Next week at Cisco Live, VCE will highlight a policy-based application deployment and operation solution that leverages the powerful abstractions enabled by the Cisco Application Centric Infrastructure (ACI) framework along with the Vnomic Declarative Deployment and Governance Platform. Based on Vblock Systems, this proof-of-concept shows how customers can deploy a SAP Business Warehouse on HANA landscape in just over 60 minutes.
The value proposition of this solution is a compelling one – businesses are looking for new ways to increase agility in their data centers, and need ever-increasing rapid deployment and operation capabilities. More importantly, the deployments must also follow corporate policies for security and data protection, ensuring that even the most rapid deployments will not inadvertently leave an application vulnerable.
Plenty of vendors in the past have claimed to be able to swiftly deploy complex applications, but these approaches resulted in very rigid and fragile implementations that were quickly discarded. So what makes a policy-based approach likely to deliver a workable solution?
Since true converged infrastructures are engineered, manufactured, managed, supported and sustained as a single entity, a policy-based approach can be added to the infrastructure to provide predictable management of components.
Policy-based application management
Let’s use a familiar example – cars. Modern automobiles are policy-based machines. With the exception of a few safety-related controls, there is no direct connection between any driver interface and configurations under the hood. For example, the accelerator pedal acts as an input for the engine management system, which takes additional inputs from many sensors around the engine and transmission, and then determines the best configuration of fuel/air mixture, gear ratio, fuel injection timing, ignition timing, and in some engines, inlet valve timing. Best of all, this can be optimized based on the driver’s demands – heavy acceleration results in a very different configuration from economical acceleration.
No driver could constantly adjust all these parameters to their optimal value. Therefore, a policy-based approach is essential to automobile efficiency and performance because it automatically and constantly adjusts these parameters under the policy determined by the accelerator.
Unfortunately, we still manage our data centers as if they were automobiles from the 1950s. Applications are still painstakingly hand-constructed through a large series of discrete changes to the configuration of multiple devices. Because this is a painfully slow, error-prone and non-repeatable process, organizations strive to keep environments static as long as possible, resulting in non-agile organizations – the antithesis of the goal for 21st century IT.
Alternatively, applications should ultimately request a desired end-state from the infrastructure, without specifying the actual configuration. This is what happens when people press the accelerator pedal in their car. They don’t tell the engine how much additional fuel to inject into the cylinders, nor do they tell it by how many degrees to advance the ignition, they just request a new end-state (faster speed) and the engine makes the necessary configuration changes to accommodate the request.
A policy-based approach to application management works in a similar way. Rather than specifying the configuration, IT professionals define a set of policies, called a model, describing the desired end result. For example, a simple application could request:
- Three web servers in the web tier on a private network
- Three application servers in the app server tier, on a private network
- A database server on the database tier
- A firewall allowing just traffic for a specific port to pass between the web tier and the app tier
- A load balancer before the web servers in the web tier
- A load balancer before the app servers in the app tier
- A firewall between the app server tier and the database tier
This list is abbreviated for clarity; a real model would have additional policies, describing the data stores for either machine, the backup policy for the data stores, the minimum capability of each of the servers, the network policy for quality of service and more.
The policy controller automatically translates the requests into the precise configuration necessary to meet the desired result. The target configuration may itself be a part of a policy set, requiring workloads to be virtual for test/dev environments and bare-metal for production systems.
The previous application example is a simplified form of what we set out to create with our proof-of-concept solution with Vnomic and Cisco. The Cisco ACI framework provides an abstraction of the underlying network, allowing solutions, such as the VCE policy-based application management solution, to easily request capabilities from the network and support application needs. The combination of end-point-groups (EPGs) and contracts, provided by the ACI framework, enable a highly efficient approach for requesting network services.
With Cisco ACI, VCE provides a full abstraction of all infrastructure elements to application deployment services, enabling applications to fully benefit from state-based deployments technology. In return, the VCE capabilities framework complements ACI, extending the scope of ACI into the compute and storage realm.
By making the controller a part of the infrastructure the policy-based approach addresses the limitations of previous approaches to automation. It, rather than the application installation scripts, is responsible for mapping the policies in the application model to the actual configuration. The controller understands the configuration options in the infrastructure components, but it needs to work with a predictable and consistent set of components to enable the rapid deployment and operation of complex applications. The VCE Vblock System provides an infrastructure environment that is ideally suited to a policy-based environment.
Going back to the automobile analogy – in order to accelerate, the car’s components must perfectly interact in pre-defined, pre-tested ways. This is only feasible because a car is a converged unit of transportation machinery – all components in the vehicle are well defined and can be modeled in the factory. If a car was delivered as a collection of components, configured and assembled at the customer’s house, it would be impossible to develop the model to enable policy-based control.
Desired state controller
A desired state controller is responsible for translating the policy sets for an application into the infrastructure configuration necessary to implement the policies. VCE is partnering with Vnomic to create a controller specifically for VCE Vblock Systems. The Vblock System’s predictable and consistent set of infrastructure components enable the controller to create a configuration optimized for the precise policy set, while the rich capabilities of the those infrastructure components ensures that the controller can provision the environment for the needs of many applications.
Using a policy-based application management system
The policy-based approach is highly suited for complex applications, such as the SAP Business Warehouse on HANA proof–of-concept that VCE is showcasing at Cisco Live.
In addition to accelerating the process of accurately deploying the full application suite, this approach will simplify the process of making changes to the application, delivering increased functionality and performance. With rapid and automatic response times, IT staff can be freed to work on delivering business value rather than configuring applications.
All in 60 minutes on a VCE Vblock System, this proof-of-concept will implement a SAP HANA appliance from a set of HANA-capable compute blades and a storage array, as well as provision and deploy the SAP Business Warehouse application. The resulting Vblock System deployment will be a fully compliant corporate infrastructure with security, high performance and data protection.
However, it’s not limited to just SAP Business Warehouse on HANA. New application models will allow other applications, such as SAP Suite on HANA and VDI, to be deployed using the same controller. Businesses may also use a policy-based approach to deploy their in-house applications, accelerating the process of moving those applications, and subsequent enhancements, from development to production.
VCE will be showcasing the SAP Business Warehouse on HANA proof-of-concept at the VCE booth, #1121, during Cisco Live US 2014 in San Francisco. Please visit the genius bar at the booth, and learn how this new approach to application management will enable greater agility in your data center.