bolick

First 3rd Party Application Running on an ISR

Blog Post created by bolick on Jul 6, 2016

“The whole is greater than the sum of its parts.” – Aristotle

 

You could be excused for missing the press release from ThousandEyes earlier today. They’re an innovative young company with powerful network monitoring technology, but there are a flurry of announcements this time of year and it’s easy to get lost in the shuffle. What they announced today represents the first of many 3rd parties, partners, customers, students and friendly hackers developing applications to run in a Cisco network.

 

A few weeks ago, I wrote about a new technology we’ve been rolling out quietly on the Integrated Services Routers (ISR 4000 Series) and Aggregation Services Routers (ASR 1000 Series). It is really the worst kept secret ever from Cisco because we never really tried. We first introduced virtual machine hosting on routers in 2013 eventually opening up to non-Cisco developers late last year. Since then, dozens of developers (that we know of) have been writing applications for our routers. ThousandEyes is the first of these to launch an officially supported product using the technology.

 

What Makes ThousandEyes Unique

OpenAppImage1.png


Our goal with hosted virtual machines on Cisco Routers is to create an open environment where all developers and applications are welcome. There’s no doubt ThousandEyes has interesting technology, but honestly that’s not why they’re one of the first non-Cisco applications with support on Cisco routers. To find out why they qualified as a great early adopter, you have to look at their customer list, which includes Cisco IT.

 

Imagine working in IT at Cisco. Of all the large enterprise environments you could possibly work in, Cisco’s has got to be the one with the highest stress level. Not only are you responsible for a global network with hundreds of locations and thousands of partners, but you have to do it with some of the smartest people in the industry as end users. It’s the typical enterprise network with demands such as perfect uptime, infinite bandwidth, and instantly responsive applications. For Cisco IT, those users are also inventors that create the technologies running in the network you support.

To keep that network up and running, Cisco IT uses ThousandEyes to triage and get to the root cause of network outages quickly. In the past, they would use a compact PC at Cisco remote offices to host the ThousandEyes agents. These agents constantly collect information about the health of the network, so Cisco IT could spot problems before they occur. This was ugly. The PC didn’t fit cleanly into a rack and it was another device to manage or fail.

 

The Development Process

Cisco IT proactively suggested that ThousandEyes look into running their agent directly on a Cisco router. With the ability to host the ThousandEyes agent directly on the ISR 4K or ASR 1K in remote offices, Cisco IT was able to reduce the footprint of devices they have to support remotely while eliminating one more thing they have to worry about failing. Through moving to an integrated model for the ThousandEyes agent, Cisco IT was able to reduce their mean time to troubleshoot by 43% and their mean time to restore by 8% while reducing the complexities of the remote office.

 

For us as a product development team this was a fantastic opportunity. We could have direct interaction with both the application developers as well as the end users. It allowed us to see firsthand the challenges a non-Cisco developer would face porting their application to run on a Cisco router. We provided ThousandEyes with some early versions of the developer guide that you can find in DevNet right now. We wanted their experience to be as close as possible to what a developer with no special access would go through.

As it turns out, the challenge wasn’t that imposing. Since ThousandEyes already had support for KVM agents, the development work to get their agent running on an ISR was minimal. They had the whole thing working in just a couple days.

 

What Does “Support” Mean

To be completely clear, when an unsigned application runs on an ISR 4000 or an ASR 1000, there is no support for that application from Cisco. This is no different than other hypervisor or hosting environments that you’ll run into.

OpenAppImage2.png

The hypervisor vendor supports the infrastructure and the plumbing that the application needs. In this case the Cisco router provides the network and hypervisor so Cisco supports the hardware along with the IOS-XE operating system that includes the KVM hosting capabilities. Because all Cisco applications carry a Cisco digital signature while all non-Cisco applications don’t, it’s easy to see which applications are supported by Cisco and which are supported by the developer.

Because this is open-source KVM under the hood, there’s also no license required from Cisco or any other group to host an application on the router. KVM is fairly universal across Linux distributions so it should not matter which platform you develop an application or which distribution it runs on top of. Cisco IOS XE happens to use a lightweight Monte Vista distribution for efficiency, but the KVM component is completely standard. Of course the operating system or application within the KVM machine could have licensing requirements depending on what’s inside.

 

OpenAppImage3.png

If you’re a developer, you are not on your own. Cisco DevNet is the primary source for everything you need to develop or modify your application for a Cisco router. There we have developer guides, sample code, useful tools, and a community of Cisco and external developers excited to help make your application a success. If you’ve never taken a look at DevNet, it’s a deep resource with plenty to get you started on whatever project you can dream up.

 

It is the responsibility of the developer to support the application running within that virtual machine. In this case the developer was ThousandEyes. That’s the newsworthy piece about the press release today. The packaging of ThousandEyes agents to run on a Cisco router was not the impressive thing from the press release today.

 


It is the confidence ThousandEyes has in Cisco that justified testing, certifying, and supporting their software on a Cisco router. That shows a level of trust in the infrastructure as well as a market understanding that the network is a compelling place for ThousandEyes agent and will be of interest to their customers. The announcement today is also a validation of openness and extensibility, a pillar of Cisco DNA. With open extensibility now available on Cisco ISR 4000s and ASR 1000s there’s a new world of possibilities to customize the capabilities of the branch router. As a result, it creates a benefit greater than any single vendor’s offer.

Outcomes