Tetration - Application Mapping

One question that is often asked is how Tetration knows how to build an application map. In this post, we’re going to dig into how applications are mapped in Tetration, what it looks like in the UI and how this information can be used.

Pictured above is the application map that Tetration has drawn automatically. It has put the entire application together hop-by-hop which is useful form not only for troubleshooting but security as well since you can now see how these servers are communicating with each other and what direction the traffic flow is going. In some cases, the traffic is unidirectional and sometimes it’s bidirectional which is illustrated above.

So how does Tetration build a map for a specific application? Tetration something called scopes. They are used to group data center applications together and allows control of managed. They are defined as a hierarchical set of trees within a root scope.

Moving into the Scopes dashboard, I can see the scopes that our friend JP has created in this lab and a visualization of the hierarchical tree and where we are at in the tree on the upper left-hand corner.

One can get more granular in as one moves down the tree by clicking into the of the scopes. As you move down the tree, you’ll notice the red dot move in the tree to reflect where you are in the hierarchy.

By building out this hierarchical tree, this is how Tetration knows how to group certain things together.

Another thing that can be used is something called an “annotation” which is essentially a custom attribute or tag that can be added dynamically to inventory. With an annotation, one can create different tags for various different piece of their environments and based on those tags, Tetration can start to group things together in a way that makes more sense and is more human readable. An example of this is if you have multiple data centers in multiple countries, you might add a country tag, a different data center tag because you might have different data centers in that country, an environment tag because there might be production or dev, a function tag (i.e. Active Directory), etc. There’s a lot of ways how one might decide to annotate.

Tetration supports up to 32 tags per individual servers. There are multiple ways to assign tags or annotations including:

  • Assigning it manually

  • Information taken from a CMDB and dynamically assigning it

  • Integration with vCenter and ingestion the information into Tetration to dynamically assign it

Note: In some cases, this might even be done in reverse. For example, some clients might have a CMBD that’s trashed with bad information. At that point, they can use Tetration to do all their discovery of their servers and applications, start doing their enforcement and then take all that information to Tetration to backfill the CMDB.

Now let’s take a look at using scopes and annotations together with an example of how they might be used together:

What the above is stating is that any server that Tetration sees with the environment tag containing “Test” or “UAT” or the lifecycle tag containing test, it knows to put it in the UAT Siwapp scope. It can be whatever one specifies but this gives a great example of how one can use scope and annotations together in a human readable way. It always provides one a way to apply a policy to a subset of devices or if you want to see everything specifically tagged or scoped applications are doing, Tetration can do that for you and limit the scope to a certain application or environment.

Note: Scope and annotations/tags are not required to run Tetration but it does make a lot easier and more human readable to use them since you won’t have to look at everything in the data center all at once.

Going back to the application map I initially showed, we can see where it’s filtered by scope in the upper left-hand corner of the screen:

So, in the above example, Tetration used scopes in the above map to say that everything with the tag of “Test” coming in from vCenter, Tetration should be in an application map. That’s how the above application map was created.

Each grouping in the application map is not an individual server but clusters of servers that Tetration has automatically grouped together. Inside the actual application map itself, one can click on a cluster and notice that the right-hand window will start to change. This will show you which servers are in the cluster.

One can expand the endpoints in the window to see how many servers are in the cluster, their hostnames, the OS they’re running, and what IP addresses are in the cluster:

Going back to my original blog post where JP didn’t know how many servers where in our app tier, how many were in our web tier, etc - Tetration can clearly show him how many servers are in a given cluster, how they communication with each other, and an application map that Tetration builds out automatically for him.

So how does Tetration know how to group things together in a cluster? Tetration builds these clusters based on three things:

  • Traffic flows - Tetration sees that the above three servers fit this scope and had the exact same traffic patterns.

  • Processes - In the above example of three servers, Tetration saw that all those servers were running the same processes.

  • Query - Tetration can also base it on a process called a query which one can see in that right-hand window pictured above. It’s more of a manual addition and not necessary but one can add it optionally. Basically, the above states that if Tetration sees a server with the application tag of “SiwappApp,” it knows to put it into the “uat_siwapp_app” cluster. We illustrated it for the above example but it’s definitely not required at all.

Tetration can process the grouping of servers automatically based on those flows and processes but also gives you the ability to add a manual touch with the Query option. Tetration will start the grouping immediately without the need for a starting point, IPs, etc - once it starts seeing processes and flows, it’ll automatically start grouping together and creating these application maps. Using annotations and scopes helps one drill down further into the applications to make it more human readable as you go.

Thank you for reading this post and I hope it helped you understand application mapping a bit more in Tetration. Stay tuned for more posts shortly.