There is no single metric to quantify digital transformation, but “agility” is often cited and is coveted in enterprise IT in general and in network operations in particular. So a key question is to make IT and networks more agile—and the answer lies in automation and visibility.

Automation and visibility are flip sides of the same coin, two parts of the same equation. Without pervasive visibility (for example, the run-time state of infrastructure, resource usage, and payload patterns) you eventually run the risk of automating yourself into trouble, taking actions where the required resources are simply unavailable.

Similarly, if you implement visibility without automation, you end up with lots of data with no practical way to act upon the insights gained from this data–sure you can act on it manually, but not in real time or easily enough to bring about agility.

Classifications and Actions

As part of our SLX Insight Architecture, which provides the ability to obtain real-time telemetry including interface counters, flow data, and even individual packets, we provide visibility services that provide classifications and actions at the ASIC level. These services are built on our use of programmable silicon (Cavium XPliant), which allows richer extensibility inside our SLX leaf and spine switches. The two main elements to the visibility services are rich classification and action. 

If you’re thinking that classification and action sound like packet filtering, you’re right.  What’s different here is that we provide this capability right in the hardware, yet with all the flexibility of software. Using Visibility Services, you can classify and act at multiple layers, and optionally automate these procedures at any time. Finally, this agile capability is fully upgradeable between software releases.

Why is this Needed? 

Rich classification is important because you need multiple layers of visibility:

• From the physical network (interface connections)
• Through the overlay networks: VLANs, VXLANs, or other service tunnels
• To the workloads (applications or compute resources) themselves

The potential actions—mirror, count, and drop—can be configured either manually or by adding an automated workflow that can react to specific events or criteria. Captured data can also be sampled through sFlow, analyzed through SPAN (switch port analysis), or streamed to other analytics tools.

Having these services available on the SLX 9140 and 9240 means that you have this enhanced visibility from the top of rack (leaf) to the spine, and from the “wire to the workflow.” Combined with simplified configuration through  integration, this provides some powerful options.

Dynamic Visibility Everywhere in the Network

To understand how different visibility options work together, there are at least three different perspectives (Figure 1) that we can consider:

1. The place in the network (PIN)
2. The required scale
3.  The required specificity or granularity of the capture

 

Figure 1: Perspectives on Visibility Related to PIN, Scale, and Specificity

You can gain a certain degree of visibility by simply gathering statistics and state information through existing protocols like SNMPand sFlow, or with streaming mechanisms like grpc or other publish/subscribe models.  These conventional methods involve collecting data in the aggregate, covering everything that’s going on in the network.

For more specificity, SLX Insight Architecture provides filtered data about flows and/or payloads in your network. Through rich classification capability you can increase specificity and take action on the box, if required.

You can use any of these capabilities on their own or layer them together for a more comprehensive visibility solution for your entire DC. And of course you need to be able to stream this data to other Extreme tools or 3rd party analytics application. For that purpose we support streaming from each of these innovations.

Finally, by attaching these visibility capabilities to our automation tools, we provide an easy way to make this whole process dynamic. For example, you may need different visibility requirements at the leaf, spine and super spine.

Similarly, you may need only a few gigabits of traffic, or you may need to capture and analyze terabytes of data. Perhaps a statistical sampling is all that is needed, or you may need to analyze multiple consecutive packets in a flow.

You can use these capabilities together for a comprehensive visibility solution across your entire data center, or you can stream captured data to other Extreme tools or third party analytics applications.

Pulling Visibility and Automation Together

To see how our visibility capabilities, work with our automation toolset, consider a distributed application in a data center (Figure 2). An operator gets a call from an end user complaining that an application isn’t running, or is slow.

 

Figure 2: Agility through Automation and Visibility

The ticketing system or network operator logs the ticket, and proceeds to determine the origin of the problem: the application itself, insufficient or overloaded compute resources, a misconfigured overlay, or perhaps a faulty network connection.  Today, the operator must gather data from different places in the network with multiple tools, bring that data back and take action—there are many disparate tools and manual efforts involved in this process.

This all changes with the right combination of inbuilt visibility and automation capabilities. For instance, as the original call comes in, it now triggers a workflow and uses multiple tools to gather information:

• Conventional interface counters or SNMP traps to see (for example) where packets may be getting dropped
• SLX Visibility Services to identify an overlay (maybe VXLAN) and which servers/VLANs are involved, then
• SLX Insight Architecture to identify which application is involved

With the right level of information at the right time and locations, the automated workflow can take action on an individual switch or router, and/or send the data to an external tool, or perhaps again into Workflow Composer for closed-loop remediation.

Choosing the Solution

Extreme’s mission is to allow everyone to get started today, from wherever they are in terms of skills and requirements, and evolve from there. We believe in making technology componentized (a vastly important topic itself, which we’ll cover in a future blog) and consumable, all the while keeping it open and customizable.

As shown here, you can use SLX Visibility Services (on leaf and spine) or SLX Insight Architecture (in the super spine), but can also leverage your existing tools. Furthermore, you don’t need to start from scratch, as we have provided pre-packaged automation suites for the Extreme Workflow Composer.  

Contact your sales representative to discuss how these options related to your applications and data center network.

This post was originally published by Product Marketing Director Alan Sardella.