Published: August 2018
Imagine monitoring and managing all your Cisco Unified Computing System (UCS) servers and domains anywhere in the world from a single pane of glass. A single view makes it simpler to answer questions like, how many Cisco UCS domains do you have worldwide? How many blade servers and rack servers would be affected by a firmware upgrade? Which servers are at risk for a newly discovered vulnerability?
For Cisco IT, the need for a worldwide view of domains, servers, and firmware versions has become urgent. We currently have approximately 400 Cisco UCS domains and 12,500 servers. Of those, 1400 are standalone Cisco UCS C-series rack servers that aren’t centrally managed. Accurately tracking the type and number of servers and their firmware versions can be critical. For example, not knowing that a particular server is running out-of-date firmware might result in outages or security vulnerabilities.
Until now, managing all of our server types required a collection of tools:
To simplify IT, we wanted a single tool that would do all of the above. We also needed more scale: Cisco UCS Central currently is limited to 10,000 servers. Any more than that and you need multiple instances. Constantly rolling up reports from multiple instances is inefficient.
We’re making server management much simpler by gradually migrating to Cisco Intersight™, a cloud platform providing management as a service. Cisco IT aims to be “customer zero” for new Cisco products, like Intersight, that solve our own business needs. Being the first to adopt a new product helps our customers because we’ve already validated deployment guidelines, tried out different use cases, and developed operational best practices.
Intersight works with newer servers and firmware, so we’re migrating in phases as we replace older servers through our fleet upgrade programs and standard firmware upgrade policies. So far we’ve claimed 66 Cisco UCS domains in Intersight for a total of 2500 servers, including 154 standalone rack servers.
Eventually we’ll claim all our servers so that we can manage and monitor them from one pane of glass instead of working with multiple applications and scripts. We’ll continue using UCS Director and UCS Central for day-to-day management until Intersight acquires their features. At that point we’ll use Intersight exclusively.
During the transition period, Intersight is already simplifying infrastructure management in the following ways:
Say we want to check on the health of all of our B200 M5s, anywhere in the world. Before, we had to generate separate reports for each instance of UCS Central. We have two instances (engineering IT and other IT); some of our customers have many more instances—one for each theater or data center.
Intersight saves us the hour or two it used to take to roll up each report. We see all servers on one pane of glass and can sort by type to have a look at server health and spot issues such as a memory or CPU inventory mismatch. We can do the same for C-series rack servers, whether they’re standalone or connected to the fabric interconnect. Spending less time reporting on infrastructure frees more time to support the business.
We upgrade our management software (Cisco UCS Central for blade servers and Cisco Integrated Management Controller for standalone rack servers) about twice a year. Today, a team of engineers needs to work on the upgrade after normal work hours. During that time, maybe two hours, we can’t provision new physical servers and we lose our management, inventory, and alerting tools.
When we’ve fully migrated to Intersight, our engineers will reclaim that time, because Intersight supports new Cisco UCS hardware and firmware versions as soon as they’re available. No more after-hour upgrades.
Periodically we need to increase memory or compute capacity in our on-premises management servers to keep up with our constantly growing computing footprint. Once we fully migrate to Intersight we’ll no longer have to do this because Intersight scales automatically as demand grows. We don't know what adjustments are happening in the background—and don’t need to. What’s more, annual budget requests will be as simple as calculating the number of servers that need licenses. We’ll no longer have to try to predict the coming year’s infrastructure and operational expenses for on-premises management servers.
We use C-series servers for Hadoop, Cisco Mobility Services Engine, our next-generation cloud platform, and more. Managing firmware upgrades for our standalone rack servers has always taken a lot of effort because we didn’t have one tool that did everything. Instead, we used UCS Central to manage server profiles, UCS Director for some of the provisioning, and custom scripts to push out new firmware.
Intersight makes managing standalone rack servers much simpler. Seeing all of our standalone rack servers in one view simplifies inventory tracking and helps us make sure that server configurations are consistent. We don’t need to develop scripts or schedule downtime to run the scripts and reboot the servers one by one. Instead, we simply select the servers to upgrade, and then Intersight stages the code to those servers. They’re updated during our maintenance windows, reducing annual downtime for our standalone rack servers by 25-30%.
Until now, when we opened a Cisco Technical Assistance Center (TAC) case, we had to pull the supporting files from the server, which can take 30-60 minutes for a large server. Intersight helps us get TAC support faster and with less effort because TAC engineers can log in to Intersight themselves to get all the information they need—without our having to anything. In addition, when TAC becomes aware of a new bug, they proactively alert us and tell us which servers are affected.
Using on-premises management software, adding 20 new servers can take an hour or more because we register servers one by one. With Intersight, we’ve claimed 20 servers with one command, in a matter of minutes. We just enter the new servers’ IP addresses.
The 2500 servers we’ve claimed in Intersight represent about 16% of our eligible compute fleet. We’ll claim more servers as we upgrade them through our standard processes. Eventually we’ll use Intersight exclusively, eliminating the need to procure and manage on-premises management servers. That is, we won’t need more infrastructure in order to manage infrastructure.