Академический Документы
Профессиональный Документы
Культура Документы
TECDCN-2941
How
1. Find this session in the Cisco Live Mobile App
2. Click “Join the Discussion”
3. Install Spark or go directly to the space
4. Enter messages/questions in the space
© 2017 Cisco and/or its affiliates. All rights reserved. Cisco Public
Session Abstract
Today's Data Center networks have increased in size exponentially and the demand for faster
services has not increased. Instead, customers are demanding faster deployment to production.
Network automation and programmability can be leveraged by network engineers to provide the
agility customers are demanding.
During this session students will learn how to leverage Open NX-OS and ACI in order to program
and automate their Data Center meets these demands. Throughout this session we will be
exploring the Open NX-OS foundation and ACI constructs which it includes a rich Linux foundation
that exposes APIs (NX-API CLI, NX-API REST and ACI API), data models, and programmatic
constructs. We will be also covering automation tools like Ansible.
During the session, we will review use cases leveraging programmatic models to show case
infrastructure automation.
TECDCN-2941 © 2017 Cisco and/or its affiliates. All rights reserved. Cisco Public 4
Agenda
• Introduction
• NX-OS Programmability
• Break
• ACI Programmability
• Tetration Analytics
• Summary
Introduction
Why should we automate, what are the benefits?
Greater Lower Capital Reduced Costs/ Lower Operating Resource
Business Agility Expenses Complexity Cost Optimization
TECDCN-2941 © 2017 Cisco and/or its affiliates. All rights reserved. Cisco Public 7
Evolving The Network Software Stack
Application Unified Evolved VPN: Custom
CCS Apps …
Software Communications CloudVPN,…
Management:
Orchestration: Prime, ACI, NFM, Optimization: …
NSO, .. DCNM.. WAE, ..
Infrastructure Connection
Building Blocks
New Applications,
APIs, Declarative Control, Data Model Controllers, Software Platform, Evolve Control-Plane Architecture
Solutions, Services; Leverage Virtualization
TECDCN-2941 © 2017 Cisco and/or its affiliates. All rights reserved. Cisco Public 8
Cisco Data Center Networks: Providing Choice in Automation and
Programmability
Application Centric
Programmable Fabric Programmable Network
Infrastructure
Connection
Creation Expansion
VTS
Reporting Fault Mgmt
DB DB
Turnkey integrated solution with VxLAN-BGP EVPN Modern NX-OS with enhanced
security, centralized management, standard-based NX-APIs
compliance and scale
3rd party controller support DevOps toolset used for Network
Automated application centric-policy Management
model with embedded security Cisco Controller for software (Puppet, Chef, Ansible etc.)
overlay provisioning and
Broad and deep ecosystem management across N2K-N9K
TECDCN-2941 © 2017 Cisco and/or its affiliates. All rights reserved. Cisco Public 10
Automation Un-Jargoned
We have a whole new world of Acronyms..
Puppet OpenFlow
ACI CI/CD Neutron
IaaS ML2
Python SDK OpenStack API
Agile
Salt YANG DevOps
Netconf
IDE Git
OpenDaylight Waterfall
Chef Container
Go
Ansible
NX-API REST BASH
Eclipse JSON
Controller Docker
LXC
Unicorn XML NFV
TECDCN-2941 © 2017 Cisco and/or its affiliates. All rights reserved. Cisco Public 12
Let’s De-mystify
a few of them
What Formats are used for exchange of Info ?
XML JSON
<?xml version="1.0" encoding="UTF-8"?>
<ins_api> "ins_api": {
<type>cli_show</type> "type": "cli_show",
<version>1.0</version> "version": "1.0",
<sid>eoc</sid> "sid": "eoc",
<outputs> "outputs": {
<output> "output": {
<body> "input": "sho ver",
<header_str>Cisco Nexus Operating System (NX-OS) Software "msg": "Success",
TAC support: http://www.cisco.com/tac "code": "200",
Copyright (C) 2002-2014, Cisco and/or its affiliates. "body": {
All rights reserved "header_str": "Cisco Nexus Operating System (NX-OS)
http://www.gnu.org/licenses/old-licenses/library.txt.
</header_str>
"kickstart_ver_str": "6.1(2)I2(2a)",
<bios_ver_str>07.11</bios_ver_str> "bios_cmpl_time": "05/28/2014",
"kick_file_name": "bootflash:///n9000-dk9.6.1.2.I2.2a.bin",
<kickstart_ver_str>6.1(2)I2(2a)</kickstart_ver_str>
"rr_reason": "Reset Requested by CLI command reload",
<bios_cmpl_time>05/28/2014</bios_cmpl_time>
"rr_sys_ver": "6.1(2)I2(2a)",
<kick_file_name>bootflash:///n9000-dk9.6.1.2.I2.2a.bin</kick_file_name>
"rr_service": "",
<manufacturer>Cisco Systems, Inc.</manufacturer>
"manufacturer": "Cisco Systems, Inc.",
</body>
}
<input>sho ver</input>
}
<msg>Success</msg>
}
<code>200</code>
}
</output>
}
</outputs>
</ins_api>
TECDCN-2941 © 2017 Cisco and/or its affiliates. All rights reserved. Cisco Public 14
APIs
TECDCN-2941 © 2017 Cisco and/or its affiliates. All rights reserved. Cisco Public 15
RESTful APIs
RESTful
GET |PUT | POST | DELETE
• A framework– not a
standard
GET
POST
• Architectural constraints
• Client–server
API PUT • Stateless
DELETE • Cacheable
• Layered system
• Uniform interface
Consistency in Designing Applications
TECDCN-2941 © 2017 Cisco and/or its affiliates. All rights reserved. Cisco Public 16
SDKs
TECDCN-2941 © 2017 Cisco and/or its affiliates. All rights reserved. Cisco Public 17
Python
• General purpose programming language
• High-level programming language
• Object-oriented
• Express concept in fewer line of code Emphasizes
code readability
• Interactive prompt
• Includes
• Advanced language constructs such as loops and
conditions
• Robust selection of libraries
http://www.codecademy.com/en/tracks/python
https://www.coursera.org/course/interactivepython1
TECDCN-2941 © 2017 Cisco and/or its affiliates. All rights reserved. Cisco Public 18
NX-OS
Introduction
Cisco NX-OS – Programmable – Extensible – Open
DCNM NX-API
POAP
CLI
PXE
Native Agent NX-API
SDK
REST
NETCONF
YANG
Streaming
Kubernetes/Docker Telemetry
Tracer (EFT)
Open NX-OS
Programmable Programmable
Fabric Network
TECDCN-2941 © 2017 Cisco and/or its affiliates. All rights reserved. Cisco Public 21
Native Shell
Native Shell
• Access to the underlying Linux system on the device.
• It’s the shell of the Linux OS actually running the switch.
• Access is only for users with NX-OS dev-ops role or network-admin role.
• (conf t)# feature bash-shell
(conf t)# run bash
bash$ sudo su
bash#
TECDCN-2941 © 2017 Cisco and/or its affiliates. All rights reserved. Cisco Public 23
Manage Your Switch Like a Server: Linux Networking in the Native Shell
TECDCN-2941 © 2017 Cisco and/or its affiliates. All rights reserved. Cisco Public 24
3rd Party Apps in the Native Shell
TECDCN-2941 © 2017 Cisco and/or its affiliates. All rights reserved. Cisco Public 25
Linux Networking in the Native Shell
Business problem
TECDCN-2941 © 2017 Cisco and/or its affiliates. All rights reserved. Cisco Public 27
Demo
EEM
EEM Example – Port Tracking
Config – State Down
event manager applet track_1_18_down
event track 1 state down
action 1 syslog msg “EEM applet track_1_18_down shutting down port eth1/33 as 1/18 went down”
action 2 cli command “conf term”
action 3 cli command “interface ethernet 1/33”
action 4 cli command “shut”
Config – State Up
event manager applet track_1_18_up
event track 1 state up
action 1 syslog msg “EEM applet track_1_18_up bringing up port eth1/33 as 1/18 came up”
action 2 cli command “conf term”
action 3 cli command “interface ethernet 1/33”
action 4 cli command “no shut”
TECDCN-2941 © 2017 Cisco and/or its affiliates. All rights reserved. Cisco Public 30
On Board Python
Interactive Mode
On Board Python switch# python
Copyright (c) 2001-2012 Python Software
Foundation; All Rights Reserved
• Simple way to get stuff done
switch# >>> print "hello world“
• No configuration required hello world
switch# >>> exit()
• Integrate with EEM, Scheduler – get
some data from the box and work
on it ! Non Interactive (script) Mode
TECDCN-2941 © 2017 Cisco and/or its affiliates. All rights reserved. Cisco Public 32
Python integrated with EEM
• Call a Python script as an action in an EEM script!
n9k# conf
n9k(config)# event manager applet link_monitor
n9k(config-applet)# event syslog pattern "IF_UP“
n9k(config-applet)# action 1 cli command “python bootflash:cdp_description.py”
n9k(config-applet)# exit
TECDCN-2941 © 2017 Cisco and/or its affiliates. All rights reserved. Cisco Public 33
How to collect Transceiver
Information
Business problem
TECDCN-2941 © 2017 Cisco and/or its affiliates. All rights reserved. Cisco Public 35
Demo
GITHUB
https://github.com/datacenter/nexus9000/blo
b/master/nx-os/python/samples/showtrans.py
TECDCN-2941 © 2017 Cisco and/or its affiliates. All rights reserved. Cisco Public 37
Guest Shell
Guest Shell 2.0
Open Source
Tools, utilities, applications,
Puppet, Chef
rootfs Cisco
Packages
TECDCN-2941 © 2017 Cisco and/or its affiliates. All rights reserved. Cisco Public 39
Instantiate and Enter the Guest Shell
Nexus-9K# guestshell resize ?
cpu Resize the system CPU share allocated to guest shell
memory Resize the system memory allocated to guest shell
rootfs Resize the guest shell root filesystem to a larger value
Nexus-9K# guestshell
[guestshell@guestshell ~]$
[guestshell@guestshell ~]$ exit
Logout
Nexus-9K#
TECDCN-2941 © 2017 Cisco and/or its affiliates. All rights reserved. Cisco Public 40
The Guest Shell and NX-OS can Interact
Run guest shell commands from NX-OS:
Nexus-9K# run guestshell cat /bootflash/scripts/hello.py
print "Hello World!"
Nexus-9K# run guestshell python /bootflash/scripts/hello.py
Hello World!
Nexus-9K#
Nexus-9K#
[guestshell@guestshell ~]$ dohost "sh run | in cdp" "sh run | sec line"
cdp timer 22
line console
exec-timeout 0
line vty
exec-timeout 0
TECDCN-2941 © 2017 Cisco and/or its affiliates. All rights reserved. Cisco Public 41
3rd Party Applications: Richly Populated Repositories
[guestshell@guestshell #]$ cat /etc/centos-release
CentOS Linux release 7.1.1503 (Core)
[guestshell@guestshell #]$
TECDCN-2941 © 2017 Cisco and/or its affiliates. All rights reserved. Cisco Public 42
Install a 3rd Party Application with one Command
TECDCN-2941 © 2017 Cisco and/or its affiliates. All rights reserved. Cisco Public 43
Ansible
Ansible
• Ansible uses an agentless push model
• Configuration files (playbooks) use YAML
• Can configure using CLI (SSH) or NX-API
• Use nxos-ansible modules, or new core Ansible 2.1 modules (to be released)
Ansible
Server
Server sends config when playbook is run
Nexus
Unlike server configuration Ansible does
not execute Python on-box
TECDCN-2941 © 2017 Cisco and/or its affiliates. All rights reserved. Cisco Public 45
Configuration And Patch Deployment
Business problem
TECDCN-2941 © 2017 Cisco and/or its affiliates. All rights reserved. Cisco Public 47
Demo
NXOS Object Model
NXOS Model Driven Programmability Architecture
Restconf gRPC Netconf Telemetry
NX-API-REST
Client Client Client Receiver
Telemetry
Model Transformation (YANG) Agent
TECDCN-2941 © 2017 Cisco and/or its affiliates. All rights reserved. Cisco Public 50
Sandbox
NX-API REST Developer Sandbox
Web-based UI
Convert CLI configuration to DME/YANG Model based Payload
Facilitate adaptation of model-based NX-API REST interface and NETCONF Interface
Enter CLI Option ‘nx-api rest’
configuration –CLI configuration
commands. commands to NX-
API REST JSON
Click to convert the payload
entered CLI
configuration
commands to NX-
API REST JSON
payload.
(Converting is
done on the
device.)
POST the
converted NX-API
REST JSON
payload to the
device.
Output of NX-API
REST JSON
Generate Python code
payload.
snippet of NX-API REST
POST of the converted NX-
API REST JSON payload
TECDCN-2941 © 2017 Cisco and/or its affiliates. All rights reserved. Cisco Public 52
Deploy VXLAN EVPN Overlays
Business problem
TECDCN-2941 © 2017 Cisco and/or its affiliates. All rights reserved. Cisco Public 54
Demo
Software
Telemetry
Three Principles of Nexus 9K Streaming
Telemetry
Analytics-Ready Data
Data-Model Driven
TECDCN-2941 © 2017 Cisco and/or its affiliates. All rights reserved. Cisco Public 57
Use Case: VXLAN BGP EVPN
http://docker.io/dockercisco/telemetryreceiver
and
http://docker.io/dockercisco/elklat
TECDCN-2941 © 2017 Cisco and/or its affiliates. All rights reserved. Cisco Public 58
ELK Collector Sample
VXLAN Programmable Fabric Dashboard
BGP
PEERS
PEER/ AND
# EVPN STATE
ROUTES
VNI TYPE
AND NVE DEVICE
STATE PEERS AND VNI
AND # VNIs STATE
TECDCN-2941 © 2017 Cisco and/or its affiliates. All rights reserved. Cisco Public 59
Break
ACI Programmability
What is ACI
App
Agility
ACI
Simplification / Abstraction
© 2017 Cisco and/or its affiliates. All rights reserved. Cisco Public
Topology – Single Logical System
Fabric
Modules Spine 1 Spine 2
40 – 100Gb
Analytics
Line
Cards Leaf 1 Leaf 2 Leaf 3 Leaf 4
TECDCN-2941 © 2017 Cisco and/or its affiliates. All rights reserved. Cisco Public 63
ACI Visibility
Endpoint
Contract Deny Troubleshooting
Logs Wizard
TECDCN-2941 © 2017 Cisco and/or its affiliates. All rights reserved. Cisco Public 64
How to Interact with ACI
TECDCN-2941
TECDCN-2941 © 2017 Cisco and/or its affiliates. All rights reserved. Cisco Public 65
How to Interact with ACI
ACI CLI GUI Programmatically
import requests
import json
import constant
cookies = {}
cookies['APIC-Cookie'] = auth_token
TECDCN-2941 © 2017 Cisco and/or its affiliates. All rights reserved. Cisco Public 66
ACI Open Interfaces
ACI Open Interface
TECDCN-2941
• Visore
• Arya
• ACIToolkit
• MoQuery
Tenant: Yankees Tenant: RedSox Fabric
• Eventing provided through web sockets
App Profile App Profile Switch
• L4-L7 Device Packages
EPGs EPGs Line Cards
• OpFlex open protocol
L3 Networks L3 Networks Ports
TECDCN-2941 © 2017 Cisco and/or its affiliates. All rights reserved. Cisco Public 68
REST API: Basics
• Standard REST methods supported • Stateless
• No state for requests or sessions
Method Action Behavior
• HTTP1.1 / HTTPS (default)
GET Read Nullipotent
• Handled by any APIC in cluster
POST Create / Idempotent
Update • Access to switches via APIC
DELETE Delete Idempotent • Create, read, update & delete
Managed Objects
• Payloads can be either XML or JSON
– Specified by the file extension in URI
– Content-Type and Accept header is ignored
TECDCN-2941 © 2017 Cisco and/or its affiliates. All rights reserved. Cisco Public 69
REST API: Read Operations
http(s):// host:port /api /{mo|class} /{dn|classname} .{xml|json} ?[options]
http://apic/api/mo/uni/tn-Cisco/ap-Software/epg-Download.xml
http://apic/api/class/l1PhysIf.xml?query-target-filter=eq(l1PhysIf.speed,"10G")
TECDCN-2941 © 2017 Cisco and/or its affiliates. All rights reserved. Cisco Public 70
REST API: Create/Update Operations
http(s):// host:port /api /mo /dn .{xml|json} ?[options]
<fvTenant name="NewTenant">
<fvAp name="NewApplication">
<fvAEPg name="WebTier">
<fvRsPathAtt encap="vlan-1" mode="regular"
tDn="topology/pod-1/paths-17/pathep-[eth1/1]"/>
</fvAEPg>
</fvAp>
</fvTenant>
TECDCN-2941 © 2017 Cisco and/or its affiliates. All rights reserved. Cisco Public 71
ACI Object Model
TECDCN-2941 © 2017 Cisco and/or its affiliates. All rights reserved. Cisco Public 72
ACI Programmatic Structure
ACI API Structure
ACI Toolkit
REST Layer
REST
APIC Controller
OPFLEX
TECDCN-2941 © 2017 Cisco and/or its affiliates. All rights reserved. Cisco Public 73
ACI Tools
API Inspector – Convert GUI clicks to REST Calls
TECDCN-2941 © 2017 Cisco and/or its affiliates. All rights reserved. Cisco Public 75
API Inspector
TECDCN-2941 © 2017 Cisco and/or its affiliates. All rights reserved. Cisco Public 76
APIC REST to Python Adapter: arya.py
{"fvTenant":{"attributes":{"dn":"uni/tn-
Cisco","name":"Cisco","rn":"tn-
Cisco","status":"created"},"children":[{"fvBD":{"attributes":{"dn
":"uni/tn-Cisco/BD-
• GUI creates REST CiscoBd","mac":"00:22:BD:F8:19:FF","name":"CiscoBd","rn":"BD-
CiscoBd","status":"created"},"children":[{"fvRsCtx":{"attributes"
:{"tnFvCtxName":"CiscoNetwork","status":"created,modified"},"chil
XML/JSON dren":[]}},{"fvSubnet":{"attributes":{"dn":"uni/tn-Cisco/BD-
CiscoBd/subnet-[10.0.0.1/8]","ip":"10.0.0.1/8","rn":"subnet-
• API Inspector shows REST [10.0.0.1/8]","status":"created"},"children":[]}}]}},{"fvCtx":{"a
ttributes":{"dn":"uni/tn-Cisco/ctx-
CiscoNetwork","name":"CiscoNetwork","rn":"ctx-
CiscoNetwork","status":"created"},"children":[]}}]}}
• arya.py creates code from
REST
• Auto-generate code to arya.py
automate tasks, without
heavy lifting
• Available at fvTenant = cobra.model.fv.Tenant(topMo, name='Cisco')
fvCtx = cobra.model.fv.Ctx(fvTenant, name='CiscoNetwork')
http://github.com/datacenter/arya Python fvBD = cobra.model.fv.BD(fvTenant, mac='00:22:BD:F8:19:FF',
name='CiscoBd')
code fvRsCtx = cobra.model.fv.RsCtx(fvBD, tnFvCtxName=fvCtx.name)
fvSubnet = cobra.model.fv.Subnet(fvBD, ip='10.0.0.1/8')
TECDCN-2941 © 2017 Cisco and/or its affiliates. All rights reserved. Cisco Public 77
ARYA
TECDCN-2941 © 2017 Cisco and/or its affiliates. All rights reserved. Cisco Public 78
Object Browser: Visore
TECDCN-2941 © 2017 Cisco and/or its affiliates. All rights reserved. Cisco Public 79
Moquery APIC: moquery –c fabricNode | more
TECDCN-2941 © 2017 Cisco and/or its affiliates. All rights reserved. Cisco Public 80
Basic Moquery Commands
BRIDGE DOMAIN
moquery -c fvBD
moquery -c fvBD -f "fv.BD.name==\"BDname\""
CONTEXT
moquery -c fvCtx
EPG
moquery -c fvAEPg
moquery -c fvAEPg -f 'fv.AEPg.pcTag=="xxxx"'
ENDPOINT
moquery -c fvCEp
moquery -c fvCEp | grep x.x.x.x -A 10 -B 5
CONSUMED CONTRACT
moquery -c vzBrCP
PROVIDED CONTRACT
moquery -c vzBrCP
L3 OUT
moquery -c l3extInstP
moquery -c l3extDomP
FAULT
moquery -c faultInst -f 'fault.Inst.code=='F0053"' TECDCN-2941 © 2017 Cisco and/or its affiliates. All rights reserved. Cisco Public 81
ACI Toolkit Custom
Sample
Python
Applications
Scripts
• Simple toolkit built on top of APIC API
Python Library ACI Toolkit
Used to generate REST API calls
APIC
Runs locally
• http://datacenter.github.io/acitoolkit/
TECDCN-2941 © 2017 Cisco and/or its affiliates. All rights reserved. Cisco Public 82
ACI - Use Cases
Getting Started – ACI Toolkit
fvAp fvAEPg
vzBrCP vzSubj
fabricPathEp
topRoot fabricPathEp
Cont
fabricTopology fabricPod
fabricNode
TECDCN-2941 © 2017 Cisco and/or its affiliates. All rights reserved. Cisco Public 85
TECDCN-2941 © 2017 Cisco and/or its affiliates. All rights reserved. Cisco Public 86
ACIToolkit - Sample
tenant = Tenant('tnDemo') Create tenant ‘tnDemo’
app = AppProfile('anpDemo', tenant) Create application ‘anpDemo’ inside of tnDemo
• Endpoint Tracker
• Lint
• Cableplan
• Configuration Snapshot and Rollback
• Visualization Examples
• Event Feeds
• Intersite Configuration Federation
• Connection Search
• ACI Reports
TECDCN-2941 © 2017 Cisco and/or its affiliates. All rights reserved. Cisco Public 88
Getting Started – ACI API’s
Business problem
TECDCN-2941 © 2017 Cisco and/or its affiliates. All rights reserved. Cisco Public 90
API Inspector
TECDCN-2941 © 2017 Cisco and/or its affiliates. All rights reserved. Cisco Public 91
API Interaction
TECDCN-2941 © 2017 Cisco and/or its affiliates. All rights reserved. Cisco Public 92
API Interaction
TECDCN-2941 © 2017 Cisco and/or its affiliates. All rights reserved. Cisco Public 93
API Interaction
TECDCN-2941 © 2017 Cisco and/or its affiliates. All rights reserved. Cisco Public 94
Python Code __author__ = 'cobedien'
import requests
import json
import apic_login
import constant
from prettytable import PrettyTable
def serial_number():
structured_data = json.loads(response.text)
fields = ['name', 'role', 'serial']
data = []
table = PrettyTable()
table.field_names = ['Name','role','serial']
print table
except requests.exceptions.RequestException:
print('HTTP Request failed')
TECDCN-2941 © 2017 Cisco and/or its affiliates. All rights reserved. Cisco Public 95
Output
TECDCN-2941 © 2017 Cisco and/or its affiliates. All rights reserved. Cisco Public 96
Dashboards
Business problem
TECDCN-2941 © 2017 Cisco and/or its affiliates. All rights reserved. Cisco Public 98
Network Resolution
• Use ACI as a means to provide
network visibility in relation to each
of these production lines
• Place devices inside policy groups
(using Tenants ) to isolate and
provide high level visibility and the
capability of granularity
© 2017 Cisco and/or its affiliates. All rights reserved. Cisco Public
Integration of Network and IOT
• Use ANP or Tenant
as boundary for
Scan Temp Servers
production lines
• Utilize Health
Scores, Endpoint
counts and other
operational controls
to provide high level
state of package line
Servers Scan Temp
TECDCN-2941 © 2017 Cisco and/or its affiliates. All rights reserved. Cisco Public 100
Dashboard
TECDCN-2941 © 2017 Cisco and/or its affiliates. All rights reserved. Cisco Public 101
Demo
GITHUB
https://github.com/tecdct2941/aci_dashboard
TECDCN-2941 © 2017 Cisco and/or its affiliates. All rights reserved. Cisco Public 103
Incident Reporting
Business Problem
Create incident
Event
Notify Users
TECDCN-2941 © 2017 Cisco and/or its affiliates. All rights reserved. Cisco Public 105
TECDCN-2941 © 2017 Cisco and/or its affiliates. All rights reserved. Cisco Public 106
TECDCN-2941 © 2017 Cisco and/or its affiliates. All rights reserved. Cisco Public 107
Demo
NCA+
TECDCN-2941 © 2017 Cisco and/or its affiliates. All rights reserved. Cisco Public 110
Network
TECDCN-2941 © 2017 Cisco and/or its affiliates. All rights reserved. Cisco Public 111
Layer 2 integration
VLAN 100
Fabric
VLAN 200
Cat3750 Cat3750
TECDCN-2941 © 2017 Cisco and/or its affiliates. All rights reserved. Cisco Public 112
Application
TECDCN-2941 © 2017 Cisco and/or its affiliates. All rights reserved. Cisco Public 113
Groups
TECDCN-2941 © 2017 Cisco and/or its affiliates. All rights reserved. Cisco Public 114
Network
TECDCN-2941 © 2017 Cisco and/or its affiliates. All rights reserved. Cisco Public 115
Demo
GITHUB
https://github.com/datacenter/NCAplus
TECDCN-2941 © 2017 Cisco and/or its affiliates. All rights reserved. Cisco Public 117
Use Case
Hybrid Cloud Management / ITSM Integration
Business problem
TECDCN-2941 © 2017 Cisco and/or its affiliates. All rights reserved. Cisco Public 119
Solution
TECDCN-2941 © 2017 Cisco and/or its affiliates. All rights reserved. Cisco Public 120
Cisco CloudCenter (Formerly CliQr)
Any Application. Any Cloud. One Platform.
Data
Center
DEPLOY
Private
MODEL
Cloud
MANAGE Public
Cloud
TECDCN-2941 © 2017 Cisco and/or its affiliates. All rights reserved. Cisco Public 121
CloudCenter Provides Unique Value
Model Once. Deploy and Manage Anywhere.
Data
Center
DEPLOY
Private
MODEL
Cloud
MANAGE Public
Cloud
• Single Application Profile
• Graphical Modeler
• Broad Application Support
• Broad Cloud Support
• Enterprise Ready
TECDCN-2941 © 2017 Cisco and/or its affiliates. All rights reserved. Cisco Public 122
Business Centric Services Stack (Customer & Partner Driven)
POLICIES
SERVICES APPLICATIONS Governance / Cost Modelling
UCSD (IaaS)
(Infrastructure Centric Management and Workflow Automation)
Infra Centric App Centric
Containers AWS,
Converged Infrastructure (Kubernetes, Azure,
Mesosphere, (Other
Storage / Docker Public
Microsoft RedHat Swarm) Clouds)
Compute SAN Network VMware
Hyper-V / KVM /
(UCS) (Partners/ (ACI) vSphere
SCVMM RHEV
MDS)
TECDCN-2941 © 2017 Cisco and/or its affiliates. All rights reserved. Cisco Public 123
Cataloging
TECDCN-2941 © 2017 Cisco and/or its affiliates. All rights reserved. Cisco Public 124
Demo
Tetration Analytics
Cisco Tetration Analytics
New
Application Forensics: User
Application Whitelist Policy Policy
Segmentation Every Packet, Applications
Insight and Generation Compliance
Every Flow
Dependency and Simulation (Automated
Enforcement)
API
Tetration Platform
Message Bus
Software Hardware
Sensor Sensor
Data Lake
TECDCN-2941 © 2017 Cisco and/or its affiliates. All rights reserved. Cisco Public 127
Software
Tetration Analytics Application Discovery
Sensors Appliance
SW Sensors
3rd Party
Feed
SW Sensors Integrate
Realtime & Historical Simulation
Nexus 9300-EX
HW Sensors
Whitelist Policy
Recommendation
SW
Recommend
Sensors
in Cloud
Compliance Verification
3rd
Policy
Party Enforcement
Record, Analyze
and Store Remediate
Listen Interact / Verify
TECDCN-2941 © 2017 Cisco and/or its affiliates. All rights reserved. Cisco Public 128
Tetration API Access Key
Create API Key to allow access:
TECDCN-2941 © 2017 Cisco and/or its affiliates. All rights reserved. Cisco Public 129
Tetration Python SDK
The tetration SDK can be installed through python pip:
# pip install tetpyclient
Boilerplate instantiation:
from tetpyclient import RestClient
API_ENDPOINT="https://<UI_VIP_OR_DNS_FOR_TETRATION_DASHBOARD>"
restclient = RestClient(API_ENDPOINT,
credentials_file='<path_to_credentials_file>/credentials.json',
verify=True)
resp = restclient.get('/sensors')
TECDCN-2941 © 2017 Cisco and/or its affiliates. All rights reserved. Cisco Public 130
Tetration Python Sample
Get application scopes:
#!/usr/bin/python
client = RestClient(API_ENDPOINT,
credentials_file='/<credential file location>', verify=False)
resp = client.get('/app_scopes')
if resp.status_code != 200:
print resp.status_code
print resp.text
else:
print json.dumps(resp.json(), indent=4, sort_keys=True)
© 2017 Cisco and/or its affiliates. All rights reserved. Cisco Public
Tetration Python Sample
Get applications:
#!/usr/bin/pythonimport json
client = RestClient(API_ENDPOINT,
credentials_file='/<credential file location>', verify=False)
resp = client.get('/applications/')
if resp.status_code != 200:
print resp.status_code
print resp.text
else:
print json.dumps(resp.json(), indent=4, sort_keys=True)
TECDCN-2941 © 2017 Cisco and/or its affiliates. All rights reserved. Cisco Public 132
Tetration Python Sample
Get specific application:
#!/usr/bin/pythonimport json
client = RestClient(API_ENDPOINT,
credentials_file='/<credential file location>', verify=False)
resp = client.get('/applications/5937286a755f02568bdba1d8/details')
if resp.status_code != 200:
print resp.status_code
print resp.text
else:
print json.dumps(resp.json(), indent=4, sort_keys=True)
© 2017 Cisco and/or its affiliates. All rights reserved. Cisco Public
Tetration Embedded Applications
User written applications can be embedded directly into the Tetration Platform
Supports Python, SQL, Scala
TECDCN-2941 © 2017 Cisco and/or its affiliates. All rights reserved. Cisco Public 134
Tetration As a Billing Platform
Business problem
TECDCN-2941 © 2017 Cisco and/or its affiliates. All rights reserved. Cisco Public 136
Solution
TECDCN-2941 © 2017 Cisco and/or its affiliates. All rights reserved. Cisco Public 137
Demo
Summary
Summary
TECDCN-2941 © 2017 Cisco and/or its affiliates. All rights reserved. Cisco Public 140
Thank you
Participate in the “My Favorite Speaker” Contest
Promote Your Favorite Speaker and You Could Be a Winner
• Promote your favorite speaker through Twitter and you could win $200 of Cisco
Press products (@CiscoPress)
• Send a tweet and include
• Your favorite speaker’s Twitter handle <Speaker—enter your Twitter handle here>
• Two hashtags: #CLUS #MyFavoriteSpeaker
• You can submit an entry for more than one of your “favorite” speakers
• Don’t forget to follow @CiscoLive and @CiscoPress
• View the official rules at http://bit.ly/CLUSwin
TECDCN-2941 © 2017 Cisco and/or its affiliates. All rights reserved. Cisco Public 142
Complete Your Online
Session Evaluation
• Give us your feedback to be
entered into a Daily Survey
Drawing. A daily winner will
receive a $750 gift card.
• Complete your session surveys
through the Cisco Live mobile
app or on www.CiscoLive.com/us.
© 2017 Cisco and/or its affiliates. All rights reserved. Cisco Public
Continue Your Education
• Demos in the Cisco campus
• Walk-in Self-Paced Labs
• Table Topics
• Meet the Engineer 1:1 meetings
• Related sessions
TECDCN-2941 © 2017 Cisco and/or its affiliates. All rights reserved. Cisco Public 144
Please join us for the Service Provider Innovation Talk featuring:
Yvette Kanouff | Senior Vice President and General Manager, SP Business
Joe Cozzolino | Senior Vice President, Cisco Services