BRKCLD-1823
Building Cisco IT Cloud
Tom Deckers – Principal Engineer Cloud Infrastructure & Platform Services What does your cloud look like? What cloud?
BRKCLD-1823 © 2019 Cisco and/or its affiliates. All rights reserved. Cisco Public 3 Agenda • It’s a Multicloud world
• Introducing Cisco IT Cloud
• User experience
• Day 1 – onboarding & provisioning
• Day 2 – assurance & policies
• Cloud Operating Model
• Getting smarter
• Looking ahead
BRKCLD-1823 © 2019 Cisco and/or its affiliates. All rights reserved. Cisco Public 4 Speaker
Tom Deckers Principal Engineer, Cisco Cloud Infrastructure and Platform Services [email protected] tomdeckers @tdeckers It’s a Multicloud World Cisco: A Spectrum of Workloads
2500 Business apps & 50 engineering apps 90 SaaS assets 500 SaaS In Use (for 40k developers) (revenue gathering)
Multi Cloud Operating Model
Baremetal Virtual VM Private Cloud Public Clouds UCS x86
On Prem Public
BRKCLD-1823 © 2019 Cisco and/or its affiliates. All rights reserved. Cisco Public 7 Infra 2020 – The right infra for your workload
Shared IT Multi-tenant Platform Programmatic
Day 2 connected Cloud Native automation dev experience
Lifecycle Compliance Clean platform Assurance Multicloud enablement Corrective actions Current-Gen Cloud-Native Programmable foundation (Platform 2) (Platform 3) Use case: CAE & OPL Use case: IAC ACI OpenStack Container Platform Infrastructure as Code UCS/VM Kubernetes Order Processing Layer SAN & NAS SD: ACI/UCS
Accelerate
Quality Speed Cost
BRKCLD-1823 © 2019 Cisco and/or its affiliates. All rights reserved. Cisco Public 8 Opportunity 1 - Cloud Native Applications
“An approach to build and run applications that fully exploits the advantages of the cloud computing model” [Pivotal].
1 2 3 4 5
High Availability Zero Downtime Higher Increased Multicloud and Maintenance & Performance & Business Agility Portable Fault Tolerance Deployments Scalability
BRKCLD-1823 © 2019 Cisco and/or its affiliates. All rights reserved. Cisco Public 9 Use case P3: Always on Booking Order Processing Layer (OPL)
Where We Are Today: Business Impact (since November 2018) • 5,000+ SaaS subscriptions processed • Increasing monthly subscription revenue
Key Requirements: Resiliency • Always on booking • Zero-downtime Deploy: • Modern, scalable architecture 5 infra + 3 business changes Sept / Oct • Loosely coupled integrations Performance • Exposed services response time: seconds <500ms • Event publish to consume: minutes milliseconds Velocity • 2x scope @ 2x speed
BRKCLD-1823 © 2019 Cisco and/or its affiliates. All rights reserved. Cisco Public 10 OPL: Platform
60 Tables 17 Collections Peak Volume: ~100K Lines/Day Peak Transactions: ~200K/Hour Total Database Size: 2TB Large Collection size: ~150GB
AppDynamics MongoDB OPS Manager CLIP: App logs
BRKCLD-1823 © 2019 Cisco and/or its affiliates. All rights reserved. Cisco Public 11 Opportunity 2 - Foundation for Middleware Offering
Programmability Foundation Operating Model Transparent
Industry Standard APIs and OpenStack Cloud provides Consistent operating models Clients do not need to know Telemetry tools to for required compute, storage, across teams. All follow (or care) about foundation. Middleware services to access and configuration same Change, Maintenance Utilize Unified onboarding manage footprint. All and Release processes mechanism for required services are code services
BRKCLD-1823 © 2019 Cisco and/or its affiliates. All rights reserved. Cisco Public 12 Current Footprint • 3 regions, 3 zones • 27k containers Container Platform • 800+ apps migrated
MCMP
Provisioning Customers, Employees, Partners Global Service Load Balancer CoDE & SDaaS CI / CD
CAE API
Management Developers CLIP & Splunk Assurance VM VM VM VM VM VM VM VM VM
Developer Experience RCDN Data Center ALLN Data Center RTP Data Center
Cisco IT Cloud IaaS Platform Assurance
SDx Automation
Operators BRKCOC-2016
BRKCLD-1823 © 2019 Cisco and/or its affiliates. All rights reserved. Cisco Public 13 Container Platform
Operations User Assurance Efficiency Experience
Builds: Faster issue to Migrated ~1K Months to Hours resolution apps into the platform
BRKCLD-1823 © 2019 Cisco and/or its affiliates. All rights reserved. Cisco Public 14 Introducing Cisco IT Cloud Why private cloud?
Security Vendor solutions
Data Control
BRKCLD-1823 © 2019 Cisco and/or its affiliates. All rights reserved. Cisco Public 16 Cisco IT Cloud Evolution
GLOBAL DATA CENTER MULTICLOUD VISION STRATEGY STRATEGY
Past Future TRANSFORMATION Growth Speed Operating Traditional Cloud Enablement Model Provisioning UI API UI / API Manual Driven Architecture Integrated Cloud Native Service App/Data Transformation Transformation Driven by Limited Software Automation Defined Software-Defined Everything Resiliency Intelligence Resiliency App Level Cloud Native Capacity Capacity (Build) (Optimize & Extend) Security Enforced Pervasive Customer Mostly IT All 2007-2015 Today & Future Base
© 2019 Cisco and/or its affiliates. All rights reserved. Cisco Public Introducing New Cloud Platform
On Premise Programmatic Infrastructure with a Cloud Operating Model bringing availability and speed to Cloud Native Applications.
API Driven Unified Cloud Flexible With SLO Onboarding Operating Consumption contract Self-Service Model and no lock “non- in blocking”
Private Cloud Open to all in Cisco
BRKCLD-1823 © 2019 Cisco and/or its affiliates. All rights reserved. Cisco Public 18 Cisco IT Cloud Stack
RunOn.cisco.com
Client
Multicloud Manager (MCMP) APIs, Automation and NoSQL CAE, K8saaS Custom Applications Data Driven DBs Operations Containers Cloud DB Client Virtual enable Machines Software Defined OpenStack Project (IaaS) Everything ACI Plugin, Cloud Compute, Storage, Backup, Load Balancers, SSL certs (future) (SDx) ACI Fabric, DMZ, GSLB/GSS (future)
BRKCLD-1823 © 2019 Cisco and/or its affiliates. All rights reserved. Cisco Public 19 aaS Framework
Create the Feature Documentation
Product Planning and Dependency Communications Terms and Conditions RunOn Development Tracking Terms & Conditions JIRA Epic / User Story LA Internal and External RunOn Catalog Overview Pages Update Tracking GA Internal and External Operating Model Updates How-Tos Help and Support Approvals Client Webinars Internal TOIs Definition of Done Executive Policy / Costing Update Webinars Offer the Service Support
Multicloud Manager Customer Support Customer Success Management Platform Support
Driver Update At Your Service Setup CSM TOIs On Call Process
UI Update Click to Spark Setup Incident Management
Defined MOPs / Support Pricing Logic Escalation Process Service Request Process
Development Release & Change Capacity and Security Pricing, Metering & CMDB/ESP Assurance Management Metrics Billing
Release Process Service Offering Defined / SDLC/PipelineCSDL Integration Capacity Process Defined PSB, Guard Rails, CATO TCO Calculation Internal Assurance Deployment Changed
Underlying Capacity Thresholds Code Check-In Maintenance Windows USM, Qualys Integration into Metering Business App Registration Logging Services Defined Change Review Groups Metric Requirements and CI Registration & Cluster Science Logic / Unified JIRA Tracking BAVA, DAVA Billing Process Created Process Defined Assignment Monitoring
Change / Release Metric Dashboard App Endpoint Registration SLI Monitors and InfoSec Sign-off Published Pricing Model Mappings Requirements Defined & Cluster Assignment Dashboards Agenda • It’s a Multicloud world
• Introducing Cisco IT Cloud
• User experience
• Day 1 – onboarding & provisioning
• Day 2 – assurance & policies
• Cloud Operating Model
• Getting smarter
• Looking ahead
BRKCLD-1823 © 2019 Cisco and/or its affiliates. All rights reserved. Cisco Public 21 User Experience Cisco IT Cloud
runon.cisco.com eStore Learn Choose Help & Support
(Adobe Experience Manager) (CPO + PSC)
Multicloud Manager
Cloud Manager “Platform 2”
Public Cloud Cisco IT Cloud
BRKCLD-1823 © 2019 Cisco and/or its affiliates. All rights reserved. Cisco Public 23 BRKCLD-1823 © 2019 Cisco and/or its affiliates. All rights reserved. Cisco Public 24 BRKCLD-1823 © 2019 Cisco and/or its affiliates. All rights reserved. Cisco Public 25 CodeOn & CloudPractice
BRKCLD-1823 © 2019 Cisco and/or its affiliates. All rights reserved. Cisco Public 26 Managed Infrastructure Services (MIS) 'Accelerate' your Run the Business Infra needs 'Transform' Focused on simplifying and providing a seamless, consistent the way you manage Infra Step up and digitized managed infrastructure experience to meet your to the business outcomes. Next Gen
Foundation Acceleration Transformation Single Platform for Infra requests Leveraging state of art Streamlined E2E process flow (on-prem/cloud) automation technologies to have on demand infrastructure
BRKCLD-1823 © 2019 Cisco and/or its affiliates. All rights reserved. Cisco Public 27 Agenda • It’s a Multicloud world
• Introducing Cisco IT Cloud
• User experience
• Day 1 – onboarding & provisioning
• Day 2 – assurance & policies
• Cloud Operating Model
• Getting smarter
• Looking ahead
BRKCLD-1823 © 2019 Cisco and/or its affiliates. All rights reserved. Cisco Public 28 Day 1 Cloud Manager Architecture
Application Orchestration Users
• Composite deployments (profile) • Application Lifecycle Management • Continuous Delivery
Multi-Cloud Management Platform (MCMP) MCMP Ops
• HR API API • AD • Portfolio Cloud Service Tenant Cloud Services Metering & • Budgets Management IAM Management Management Billing • CMDB
API Cloud Services Service Providers
Cloud Console (UI) Console Cloud • Service Automation & API API • Service unit & cost Cloud Service • Service assurance Consumption EMEA RTP RCDN ALLN APAC [Other/Eng/AWS]
BRKCLD-1823 © 2019 Cisco and/or its affiliates. All rights reserved. Cisco Public 30 ServiceNow Single Sign On Enterprise Integration Client Support & Directory (HRMS)
FY Planning & Budgets ServiceNow IT Portfolio
Active Directory & Groups
BRKCLD-1823 © 2019 Cisco and/or its affiliates. All rights reserved. Cisco Public 31 Continuous Security Buddy – Automation
Security Automation Cisco AWS Tenant Account
AWS Continous Security AWS Security Cloud 1 Validation Trusted Formation AWS Audit role Tagging Advisor Templates Lambda CSB Account
AWS * 2 Log Monitoring ($ ) Amazon *Cost based on log size Cloud Log Security Monitoring Kinesis Trail Bucket Analytics Logs Logs CSIRT Account 3 Cisco SSO (CEC) MF AM Strong Identity Cisco Enterprise SSO A
Cloud Security 4 Self Security validation Buddy (CSB) Security Config Rules AWS Config Rules
BRKCLD-1823 © 2019 Cisco and/or its affiliates. All rights reserved. Cisco Public 32 Day 2 Inventory
BRKCLD-1823 © 2019 Cisco and/or its affiliates. All rights reserved. Cisco Public 34 Support, SLO and Monitoring
Client Support Offering SLO • Self-Managed Support • SLO Target is 99.9% • Managed Infrastructure Service
Assurance • Full monitoring and logging stack and synthetic tests
BRKCLD-1823 © 2019 Cisco and/or its affiliates. All rights reserved. Cisco Public 35 BRKCLD-1823 © 2019 Cisco and/or its affiliates. All rights reserved. Cisco Public 36 IF [capacity > 75%] THEN scale_up() Container Platform
MCMP
Provisioning Customers, Employees, Partners Global Service Load Balancer CoDE & SDaaS CI / CD
CAE API
Management Developers CLIP & Splunk Assurance VM VM VM VM VM VM VM VM VM
Developer Experience RCDN Data Center ALLN Data Center RTP Data Center
Cisco IT Cloud IaaS Platform Assurance
SDx Automation
Operators
BRKCLD-1823 © 2019 Cisco and/or its affiliates. All rights reserved. Cisco Public 37 Cost Management
Tenant View Provider View
Spend “Revenue”
Budget limits Client distribution
Approvals Capacity trends
BRKCLD-1823 © 2019 Cisco and/or its affiliates. All rights reserved. Cisco Public 38 Agenda • It’s a Multicloud world
• Introducing Cisco IT Cloud
• User experience
• Day 1 – onboarding & provisioning
• Day 2 – assurance & policies
• Cloud Operating Model
• Getting smarter
• Looking ahead
BRKCLD-1823 © 2019 Cisco and/or its affiliates. All rights reserved. Cisco Public 39 Operating Model
Presentation ID 4 0 What Does SDx Look like…
Autonomic Operations– Systems configurations self-healing easily deployed & infrastructure services Item 1 Item 2 managed as code
Systems are easily Work tracked & run in Common reproduced & discarded Jira using full theme or on-demand DevSecOps principles goal
Continual review & Item 3 Item 4 On-demand @Scale– improvement to ensure continuous integration DevSecOps compliance & delivery and skill acceleration
BRKCLD-1823 © 2019 Cisco and/or its affiliates. All rights reserved. Cisco Public 41 Where are We Now 2019 SDx Norming 2018 SDx Storming 2016 - 2017 GIS SRE / SDx Early Adoption 1 IAC Maturity
2014 - 2016 Scope Expansion: SRE; 2 Quality Engineering IT Agile 1 Security; LC Digitization; Transformation IAC Platforms Security / CSDL for 1 Drive DevOps Mindset 3 Institutionalize an Agile Enterprise Adopt Agile 2 2 Framework (SAFe) 1 Change life of IT (Scrum/Kanban) development team 3 DevSecOps 3 Prioritize Four 2 E2E SDLC tool chain Foundational SRE Pillars Team level Agile 3 maturity 320 Projects (+68%)
Slow Velocity; High Overall 30k Jira stories Learning completed (+289%) Lack of Infra 190 Projects programmability limits wide-spread GIS Overall 7,700 Jira stories participation completed
BRKCLD-1823 © 2019 Cisco and/or its affiliates. All rights reserved. Cisco Public 42 Our DevSecOps Operating Model
Client Stakeholders Clients
Client Client Driven Client Engagement Operations Customer Success
Communications
Vision, Chief Product Strategy and Architects Prioritization Owner
Scrum Scrum PO/ Scrum PO/ Scrum PO/ Scrum PO/ Scrum PO/ Scrum PO Organization Master Lead Master Lead Master Lead Master Lead Master Lead Master
Development Compute, Service SDLC and Storage, Assurance & & Operations Platform Automated CMDB Practice
Network Metrics QA Technology Technology Driven
BRKCOC-2025 © 2019 Cisco and/or its affiliates. All rights reserved. Cisco Public 43 BRKCOC-2025 © 2019 Cisco and/or its affiliates. All rights reserved. Cisco Public 44 Release Process
Product Feature/Defect Approve Approve High Prioritization Definition of Done Management Impact Changes
Sprint Feature Development Complete Scheduled Deploy to Planning (Code Commits) Definition of Done Change Production in Scrum Change Window Teams Pipeline Integration Deploy to Test Non-prod
Release Automation SDLC Pipeline
Monitor during and following CR Support Ops Identify defects from CR
Release Oversee the process - Tracking, Status, Reporting – Dashboard (Jira) Manager
BRKCLD-1823 © 2019 Cisco and/or its affiliates. All rights reserved. Cisco Public 45 Agenda • It’s a Multicloud world
• Introducing Cisco IT Cloud
• User experience
• Day 1 – onboarding & provisioning
• Day 2 – assurance & policies
• Cloud Operating Model
• Getting smarter
• Looking ahead
BRKCLD-1823 © 2019 Cisco and/or its affiliates. All rights reserved. Cisco Public 46 We got smarter!
Presentation ID 4 7 Key Learnings
1 2 3
Focus Executive Buy In SDx Fits All P3 eco-system Top down support Small to Large SW and Infra
4 5 Tools Talent Release process and All Roles toolset changes Training & Hires BRKCLD-1823 © 2019 Cisco and/or its affiliates. All rights reserved. Cisco Public 48 Application Transformation in real life
Planned
Actual
BRKCLD-1823 © 2019 Cisco and/or its affiliates. All rights reserved. Cisco Public 49 Cloud Native Transformation Awareness & Motivation Developer Up-Skilling Organization Evolution SW Engineering Excellence
Programmable Infra Containers CloudDB CI/CD Multi-cloud Cloud Native
Release Management Change Management Operating Model Automated Testing Frameworks
BRKCLD-1823 © 2019 Cisco and/or its affiliates. All rights reserved. Cisco Public 50 Developer Tools It’s an eco-system CI/CD QA / Testing Version Control Security Scans
Artifact repo Config Management
Container repo OS images
Applications
Error notifications Request Mgmt Compliance DMZ
SLO Management Cost Management Secrets PaaS Orchestration
Health / Status Billing Tenant Mgmt Certificates Cassandra Messaging Cloud Interconnect API GW Metrics / Monitoring Active Directory DDoS protect Mongo GSLB Azure
Log management Cloud API SSO DMZ Containers DNS GCP
Event management Console / CLI IAM IaaS AWS
Management Security, Identity, Compliance “Runtime Service” Public “Runtime”
BRKCLD-1823 © 2019 Cisco and/or its affiliates. All rights reserved. Cisco Public 51 The future is bright!
(and busy!) Top Customer Asks
Stability DMZ Type 1,2,3 Capacity CATO DNSaaS
Engineering DRS GPU Regional Clouds File Store Object Storage and Performance
BRKCLD-1823 © 2019 Cisco and/or its affiliates. All rights reserved. Cisco Public 53 Multicloud 2-year vision “Manage workloads across multicloud” AWS GCP
account project
workloads workloads
Containers Containers
Security Security
Secure Cloud Interconnect
Security Management Analytics workloads Cloud Center Suite AppDynamics • Account Management Containers • Cost Management • Policy Management Cisco DC Tetration Analytics • Application Management
Private DC – Cisco HW StealthWatch
BRKCLD-1823 © 2019 Cisco and/or its affiliates. All rights reserved. Cisco Public 54 Cloud Center Suite
BRKCLD-1823 © 2019 Cisco and/or its affiliates. All rights reserved. Cisco Public 55 Your turn?
• Do you know what your users want? What workloads do you target?
• Who are you building for? (hint: the developer)
• User experience? Don’t forget APIs, …
• Portfolio: what services exist
• Maturity: do all service meet basic requirements? Do you know your SLO’s? Are you building an eco-system?
• How are you organized? Do you have the right talent?
© 2019 Cisco and/or its affiliates. All rightsPhoto reserved. by Glen Cisco PublicCarrie on Unsplash Cisco Webex Teams
Questions? Use Cisco Webex Teams (formerly Cisco Spark) to chat with the speaker after the session How 1 Find this session in the Cisco Events Mobile App 2 Click “Join the Discussion” 3 Install Webex Teams or go directly to the team space 4 Enter messages/questions in the team space cs.co/ciscolivebot#BRKCLD-1823
BRKCLD-1823 © 2019 Cisco and/or its affiliates. All rights reserved. Cisco Public 57 Complete your online session survey
• Please complete your Online Session Survey after each session
• Complete 4 Session Surveys & the Overall Conference Survey (available from Thursday) to receive your Cisco Live T- shirt
• All surveys can be completed via the Cisco Events Mobile App or the Communication Stations
Don’t forget: Cisco Live sessions will be available for viewing on demand after the event at ciscolive.cisco.com
BRKCLD-1823 © 2019 Cisco and/or its affiliates. All rights reserved. Cisco Public 58 Continue Your Education
Related Demos in Walk-in Meet the sessions the Cisco self-paced engineer Showcase labs 1:1 meetings
BRKCLD-1823 © 2019 Cisco and/or its affiliates. All rights reserved. Cisco Public 59 Thank you
BRKCLD-1823 © 2019 Cisco and/or its affiliates. All rights reserved. Cisco Public 62 BRKCLD-1823 © 2019 Cisco and/or its affiliates. All rights reserved. Cisco Public 63 TODO: need to break this slide into separate graphic and simplify Container Platform
BRKCLD-1823 © 2019 Cisco and/or its affiliates. All rights reserved. Cisco Public 64