Watch
Workshop Replay: http://cs.co/9000B1eEQ
Episode (TechWiseTV): http://cs.co/9002B1e8q
While the ability to seamlessly extend your private cloud or data center into the public cloud sounds great, two big questions still loom: how realistic is it and what does it take to get there? Now, with Cisco Intercloud Fabric hybrid cloud software, those answers are a resounding: “Very—and we’ll show you!”
For this episode of TechWiseTV, Robb Boyd and cloud expert, John McDonough, tackle those questions and more as they focus on how Intercloud Fabric works and what it takes to implement.
Join the pros for an in-depth look at the innovative solution that allows you to move workloads easily between your private cloud and the public cloud you choose—with the same addressing, network, and security policies as your on-premise data center.
3. • Introduction
• Hands On
• Intercloud Fabric Architecture and Infrastructure
• Supported Operating Systems
• Building Intercloud Fabric Cloud Links
• Creating Virtual Data Centers
• Templates and Catalogs
• REST API
Agenda
5. Introduction – Session Information
• Session – Cisco Intercloud Fabric builds and manages hybrid clouds, securely
extending the enterprise data center to the cloud. The latest version of
Intercloud Fabric is a feature-rich release that seamlessly joins multiple clouds
from global cloud providers. We will review as many of these features and
functions today as time allows.
• Who am I?
• John McDonough – Technical Marketing Engineer
• Cisco Employee since 2004
• Developer, Advanced Services, Technical Marketing Engineer
• Blogs – https://blogs.cisco.com/author/johnmcdonough
• Twitter – @johnamcdonough
7. Hands On
• 60 Day License for 10 VMs (20 HCUs) included in Intercloud Fabric
• Install and run with your Amazon AWS or Microsoft Azure provider accounts
• Azure 30 day $200 credit works with Intercloud Fabric
• DevNet Sandbox
• Test out the ICF APIs in DevNet sandbox
• http://develper.cisco.com/cloud
• Cisco dCloud
• Self-Paced lab/demo covering all aspects of Intercloud Fabric
• Running the latest release, offering the greatest flexibility
• http://dcloud.cisco.com
9. You
ChoiceOpen
Securely Extend
Your Data Center
to Cloud
Cisco Intercloud Fabric –
Consistent Network and Security for Hybrid Cloud
Interclou
d Alliance
Public
Clouds
INTERCLOUD
Intercloud
Services
Intercloud
Providers
Accelerate Cloud
Adoption with Consistent
Operational Model
Accelerate
Innovation with
Choice of Clouds
DISRUPTIONSPEEDEFFICIENCY
11. Cisco Intercloud Fabric: Solution Overview
CISCO
INTERCLOUD
FABRIC
End User Portal
Cloud VM
catalogs and
Templates
IT Admin
Cloud
Configuration
and Security
Rest APIs
vSphere
HyperV
OpenStack
KVM
Private Data
Center
Intercloud
Ecosystem
12. Intercloud Fabric
Provider Platform
Intercloud Fabric
for Providers
Intercloud Fabric Secure Extender
(Secure Network Extension)
DC/Private
Cloud
Provider
Cloud
Cisco Intercloud Fabric Architectural Details
Intercloud
Switch
VM Manager
Intercloud
Fabric Services
Intercloud
Extender
Intercloud
Fabric Director
End User and IT Admin Portal
Workload and Fabric ManagementIT AdminsEnd Users
VM VM
VM VM
Intercloud Fabric
for Business
13. Intercloud Fabric Structure
Cisco Intercloud Fabric Architecture is Modularized to Achieve the Elasticity
Needed to Support Evolving Cloud Environments
ICF Core Infrastructure ICFD PNSC ICFPP
Secure
Communications
Private Cloud: Enterprise Public Cloud: Provider
ICF Core Services
Security Management
and Visibility
AutomationNetworking VM Portability
ICF Extended Services + External Partners (storage, load balancing, etc.)
14. ICF Object Relationships – Taxonomy
Network Policy
Provider Acct
Enterprise
VDC
Virtual Data
Center
Private
Cloud IcfCloud – connects enterprise network (ICX) to cloud network (ICS)
Provider Account – Stores the credentials and region for a provider. Many IcfClouds
can be under a single Provider Account
IcfCloud – connects enterprise network (ICX) to cloud network (ICS)
IcfCloud – connects enterprise network (ICX) to cloud network (ICS)
Cloud VDC
Virtual Data
Center
NIC(s)
System Policy
Name Template
DNS domain
DNS Server
Compute Policy
Host Selection
Network Policy
NIC(s)
NIC
Name
Port
IP Source
NIC
Name
Port
IP Source
IP POOLDHCP
NIC
Name
Port
IP Source
NIC
Name
Port
IP Source
IP POOLDHCP
Public
Cloud
15. ICF Object Relationships – Taxonomy
Network Policy
Provider Acct
Enterprise
VDC
Virtual Data
Center
Private
Cloud IcfCloud – connects enterprise network (ICX) to cloud network (ICS)
Provider Account – Stores the credentials and region for a provider. Many IcfClouds
can be under a single Provider Account
IcfCloud – connects enterprise network (ICX) to cloud network (ICS)
IcfCloud – connects enterprise network (ICX) to cloud network (ICS)
Cloud VDC
Virtual Data
Center
NIC(s)
System Policy
Name Template
DNS domain
DNS Server
Compute Policy
Host Selection
Network Policy
NIC(s)
NIC
Name
Port
IP Source
NIC
Name
Port
IP Source
IP POOLDHCP
NIC
Name
Port
IP Source
NIC
Name
Port
IP Source
IP POOLDHCP
Public
Cloud
16. ICF Object Relationships – Taxonomy
Network Policy
Provider Acct
Enterprise
VDC
Virtual Data
Center
Private
Cloud IcfCloud – connects enterprise network (ICX) to cloud network (ICS)
Provider Account – Stores the credentials and region for a provider. Many IcfClouds
can be under a single Provider Account
IcfCloud – connects enterprise network (ICX) to cloud network (ICS)
IcfCloud – connects enterprise network (ICX) to cloud network (ICS)
Cloud VDC
Virtual Data
Center
NIC(s)
System Policy
Name Template
DNS domain
DNS Server
Compute Policy
Host Selection
Network Policy
NIC(s)
NIC
Name
Port
IP Source
NIC
Name
Port
IP Source
IP POOLDHCP
NIC
Name
Port
IP Source
NIC
Name
Port
IP Source
IP POOLDHCP
Public
Cloud
18. Supported Operating Systems
Cisco Intercloud
Services*
Microsoft Azure
Amazon AWS
CentOS 6.2-6.5
RHEL 6.0-65
SUSE 11 SP2/SP3
Windows 2008R2/2012/2012R2
CentOS 6.2-6.5
RHEL 6.0-65
SUSE 11 SP2/SP3
Windows 2008R2/2012/2012R2
CentOS 6.2-6.5
RHEL 6.0-65,
SUSE 11 SP2/SP3
Windows 2008R2/2012/2012R2
*OS support on CIS is dependent upon the cloud provider
20. Intercloud Fabric Links
IcfCloud • Secure Tunnels
• Site-to-Site tunnel - Enterprise to Cloud Provider
• UDP, TCP, HTTPS
• Multiple encryption, hash, and rekey choices
• Access tunnel – intra VM communication in the provider Cloud
• UDP
• Multiple encryption, hash and rekey choices
• IP Group
• AWS Security Groups
• Azure Endpoints
• CIS – dependent upon provider support
23. Intercloud Fabric – Providers
Platform • AWS – access to global regions*
• Azure – access to global regions**
• CIS – dependent upon the provider
• Intercloud Fabric Firewall
• Intercloud Fabric Router
• Inter-VLAN routing
• Default Gateway / Extended Gateway
• NAT
• VPN***
Services
*Generally available regions – Government regions are not yet supported
**Generally available regions – Australia only for Australians – Government regions are not yet supported
***Not available in Azure
27. Intercloud Fabric Templates
• Enterprise Workloads
• Enterprise templates
• Uploaded to Intercloud Fabric
• Uploaded to Cloud Provider Region
• 1 Template can be associated with multiple catalogs, networks, and system policies
28. Intercloud Fabric Templates and Catalogs
• Logical policy driven entities
• Group Association
• Catalog entry associated with specific IcfCloud and template
• Multiple entries per IcfCloud
• Adheres to VDC policies
• User Instantiation
• May or may not be allowed to modify deployed workload name
• May or may not be allowed to modify workload characteristics*
• Subject to workload limits in VDC and license availability
*ICF uses a cloud fit algorithm to select best possible provider offering, test deployment to determine workload type
30. Intercloud Fabric REST APIs
• Full VM lifecycle APIs
• Instantiation
• Migration (convert move convert) less vendor specific tools
• Power
• Termination
• Consistent APIs across Cloud Providers
• Many Clouds one API
• E.g. Power cycle call is the same for Provider A … Provider Z
• Simplified scripts
• E.g. No special cases per provider
• REST Architecture
32. Capacity Augmentation and E-Commerce Hosting
Problem
• Need to burst to cloud
than building capacity
for seasonal peaks or
unanticipated demand
• Cloud workload break
enterprise security
and compliance rules
ADDNS
Enterprise DC
Public
Cloud
33. Capacity Augmentation and E-Commerce Hosting
Problem
• Need to burst to cloud
than building capacity
for seasonal peaks or
unanticipated demand
• Cloud workload break
enterprise security
and compliance rulesICF Shell
Continue to use existing
enterprise services
Extend Web and/or App Tier into
Public cloud to augment
on-prem capacity demands
ADDNS
Enterprise DC
Public
Cloud
Business Outcomes
• Save cost and time to
build additional
capacity
• Use all existing
enterprise services
34. Problem
• Developers using
public cloud natively
without enterprise
security
• Developers cannot
use or test against
enterprise services
and databases
Secure Application Development and Test
ICF Shell
Usergroup1 Portal
Usergroup2 Portal
1. Developers accessing
public cloud through
Enterprise portal
2. Extend multiple networks
from Private DC to cloud with
enterprise security policies
Enterprise Portal
Enterprise DC
Public
Cloud
ADDNS
35. Diminish Shadow IT Over Time
Enterprise DC
Import existing cloud
workloads into ICF
Shell (Beta)
Problem
• Enterprise security
and compliance at
risk when public
clouds accessed
directly
Business Outcomes
• Meet Enterprise
compliance policy
mandates across
private / public cloud
resources
ICF Shell
Usergroup1 Portal
Usergroup2 Portal
Public
Cloud
Enterprise PortalEnterprise Portal
Usergroup3 Portal
36. Cisco Enterprise Cloud Suite
Hybrid-Ready Private Cloud
Virtual Network Services
Modern Self-Service Portal and Catalog
Out-of-box application templates
Stack Designer
Integrated Infrastructure
Management
UCS-based Integrated Infrastructure
Multi-Vendor Compute, Network, Storage, and Virtualization
Hybrid Cloud
Connectivity
Infrastructureassurance,3rdparty
billing,resourcemanagement
Cloud Services
Ecosystem of
Service Providers
37. Compliance
Policy-based
deployment/governance
in cloud
Choice
Freedom to place
workloads across
heterogeneous clouds
Consistency
Security/Networking
as an extension of
Private Cloud
Control
Unified workload
management
across clouds
Cisco Intercloud Fabric
Customer Benefits
DC/Private Cloud
Public
/Provider
Cloud
42. ICF REST API X-Cloupia-Request-Key
• Need to create the Header “X-Cloupia-Request-Key”
• Get the key
https://icdf-ip-hostname/app/api/rest?"opName=getRESTKey&user=username&password=mypass
• F43955535D6148ADB742799BB20874C0
• Create the Header
• X-Cloupia-Request-Key:F43955535D6148ADB742799BB20874C0
• All other operations will use the header as the authentication token
51. ICF REST API Operations
• Network Operations - continued
• Intercloud:userAPIGetAllStaticIPPoolPolicy – (admin/end user)
• No opData
https://icfd-ip-addr/app/api/rest?opName=Intercloud:userAPIGetAllStaticIPPoolPolicy
• Intercloud:userAPIGetAllStaticIPPools – (admin/end user)
• policyId
https://icfd-ip-
addr/app/api/rest?opName=Intercloud:userAPIGetAllStaticIPPools&opData={param0:’policyId’}
• Intercloud:userAPIGetIPAddressPool – (admin/end user)
• No opData
https://icfd-ip-addr/app/api/rest?opName=Intercloud:userAPIGetIPAddressPool
52. ICF REST API Operations
• Service Request Operations
• userAPIGetServiceRequests – (admin/end user – for their SRs)
• No opData
https://icfd-ip-addr/app/api/rest?opName=userAPIGetServiceRequests
• userAPIGetServiceRequestDetails – (admin/end user – for their SRs)
• requestId
https://icfd-ip-
addr/app/api/rest?opName=userAPIGetServiceRequestDetails&opData={param0:’requestId’}
• userAPIGetVMsForServiceRequest– (admin/end user – for their SRs)
• requestId
https://icfd-ip-
addr/app/api/rest?opName=userAPIGetVMsForServiceRequest&opData={param0:’requestId’}
53. ICF REST API Operations
• VDC Operations
• userAPIGetAllVDCs – (admin/end user)
• No opData
https://icfd-ip-addr/app/api/rest?opName=userAPIGetAllVDCs
54. ICF REST API Operations
• VM Operations
• Note in all API calls vmId refers to the vmId number in ICF, except
Intercloud:userAPIOnboardVM where vmId is the AWS ‘Instance ID’
• Intercloud:userAPIGetAllVms – (admin/end user)
• No opData
https://icfd-ip-addr/app/api/rest?opName=Intercloud:userAPIGetAllVms
• Intercloud:userAPIGetVMSummary – (admin/end user – for their VMs)
• vmId
https://icfd-ip-addr/app/api/rest?opName=Intercloud:userAPIGetVMSummary&opData={param0:’vmId’}
• Intercloud:userAPIGetVMVnics – (admin/end user – for their VMs)
• vmId
https://icfd-ip-addr/app/api/rest?opName=Intercloud:userAPIGetVMVnics&opData={param0:’vmId’}
55. ICF REST API Operations
• VM Operations – continued
• Intercloud:userAPIProvisionVM – (admin/end user)
• catalogName
• targetVdc
• comment
https://icfd-ip-
addr/app/api/rest?opName=Intercloud:userAPIProvisionVM&opData={param0:’catalogName',param1:targetVdc',param
2:’comment’}
• Intercloud:userAPIOnboardVM – (admin/end user) – AWS only
• vmId - The identifier, in the format i-xxxx, of the VM instance running on the Amazon cloud
• vmName - The name of the VM
• targetVdc - The name of the target VDC
• AppCategory - The Application Category in the VDC to assign to the VM
• OS - The operating system in the form OS_version_architecture, such as CentOS_6.2_64bit
https://icfd-ip-
addr/app/api/rest?opName=Intercloud:userAPIOnboardVM&opData={param0:’vmId',param1:vmName',param2:’targetV
dc’,param3:’ AppCategory’,param4:’OS’}
56. ICF REST API Operations
• VM Operations – continued
• Intercloud:userAPIMoveVMToCloud – (admin/end user – for their VMs)
• vmId
• vmName
• targetVdc
• comment
• removeSource – boolean – values: true|false
https://icfd-ip-
addr/app/api/rest?opName=Intercloud:userAPIMoveVMToCloud&opData={param0:’vmId',param1:vmName',param2:’tar
getVdc’,param3:’comment’,param4:’removeSource’}
57. ICF REST API Operations
• VM Operations – continued
• Intercloud:userAPIMoveVMToEnterprise – (admin/end user – for their VMs)
• vmId
• vmName
• targetVdc
• ipAddress – IP address of destination Hypervisor host
• datastoreName – Private cloud datastore where VM will reside
• comment
• removeSource – boolean – values: true|false
https://icfd-ip-
addr/app/api/rest?opName=Intercloud:userAPIMoveVMToEnterprise&opData={param0:’vmId',param1:vmName',param
2:’targetVdc’,param3:’ ipAddress’,param4:’datastoreName’,param5:’comment’,param6:’removeSource’}
60. REST – What is it?
• Representational State Transfer
• REST is an architectural style consisting of a coordinated set of architectural constraints applied to
components, connectors, and data elements, within a distributed hypermedia system. REST ignores
the details of component implementation and protocol syntax in order to focus on the roles of
components, the constraints upon their interaction with other components, and their interpretation of
significant data elements.
• Architectural Constraints
• Client-Server / Stateless / Cacheable / Layered / Code on Demand (optional) / Uniform Interface
• Identification of resources / Manipulation of resources / Self-descriptive / Hypermedia as the engine
of application state
• HTTP Vocabulary reuse
• GET / POST / PUT / DELETE
• The PUT and DELETE methods are idempotent methods. The GET method is a safe method (or
nullipotent), meaning that calling it produces no side-effects. POST is a create method.
61. JSON – What is it?
• JSON (JavaScript Object Notation) is a lightweight data-interchange format.
• It is easy for humans to read and write.
• It is easy for machines to parse and generate.
• It is based on a subset of the JavaScript Programming Language
• JSON is a text format that is completely language independent
• Uses conventions that are familiar to programmers (or just people)
62. JSON – Structures
• JSON is built on two structures:
• Object – A collection of name/value pairs.
• Programming language representations – record, struct, dictionary, hash table, keyed
list, or associative array.
• Array – An ordered list of values.
• Programming language representations – array, vector, list, or sequence.
• These are universal data structures. Virtually all modern programming
languages support them in one form or another.
63. JSON Structure Forms – Object
• Object
• An object is an unordered set of name/value pairs.
• An object begins with { (left brace) and ends with } (right brace).
• Each name is followed by : (colon)
• name/value pairs are separated by , (comma).
64. JSON Structure Forms – Array
• Array
• An array is an ordered collection of values.
• An array begins with [ (left bracket) and ends with ] (right bracket).
• Values are separated by , (comma).
65. JSON – Values
• A value can be a string in double quotes, or a number, or true or false or null, or
an object or an array. These structures can be nested.
66. JSON – String
• A string is a sequence of zero or more Unicode characters, wrapped in double
quotes, using backslash escapes.
• A character is represented as a single character string.
67. JSON – Number
• A number is very much like a C or Java number, except that the octal and
hexadecimal formats are not used.
68. • object
• {} / {members}
• members
• pair / pair , members
• pair
• string : value
• array
• [] / [ elements ]
• elements
• value – or – value , elements
• value
• string
• number
• object
• array
• true
• false
• null
• string
• “”
• “ chars ”
• chars
• char
• char chars
• char
• any-Unicode-character-
except-"-or- -or- control-
character
• “
•
• /
• b
• f
• n
• r
• t
• u four-hex-digits
• number
• int / int frac / int exp / int frac
exp
• int
• digit / digit1-9 digits
• - digit / - digit1-9 digits
• frac
• . digits
• exp
• e digits
• digits
• digit / digit digits
• e
• E
• e+
• e-
• E
• E+
• E-
JSON - Structures • Strings • Numbers
69. XML – What is it?
• XML stands for eXtensible Markup Language
• XML was designed to carry data, not to display data
• XML tags are not predefined. You must define your own tags!!!
• XML is designed to be self-descriptive
• XML is a W3C Recommendation
• XML is a markup language much like HTML
• XML is not a replacement for HTML.
• XML was designed to transport and store data, with focus on what data is
• HTML was designed to display data, with focus on how data looks
• HTML is about displaying information, while XML is about carrying information.
• XML does not do anything, sorry
70. XML – Basic Document Structure
• Element tags
• Elements can have associated attributes
• Attributes
• Attributes have values
• Text content (not in APIC)
• Miscellaneous
• Encoding, document type declarations
• Entity references
• Comments, processing instructions, etc…
71. XML – Basic Document Structure
• XML components
1
<?xml version=‘1.0’ encoding=‘UTF-8’?> XML Declaration
2
<!DOCTYPE order SYSTEM ‘order.dtd’> Document Type
Declaration
3
<?xml-stylesheet type=‘text/xsl’ href=‘style.xsl’?> Processing Instructions
4 <order> Element Tags
5 <item code=‘BK123’> Element Attributes
6 <name>Jonathan Strange and Mr. Norrell</name> Attribute Values
7 <price currency=‘USD’ student_discount=‘20%’>42.00</price> Text Content
8 </item>
9 </order>
72. XML – Proper Format
• Elements must be balanced, properly nested
• e.g. <br /> OK
• e.g. <b>bold <i> and italic </i> text</b> OK
• e.g. <b>bold <i> and italic </b> text</i> BAD!
• e.g. <ul> <li> list item </ul> BAD!
• Attributes must be specified, quoted
• e.g. <img src=‘images/banner.gif’/> OK
• e.g. <img src=images/banner.gif /> BAD!
• e.g. <ul compact> <li> list item </li> </ul> BAD!
73. Thank You for Attending
For TechWiseTV episodes, TechWiseTV Workshops, Fundamentals and
Networking 101’s visit http://www.TechWiseTV.com.
https://www.facebook.com/techwise
https://twitter.com/techwisetv