Table of Contents
Network infrastructure management using network policies , its simplification, optimization, and acceleration of application deployment lifecycle. Cisco Application centric infrastructure (ACI) is intent based networking framework to enable agility and resiliency for data centres. It let you provision dynamically network security and other network infrastructure services. It is industry’s most secure , open and comprehensive software defined networking (SDN) solution.
Today we look more in detail about Cisco ACI Multi-site fabric release 3.0 , its deployment and its features and limitations etc.
About Cisco ACI 3.0: Multi-site Fabric
Cisco ACI is based conceptually on Any workload, any location, and Any cloud deployment architecture. ACI 3.0 supports multiple availability zones (or as called fabrics) in a single region and multi-region policy management.
- ACI Multi-site supports all ACI leaf switches and only -EX spine nodes connect to the inter-site network.
- 1st generation spines (inclusive 9336PQ) are not supported.
- ACI Multi-site has policy manager which supports micro services architecture and multiple VMs are created and run concurrently as active/active.
- Data plane component handles all traffic related to data.
- The cisco NX-OS device forwards packet from one interface to another interface.
- The packets which are not meant for switch are known as transit packets and these are handled by data plane.
- Control plane component handles all routing protocol traffic.
- Protocols such as Border gateway routing protocol (BGP) and open shortest path first (OSPF) are responsible for sending control packets between devices. These packets are known as control plane packets and are destined for router addresses.
Features of Cisco ACI 3.0: Multisite fabric
- ACI sites health monitoring
- Provision for day-0 configuration to establish intersite EVPN control plane
- Inter-site troubleshooting capabilities added post 3.0 release
- Supports for 500 msec to 1 sec RTT
- APIC clusters deployed in different sites have OOB management connectivity
- Define and provision policies across multiple sites (scope of changes can be defined)
- Moderate latency between ACI multi-site nodes (up to 150 msec)
- Provides access according to user role and using role-based access control
- Allows segregation of network infrastructure administration and data flows
- Inter-site policies are defined and pushed to respective APIC domains
- Consistent policy deployment across sites
- It maintains separate name spaces with ID translation which is taken care at spine nodes
- Across multiple sites layer 2 and layer 3 extensions are supported
- It allows to manage tenant policies across multiple sites with the help of ACI multi-site policy manager
Limitations
- At the time of release multi-site policy manager supports only vSphere
- Multi-site policy manager needs OOB connectivity to APIC clusters and supports up to 500 msec to 1 sec RTT
- For future multi-site deployments, it is recommended to deploy ACI Multi-zone for Single ACI site
- In each ACI Multi-zone VM having a unique routable IP hypervisor can be connected directly to the DC OOB network
How to setup Cisco ACI 3.0: Multisite fabric
The ACI multi-site feature introduced in version 3.0 let you connect interconnect separate cisco ACI Application Policy Infrastructure controller (APIC) cluster domains (fabrics) each site represents a different availability zone.
Cisco ACI multi-site can be deployed using Python or directly in ESXI without using vCenter. Let’s understand about it more in detail in below section.
1.Deployment of Cisco ACI Multi-site fabric using Python
Before beginning installation make sure you have Python 2.7.14 + or Python 3.4+
Step 1: Download the ACI Multi-site tools image from cisco ACI Multi-site software download link
Go to software download link
https://software.cisco.com/download/home/285968390/type
Click ACI Multi-site software
Choose the ACI Multi-site tools image release version and click download icon
Step 2 : Extract and un-tar the files
$ tar xvf tools-msc-<build_number>.tar.gz
msc_cfg_example.yml
msc_lib.py
msc_vm_clean.py
msc_vm_util.py
Node.py
python
README
requirements.txt
Step 3: change to tools-msc-<build_number> directory
$ cd tools-msc-<build_number>
Step 4: verify version of Python running on system
$ python -V
Python 2.7.15
Step 5: Check to verify if you have permission to install Python packages. Change shell to super-user
$ Sudo bash
Step 6: configure proxy if you plan to use proxy to access the Internet
$ export http_proxy=your_proxy_ip: your_Proxy_port
$ export https:_proxy= your_proxy_ip: your_Proxy_port
Step 7: Install Python package installer
# python -m ensurepip
Collecting setuptools
Collecting pip
Installing collected packages: setuptools, pip
Successfully installed pip-9.0.3 setuptools-39.0.1
Step 8: Install the packages in requirements.txt:
# python -m pip install -r requirements.txt
Step 9: Now Exit the shell
# exit
$
2.Deployment of cisco ACI Multi-site directly in ESXI without using vCenter
Step 1: Download the msc-<version>.ova from cisco ACI Multi-site software download link
Go to software download link
https://software.cisco.com/download/home/285968390/type
Click ACI Multi-Site Software
Choose the release version image and click on download icon
Step 2: un-tar ova file into new temporary directory
$ mkdir msc_ova
$ cd msc_ova
$ tar xvf ../msc-<version>.ova
esx-msc-<version>.ovf
esx-msc-<version>.mf
esx-msc-<version>.cert
msc-<version>.ovf
msc-<version>.mf
msc-<version>.cert
msc-<version>-disk1.vmdk
This creates several files
Step 3: Use the ESXI vSphere client
Go to File > Deploy OVF template > Browse and select esx-msc-<version>.ovf file
Repeat step 3 to create each multi-site node
Continue Reading:
Cisco ACI Multi-Pod vs Multi-Site: Detailed Comparison
Cisco ACI vs Cisco Viptela SD-WAN vs Cisco SD-access
SD-WAN Fabric Bring Up in Cisco Viptela
ABOUT THE AUTHOR
I am here to share my knowledge and experience in the field of networking with the goal being – “The more you share, the more you learn.”
I am a biotechnologist by qualification and a Network Enthusiast by interest. I developed interest in networking being in the company of a passionate Network Professional, my husband.
I am a strong believer of the fact that “learning is a constant process of discovering yourself.”
– Rashmi Bhardwaj (Author/Editor)
