Cisco Workload Optimization Manager (CWOM) Review

Cisco Workload Optimization Manager or CWOM was one of the highlights during the Cisco Live! Melbourne 2018 conference. I got my hands on a trial version for review.

CWOM is basically a re-badged version of Turbonomic with a few add-ins such as Cisco UCS templates used for server migration planning. Details regarding Cisco’s partnership with Turbonomic can be found at the link below:

https://blogs.cisco.com/datacenter/cisco-and-turbonomic-deliver-autonomic-it

CWOM comes as a VMware virtual appliance and you will need a subscription to download it from the Cisco website. Deployment of the vApp is easy and just needs a static IP or DHCP IP address to get started. The installation guide is straightforward and gives you enough to get started.

The first prompt you receive after deploying the vApp and logging into the web console is the prompt to enter a license key. Even if you are just wanting to use the trial version, you will still need to order one from your Cisco sales representative.

Once you have entered a valid license key (trial or production), you are good to go.

Go to the settings section and add your on-prem and cloud targets such as your local vCenter server, Azure, Softlayer or AWS cloud account.

One of the initial hurdles found was that the network that I assigned to the vApp was behind the firewall which did not have internet access and hence the “validation failed” errors as CWOM attempted to connect to the cloud providers to validate the credential entered.

To verify that the vApp could not connect to the internet, login via SSH to the CWOM virtual appliance and run a “netstat -n | grep SYN” straight after clicking on the “validate” button on the web interface. A “SYN_SENT” would confirm that ports 80 and 443 is currently blocked on the firewall. As the IP address is shown, we can verify that DNS lookups are fine.

NOTE: The CWOM virtual appliance runs Centos v7 but does not have any of the bind-utils installed so you will not be able to use commands such as nc, nslookup or dig.

Another useful built-in command to validate internet connectivity is the “curl” command.

The following output shows a successful connection after the firewall is configured to allow internet connectivity from the CWOM appliance via outbound NAT.

[root@turbonomic ~] curl -vvI https://aws.amazon.com
* About to connect() to aws.amazon.com port 443 (#0)
* Trying 54.239.31.129...
* Connected to aws.amazon.com (54.239.31.129) port 443 (#0)
* Initializing NSS with certpath: sql:/etc/pki/nssdb
* CAfile: /etc/pki/tls/certs/ca-bundle.crt
 CApath: none
* SSL connection using TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256
* Server certificate:
* subject: CN=aws.amazon.com
* start date: Mar 28 00:00:00 2018 GMT
* expire date: Mar 28 12:00:00 2019 GMT
* common name: aws.amazon.com
* issuer: CN=Amazon,OU=Server CA 1B,O=Amazon,C=US
> HEAD / HTTP/1.1
> User-Agent: curl/7.29.0
> Host: aws.amazon.com
> Accept: */*
> 
< HTTP/1.1 200 OK
HTTP/1.1 200 OK
< Server: Server
Server: Server
< Date: Sun, 08 Apr 2018 23:49:27 GMT
Date: Sun, 08 Apr 2018 23:49:27 GMT
< Content-Type: text/html;charset=UTF-8
Content-Type: text/html;charset=UTF-8
< Content-Length: 462224
Content-Length: 462224
< Connection: keep-alive
Connection: keep-alive
< X-Frame-Options: SAMEORIGIN
X-Frame-Options: SAMEORIGIN
< X-Content-Type-Options: nosniff
X-Content-Type-Options: nosniff
< x-amz-id-1: 0G3N2YFAJ2Q5K5375562
x-amz-id-1: 0G3N2YFAJ2Q5K5375562
< Last-Modified: Fri, 06 Apr 2018 07:30:52 GMT
Last-Modified: Fri, 06 Apr 2018 07:30:52 GMT
< Vary: Accept-Encoding,User-Agent
Vary: Accept-Encoding,User-Agent
< Set-Cookie: aws_lang=en; Domain=.amazon.com; Path=/
Set-Cookie: aws_lang=en; Domain=.amazon.com; Path=/
 
< 
* Connection #0 to host aws.amazon.com left intact

I’ve also found that adding cloud targets requires quite a bit of configuration on the public cloud side.

For example, adding Azure as a cloud target requires the following to be completed:

  1. Create a new WebApp in Azure eg. cwom-webapp
  2. Add the new WebApp to Azure Active Directory and create a new password and secret key.
  3. Grant Azure Service Management permissions.
  4. Allow the WebApp access to the Azure subscription.

Full instructions on configuring the WebApp in Azure can be found at the link below:

https://greencircle.vmturbo.com/docs/DOC-3310-complete-guide-adding-microsoft-azure-to-turbonomic-56

One of the useful plans is “Migrate to public cloud” which will calculate the costs you would incur if you were to migrate your on-premise VMs from a vCenter (added as a target in CWOM) to the public cloud. Costs are calculated based on the public cloud subscription added as a target to CWOM. For example, you would need to add Azure as a cloud target for CWOM to calculate the costs in the report.

You would basically select the VMs or vSphere resource pool or cluster with VMs to be considered for migration and specify the public cloud target. CWOM would then map each on-premise VM to it’s equivalent in the specified public cloud and provide the monthly and yearly costs for running in that public cloud.

Leave a Reply

Your email address will not be published.

This site uses Akismet to reduce spam. Learn how your comment data is processed.