Enabling Enterprise Transformation with Cloud Native Networking

A decade ago, venture capitalist Marc Andreessen wrote a WSJ opinion article that provocatively (at that time) stated that “Software is eating the world”. Today it’s safe to say that almost all enterprises are developing new applications for business processes by integrating in-house development, commercial offerings, and incorporating more SaaS and open-source components.

Organizations are migrating applications and services to cloud native design patterns—often based on a combination of open-source and SaaS components—and deploying them on multiple public clouds and cloud-like on-prem or dedicated infrastructure. To be successful at this effort, IT needs to reduce the friction between the DevOps teams that are responsible for delivering the direct business outcome, and the IT infrastructure teams that are tasked with supporting those teams. This friction has multiple components such as “agile vs waterfall” delivery models and “vertical silo vs horizontal” abstraction layer models. Relying on a tickets interface to the infrastructure teams is also very much an anti-pattern in cloud native development.

Wherever possible, IT organizations need to adopt cloud native patterns by enabling APIs in as much of the infrastructure as possible and exposing those APIs within a framework relevant and consumable by the DevOps teams (such as Kubernetes API, Kafka, etc.). The use of CI/CD workflows across all layers of the IT organization also help to reduce the friction and create a more idempotent and immutable infrastructure.

IT Needs to Invest in Cloud Native Integrations and Security

The evolution to modern cloud native application relies on the network to provide application and API connectivity on a runtime platform for an ever-changing cloud topology. IT needs a hybrid, multi-cloud application-first infrastructure as the de-facto mode of operating. SaaS solutions that extend and simplify the services are needed to build and manage Kubernetes environments across multiple clouds. Using globally accepted open source tooling, such as the Kafka messaging service, in data center fabrics create a cloud native messaging infrastructure. Additional cloud native development advantages can be attained with application layer connectivity provided by service meshes and related technologies. The goal is to build in a dedicated infrastructure layer right into an application that controls how different containers and microservices share data with one another, making it easier to optimize communication and avoid downtime as applications expand.

With the rapid increase in cloud-native containerized applications, security cannot be an afterthought, it must be designed into the infrastructure. Cloud native security provides a continuous security process during the end-to-end containerized applications lifecycle, from code to runtime. Ideally a container security platform generates and applies network policies and security rules and encrypts traffic between services. Enforcing the use of common security policies drastically reduces the cost and complexity of securing and managing hybrid and multicloud deployments on Microsoft Azure, Amazon Web Services, and Google Cloud. Incorporating security into the container development process also improves application resiliency by limiting an attack to just a single container, protecting the majority of the application and associated sensitive data.

Bridging Infrastructure and Cloud Teams

To improve the application development and deployment experience for multi-cloud applications, IT can strive to deliver integrations with Infrastructure as Code (IaC) platforms like HashiCorp Terraform and RedHat Ansible. With IaC, DevOps teams can model and leverage the infrastructure platform in a self-service manner by automating network provisioning with declarative abstractions and thus avoid the error-prone “swivel-chair” method of provisioning heterogeneous infrastructures.

A multi-site orchestrator enables Ops teams to work across multiple sites and clouds. It provides the ability to manage consistent connectivity and security policies across multiple data center sites and fabrics. An orchestrator pushes the policies to multiple data centers and public clouds across the globe in a single step. This means that IT can move applications from on-prem to cloud provider “A” to cloud provider “B” and all the policies are automatically replicated and translated without human intervention.

A dashboard approach to consolidating site telemetry and metrics provides insights that help automate troubleshooting. The goal is to provide the ability to rapidly determine root causes of performance issues and suggests possible remediations. This results in proactive notifications, a shorter time to resolve, and a more unified coordination between DevOps and NetOps.

As the center of gravity continues to rapidly move to cloud native applications, development and network operations teams will rely more and more on open source tooling and Infrastructure as Code platforms to accelerate their application rollouts. By embracing and integrating these capabilities, IT Ops teams can work together more fluidly in heterogeneous environments to achieve the desired business outcomes.

Deploy. Connect. Secure. Operate.

Cisco’s strong commitment to Open Standards, Open Networking, and Open Source—encompassing Containers, Kubernetes, and Infrastructure-as-Code—supports our goal of ensuring network, cloud, and development teams can focus on deploying, connecting, securing, and operating their business applications. As software continues to permeate every business operation, transaction, and customer experience, Cisco is focused on ensuring that instead of “eating the world”, software, networks, and applications will be a driving force in building an inclusive future for all of us.

For additional information:

ONUG Customer Registration

Cisco Microsite for ONUG

 

Author's Bio

Thomas Scheibe and Christopher Liljenstolpe

Vice President, Product Management, Data Center Networking and Senior Director, Product Management and Cloud Architecture, Data Center Networking, Cisco