Cisco’s Tetration Brings Data Center Automation to Legacy Apps

Not all enterprises are in containerized, software-defined data center Nirvana land – far from it

Scott Fulton III, Contributor

June 22, 2016

7 Min Read
Cisco Tetration
A bicyclist rides by a sign that is posted in front of the Cisco Systems headquarters in San Jose, California. (Photo by Justin Sullivan/Getty Images)

Our theme this month is intelligent data center management software tools. Data center management technologies have come a long way, as companies find themselves having to manage ever bigger and more diverse environments. From using machine learning to improve data center efficiency to using automation to manage everything from servers to cooling systems, we explore some of the latest developments in this space.

The bet is this: Not every data center will modernize the way it automates and orchestrates applications by completely renovating its infrastructure. Many enterprises don’t appear to have that option, whether or not they have thousands of employees or billions in revenue. Last Wednesday, Cisco announced what is being marketed, at least in the early going, as an analytics platform that leverages artificial intelligence to optimize the interactions between applications at all levels of the data center by smoothing out their data flows.

It’s called Tetration, and it will be made available in July. It’s an odd name, to say the least. Behind it is a concept that requires a bit extra human concentration to digest: Most applications today are legacy software running in slightly more modern contexts: usually virtual machines. Keeping those applications running smoothly in data centers requires network monitoring, automation, and security, the dynamics behind all three of which are beyond the application’s comprehension and control and to some extent beyond the ability of the infrastructure itself.

Tetration applies a form of the concept that telcos are utilizing today to keep their voice and data traffic flowing — real-time network analytics — to oversee network operations on a very grand scale and to apply remediation techniques that will optimize applications to a level in the ballpark with full-scale containerization, Tetration’s creator, Cisco Fellow and network engineer Navindra Yadav, told Data Center Knowledge.

Detour to Nirvana Land

According to a Cisco promotional video, Tetration will apply machine learning to analyze, in real-time, two principal categories: the data flow of IP packets between switches and the dependencies between software components running in virtual machines. They’re two very different aspects of the data center — enough to make one wonder whether Tetration is supposed to be an infrastructure monitor or a services monitor.

But don’t wonder about it too long, warns Cisco’s first professionally-produced commercial for Tetration. “Changing the infrastructure or adding a new security policy might just break everything,” states the commercial’s pitchman, before adding a CGI cube to a symbolic data center that then catabolizes before him like dominoes in a windstorm.

It’s a message that plays to customers’ fears. If those fears are indeed genuine, they may arise from what Cisco’s Yadav described to us as a lack of comprehension. “If you look at the marketplace, 90 to 95 percent [of data center administrators] don’t know the dependencies in their applications,” said Yadav.

Organizations that have shifted to a containerized infrastructure, such as Docker; that have in turn adopted infrastructure automation such as Chef, Puppet, or Ansible; and that have made the move to an orchestration platform such as Kubernetes or Mesosphere’s DC/OS, are what Yadav calls “the bleeding edge.” These are data centers whose developers are building their own Docker packages, so they know what and where their software dependencies lay. And their data centers now run in what Yadav unabashedly describes as “Nirvana land.”

But that’s the five to ten percent that fall outside Cisco’s target market for Tetration. “For a majority of legacy applications that have been deployed in the enterprise, they don’t have that mapping,” he said.

Crawling in the Dark

Here is where Cisco’s acquisition last March of the orchestration platform CliQr Technologies comes into play. As Yadav described, there are two types of dependency maps that reveal the interrelationships between software components: policy mapping at the Level 2 network layer and inter-application communication higher up the stack. These relationships are managed by security policies, and although tight control over those policies may result in secure networks, they may also lead to slower data centers.

In a company blog post Wednesday, Cisco senior manager for enterprise solutions marketing, Craig Huitema, acknowledged the weight of this dilemma — is it an infrastructure monitor or a services monitor? — by citing the lyrics of a song by a band called Hoobastank (here we go again with the strange names), called “Crawling in the Dark:” “Show me what it’s for | Make me understand it | I’ve been crawling in the dark | Looking for the answer | Is there something more | Than what I’ve been handed?”

A software dependency map and a network policy map, as Cisco’s Yadav described them, end up being the same map. So addressing the security issue is effectively the same thing as addressing the optimization issue. This unified map is the pattern which Tetration learns: The behavior of interdependent software components is directly correlated to the performance of servers, he said.

So why was a machine learning model necessary in order to comprehend such performance patterns?

“We usually do not,” he admitted. “Once you’ve deployed that application, unless you’re trying to do an upgrade, the behavior changes based on the workload — which usually, once we’ve stabilized the model, becomes more static. Then we’re transitioning into the security space, where we are seeing whether the behavior is evolving over its baseline. That’s the security signal that we’re using.”

As a static pattern, Yadav said, the application behavior becomes a learned configuration that CliQr can put to use in automating that application going forward. That includes a provisioning system that would, presumably, give users an Amazon-like way of dialing up applications on demand, though he declined to provide specifics here.

Next, this pattern transferred to the Tetration appliance, which can lead the application on an alternate route to Yadav’s Nirvana land. But when the pattern strays outside its learned boundaries, even though it’s not being upgraded, Tetration uses that breach as a “security signal,” to which it responds first by ascertaining whether the application, or parts of it, have “morphed” into something else, perhaps by way of malware injection. Again, Yadav declined to go into further detail as to what happens at this point, citing Cisco proprietary issues.

Why wouldn’t it be in Cisco’s best interest, we asked, to help lead data centers into Nirvana land by giving them the tools and expertise they need to automate and orchestrate applications on new and more flexible infrastructures, involving SDN and containerization, for example, rather than giving customers an appliance that helps them cope with their infrastructure not being in Nirvana land for the time being?

“The metadata that we learn? We feed it to CliQr,” he responded. “And CliQr is the one that’s doing this transformation, taking these guys into containers and all the configs — this is what CliQr really does. And even these apps go into nirvana-land. We’re not holding them back; we’re doing automatic discovery. Rather than using humans to go through each line of code and figure out dependencies, Tetration does that automatic discovery, and then gives it to CliQr. And then CliQr turns around and automates provisioning and orchestration.”


So Cisco’s value proposition is this: Tetration can ascertain the proper infrastructural configuration data from any application that has already settled down into a regular rhythm. It learns this data from various agents, including software injected into virtual machines, as well as hardware sensors being embedded into Cisco switches, including its Nexus 9200-X and Nexus 9300-EX. Tetration then feeds that data into CliQr, which responds by generating the automation scripts necessary for that application to continue to run properly, or perhaps even more optimally, in the data center. That same data, meanwhile, is used by Tetration to generate security alerts when an application behaves outside its pattern for reasons that can’t be easily explained away.

It’s a complex proposition, which may be the reason why Cisco’s marketing softens the focus considerably, referring to threats everywhere that might just break everything, and casting its solution as a “time machine” straight out of H. G. Wells. But if Cisco has learned anything about its customers’ behavior in the last decade — even if algorithms were used in the process — it knows that buyers are responding less and less to fuzzy, ubiquitous threats, and more to specific strategies with definitive payoffs. We’ll know whether Tetration is reaching these customers if we see the fog starting to lift, after it’s made generally available next month.

About the Author(s)

Scott Fulton III


Scott M. Fulton, III is a 39-year veteran technology journalist, author, analyst, and content strategist, the latter of which means he thought almost too carefully about the order in which those roles should appear. Decisions like these, he’ll tell you, should be data-driven. His work has appeared in The New Stack since 2014, and in various receptacles and bins since the 1980s.

Subscribe to the Data Center Knowledge Newsletter
Get analysis and expert insight on the latest in data center business and technology delivered to your inbox daily.

You May Also Like