Cisco Intelligent Automation for Cloud helps Aurecon create a scalable environment, while self service empowers application support.
Aurecon provides engineering, management, and specialist technical services for both the private and public sector. The company has executed over 10,000 projects in over 80 countries across Africa, Asia Pacific, the Middle East, and the Americas. The five-tower Etihad Towers in Abu Dhabi is just one of Aurecon's many engineering feats. Aurecon designed the structural system that stabilizes the very slender frames of the ethereal-looking towers.
Not surprisingly, this skilled group of engineers and consultants is in demand around the world, and Aurecon is growing rapidly. But this global growth placed a tremendous strain on existing data center resources. "The company is keen to grow," says Adam Selwood, design and architecture lead for infrastructure services, "and we are bringing on new users, applications, and services at a greatly accelerated pace. It was imperative that we have an infrastructure that gives project teams around the world the tools and support they need to continue to perform extraordinary work for clients."
The Infrastructure Services team of 25 people, including Selwood, is part of the Information Services group. The Infrastructure Services team is responsible for supporting the infrastructure in 70 offices in 24 countries, as well as in the company's four data centers. The team itself has the challenge of being spread across six cities in four time zones.
The company's existing data center in Australia was reaching the end of its useful life. "We hit a wall in terms of extensibility and capacity, and we knew we had to re-architect the data center from the ground up," says Selwood. "We took the opportunity to reassess what we needed to support Aurecon's growth for the next three to five years."
At that point in time, cloud technology was beginning to mature, and Selwood and his team decided that a private cloud would give Aurecon the greatest value and flexibility.
At the start of the project, the data center was about 60 percent virtualized. Over a six-month period, the Infrastructure Services team redesigned the architecture of all of the storage and compute resources and much of the network to create a completely virtualized environment. In July 2011, Selwood's team began looking for orchestration and automation platforms that would fit on top of the new infrastructure. They hired a third-party vendor to conduct an assessment of the marketplace. After narrowing the field to a few vendors, Aurecon selected Cisco
® Intelligent Automation for Cloud (IAC), which provides a self-service portal, orchestration engine for backend automation, and advanced cloud management capabilities.
"We have long-standing strategic relationships with Cisco, so the Cisco IAC technology aligned with our network and compute environment. We also have a great relationship with Cisco around our voice and unified communications system, and we all felt that there is a benefit to making this journey with a vendor that you know and trust," says Selwood.
Selwood wanted to avoid customization work in the early stages of the project because his team does not have internal developers.
"One of the things we particularly liked about Cisco IAC is that there is a lot of out-of-the-box functionality with pre-built automation packs and tools for configuring services and workflows. It was important that we grow within the capabilities of the platform, achieve some quick wins, and gain confidence as we went along," says Selwood.
The Infrastructure Services team has a single engineer, Maz Jafari, who is dedicated to working on Cisco IAC. "Maz had never worked with any orchestration or automation technology before this, but he has been able to work directly with senior engineers on the Cisco IAC team," says Selwood. "We like the fact that there is so much energy and enthusiasm from Cisco around this platform, and Maz has become very passionate about the technology. Now when we come to him with some crazy idea about a process that we want to automate, we leave him alone for awhile, and he comes back with a reasonable idea on how to accomplish it with Cisco IAC."
Moving to a 100 percent virtualized environment had already reduced the installation and setup of new servers from several weeks to two to three days. By replacing manual spreadsheets for IP management with self-service mechanisms and standard workflows within the orchestration platform, those two to three days have been reduced to one day. And, Selwood says, "most of that time is for approvals; once the approval process is complete, it takes less than an hour for provisioning with the Cisco IAC platform."
Application support engineers will be able to use the self-service portal to request new servers. "We are asking exactly the same questions that we asked previously," says Selwood. "The difference is that there is an orchestration platform behind the scenes that performs the tasks with no manual intervention. That is saving our engineers at least a half a day of effort for each server."
Plus, there are always ongoing server change requests: everything from configuration changes to restarting the server. "Of course, these changes and requests tend to happen outside of business hours, which makes the requests more onerous for our team," says Selwood. "As we can continue to standardize repeatable tasks through the orchestration engine, eventually the application engineers will be able to take care of a lot of changes themselves through the self-service portal."
Selwood says that when his group first started looking at orchestration and automation platforms, the business case was based around being able to support growth, including the ability to standardize tasks, increase the productivity of internal infrastructure support resources, and empower applications support teams with more control over the services they need.
But from a business perspective, Selwood says, "There is a whole raft of things that are now possible. For example, we have our first real opportunity for operational-level agreements with the application support teams. We could never offer that before because we simply could not predict how long it would take us to actually provide service for a given request. The orchestration platform has made that discussion possible."
Another area of improvement is consistency. Previously, there was no standardized way to provision resources. As a result, there were dozens of naming conventions that have accumulated over the years, making it difficult to troubleshoot problems. "When you get to the point where you have hundreds of virtual machines, you have created a nightmarish problem with these random naming conventions," says Selwood.
With Cisco IAC, the team now has a consistent process for how servers are deployed in the data center, including consistent naming conventions, from security groups all the way up to actual virtual machine names. "We have a consistent process end-to-end," says Selwood, "and that is really powerful, particularly for scaling resources. We have eliminated a lot of guesswork and confusion and made it all very neat and tidy. It allows us to be flexible and responsive in a controlled way. Little by little, we are focusing more on introducing improvements where before our time was so constrained by handling mundane tasks. We are also building the value of our team in the eyes of stakeholders because we do more than just click next, next, next."
A completely unexpected benefit of Cisco IAC is the introduction of a decommissioning workflow. "We never even had a defined manual process for decommissioning a virtual machine," says Selwood, "and because we did not have a defined process that people trusted and understood, more often than not, they just wouldn't bother decommissioning servers. As a result of having a process, we're reclaiming capacity in our environment, which will become more valuable over time."
Now that the team has the ability to decommission resources in a controlled way, engineers are also more comfortable provisioning a resource on a temporary basis because there is a mechanism for getting rid of it. In the past, they might have loaded up something temporary on a production server and possibly compromised the production environment.
Selwood says that this new environment is creating more conversations with application support teams about their needs. "We are still working on the initial release of the orchestration engine, but we already have lots of ideas about how to extend the platform. We are spending time getting closer to our stakeholders and having strategic conversations around automation use cases rather than spending time on a lot of manual, mundane tasks. In fact, we have actually associated a continuous service improvement KPI to our team to encourage them to have these conversations and make improvements in the environment. There is a real appetite to do something more strategic."
The infrastructure team started with version 3.0.1. of the Cisco IAC platform, piloting it within the infrastructure team for the first six months. In parallel, they began working with version 3.1, which is now only a few weeks away from release to the application support engineers. "The new version will allow us to take advantage of extension points for more customization," says Selwood. "We are now at the point where we feel comfortable that we can use the extension points to bring more value to the business without compromising our ability to use the out-of-the-box capabilities."