Network infrastructure management using network policies , its simplification, optimization, and acceleration of application deployment lifecycle. Cisco Application centric infrastructure (ACI) is intent based networking framework to enable agility and resiliency for data centres. It let you provision dynamically network security and other network infrastructure services. It is industry’s most secure , open and comprehensive software defined networking (SDN) solution.
Today we look more in detail about Cisco ACI Multi-site fabric release 3.0 , its deployment and its features and limitations etc.
About Cisco ACI 3.0: Multi-site Fabric
Cisco ACI is based conceptually on Any workload, any location, and Any cloud deployment architecture. ACI 3.0 supports multiple availability zones (or as called fabrics) in a single region and multi-region policy management.
- ACI Multi-site supports all ACI leaf switches and only -EX spine nodes connect to the inter-site network.
- 1st generation spines (inclusive 9336PQ) are not supported.
- ACI Multi-site has policy manager which supports micro services architecture and multiple VMs are created and run concurrently as active/active.
- Data plane component handles all traffic related to data.
- The cisco NX-OS device forwards packet from one interface to another interface.
- The packets which are not meant for switch are known as transit packets and these are handled by data plane.
- Control plane component handles all routing protocol traffic.
- Protocols such as Border gateway routing protocol (BGP) and open shortest path first (OSPF) are responsible for sending control packets between devices. These packets are known as control plane packets and are destined for router addresses.
Features of Cisco ACI 3.0: Multisite fabric
- ACI sites health monitoring
- Provision for day-0 configuration to establish intersite EVPN control plane
- Inter-site troubleshooting capabilities added post 3.0 release
- Supports for 500 msec to 1 sec RTT
- APIC clusters deployed in different sites have OOB management connectivity
- Define and provision policies across multiple sites (scope of changes can be defined)
- Moderate latency between ACI multi-site nodes (up to 150 msec)
- Provides access according to user role and using role-based access control
- Allows segregation of network infrastructure administration and data flows
- Inter-site policies are defined and pushed to respective APIC domains
- Consistent policy deployment across sites
- It maintains separate name spaces with ID translation which is taken care at spine nodes
- Across multiple sites layer 2 and layer 3 extensions are supported
- It allows to manage tenant policies across multiple sites with the help of ACI multi-site policy manager
- At the time of release multi-site policy manager supports only vSphere
- Multi-site policy manager needs OOB connectivity to APIC clusters and supports up to 500 msec to 1 sec RTT
- For future multi-site deployments, it is recommended to deploy ACI Multi-zone for Single ACI site
- In each ACI Multi-zone VM having a unique routable IP hypervisor can be connected directly to the DC OOB network
How to setup Cisco ACI 3.0: Multisite fabric
The ACI multi-site feature introduced in version 3.0 let you connect interconnect separate cisco ACI Application Policy Infrastructure controller (APIC) cluster domains (fabrics) each site represents a different availability zone.
Cisco ACI multi-site can be deployed using Python or directly in ESXI without using vCenter. Let’s understand about it more in detail in below section.
1.Deployment of Cisco ACI Multi-site fabric using Python
2.Deployment of cisco ACI Multi-site directly in ESXI without using vCenter