(Application Centric Infrastructure) Cisco ACI
traditionally thought about networking. In Traditional networking administrators use commands and to manage different devices locally. Cisco Application Centric Infrastructure (ACI) is a holistic architecture in the data center providing centralized automation and policy-driven application profiles. This solution delivers software flexibility with the scalability of hardware performance.
ACI is based-on Spine-and-Leaf architecture where the leaf nodes are connected to the spines in a mesh fashion. This innovative design is a replacement for traditional three-layer architecture and increases in East-West traffic in most modern data centers due to the increase in virtual servers on top of physical hosts
In Cisco Spine and Leaf Architecture, every leaf switch is connected to each of the spine switches in a full-mesh topology. The leaf layer includes access switches that connect to devices such as servers while the spine layer is the backbone of the network and is responsible for interconnecting all leaf switches. The path is randomly chosen so that the traffic load is evenly distributed among the top-tier switches. If one of the top tier switches were to fail, it would only slightly degrade performance throughout the data center. In this method, an additional spine switch can be added, and uplinks can be extended to every leaf switch, resulting in the addition of interlayer bandwidth and reduction of the oversubscription.
With a Cisco Spine and Leaf Architecture, no matter which leaf switch to which a server is connected, its traffic always has to cross the same number of devices to get to another server (unless the other server is located on the same leaf). This way of approach keeps latency at a predictable level because a payload only has to hop to a spine switch and another leaf switch to reach its destination.
Cisco ACI Tenant
Basically, Cisco ACI is a policy based fabric meaning that the whole environment is modelled in objects. Within Cisco Application Centric Infrastructure, the tenant policy model is one of the most important parts of ACI and is the top level object on its tab. It contains several areas, but the two most critical at the moment are networking and application profile. The networking section is where you create VRFs (which also called contexts), Bridge domains (which contain a subnet and define flooding boundaries), L3 out parameters and L2 out parameters. In addition, the application profile defines your endpoint groups which is a VLAN matches switch, interfaces and more, and how they consume infrastructure resources for their application.
Overall, a tenant is a logical container for application policies and it includes one or more virtual routing and forwarding (VRF) instances or contexts which can be associated with multiple bridge domains. This concept is very similar to the Private VLAN which is being used in traditional networking.
In ACI Tenant policy model, Bridge domains act like a primary VLAN while EPGs behave like the secondary VLANs. However, as there are two types of encapsulations in ACI, VXLAN and IEEE VLAN, and it is not about VLANs anymore, whole architecture and parameters are changed. In addition, the VXLAN can be categorized in two types in ACI, iVXLAN which is the encapsulation that is used inside of the fabric and it would never leave the fabric. ACI is also capable of dealing with standard IETF VXLAN which is the standardized VXLAN that all the vendors are using.
Cisco Spine Switches
The Cisco Nexus 9000 family has introduced different models of fixed (Cisco Nexus 9300) and modular (Cisco Nexus 9500) switches such as Cisco Nexus 9332C and Cisco Nexus 9364C to be deployed in the spine-and-leaf network as a spine switch. Cisco Nexus 9000 Series spine switches enable an automated and policy-based Cisco ACI architecture.
All features and capabilities on this switches would be enables by using Cisco Nexus PLR license.
Cisco Leaf Switches
The Cisco Nexus 9000 portfolio also consists of various models to be deployed as a leaf switch in spine-and-leaf architecture. These switches provide low latency with up to 3.6Tbps of bandwidth enables customers to build a robust switch fabric scaling from as few as 200 10-Gbps server ports to more than 200,000 10-Gbps server ports. Also they can support up to a total of 50 MB of integrated shared buffer space allows better management of speed mismatch between access and uplink ports. Moreover, they provide Hot-swappable, redundant power supplies and fan trays increase availability. All premium features can be enabled by using Cisco Nexus 9000 PLR license on these switches.
Cisco APIC
The Cisco APIC which stands for Cisco Application Policy Infrastructure Controller, is the main architectural element of the Cisco ACI solution. Cisco APIC enables the unified point of automation and management for the Cisco ACI fabric, policy enforcement, and health monitoring. The ACI controller enhances performance and manages and operates a scalable multitenant Cisco ACI fabric.
Cisco APIC provides a Cisco APIC is a key component of ACI. It enables applications to directly connect with secure, shared and high-performance resource pool that includes network compute and storage capabilities. Furthermore, it is a centralized application-level policy engine for physical, virtual, and cloud infrastructures. Cisco APIC enables detailed visibility, telemetry, and health scores by application and by tenant. Plus, it is designed around open standards and open API. Moreover, it supports strong implementation of multi-tenant security, quality of service (QoS), and high availability and it can be Integrated with management systems such as VMware, Microsoft, and OpenStack.
Cisco APIC is designed for automation, programmability, and centralized management and exposes northbound APIs through XML and JSON by itself. It provides both a command-line interface (CLI) and GUI which utilize the APIs to manage the fabric holistically.
Cisco ACI License
Cisco ACI supports Cisco's smart licensing features. In the licensing panel you can choose the connection method to the Cisco smart software manager in order to register all devices in your fabric. You can also use the CLI to activate Cisco license reservation features. Cisco ACI PLR or permanent license reservation solution is a secure way to activate all the premium capabilities on your leaves and spines, within the highly secure network where no inbound or outbound connection is allowed, permanently