Cisco Application Control Engine in the Virtual Data Center
PDF(153.7 KB) View with Adobe Reader on a variety of devices
Updated:Feb 11, 2011
Q. What is Cisco
® Application Control Engine (ACE) the Virtual Data Center (AVDC)?
A. AVDC is a solution that focuses on integrating key data center products in order to offer a simplified, cost effective application delivery infrastructure. Some of the products that AVDC integrates include the ACE module, ACE appliance, Nexus 7000, UCS, VMware and 3rd party application vendors.
Q. What are some of the key capabilities of AVDC?
A. The key capabilities of AVDC are targeted to address leading application delivery issues that IT organizations are facing in virtual data centers. These capabilities include:
• Virtual machine intelligence: Improved visibility into the state of virtual machines, applications, and the underlying support infrastructure
• Automation: Improved coordination and integration with third-party products (for example, VMware vCenter), which allows Cisco ACE to respond dynamically to changes in the network and share network events
• Performance and scalability: Hardware enhancements to the Cisco ACE Module to address the increased scalability requirements that large enterprise and service provider customers are demanding
• Simplification: Streamlined deployment and ongoing maintenance of the Cisco ACE solution, including simplified provisioning through guided setup, simplified deployment through the virtualization capabilities of Cisco ACE, and simplified upgrades through the Cisco ACE licensing model
• Flexibility: The capability to dynamically scale application services in distributed data centers using virtualization technology
Q. What is the purpose of Cisco AVDC?
A. Cisco is further enhancing its existing portfolio of the Cisco Data Center Business Advantage (DCBA) solutions, enabling customers to deploy a virtual data center. Cisco AVDC is part of Cisco Data Center Business Advantage portfolio, unifying Compute and Switching with Applications to offer a cost-effective and streamlined application delivery infrastructure.
Q. What customer challenges does the Cisco AVDC solution solve?
A. While widespread use of virtualized technology in the data center deliver multiple advantages, it also introduces challenges including the following:
• High OPEX Costs: The dynamic nature of vDCs introduce a large volume of OPEX intensive manual & repetitive changes VM Blind-Limited visibility into the status and operation of applications and the underlying virtual infrastructure
• Slow and Complex Application Rollouts: Multiple "touch points" leads to increased lead-time and higher risk of error for application and service deployments
• Limited Performance: Difficult to scale applications and infrastructure to meet the demands of customers and users
Q. What customer benefits does the Cisco AVDC solution offer?
A. Cisco AVDC resolves some of the management complexity challenges introduced by server virtualization and offers the following benefits:
• Speeds application rollout: Simplified provisioning using Cisco AVDC helps reduce the steps needed for provisioning, which saves some actual processing time. More important, this simplified provisioning in combination with securely delegated change control for the most commonly performed server administration load-balancing tasks reduces the overall time required to complete application deployment and teardown from start to finish.
• Automates ACE provisioning: ACE Web Services API provides a programmable interface for system developers to integrate Cisco ANM with customized or third-party management applications. This enables application and server administrators to craft their own automation solution or to use 3rd party management systems to automate ACE provisioning and share network events.
• Scales dynamic workload: Integration between Nexus 7000, VMware vCenter and ACE allows ACE to obtain virtual machine locality information, actively monitor these local resources, and leverage Nexus 7000 OTV technology to deliver flexible workload mobility.
• Facilitates data center transition to virtualization: Cisco directly supports the transition from physical to virtual servers. Later phases will use this offering, extending Cisco AVDC intelligence for greater virtual data center resilience, performance, and capability.
• Eases troubleshooting of virtual server environments: Use of the VMware vCenter plug-in provided by the Cisco AVDC solution enables an operator's view of application traffic flow at the point of the application delivery controller (the Cisco ACE device). This view makes routine operations and troubleshooting tasks much easier to perform quickly and effectively.
• Sustains scaling: As data centers evolve from a physical device model that uses dedicated hardware to support a given application or customer to a model that uses virtualization to abstract the underlying data center hardware, Cisco AVDC enables greater scaling without greater costs or addition of resources for administration and management.
• Reduces risk: By making those portions of the virtualized load-balancing and application-delivery services available to authorized application owners and server administrators, Cisco AVDC reduces risk in provisioning and maintenance change control.
Q. What are the core features of the Cisco AVDC solution?
A. The features that support AVDC are multi-platform and comprised of hardware and software and management components. Some of the features include:
• Enhanced vCenter integration: vCenter plug-in allows core configuration and monitoring of the ACE and VM environments from a single tool. This simplifies end-to-end support by allowing IT staff to use familiar tools for administration and delivers linked operational continuity while lowering OPEX costs.
• ANM 4.1 Virtual Appliance: ANM in a VM container offers shared compute for ANM resulting in better server utilization and rapid turn-up of ANM for dynamic environments. In addition, Linux OS inclusion simplifies ANM deployment.
• Dynamic Workload Scaling (DWS): DWS delivers just-in-time expansion of capacity and cost effectively maintains SLA. DWS also enables better utilization of compute resources.
• ACE Web Services API: Orchestration enablement results in reduced administrative cost in providing end-to-end services. This allows custom built management and reporting tools access to ACE.
• Compression and higher performance: New ACE Module hardware provides improved Layer 4 and 7 performance and superior SSL offload performance. Compression improves application response time, reduces bandwidth costs and achieves up to 90% reduction in size of web objects.
• Unified software release for the ACE Module and ACE appliance: The common release reduced the number of IOS images that are implemented resulting in simplified support. This also improves the deployment cycle since the number of releases that must be analyzed and certified is reduced.
• Inband Health Checking: Provactively monitoring TCP and UDP data to detect server failures moves from seconds with probes to milliseconds with inband checking and improves the recovery time for server outages. Unlike probes, monitoring has no impact on server performance.
Q. What are the advantages of these core Cisco AVDC features?
A. From within VMware vCenter, using the integrated plug-in, the administrator can:
• Deploy virtual machines as real servers in an existing server farm
• Monitor application traffic flow for virtual machines through the Cisco ACE
• Securely activate and suspend application traffic flows through the Cisco ACE for the associated real servers
From within Cisco ANM, using the integrated VMware vCenter reverse plug-in, the administrator can:
• Deploy newly discovered virtual machines as real servers in a new server farm
• Dynamically monitor application traffic flow for virtual machines through the Cisco ACE
• View virtual machine details
• Adjust the Cisco ACE configuration upon changes in the virtual server infrastructure
Q. What types of customers can benefit from Cisco AVDC?
A. Customers who use or plan to use VMware server virtualization will greatly benefit from the Cisco AVDC solution. Cisco AVDC prepares customers for cloud migration.
Q. How is the Cisco AVDC solution deployed?
A. Customers do not have to undertake a separate integration or management application development project to deploy Cisco AVDC. They simply have to deploy or use Cisco ANM 4.1 software and provide VMware vCenter administrator log-in credentials. The Cisco ANM software will securely install the VMware vCenter plug-in, and server administrators can immediately gain access to Cisco AVDC features based on their access levels.
Q. What are the primary uses of the Cisco AVDC solution?
A. The main value proposition of Cisco AVDC phase I is reduced need for coordination among multiple IT groups to perform routine operational tasks. With the VMware vCenter plug-in, server and application administrators can perform delegated operational tasks without putting a burden on network administrators, either formally with a ticket or informally with a phone call.
• Debugging a performance problem: When application performance problems are detected, it can be difficult to diagnose the cause or test a solution, especially when administrators do not have visibility into or control of the flow of application traffic during the diagnosis. With Cisco AVDC, administrators can determine base facts quickly: Do all virtual machines in a server farm have the problem? When did the problem start? What is the current state of the virtual machines? Administrators can learn the current state and traffic flow for each virtual machine by viewing the VMware vCenter plug-in performance tab and comparing the results to the VMware vCenter performance displays. Coincident spikes in traffic and CPU uses and differences between instances are quickly visible. The virtual IP configuration information on each virtual machine shows which services are active and how many connections they support to further help diagnose the problem.
• Testing and staging: Network administrators typically set up Cisco ACE virtual contexts and devices for a development or preproduction application staging environment. Then application developers or quality assurance (QA) engineers can do the following:
– Rapidly add and remove virtual machines in a server farm: Add and remove virtual machines in a server farm on the Cisco ACE during testing as fast as they can bring them up, without burdening network administrators.
– Rapidly remove a virtual machine instance from the virtual IP rotation: When a problem is found, remove the virtual machine instance from the virtual IP rotation and suspend the virtual machine and then continue testing with the remaining instances. Debuggers can later resume execution of the buggy virtual machine for debugging without touching the Cisco ACE.
• Routine manual load management: In phase I of Cisco AVDC, system and application administrators can manually adjust load for surges. In subsequent phases, the Cisco AVDC solution will provide correct on-demand capacity for applications.
• Prepare for surges: Before traffic volume for an application is expected to be high, for example, during month-end processing, add more virtual machine instances to a server farm on the Cisco ACE using the VMware vCenter plug-in and then remove them after the surge.
• Respond quickly to surges in the production environment: Even though the administrator has provisioned the required number of virtual machines to handle the expected peak load, changing patterns in end-user behavior and sudden increases in user traffic may temporarily require additional virtual machines. Unlike physical machines, which require considerable time to provision for an application that temporarily needs additional capacity, virtual machines can be easily created from a template. After virtual machines are created, server or application administrators can immediately add them to the server farm to maintain service-level agreements (SLAs) and the user experience without the need for coordination with network administrators.
• Routine software upgrades: In the past, administrators have needed to log on to multiple management interfaces such as VMware vCenter and Cisco ANM to perform routine software upgrades on virtual machines.
• Gracefully suspend or power off virtual machines without affecting service: With traditional load balancers, administrators have to log on to a load balancer to remove a virtual machine from rotation so that new connections are not sent to the virtual machine, wait for existing connections to conclude, and then suspend or power off the virtual machine using VMware vCenter. With the Cisco AVDC solution, server administrators can perform the same tasks using the VMware vCenter plug-in without ever leaving the VMware vCenter management interface.
• Test upgrade before final commit: Bring up instances with new software. Add to the server farm for a short time for a small number of transactions by adjusting the weight of each virtual machine on the Cisco ACE and then remove the added machines from the pool. Let application administrators study the logs to help ensure that behavior is as expected.
• Perform rotation: Bring up new virtual machine instances and rotate them into the server farm, replacing the old ones gradually rather than simply shutting down virtual machines.
• Provide rapid cutover: Bring up a new set of instances. Add all new virtual machines to the server farm and remove all old versions from the server farm in quick succession to rapidly cut over to the new software.
• Automation: Administrators can configure ACE to dynamically react to changes in the network and share network events through integration with 3rd party or Cisco products.
• Dynamical Workload Scaling: Dynamically distribute workload to a remote data center when local compute resources become scarce.
Q. Can I use the Cisco AVDC solution with Microsoft Hyper-V?
A. Cisco AVDC in phase I supports VMware server virtualization. Cisco is currently investigating support for Microsoft Hyper-V in subsequent Cisco AVDC phases.
Q. Which products are included in the Cisco AVDC solution?
A. The Cisco AVDC solution includes the Cisco ACE (module or appliance form factor) and Cisco ANM 4.1 software.
Q. Can I use Cisco AVDC with the Cisco ACE Module?
A. Yes. The Cisco AVDC solution supports both the Cisco ACE Module and Cisco ACE appliances.
Q. Can I use the Cisco AVDC solution with Cisco ACE appliances?
A. Yes. The Cisco AVDC solution supports both the Cisco ACE Module and Cisco ACE appliances.
Q. Do I have to upgrade my current Cisco application delivery solution to take advantage of the Cisco AVDC solution?
A. To gain the new performance enhancements and compression benefits of the Cisco ACE30 Module and enhanced features of Cisco ANM, customers need to upgrade the Cisco ACE Module.
Q. Are professional services generally required with the Cisco AVDC solution?
A. No. The Cisco AVDC solution offers a simple well-known process for installing the VMware vCenter plug-in.
Q. Who can provide support for a Cisco AVDC solution?
A. Cisco provides numerous support options for customers. The Cisco Technical Assistance Center (TAC) offers several levels of support. Your local Cisco account team can assist you as well.
Q. What benefits are gained from Cisco OTV integration?
A. OTV integration enables Cisco ACE to provide better application resiliency and flexible workload mobility in distributed data centers using virtualization technology. Cisco OTV provides an optimized solution for Layer 2 connectivity between data centers. Cisco ACE uses OTV to dynamically distribute workload, increasing application availability and dynamic disaster recovery. In addition, Cisco OTV integration offers optimal hardware resource utilization by distributing workload to the remote data center only when local computing resources have been fully utilized.
Q. What are the main features of Cisco ANM Release 4.1?
A. Cisco ANM 4.1 builds on Cisco ANM's highly effective operations capabilities to increase operator awareness and capabilities while reducing the burden of operating and managing application network services. The main new features include:
• Cisco ANM virtual appliance for VMware: Cisco ANM is now available as a virtual appliance running as a virtual machine in a VMware 4.0 or 4.1 environment. When deployed, this appliance is nearly identical to Cisco ANM running on a standalone Linux server. This feature enables quick, easy, and inexpensive deployment.
• Continuity of VMware operations within Cisco ANM: Cisco ANM now provides information about VMware virtual machines associated with Cisco ACE real servers.
• Web services API for operations tasks: Cisco ANM now provides a programmable interface for system developers to integrate Cisco ANM with customized or third-party management applications.
• Services visualization: Cisco ANM 4.1 introduces a graphical representation of the application network for both Cisco ANM and VMware vCenter users to help application and server administrators as well as network administrators better visualize and understand the flow of traffic through the Cisco ACE.
• Automatic backup: Cisco ANM now provides automatic backup of Cisco ACE configurations, checkpoints, and exportable SSL credentials according to user-defined schedules.
Q. What operations do the web services included in Cisco ANM 4.1 support?
A. The Cisco ANM web services API supports the most common operations for the Cisco ACE Module, Cisco ACE appliance, Cisco Content Services Switch (CSS), and Cisco Content Switching Module (CSM), including operations to:
• List devices and virtual contexts
• List server farms and real servers
• List associations of VMware virtual machines and Cisco ACE, CSS, CSM, and CSM with SSL (CSM-S) real servers
• Add and remove real servers from Cisco ACE server farms
• Activate and suspend real servers for participation in load balancing
• Change real-server weight for load-balancing algorithms
Q. What platforms does the unified Cisco ACE software release support?
A. The unified Cisco ACE Software Release A4(1.0) is available for the new Cisco ACE30 Module and the existing Cisco ACE 4710 appliance. This software release does not support the Cisco ACE10 or ACE20 Module.