News

Case study: Cloud Infrastructure As Code

Smart Cities LLP has automated cloud service delivery with Cisco Application Centric Infrastructure (ACI) and HashiCorp Terraform

Challenges

  • Support a rapidly growing set of clients and projects
  • Increase network automation and security
  • Reduce time spent on repetitive tasks and reduce human error
  • Simplify and expedite internal operations

Solutions

  • Cisco Application Centric Architecture (ACI)
  • Cisco Nexus 9000 Series switches
  • Cisco Secure Firewall
  • HashiCorp Terraform
  • Red Hat Ansible Automation Platform

Results

  • Established infrastructure as code for public and private cloud networks
  • Accelerated data center network provisioning from three days to eight minutes
  • Used policy-based automation to enable hundreds of network changes each day

An unexpected shift

Recognizing the need to advance digitalization in Kazakhstan and provide more accessible services for its businesses and citizens, the country’s largest mining corporation—Eurasian Resources Group (ERG)—formed its own digital services company in 2018. The company, BTS Digital, grew quickly and was eventually split into 10 independent entities, each with its specialty service.

As one of the ten spinoffs, Smart Cities LLP provided hardware infrastructure for its nine sister companies and client projects, most of which involved digital transformation for Kazakhstan municipalities.

The resulting scope of work forced a swift and unexpected shift in business strategy and service offerings.

"We were supporting more than 50 projects, and the hardware needs were changing quickly," says Sergey Korobitsin, server infrastructure, virtualization, and cloud team lead at Smart Cities LLP. "We knew we had to do things differently, so we built a private cloud that others could utilize."

The company did so with the OpenStack open-source cloud computing platform, eventually offering infrastructure, platform, Kubernetes, database, and monitoring capabilities—each delivered as-a-service. And yet, with only three network engineers on staff, Smart Cities LLP couldn’t keep up with rising customer demand and the growing portfolio of services offered by its sister companies.

"We needed to establish infrastructure as code—something that could be highly secure, fully automated, and flexible enough to support 50 projects one day and many more—or less—the next," says Zhanerke Kozhabergenova, senior NetOps engineer at Smart Cities LLP.

Infrastructure as code

Starting with a pilot project, the company deployed Cisco Application Centric Infrastructure (ACI), an industry-leading software-defined networking (SDN) solution, and began automating the network using HashiCorp Terraform tools. Cisco Secure Firewall and load balancers were later integrated with the environment for added security and resiliency.

"To support a growing set of network fabrics, each with their own access rules and firewalls, we automated almost 80% of our daily networking tasks," Zhanerke explains. "It was a revolutionary advancement in our operations."

"All of our access, tenant, and security policies are now defined and automated with code," Sergey adds. "We use predefined templates to automate network deployments and isolate our public and private cloud offerings as well as the tenant, project, and service environments within them."

Software-defined automation has dramatically accelerated the company’s internal operations, Zhanerke adds, enabling Smart Cities LLP to support a much larger volume of clients and projects.

"It used to take us three days to set up a new network fabric and all associated objects and resources. With code refactoring and automation, we can deploy a full network environment with 3000 objects in just eight minutes," she says. "The combination of Cisco ACI and Terraform works beautifully."

Visibility and alignment

In addition to greater operational speed and agility, Cisco ACI has improved the alignment and collaboration across the company’s network operations (NetOps), DevOps, and security operations (SecOps) teams.

"All of the teams have a transparent view of all our network fabrics, and the code provides a single source of truth," Sergey says. "We've even given parts of the network to our sister companies with easy instructions for deploying new environments and creating their own access rules, endpoint groups, and bridge domains. Besides our review and approval of the rules, it’s completely self-service."

As a result, Smart Cities LLP and its networking team are no longer bottlenecks for a rapidly expanding set of clients, projects, and services.

"With tickets, handoffs, and human variables, a single network change used to take days. We are making hundreds of changes across hundreds of network domains daily," Zhanerke says. "Other companies have dozens of people maintaining a network of this size, and we’re doing it with three network engineers. It’s incredible."

The case study was originally published on the CISCO website