byyhasan01-24-201710:56 AM - edited 01-26-201702:43 PM
DevOps and Automation are becoming as prevalent in IT Stacks as salt and pepper are in food recipes.
Almost everyone wants agility to turn everything around faster, but the complexity of the IT stack is increasing exponentially. It’s a daunting task to achieve agility under these circumstances.
This is why unified visibility across the entire IT stack is critical, especially with the following distractions:
There is a great deal of choice between technologies in each domain
There is a diverse availability of skills (sometimes within the same organization)
There are many different organizational cultures
Last week, Alan Sardella described the heightened role of DevOps in fulfilling IT agility from the orchestration to the infrastructure layers. In this blog, I’ll provide a complete example of automation and visibility working together across the entire IT stack.
Visibility and Automation: Better Together
It’s important to remember, as Nabil Bukhari pointed out in our December announcement, that visibility and automation are two sides of the same coin. By itself, unified visibility can only gather information. But when visibility is paired with automation, you create a feedback loop to not only measure across the stack, but also to take meaningful action.
Figure 1 highlights this concept via orchestration, workflow automation, and software-defined networking (SDN) control.
Figure 1: Layered IT Stack
As you continually derive and distill this information, you can confidently and effectively take the automation actions necessary for an agile business.
Example: Application Debugging Across the Stack
Let’s consider a startup that’s launching a revolutionary web scale application. As this application scales up, the application engineers and network engineers need to answer the following questions:
Is the application working properly at scale?
Is the infrastructure also scaling?
Is this the application scaling, or is it a distributed denial-of-service (DDoS) attack?
Before we begin, let’s look at the technologies that play a role in this debugging exercise.
Brocade Flow Optimizer can detect DDoS threats by identifying malicious network flows. Once these malicious flows are detected, Flow Optimizer can program the network fabric to block these flows. Flow Optimizer also integrates with Palo Alto Networks firewalls, and other analytics tools such as Bro, to identify application level threats and shut them down via the network. Brocade network devices running SLX-OSsupport sFlow and hybrid OpenFlow to work seamlessly with Flow Optimizer.
Additionally, SLX-OS devices also support Visibility Services. Visibility Services play a critical role in correlating between physical and virtual constructs such as ports, VXLANs, and VXLAN identifiers (VNIs). As customers grow virtual and VXLAN-based overlay services, these services provide the glue that ensures there is correct linkage between underlay and overlay network components.
Application and Infrastructure Scaling
In order to determine whether the application is scaling properly and whether the infrastructure is scaling with the application, network engineers can leverage Brocade Workflow Composer (BWC) integration with Docker’s Swarm API to ensure that as the application is scaling, it is also requesting additional VLANs/VXLANs from the Network Switching infrastructure. This will verify the infrastructure: an earlier blog by Deepak Patil covers the details on this.
If the application is using VMs running on OpenStack, then BWC’s integration with OpenStack plugins provides similar details for the scaling application VMs and network resources.
In order to check correct linkages between the virtual components and physical components, Visibility Services on SLX-OS can be used to correlate networking constructs with Container/VM level constructs. This will ensure that there is correct mapping between the network and virtual components.
Additionally, Brocade Workflow Composer’s integration with logging services such as Elasticsearch, Splunk and Sensu ensures that any unusual system event can get proper attention from the engineering teams, and Workflow Composer actions can be taken to address logs related to network outages. For example, if a server-facing link on a Top-of-Rack (TOR) switch goes down, Workflow Composer will be notified via logging services and can start event driven troubleshooting automatically. If an application-level database instance goes into an alert state, Sensu integration can have Workflow Composer take action.
Is this a DDoS Attack?
Finally, in order to verify if this is a legitimate application scale event and not a denial-of-service attack, the engineering team can leverage the Brocade Flow Optimizer solution with SLX-OS network devices and Flow Optimizer’s integration with application firewalls such as Palo Alto Networks firewall or analytics devices such as Bro.
Because Flow Optimizer learns about threats from firewalls, analytics systems, and from sFlows via network devices, Flow Optimizer can detect and shut down an application or network threat at the network port level.
The Complete Picture
Figure 2 shows the visibility capabilities with Brocade’s comprehensive solution at different levels of the IT Stack.
Figure 2: Brocade Visibility Solutions Across Layered IT Stack
Brocade’s visibility solutions provide comprehensive capabilities for engineering teams to have end-to-end visibility across the IT stack and take event driven automated actions. This can have a huge impact in providing end-to-end visibility across architectures where new capabilities--and also new complexities--are on the rise.
For more information, follow the links in this blog or contact your Brocade representative.