Mais conteúdo relacionado Semelhante a TechWiseTV Workshop: Cisco Hybrid Cloud Platform for Google Cloud (20) TechWiseTV Workshop: Cisco Hybrid Cloud Platform for Google Cloud1. Bahij Nahhas
Digital Transformation & Cloud
Architecture Lead, Google Cloud
July 19, 2018
Introducing the Cisco Hybrid
Cloud Platform for Google Cloud
@zackOmatic
@BahijNahhas
Zack Kielich
Product Manager, Cisco
2. © 2018 Cisco and/or its affiliates. All rights reserved. Cisco Confidential
3. © 2018 Cisco and/or its affiliates. All rights reserved. Cisco Confidential
Public cloud
services
On-premises
environment
Rapid technology and organizational change
DevOps/
Developers
IT Ops
Cloud
architects
IT Mgt
LOBSecurity
Networking
Data Center
Application
Modernization
Cloud
Native Apps
4. © 2018 Cisco and/or its affiliates. All rights reserved. Cisco Confidential
Apps
ServicesInfrastructure
APPS
Infrastructure
APPS
5. © 2018 Cisco and/or its affiliates. All rights reserved. Cisco Confidential
Istio
6. © 2018 Cisco and/or its affiliates. All rights reserved. Cisco Confidential
Google Cloud Platform 15 current regions. 4
new regions coming in
2018.
7. © 2018 Cisco and/or its affiliates. All rights reserved. Cisco Confidential
Google Network
Unity(US, JP) 2010
Monet (US, BR) 2017
Tannat (BR, UY, AR) 2018
Junior (Rio, Santos)
2018
FASTER (US, JP, TW) 2016
PLCN (HK, LA) 2019
Indigo (SG, ID, AU)
2019
Edge node
locations 7500+
Edge points of
presence 100+
Google Network
Curie (CL, US) 2019
Havfrue (US,IE, DK) 2019
SJC (JP, HK, SG) 2013
HK-G (HK, GU) 2019
100+ edge points of presence
7500+ edge nodes, 80+ CDN
locations
8. © 2018 Cisco and/or its affiliates. All rights reserved. Cisco Confidential
ANYWHERE
with a secure and consistent
hybrid environment
Innovation on your own terms
Develop and Deploy
Cisco Hybrid Cloud Platform for Google Cloud
9. © 2018 Cisco and/or its affiliates. All rights reserved. Cisco Confidential
Best of both worlds
11. © 2018 Cisco and/or its affiliates. All rights reserved. Cisco Confidential
On-premises
environment
Google
Kubernetes Engine
Existing
Services
Apps | Data
Cisco Hybrid Cloud Platform for Google Cloud
Cisco HyperFlex
Cisco Nexus9K / ACI
Cisco CSR1000v
Cisco Stealthwatch Cloud
Cisco Container
Platform
Consistent Environment
Google Apigee
Cisco CloudCenter
Istio
BigQuery
Cloud SQL
Pub/Sub
Big Table
Cloud Storage
Cloud Spanner
Open Service Broker
12. © 2018 Cisco and/or its affiliates. All rights reserved. Cisco Confidential
Usecases
13. © 2018 Cisco and/or its affiliates. All rights reserved. Cisco Confidential© 2018 Cisco and/or its affiliates. All rights reserved. Cisco Confidential
✓ Extend your CI/CD pipeline
✓ Deploy containerized
applications anywhere
✓ Connect, Manage and Secure
Services
Develop with a hybrid
CI/CD across both
public cloud and on-
premises
On-Prem
Consistent
Environment
14. © 2018 Cisco and/or its affiliates. All rights reserved. Cisco Confidential
• Fully-managed service for Kubernetes
• Takes advantage of Google Cloud Platform
infrastructure for optimal performance,reliability and
cost savings
• Uses security-hardened, container-optimized OS
• Enterprise-grade compliance and auditability; HIPAA
and PCI DSS 3.2 compliant
• Uses upstream & up-to-date Kubernetes for access to
latest innovations
15. © 2018 Cisco and/or its affiliates. All rights reserved. Cisco Confidential
Hybrid Cloud Optimized
E.g: Google, …
Flexible DeploymentModel
VM | Bare metal HX, ACI
Integrated
Networking | Management | Security | Analytics
CNCF Certified Kubernetes Platform
100% upstream, updates and best practices from open source
community
Turnkey Solution
For Production-Grade Container
Environments
Easy to acquire, deploy & manage | Open & consistent| Extensible platform | World-class advisory &
support
16. © 2018 Cisco and/or its affiliates. All rights reserved. Cisco Confidential
Cisco Cloud Center Kubernetes integration
• Sits across any upstream Kubernetes cluster (1.8+)
• Model application topology using containers, VMs,
PaaS/cloud services, or any mixture thereof
• Unified governance policies for VM and
container/Kubernetes-based applications to enforce where,
how, and by whom an application can be deployed
• Create containerized application portability by dynamically
create app pod YAML in target cloud
• Integrates with build tools in the CI/CD process so that a
new build automatically kicks off a new deployment
• Ensure that monitoring through AppDynamics (when
available) is baked into the application deployment for cross
cloud/cluster monitoring
17. © 2018 Cisco and/or its affiliates. All rights reserved. Cisco Confidential
Service mesh: Istio
Service discovery
Load balancing
Failure recovery
Metrics
Monitoring
A/B testing
Canary releases
Rate limiting
Access control
End-to-end
authentication
18. © 2018 Cisco and/or its affiliates. All rights reserved. Cisco Confidential
Istio Architecture
sv cA
Env oy
Pod
Serv ice A
sv cB
Env oy
Serv ice B
Pilot
Control
Plane
Mixer
Control f low during
request processing Citadel
Traffic is transparently intercepted
and proxied. App is unaw are of
Envoy’s presence
Data
Plane
19. © 2018 Cisco and/or its affiliates. All rights reserved. Cisco Confidential© 2018 Cisco and/or its affiliates. All rights reserved. Cisco Confidential
On-Prem
✓ Production ready on-prem
Kubernetes environment
✓ Easy access to services
in Google Cloud
Develop applications
on-premises
consuming public
cloud services
Consumption of
cloud services
Open Service
Broker
20. © 2018 Cisco and/or its affiliates. All rights reserved. Cisco Confidential
Open Service Broker API
• Provides a standard way to instantiate
and consume any service
• Producers (e.g., GCP) create brokers
to provide services
• Consumers can discover and access
via a catalog that subscribes to these
brokers
Cloud
SQL
Big
Query
Email Storage
PubSub Storage SQL Chat
21. © 2018 Cisco and/or its affiliates. All rights reserved. Cisco Confidential© 2018 Cisco and/or its affiliates. All rights reserved. Cisco Confidential
✓ No re-platforming of existing
applications
✓ Leveraging cloud for
modernized application
development
✓ Consistent policies
and access
Develop applications
in the public cloud
consuming data
from on-premises On-Prem
Google Apigee
Consumption
of on-prem
services
Existing
Services
Apps | Data
22. © 2018 Cisco and/or its affiliates. All rights reserved. Cisco Confidential
• Integrating legacy applications
• Recomposemonolithic applications as services
• Build a service layer in front of existing systems to increase IT velocity
• Importlegacy systems into modern, container-based architectures as services
Management services
Analytics
Dev management
Security analytics
Monolithic systems
on premise
Centralized governance
of all API services
Kubernetes Integration
All Apigee services are
Kubernetes services
23. © 2018 Cisco and/or its affiliates. All rights reserved. Cisco Confidential© 2018 Cisco and/or its affiliates. All rights reserved. Cisco Confidential
✓ Proactive security and
threat detection
✓ Integrated VPN creates one
unified encrypted network
…across a secure
environment On-Prem
24. © 2018 Cisco and/or its affiliates. All rights reserved. Cisco Confidential
Permissions allow
Stealthw atch Cloud to
read GCP Flow Logs
Stealthwatch
Cloud
Virtual Private Cloud
• Google Cloud’s VPC flow logs provide records of all the
resource communications in an account, both VPC-to-VPC
and to external IP addresses.
• Cisco’s Stealthwatch Cloud consumes VPC flow logs
• Automatic, helpful alerts: 95% marked helpful by users
• Works out-of-the-box: Deploys quickly in agentless
fashion, with no tuning or configuration needed
• Dozens of detections formalware, insider threats,
misconfigurations, and software vulnerabilities
• Hybrid environments: on-prem and in the cloud
25. © 2018 Cisco and/or its affiliates. All rights reserved. Cisco Confidential
Cisco Cloud Services Router 1000v integration
with Google Cloud
CSR 1000v
Cloud
Router
Network
Subnet
Private N/w1
Private N/w2
Private N/w3
Cisco
ASR/ASA/ISR/
CSR
Physical /
Virtual
Appliance
• CSR1Kvon Google Cloud
enables private, secure
communications using IPSec
• BGP over IPSec ensures that
the routes are advertised from
on-prem to cloud and vice
versa
26. © 2018 Cisco and/or its affiliates. All rights reserved. Cisco Confidential
Solution Offering
Services: Cisco
or Cisco Partner
Support: Single
Point of Contact
?
Licensing:
Software Only or
with Hardware
4
• CloudCenter
• Container Platform
• CSR1000v
• Google Cloud
Requirements
27. © 2018 Cisco and/or its affiliates. All rights reserved. Cisco Confidential
Cisco Hybrid
Cloud Platform for
Google
28. © 2018 Cisco and/or its affiliates. All rights reserved. Cisco Confidential
And, finally...
29. © 2018 Cisco and/or its affiliates. All rights reserved. Cisco Confidential
Session ID: SPTL103
(Spotlight Session)
Cisco Enabling
Application Innovation:
Cisco and Google
Cloud Open Hybrid
Cloud Architecture
Tuesday, July 24
1:55 p.m. – 2:24 p.m.
Location:
YBCA
Session ID: PAR109
Partnering With
Google Cloud to
Create a Modern
Multi-Cloud, Hybrid
Solution
Monday,
July 23 @ 2:00p.m.
Location:
Moscone South
Session ID: DEV120
(Breakout Session)
The Open Hybrid
Cloud Platform from
Cisco and Google
Cloud
Tuesday, July 24
11:00a.m. - 11:50a.m.
Location:
Moscone West
Check out additional hybrid cloud sessions with Cisco and Google Cloud speakers,
next week at Google Cloud Next!
Session ID: IO215
Google Cisco Hybrid
Cloud Technical Deep
Dive
Wednesday, July 25
3:15 p.m. - 4:05 p.m.
Location:
Palace Hotel
Session ID: IO284
(Breakout Session)
Supporting Modern
Applications with
Production-Grade
Kubernetes
Thursday, July 26
10:20 a.m. - 11:10 a.m.
Location:
Moscone South
30. © 2018 Cisco and/or its affiliates. All rights reserved. Cisco Confidential
Register to attend Next ‘18
Join us in San Francisco July 24–26 for Google Cloud Next ’18. Visit
Cisco at booth (S1326)to learn about private and public cloud. The best of both
cloud worlds.
Register at: g.co/next18/cisco
Pricing
$1,199 (use code NEXTCSC18)
A full-priced general admission ticket is $1,499.
31. © 2018 Cisco and/or its affiliates. All rights reserved. Cisco Confidential
Thank you