Principal Engineer, Cisco Cloud Infrastructure and Platform Services [email protected] tomdeckers @tdeckers It’s a Multicloud World Cisco: A Spectrum of Workloads

2500 Business apps & 50 engineering apps 90 SaaS assets 500 SaaS In Use (for 40k developers) (revenue gathering)

Multi Cloud Operating Model

Baremetal Virtual VM Private Cloud Public Clouds UCS x86

On Prem Public

BRKCLD-1823 © 2019 Cisco and/or its affiliates. All rights reserved. Cisco Public 7 Infra 2020 – The right infra for your workload

Shared IT Multi-tenant Platform Programmatic

Day 2 connected Cloud Native automation dev experience

Lifecycle Compliance Clean platform Assurance Multicloud enablement Corrective actions Current-Gen Cloud-Native Programmable foundation (Platform 2) (Platform 3) Use case: CAE & OPL Use case: IAC ACI OpenStack Container Platform Infrastructure as Code UCS/VM Kubernetes Order Processing Layer SAN & NAS SD: ACI/UCS

Accelerate

Quality Speed Cost

BRKCLD-1823 © 2019 Cisco and/or its affiliates. All rights reserved. Cisco Public 8 Opportunity 1 - Cloud Native Applications

“An approach to build and run applications that fully exploits the advantages of the model” [Pivotal].

1 2 3 4 5

High Availability Zero Downtime Higher Increased Multicloud and Maintenance & Performance & Business Agility Portable Fault Tolerance Deployments Scalability

BRKCLD-1823 © 2019 Cisco and/or its affiliates. All rights reserved. Cisco Public 9 Use case P3: Always on Booking Order Processing Layer (OPL)

Where We Are Today: Business Impact (since November 2018) • 5,000+ SaaS subscriptions processed • Increasing monthly subscription revenue

Key Requirements: Resiliency • Always on booking • Zero-downtime Deploy: • Modern, scalable architecture 5 infra + 3 business changes Sept / Oct • Loosely coupled integrations Performance • Exposed services response time: seconds  <500ms • Event publish to consume: minutes  milliseconds Velocity • 2x scope @ 2x speed

BRKCLD-1823 © 2019 Cisco and/or its affiliates. All rights reserved. Cisco Public 10 OPL: Platform

60 Tables 17 Collections Peak Volume: ~100K Lines/Day Peak Transactions: ~200K/Hour Total Database Size: 2TB Large Collection size: ~150GB

AppDynamics MongoDB OPS Manager CLIP: App logs

BRKCLD-1823 © 2019 Cisco and/or its affiliates. All rights reserved. Cisco Public 11 Opportunity 2 - Foundation for Middleware Offering

Programmability Foundation Operating Model Transparent

Industry Standard APIs and OpenStack Cloud provides Consistent operating models Clients do not need to know Telemetry tools to for required compute, storage, across teams. All follow (or care) about foundation. Middleware services to access and configuration same Change, Maintenance Utilize Unified onboarding manage footprint. All and Release processes mechanism for required services are code services

BRKCLD-1823 © 2019 Cisco and/or its affiliates. All rights reserved. Cisco Public 12 Current Footprint • 3 regions, 3 zones • 27k containers Container Platform • 800+ apps migrated

MCMP

Provisioning Customers, Employees, Partners Global Service Load Balancer CoDE & SDaaS CI / CD

CAE API

Management Developers CLIP & Splunk Assurance VM VM VM VM VM VM VM VM VM

Developer Experience RCDN Data Center ALLN Data Center RTP Data Center

Cisco IT Cloud IaaS Platform Assurance

SDx Automation

Operators BRKCOC-2016

BRKCLD-1823 © 2019 Cisco and/or its affiliates. All rights reserved. Cisco Public 13 Container Platform

Operations User Assurance Efficiency Experience

Builds: Faster issue to Migrated ~1K Months to Hours resolution apps into the platform

BRKCLD-1823 © 2019 Cisco and/or its affiliates. All rights reserved. Cisco Public 14 Introducing Cisco IT Cloud Why private cloud?

Security Vendor solutions

Data Control

BRKCLD-1823 © 2019 Cisco and/or its affiliates. All rights reserved. Cisco Public 16 Cisco IT Cloud Evolution

GLOBAL DATA CENTER MULTICLOUD VISION STRATEGY STRATEGY

Past Future TRANSFORMATION Growth Speed Operating Traditional Cloud Enablement Model Provisioning UI API UI / API Manual Driven Architecture Integrated Cloud Native Service App/Data Transformation Transformation Driven by Limited Software Automation Defined Software-Defined Everything Resiliency Intelligence Resiliency App Level Cloud Native Capacity Capacity (Build) (Optimize & Extend) Security Enforced Pervasive Customer Mostly IT All 2007-2015 Today & Future Base

© 2019 Cisco and/or its affiliates. All rights reserved. Cisco Public Introducing New Cloud Platform

On Premise Programmatic Infrastructure with a Cloud Operating Model bringing availability and speed to Cloud Native Applications.

API Driven Unified Cloud Flexible With SLO Onboarding Operating Consumption contract Self-Service Model and no lock “non- in blocking”

Private Cloud Open to all in Cisco

BRKCLD-1823 © 2019 Cisco and/or its affiliates. All rights reserved. Cisco Public 18 Cisco IT Cloud Stack

RunOn.cisco.com

Client

Multicloud Manager (MCMP) APIs, Automation and NoSQL CAE, K8saaS Custom Applications Data Driven DBs Operations Containers Cloud DB Client Virtual enable Machines Software Defined OpenStack Project (IaaS) Everything ACI Plugin, Cloud Compute, Storage, Backup, Load Balancers, SSL certs (future) (SDx) ACI Fabric, DMZ, GSLB/GSS (future)

BRKCLD-1823 © 2019 Cisco and/or its affiliates. All rights reserved. Cisco Public 19 aaS Framework

Create the Feature Documentation

Product Planning and Dependency Communications Terms and Conditions RunOn Development Tracking Terms & Conditions JIRA Epic / User Story LA Internal and External RunOn Catalog Overview Pages Update Tracking GA Internal and External Operating Model Updates How-Tos Help and Support Approvals Client Webinars Internal TOIs Definition of Done Executive Policy / Costing Update Webinars Offer the Service Support

Multicloud Manager Customer Support Customer Success Management Platform Support

Driver Update At Your Service Setup CSM TOIs On Call Process

UI Update Click to Spark Setup Incident Management

Defined MOPs / Support Pricing Logic Escalation Process Service Request Process

Development Release & Change Capacity and Security Pricing, Metering & CMDB/ESP Assurance Management Metrics Billing

Release Process Service Offering Defined / SDLC/PipelineCSDL Integration Capacity Process Defined PSB, Guard Rails, CATO TCO Calculation Internal Assurance Deployment Changed

Underlying Capacity Thresholds Code Check-In Maintenance Windows USM, Qualys Integration into Metering Business App Registration Logging Services Defined Change Review Groups Metric Requirements and CI Registration & Cluster Science Logic / Unified JIRA Tracking BAVA, DAVA Billing Process Created Process Defined Assignment Monitoring

Change / Release Metric Dashboard App Endpoint Registration SLI Monitors and InfoSec Sign-off Published Pricing Model Mappings Requirements Defined & Cluster Assignment Dashboards Agenda • It’s a Multicloud world

• Introducing Cisco IT Cloud

• User experience

• Day 1 – onboarding & provisioning

• Day 2 – assurance & policies

• Cloud Operating Model

• Getting smarter

• Looking ahead

BRKCLD-1823 © 2019 Cisco and/or its affiliates. All rights reserved. Cisco Public 21 User Experience Cisco IT Cloud

runon.cisco.com eStore Learn Choose Help & Support

(Adobe Experience Manager) (CPO + PSC)

Multicloud Manager

Cloud Manager “Platform 2”

Public Cloud Cisco IT Cloud

BRKCLD-1823 © 2019 Cisco and/or its affiliates. All rights reserved. Cisco Public 23 BRKCLD-1823 © 2019 Cisco and/or its affiliates. All rights reserved. Cisco Public 24 BRKCLD-1823 © 2019 Cisco and/or its affiliates. All rights reserved. Cisco Public 25 CodeOn & CloudPractice

BRKCLD-1823 © 2019 Cisco and/or its affiliates. All rights reserved. Cisco Public 26 Managed Infrastructure Services (MIS) 'Accelerate' your Run the Business Infra needs 'Transform' Focused on simplifying and providing a seamless, consistent the way you manage Infra Step up and digitized managed infrastructure experience to meet your to the business outcomes. Next Gen

Foundation Acceleration Transformation Single Platform for Infra requests Leveraging state of art Streamlined E2E process flow (on-prem/cloud) automation technologies to have on demand infrastructure

BRKCLD-1823 © 2019 Cisco and/or its affiliates. All rights reserved. Cisco Public 27 Agenda • It’s a Multicloud world

• Introducing Cisco IT Cloud

• User experience

• Day 1 – onboarding & provisioning

• Day 2 – assurance & policies

• Cloud Operating Model

• Getting smarter

• Looking ahead

BRKCLD-1823 © 2019 Cisco and/or its affiliates. All rights reserved. Cisco Public 28 Day 1 Cloud Manager Architecture

Application Orchestration Users

• Composite deployments (profile) • Application Lifecycle Management • Continuous Delivery

Multi-Cloud Management Platform (MCMP) MCMP Ops

• HR API API • AD • Portfolio Cloud Service Tenant Cloud Services Metering & • Budgets Management IAM Management Management Billing • CMDB

API Cloud Services Service Providers

Cloud Console (UI) Console Cloud • Service Automation & API API • Service unit & cost Cloud Service • Service assurance Consumption EMEA RTP RCDN ALLN APAC [Other/Eng/AWS]

BRKCLD-1823 © 2019 Cisco and/or its affiliates. All rights reserved. Cisco Public 30 ServiceNow Single Sign On Enterprise Integration Client Support & Directory (HRMS)

FY Planning & Budgets ServiceNow IT Portfolio

Active Directory & Groups

BRKCLD-1823 © 2019 Cisco and/or its affiliates. All rights reserved. Cisco Public 31 Continuous Security Buddy – Automation

Security Automation Cisco AWS Tenant Account

AWS Continous Security AWS Security Cloud 1 Validation Trusted Formation AWS Audit role Tagging  Advisor Templates Lambda CSB Account

AWS * 2 Log Monitoring ($ ) Amazon *Cost based on log size Cloud Log Security Monitoring Kinesis Trail Bucket Analytics Logs Logs CSIRT Account 3 Cisco SSO (CEC) MF AM Strong Identity Cisco Enterprise SSO A

Cloud Security 4 Self Security validation Buddy (CSB) Security Config Rules AWS Config Rules

BRKCLD-1823 © 2019 Cisco and/or its affiliates. All rights reserved. Cisco Public 32 Day 2 Inventory

BRKCLD-1823 © 2019 Cisco and/or its affiliates. All rights reserved. Cisco Public 34 Support, SLO and Monitoring

Client Support Offering SLO • Self-Managed Support • SLO Target is 99.9% • Managed Infrastructure Service

Assurance • Full monitoring and logging stack and synthetic tests

BRKCLD-1823 © 2019 Cisco and/or its affiliates. All rights reserved. Cisco Public 35 BRKCLD-1823 © 2019 Cisco and/or its affiliates. All rights reserved. Cisco Public 36 IF [capacity > 75%] THEN scale_up() Container Platform

MCMP

Provisioning Customers, Employees, Partners Global Service Load Balancer CoDE & SDaaS CI / CD

CAE API

Management Developers CLIP & Splunk Assurance VM VM VM VM VM VM VM VM VM

Developer Experience RCDN Data Center ALLN Data Center RTP Data Center

Cisco IT Cloud IaaS Platform Assurance

SDx Automation

Operators

BRKCLD-1823 © 2019 Cisco and/or its affiliates. All rights reserved. Cisco Public 37 Cost Management

Tenant View Provider View

Spend “Revenue”

Budget limits Client distribution

Approvals Capacity trends

BRKCLD-1823 © 2019 Cisco and/or its affiliates. All rights reserved. Cisco Public 38 Agenda • It’s a Multicloud world

• Introducing Cisco IT Cloud

• User experience

• Day 1 – onboarding & provisioning

• Day 2 – assurance & policies

• Cloud Operating Model

• Getting smarter

• Looking ahead

BRKCLD-1823 © 2019 Cisco and/or its affiliates. All rights reserved. Cisco Public 39 Operating Model

Presentation ID 4 0 What Does SDx Look like…

Autonomic Operations– Systems configurations self-healing easily deployed & infrastructure services Item 1 Item 2 managed as code

Systems are easily Work tracked & run in Common reproduced & discarded Jira using full theme or on-demand DevSecOps principles goal

Continual review & Item 3 Item 4 On-demand @Scale– improvement to ensure DevSecOps compliance & delivery and skill acceleration

BRKCLD-1823 © 2019 Cisco and/or its affiliates. All rights reserved. Cisco Public 41 Where are We Now 2019 SDx Norming 2018 SDx Storming 2016 - 2017 GIS SRE / SDx Early Adoption 1 IAC Maturity

2014 - 2016 Scope Expansion: SRE; 2 Quality Engineering IT Agile 1 Security; LC Digitization; Transformation IAC Platforms Security / CSDL for 1 Drive DevOps Mindset 3 Institutionalize an Agile Enterprise Adopt Agile 2 2 Framework (SAFe) 1 Change life of IT (Scrum/Kanban) development team 3 DevSecOps 3 Prioritize Four 2 E2E SDLC tool chain Foundational SRE Pillars Team level Agile 3 maturity  320 Projects (+68%)

 Slow Velocity; High  Overall 30k Jira stories Learning completed (+289%)  Lack of Infra  190 Projects programmability limits wide-spread GIS  Overall 7,700 Jira stories participation completed

BRKCLD-1823 © 2019 Cisco and/or its affiliates. All rights reserved. Cisco Public 42 Our DevSecOps Operating Model

Client Stakeholders Clients

Client Client Driven Client Engagement Operations Customer Success

Communications

Vision, Chief Product Strategy and Architects Prioritization Owner

Scrum Scrum PO/ Scrum PO/ Scrum PO/ Scrum PO/ Scrum PO/ Scrum PO Organization Master Lead Master Lead Master Lead Master Lead Master Lead Master

Development Compute, Service SDLC and Storage, Assurance & & Operations Platform Automated CMDB Practice

Network Metrics QA Technology Technology Driven

BRKCOC-2025 © 2019 Cisco and/or its affiliates. All rights reserved. Cisco Public 43 BRKCOC-2025 © 2019 Cisco and/or its affiliates. All rights reserved. Cisco Public 44 Release Process

Product Feature/Defect Approve Approve High Prioritization Definition of Done Management Impact Changes

Sprint Feature Development Complete Scheduled Deploy to Planning (Code Commits) Definition of Done Change Production in Scrum Change Window Teams Pipeline Integration Deploy to Test Non-prod

Release Automation SDLC Pipeline

Monitor during and following CR Support Ops Identify defects from CR

Release Oversee the process - Tracking, Status, Reporting – Dashboard (Jira) Manager

BRKCLD-1823 © 2019 Cisco and/or its affiliates. All rights reserved. Cisco Public 45 Agenda • It’s a Multicloud world

• Introducing Cisco IT Cloud

• User experience

• Day 1 – onboarding & provisioning

• Day 2 – assurance & policies

• Cloud Operating Model

• Getting smarter

• Looking ahead

BRKCLD-1823 © 2019 Cisco and/or its affiliates. All rights reserved. Cisco Public 46 We got smarter!

Presentation ID 4 7 Key Learnings

1 2 3

Focus Executive Buy In SDx Fits All P3 eco-system Top down support Small to Large SW and Infra

4 5 Tools Talent Release process and All Roles toolset changes Training & Hires BRKCLD-1823 © 2019 Cisco and/or its affiliates. All rights reserved. Cisco Public 48 Application Transformation in real life

Planned

Actual

BRKCLD-1823 © 2019 Cisco and/or its affiliates. All rights reserved. Cisco Public 49 Cloud Native Transformation Awareness & Motivation Developer Up-Skilling Organization Evolution SW Engineering Excellence

Programmable Infra Containers CloudDB CI/CD Multi-cloud Cloud Native

Release Management Change Management Operating Model Automated Testing Frameworks

BRKCLD-1823 © 2019 Cisco and/or its affiliates. All rights reserved. Cisco Public 50 Developer Tools It’s an eco-system CI/CD QA / Testing Version Control Security Scans

Artifact repo Config Management

Container repo OS images

Applications

Error notifications Request Mgmt Compliance DMZ

SLO Management Cost Management Secrets PaaS Orchestration

Health / Status Billing Tenant Mgmt Certificates Cassandra Messaging Cloud Interconnect API GW Metrics / Monitoring Active Directory DDoS protect Mongo GSLB Azure

Log management Cloud API SSO DMZ Containers DNS GCP

Event management Console / CLI IAM IaaS AWS

Management Security, Identity, Compliance “Runtime Service” Public “Runtime”

BRKCLD-1823 © 2019 Cisco and/or its affiliates. All rights reserved. Cisco Public 51 The future is bright!

(and busy!) Top Customer Asks

Stability DMZ Type 1,2,3 Capacity CATO DNSaaS

Engineering DRS GPU Regional Clouds File Store Object Storage and Performance

BRKCLD-1823 © 2019 Cisco and/or its affiliates. All rights reserved. Cisco Public 53 Multicloud 2-year vision “Manage workloads across multicloud” AWS GCP

account project

workloads workloads

Containers Containers

Security Security

Secure Cloud Interconnect

Security Management Analytics workloads Cloud Center Suite AppDynamics • Account Management Containers • Cost Management • Policy Management Cisco DC Tetration Analytics • Application Management

Private DC – Cisco HW StealthWatch

BRKCLD-1823 © 2019 Cisco and/or its affiliates. All rights reserved. Cisco Public 54 Cloud Center Suite

BRKCLD-1823 © 2019 Cisco and/or its affiliates. All rights reserved. Cisco Public 55 Your turn?

• Do you know what your users want? What workloads do you target?

• Who are you building for? (hint: the developer)

• User experience? Don’t forget APIs, …

• Portfolio: what services exist

• Maturity: do all service meet basic requirements? Do you know your SLO’s? Are you building an eco-system?

• How are you organized? Do you have the right talent?

© 2019 Cisco and/or its affiliates. All rightsPhoto reserved. by Glen Cisco PublicCarrie on Unsplash Cisco Webex Teams

Questions? Use Cisco Webex Teams (formerly Cisco Spark) to chat with the speaker after the session How 1 Find this session in the Cisco Events Mobile App 2 Click “Join the Discussion” 3 Install Webex Teams or go directly to the team space 4 Enter messages/questions in the team space cs.co/ciscolivebot#BRKCLD-1823

BRKCLD-1823 © 2019 Cisco and/or its affiliates. All rights reserved. Cisco Public 57 Complete your online session survey

• Please complete your Online Session Survey after each session

• Complete 4 Session Surveys & the Overall Conference Survey (available from Thursday) to receive your Cisco Live T- shirt

• All surveys can be completed via the Cisco Events Mobile App or the Communication Stations

Don’t forget: Cisco Live sessions will be available for viewing on demand after the event at ciscolive.cisco.com

BRKCLD-1823 © 2019 Cisco and/or its affiliates. All rights reserved. Cisco Public 58 Continue Your Education

Related Demos in Walk-in Meet the sessions the Cisco self-paced engineer Showcase labs 1:1 meetings

BRKCLD-1823 © 2019 Cisco and/or its affiliates. All rights reserved. Cisco Public 59 Thank you

BRKCLD-1823 © 2019 Cisco and/or its affiliates. All rights reserved. Cisco Public 62 BRKCLD-1823 © 2019 Cisco and/or its affiliates. All rights reserved. Cisco Public 63 TODO: need to break this slide into separate graphic and simplify Container Platform

BRKCLD-1823 © 2019 Cisco and/or its affiliates. All rights reserved. Cisco Public 64