Post on 11-Aug-2020
transcript
netbraintech.com |
Table of Contents
Executive Summary
1. Background
2. Manage The Hybrid Network In a Consistent Way
Discover The Hybrid Network
Map ACI Fabric Alongside The Traditional Network
Decode Underlay and Overlay Design
Visualize Information from Multiple Data Sources
3. Transition to an Application-Centric Mentality
Map Logical Structure of Endpoint Groups
and the Contracts Between Them
Decode Underlay Network Dependencies for Any Application
4. Troubleshoot Applications Across Complex and
Dynamic Environments
Map Application Flows Across Hybrid Infrastructures
Diagnose Routing and Performance Along the Path
Make Knowledge Executable
Diagnose the Underlay Network
Automate “Just-in-Time”Diagnosis at the Moment of an Event
5. Conclusion
About The Author
2
1
3
3
4
6
4
7
7
9
9
10
10
11
12
13
14
8
netbraintech.com |
Executive Summary
01 | Executive Summary
Network teams have been managing their networks
the same way for decades. Social media, mobile
devices and cloud computing are pushing traditional
data centers to their limit. Today’s networks need to be
able to evolve at the speed of software to quickly meet
changing business demands. Cisco ACI networking has
the potential to revolutionize traditional data centers by
providing a more flexible way to provision and control
the network. With all these benefits, many challenges
are introduced, and every new technology comes with
a steep learning curve. Network teams have been
provisioning devices manually through the command
line interface for decades and are suddenly being asked
to wrestle with the new layers of abstraction which
Cisco ACI brings. Devices that we used to be able to
see and touch are now virtualized and being spun up in
minutes causing us to wonder what is in the network.
Complete visibility into the hybrid network is a must-
have. This white paper will focus on how NetBrain solves
the operational challenges of managing and supporting
hybrid networks and how that extends to a Cisco ACI
environment.
netbraintech.com | 02 | Background
Business IT needs have evolved, applications are at the heart of your
data center and core to any enterprise IT strategy. Today’s applications
are highly virtualized and are more distributed than ever. Business
requirements are continuously changing, requiring rapid and continuous
delivery of new services and applications causing the shifting of
communication needs within the data center.
Making the transition to an application-centric approach is no small feat.
Network teams must understand their software-defined architectures to
manage them effectively, along with the rest of the traditional network it
connects to. Without effective tooling support, the task of managing such
an evolving heterogeneous network has proven to be very challenging.
NetBrain helps network teams address the key challenges below by
providing them with effective tools to improve their operational workflows
by leveraging automation and providing visibility into the entire hybrid
environment enabling an effective transition.
Challenges in Managing the ACI Network Alongside the
Traditional Network
» Knowledge and Skills Gap - Network teams are being forced to
change their habits and operate with a new application-centric
frame of mind. Managing their infrastructure through a central
controller rather than box-by-box requires a new way of thinking.
» End-to-End visibility into the entire network – Network teams need
a better way to visualize the overlay structure and applications
deployed on top of it and how it connects to the underlying network
without having to hop between different systems.
» High degree of abstraction and complex to troubleshoot - When
there’s an application problem, layers of abstraction in the data
center architecture make it less straightforward to identify the root
cause of the problem.
1. Background
netbraintech.com | 03 | Manage The Hybrid Network In a Consistent Way
» Highly complex traffic flows - Traffic traverses through non-ACI
traditional network to ACI-enabled data center in a multi-tiered
architecture without clear visibility of the application context for
each individual device and how it maps to the underlay network.
» Highly dynamic network that enables frequent changes –
The network is continually changing, and network teams struggle
to maintain a common understanding of what is deployed in the
network.
Discover The Hybrid Network
NetBrain’s Dynamic Mapping and Automation platform provides network
teams with end-to-end visibility and automation across hybrid networks.
With NetBrain, you can use the same set of tools to understand and manage
your hybrid network with Cisco ACI working in tandem with the rest of the
traditional network.
To understand the hybrid infrastructure, you must first discover your entire
network. The NetBrain discovery process uses API calls to integrate with
the APIC controller. NetBrain discovers the ACI devices from the APIC
controller and uses CLI commands and SNMP to discover the traditional
network and creates a unified workspace that includes both ACI and
traditional device data.
2. Manage the Hybrid Network in a Consistent Way
netbraintech.com | 04 | Manage The Hybrid Network In a Consistent Way
Map the ACI Fabric Alongside the Traditional Network
Many enterprise environments deployed today are hybrid environments
with Cisco ACI working closely with many other traditional network devices.
Due to the size and complexity of these deployed fabrics, virtualization
and specialized hardware strategically placed in the network, complete
visibility into the entire network without having to hop between systems
is invaluable. Network engineers are being challenged more than ever
trying to manage a hybrid architecture that include both a centralized and
decentralized approach in managing, troubleshooting and supporting this
complex network environment. NetBrain’s Dynamic Maps provide the
ability to visualize the ACI fabric and the connected traditional network in
a single view for data correlation across your ACI and traditional network
environment. Users can view not only the neighboring devices but also
seamlessly map ACI and non ACI networks to get a clear picture of their
hybrid environment and their intercommunications.
Decode Underlay and Overlay Design
The evolving network is complex, changing constantly and is requiring
network teams to obtain new skills to manage it. Overlay networks provide
greater agility and flexibility by allowing network teams the ability to rapidly
deploy new applications, services and virtualized infrastructure to quickly
meet changing business goals and objectives to keep pace with the speed
of change. With all these benefits, there are added layers of complexity
which decrease visibility into the entire network infrastructure. Overlays
netbraintech.com | 05 | Manage The Hybrid Network In a Consistent Way
provide a layer of software abstraction to allow multiple discrete, separate
virtualized network layers that run on top of the underlay network.
Overlays separate the location of a device or endpoint from its identity.
Endpoints in your network are now identified by a tag allowing them to be
located anywhere within the network structure and found simply by its tag.
All these layers of abstraction, virtualization, new applications and services
overlaid on top of the underlay network are putting more demands on
network teams to understand and decode the network design.
NetBrain simplifies understanding the ACI-enabled data center network,
the overlay structure and the applications running on top of it by organizing
a data model of the network into different views to help bridge the
knowledge gap that a network engineer could face when supporting
an application-centric network. NetBrain makes it possible to quickly
understand the Cisco ACI fabric and support the deployed infrastructure in
the following aspects:
» Visualize the ACI fabric and the connected network
in a consistent and familiar way using pre-built views.
» Visualize the hybrid network in a single pane of glass with
Dynamic Map
» Conceptualize Overlay/Underlay designs, logic layer
dependencies and connectivity inside or outside an application.
The overlay and underlay maps allow you to see what devices, VRFs,
endpoint groups (EPGs) and endpoints are part of the ACI fabric. The
ability to visually represent information about the entire network
seamlessly, regardless of technology and quickly locate the logical
structure then drill down to the corresponding physical components
during troubleshooting is crucial. Network teams need a way to demystify,
decode and simplify managing a hybrid network.
netbraintech.com | 06 | Manage The Hybrid Network In a Consistent Way
Overlay Map: Represents the logical fabric structure, including VRFs, subnets, and the endpoint devices connected without showing all the L2
connectivity.
Underlay Map: shows the network devices and interfaces configured for this VRF and filters relevant leaves and endpoints in the structure to help
you visualize the VRF design.
Visualize Information from Multiple Data Sources
NetBrain’s Dynamic Maps are a single pane of glass where network teams
can visualize any network data on the map by turning on and off data layers
dynamically. Engineers who manage the hybrid infrastructure need not worry
about the method to retrieve information from devices such as CLI, SNMP or
API; they need only to turn on the data. The data views applied below displays
various information including infrastructure, maintenance, and design
netbraintech.com | 07 | Transition to an Application-Centric Mentality
information for each device on the heterogeneous network map.
3. Transition to an Application-Centric Mentality
Map Logical Structure of Endpoint Groups and the Contracts Between Them
Due to the size, complexity, abstraction and the number of applications
deployed on top of a single fabric in a typical ACI deployment, network
teams need the tools to make the transition from the network-centric
approach to an application-centric approach in managing their data center
network and a way to quickly decode ACI constructs. NetBrain seamlessly
maps the hierarchical structure making it easy for the engineer to visualize
both the logical and underlay structure of a given application.
The Logical Structure provides an overview of the hierarchical structure
between tenant, application, endpoint group (EPG) and contracts between
the EPGs.
netbraintech.com | 08 | Troubleshoot Applications Across Abstract Environments
Decode Underlay Network Dependencies for Any Application
The Underlay map represents the physical infrastructure in which the
overlay or virtual network is built on top of. Troubleshooting is enhanced
with this map because the network and interfaces are automatically filtered
to the ones carrying the traffic for a specific application and the underlying
network components used to support it.
4. Troubleshoot Applications Across Complex and Dynamic Environments
With the high degree of abstraction, complex traffic flows and admins
being able to rapidly deploy new applications, services and virtual
infrastructure in minutes, network teams are being challenged to meet the
same SLA times and MTTR. Network teams who are used to operating in a
relatively static data center environment now have to deal with the dynamic
nature of their new software-defined environment.
Engineers are typically faced with troubleshooting a slow application. A
typical ACI deployment includes a large amount of applications and being
netbraintech.com | 09 | Troubleshoot Applications Across Abstract Environments
able to visualize the application flow from both a physical and logical
perspective when a problem happens is indispensable in identifying the
problem area and the root cause. Due to the increased complexity and
lack of visibility in these hybrid network environments, it is becoming a
greater challenge for network teams in their troubleshooting workflows.
A typical troubleshooting workflow is often a time-consuming process
made up of analyzing data from a vast number of sources which include
results from CLI commands, third party tools and other disparate tools.
Today’s SLA’s are based on quick turnaround times that challenge
traditional troubleshooting methods. Without the tools that automate
and speed up the process, the engineer is forced to use time-consuming
manual efforts until the issue can be isolated. NetBrain helps provide real-
time insights of the problem you are troubleshooting in the following ways:
Map Application Flows Across Hybrid Infrastructures
NetBrain’s powerful A/B calculator will map the flow of any application
traversing across both the ACI and non-ACI environment. To diagnose
network slowness, you need to understand the flow of application traffic.
Diagnose Routing and Performance Along the Path
NetBrain can map both L2 and L3 application paths based on live or already
baselined data. NetBrain emulates real packet forwarding to analyze how
traffic flows across the network and considers deep network protocol
analysis such as routing, ACLs, PBR, NAT, and VRF to identify problem
areas within your network and visually displays the results on the map.
netbraintech.com | 10 | Troubleshoot Applications Across Abstract Environments
In the A/B path below you can see that the traffic is allowed by the firewall,
the virtual IP translation done by the load balancer and the overall health of
all devices along the path.
Make Knowledge Executable
With executable runbooks network teams can make their ACI knowledge
executable. An executable runbook is an active flow chart. Each node of
the chart corresponds to a step of a network task and can take the form of
an executable application (called a Qapp™), a built-in function such as ping
or traceroute or simply text with a note or a description and the results can
be displayed on the map..
netbraintech.com | 11 | Troubleshoot Applications Across Abstract Environments
Diagnose the Underlay Network
In virtually every network environment today, network teams are often
faced with troubleshooting application issues and the finger pointing
between teams and Mean Time to Innocence (MTTI) begins. In today’s
multi-tier architectures in which the web, application and database
processing are physically separated, getting to MTTI quickly is often
challenging. Problems like this do not discriminate so having access to a
visual representation of the problem on a map can help network teams
dramatically speed up the time to resolution and MTTI. Network teams can
usually prove that it is not the network by simply proving that the physical
port that is connected to the webserver is up but being able to identify
and isolate that a backend application is down is very time-consuming and
often takes collaboration among multiple teams to identify and resolve the
issue.
NetBrain can help you abstract and maintain clear visibility of the
application context for each individual device. Using NetBrain’s search
function, you can quickly locate an application context by simply searching
for an internal IP address of a webserver. Without this capability, the
engineer would have to manually troubleshoot hop by hop through the
traditional and ACI network to isolate the problem which can be very time-
consuming.
netbraintech.com |
Automate “just-in-time” Diagnosis at the Moment of an Event
NetBrain can also be used in triggered mode or “Just-in-Time” automation
to perform fully automated diagnostic procedures in real-time without
human intervention. This means when the APIC controller detects an
event such as interface status change, it will send out notification via
RESTful API. NetBrain can be configured to listen to this event notification
and immediately trigger the generation of a map, run a sequence of
customizable diagnostic steps in a pre-defined Runbook that captures all
the data and analytics about the event in real-time and save all the results
with the map. This gives the engineer a head-start in the troubleshooting
process by automatically collecting, analyzing and displaying the data in
context on a Dynamic Map to dramatically reduce Mean Time to Repair
(MTTR).
NetBrain fully automated the troubleshooting process and isolated the
issue at the time of the incident. Without this capability, the network
engineer would have to perform their traditional troubleshooting
workflows until they isolated and resolved the issue, which can be very
time-consuming.
12 | Troubleshoot Applications Across Abstract Environments
netbraintech.com |
5. Conclusion
With the adoption of virtualization and networks continuing to evolve and
advance to this the new application-driven paradigm, network teams can
no longer manage their networks in the same way. The network is no
longer static and is now highly dynamic with real-time changes occurring
in an instance. This highly dynamic network with layers of abstraction and
complex traffic flows is causing significant gaps in visibility into the hybrid
networks and is requiring a new set of skills, tools and agility from network
teams. NetBrain reduces complexity, provides the needed visibility and tools
for network teams to understand and manage their hybrid network the
same way they always have, effectively equipping engineers to rapidly meet
the changing business demands and maintain agile network operations.
13 | Conclusion
netbraintech.com | 14 | About The Author
About The Author
Terrilyn Mauro is currently a Senior Technical Marketing
Engineer at NetBrain. She has over 15 years of
networking experience holding many senior engineering
roles for large matrixed organizations. Her experience
includes working across diverse industries that span
large retail, consulting companies, ISP and hosting
services. She holds the CCDP and CCNP certification.
netbraintech.com |
Founded in 2004, NetBrain is the market leader in network
automation. Its ground-breaking platform leverages the power
of Dynamic Maps and Executable Runbooks to provide CIOs and
network teams with end-to-end network visibility and analysis
across physical, virtual, and software-defined networking
environments.
Today, more than 1,800 of the world’s largest enterprises and
managed service providers use NetBrain to automate network
documentation, accelerate troubleshooting, and strengthen
network security—while integrating with a rich ecosystem of
partners. NetBrain is headquartered in Burlington, Massachusetts,
with offices in Sacramento, California; Munich, Germany; and
Beijing, China.
For more information, visit https://www.netbraintech.com/.
NetBrain® and the NetBrain logo are registered trademarks of
NetBrain Technologies.
NetBrain Technologies, Inc.
15 Network Drive
Burlington, MA 01803
+1 800 605 7964
info@netbraintech.com
www.netbraintech.com
About NetBrain Technologies, Inc.