2. #CLUS
Allan Naim, Senior Manager, Google
PSOCLD-1007
Cisco + Google Cloud
Open Hybrid Cloud
Solution
Rohit Agarwalla, Principal Engineer,Cisco
@allannaim
https://www.linkedin.com/in/allannaim
https://www.linkedin.com/in/rohitagarwalla/
@rohitagarwalla
44. Are you Multicloud
Ready?
Let us help you go from
newbie to ninja
Get your personalized Multicloud Assessment in the
“Embrace the MulticloudWorld” Zone.
Just follow-the signs to the Cisco Cloud booth.
Allan
Three major groups within organizations have the opportunity to drive change collectively!(note: depending on your presentation audience, please convert the narrative accordingly)
On the left hand-side, enterprise IT wants to maintain control, consistency and compliance over the on-premises environment but also wants to contribute to the evolution, rather than slowing down development and innovation.
At the other end of the spectrum, IT leadership and Line of Business users want to increase adoption of public cloud services and benefit from agile development, microservices-based architectures and modern platform and toolset capabilities.
A relatively new group added to the equation, that sits almost between the two here are the IT Ops/DevOps, working closely with Cloud Architects and Developers. They are the link between the two different environments and audiences, having to operate across both worlds to enable Developers with the best tools, platforms, but taking into account their existing assets (applications and infrastructure), internal capabilities and control and compliance requirements.
Allan
Cisco and Google have partnered to present the next generation of Hybrid Cloud solutions:
The Cisco Hybrid Cloud Platform for Google Cloud.
Now you can develop and deploy applications ANYWHERE with an open customizable solution that connects the best of both worlds (on-premises and public cloud) and provides a unified, secure and consistent hybrid environment.
Allan
Allan
Use Case 3
When establishing a hybrid CI/CD software pipeline and workflow: you can use one consistent environment to develop, test, deploy and move applications anywhere. Cisco CloudCenter leverages both on-premises and Google Cloud integrating all the tools necessary for the different phases of CI/CD.
Allan
Rohit
Rohit
Rohit
Rohit
Rohit
Rohit
Rohit
Rohit, Allan
Rohit, Allan
Rohit, Allan
Allan
Use Case 2
When developing on-premises: you can use services from the Google Cloud. Your local Kubernetes Service Catalog integrates with the Open Service Broker at the Google Cloud, so public cloud services are being presented to you locally.
Fast, automated application deployment optimized across on-premises and GC with CloudCenter
Easy access to resources in GC
Pods in Google Kubernetes Engine mapped to on-premises, Machine Learning, Mobile or IoT
Install and configuration support for Open Service Broker in GC and Service Catalog on-premises
Enforcement of policies that move with the application across both environments
Allan
Allan
Rohit, Allan
Allan
The solution is designed to deliver 3 use cases (supported by Cisco Validated Designs) and can be customized accordingly.
Use Case 1
When developing on the Google Cloud; with Google Apigee, you can create RESTful APIs to connect on-premises existing applications and data to modern applications running on Google Cloud. This way, you can avoid unnecessary re-platforming of existing applications and you don’t need to move them to leverage their data and extend them.
Allan
Rohit
The foundations of the Hybrid Cloud Platform for Google Cloud are the security and networking.
Stealwatch Cloud combines sensors to protect your on-premises assets, while also integrating with Google’s VPC Flow Logs (one of the few security vendors to offer that and a key innovation of the solution) to offer security in the public cloud. Stealthwatch Cloud’s approach, “entity modelling”, is a combination of behavioral modeling and machine learning that is used to identify early indicators of compromise for threats, including emerging threats, targeted attacks, credential abuse, insider threats, and data loss.
Cisco’s Cloud Services Router (CSR) 1000v provides routing, security, and network management, bridging on-premises and Google Cloud into one unified encrypted network so that your developers can only focus on what they are building.
Rohit
Rohit
Allan, Rohit
The solution can be described in three layers:
- optimized management, networking and security for the Google Cloud (Cisco CloudCenter, Cisco CSR1000v, Cisco Stealthwatch Cloud, Google Cloud service)
- integrated API and mesh management (discovery services) between on-premises and public cloud applications(Google Apigee, Istio and Google Cloud Platform Open Service Broker)
- on-premises integrated hardware with a turn-key Kubernetes environment (Cisco Hyperflex, Cisco ACI, Cisco Container Platform (including Contiv and Kubernetes Service Catalog)).
Besides GKE, Google Cloud services accessible via Open Service Broker are:
BigQuery, Cloud SQL, Pub/Sub, Big Table, Cloud Storage and Cloud Spanner
Solution Description
The Cisco Hybrid Cloud Platform for Google Cloud leverages Cisco’s VPN service to create a unified and secure network that includes your data center and the public cloud. Stealthwatch Cloud takes care of proactive security and thread detection by integrating with Google’s VPC Flow Logs and your on-premises environment so you can manage access of users, devices, and workloads with policy enforcement. This way you can ensure your developers only focus on building applications while you don’t have to worry about security or compliance.
Cisco CloudCenter with Open Service Broker and Istio enables secure provisioning of microservices across both on-premises and Google Cloud, including integration with a local Kubernetes Service Catalog (running under Cisco Container Platform).
This means you can easily access any Google Cloud service, including containers in Google’s Kubernetes Engine, mapped to your infrastructure, with the Cisco Container Platform taking care of cluster management on your side. In addition, with Cisco Application Centric Infrastructure (ACI) and Contiv (under CCP and not shown on the diagram), you can easily enforce networking policies that move across clouds with your containerized applications, so networking becomes easier to manage and monitor.
Similarly, almost the reverse process can be achieved. One of the key innovations of Cisco Hybrid Cloud Platform for Google Cloud is being able to expose your on-premises traditional applications and data to the public cloud. With Google Apigee, you can create, manage and secure RESTful APIs to connect existing systems to new public cloud services without having to re-platform them. The result? Making better use of your existing investments and allowing you to move to the cloud at your own pace.
Time: 2 mins
We really have made great strides in delivering on the promise.
Rohit, Allan
At Cisco, we believe that cloud doesn’t have to be complicated , and that organizations should have the freedom to use any cloud the way they want to.
We are dedicated to working with public cloud providers and a global ecosystem of more than 60,000 partners, 1 million network engineers, and 500,000 DevNet developers.
Our industry-leading expertise in enterprise IT, including networking, security, management, analytics, and hyperconverged infrastructure uniquely positions us to deliver solutions enabling our customers in a multicloud world.