Scribd Logo
Upload

Welcome to Scribd!

  • 475 views

    ACI Lab Presentation

    Uploaded by

    Yibrail Veliz Plua
    Lab

    Copyright:

    © All Rights Reserved
    Download as PDF, TXT or read online from Scribd

    ACI Lab Presentation

    Uploaded by

    Yibrail Veliz Plua
    475 views29 pages
    Lab

    Copyright

    © © All Rights Reserved

    Available Formats

    PDF, TXT or read online from Scribd

    Did you find this document useful?

    Is this content inappropriate?

    Lab

    Copyright:

    © All Rights Reserved
    Download as PDF, TXT or read online from Scribd
    Download as pdf or txt
    475 views29 pages

    ACI Lab Presentation

    Uploaded by

    Yibrail Veliz Plua
    Lab

    Copyright:

    © All Rights Reserved
    Download as PDF, TXT or read online from Scribd
    Download as pdf or txt
    You are on page 1of 29

    ACI Fundamentals Lab

    Ivan Andjelkovic
    Systems Engineer

    Agenda
    1)Why Application Centric Infrastructure (ACI)
    2)ACI components and benefits
    3)What is Application in ACI
    4)Logical model
    5)Lab logistics

    2013-2014 Cisco and/or its affiliates. All rights reserved.

    Cisco Confidential

    Industry Trends

    DevOps

    New operational models are driving the need for infrastructure change.

    2013-2014 Cisco and/or its affiliates. All rights reserved.

    Cisco Confidential

    Agile Networking Needed


    Datacenter Spending (%) Over Time
    100%
    90%

    Operating expenses
    represent over 80%
    of DC spending

    Dynamic (Re)programming of the


    Network is needed to curb
    OpEx increase driven by
    Server Virtualization

    80%
    70%
    60%
    50%
    40%
    30%
    20%
    10%
    0%
    06

    07

    08

    Server Spending
    Virtual Servers - Mgnt & Admin
    2013-2014 Cisco and/or its affiliates. All rights reserved.

    09

    10

    11

    12

    13

    Standalone Servers - Mgnt & Admin


    Power & Cooling Expense

    Source: IDC, 2011 New Economic Model for the Datacenter

    Cisco Confidential

    Agenda
    1)Why Application Centric Infrastructure (ACI)
    2)ACI components
    3)What is Application in ACI
    4)Logical model
    5)Lab logistics

    2013-2014 Cisco and/or its affiliates. All rights reserved.

    Cisco Confidential

    ACI Introduces Logical Network Provisioning of Stateless


    Hardware
    Web

    Outside
    (Tenant VRF)

    App

    DB

    QoS

    QoS

    QoS

    Filter

    Service

    Filter

    APIC
    ACI Fabric
    Non-Blocking Penalty Free Overlay

    2013-2014 Cisco and/or its affiliates. All rights reserved.

    Application Policy
    Infrastructure
    Controller

    Cisco Confidential

    ACI Fabric
    ACI Spines

    One Logical System to Manage


    Any IP address anywhere !!
    ACI Leafs

    External L2 / L3

    L4 -7 Services

    Servers

    APIC

    APIC

    APIC

    APIC Cluster

    OOB Managment
    2013-2014 Cisco and/or its affiliates. All rights reserved.

    Cisco Confidential

    Multi-Hypervisor-Ready Fabric
    Hypervisor Integration

    Network
    Admin

    APIC
    APIC

    ACI Fabric

    Integrated gateway for VLAN,


    VxLAN, NVGRE networks from
    virtual to physical

    VLAN
    VXLAN

    Normalization for NVGRE, VXLAN,


    and VLAN networks

    ESX

    Customer not restricted by a


    choice of hypervisor
    Fabric is ready for multihypervisor
    2013-2014 Cisco and/or its affiliates. All rights reserved.

    VLAN
    NVGRE

    Hyper-V

    VLAN
    VXLAN

    VLAN

    KVM

    PHYSICAL
    SERVER

    Application
    Admin

    Hypervisor
    Management
    Cisco Confidential

    Application Awareness
    Application-Level Visibility

    ACI Fabric provides the next generation


    of analytic capabilities

    PetStore Event

    Triggered Events
    or Queries

    Actions:
    No new hosts or VMs
    Evacuate hypervisors
    Re-balance clusters

    Per application, tenants, and


    infrastructure:

    Health scores
    Latency
    Atomic counters
    Resource consumption

    Integrate with workload placement or


    migration
    2013-2014 Cisco and/or its affiliates. All rights reserved.

    PetStore Dev

    Leaf 1 and 2
    Spine 1 3
    Atomic counters

    PetStore Prod

    Leaf 2 and 3
    Spine 1 2
    Atomic counters

    PetStore QA

    Leaf 3 and 4
    Spine 2 3
    Atomic counters

    APIC
    VXLAN
    Per-Hop
    Visibility

    Physical and
    Virtual as One
    Cisco Confidential

    Northbound API

    System
    Management

    Automation
    Tools

    Tenant- and application-aware

    Hypervisor
    Management

    Orchestration
    Frameworks

    Object-Oriented
    Centralized Automation
    RESTful XML / JSON

    Open Ecosystem
    Framework

    Rapid integration with existing


    management frameworks
    OpenStack

    Comprehensive
    Programmability and
    System Access

    Southbound API
    Publish data model
    Open source
    Enables application portability
    *Only straight chains supported at FCS
    C97-730020-01 2013 Cisco and/or its affiliates. All rights reserved.

    Cisco Confidential

    10

    Agenda
    1) Why Application Centric Infrastructure (ACI)
    2) ACI components
    3) What is Application in ACI
    4) Logical model
    5) Lab logistics

    C97-730020-01 2013 Cisco and/or its affiliates. All rights reserved.

    Cisco Confidential

    11

    Application Language Barriers


    Infrastructure Teams

    Developers
    Application
    Tiers
    Provider /
    Consumer
    Relationship
    s

    VLANs
    Subnets
    Protocol
    s
    Ports

    Developer and infrastructure teams must translate between disparate languages.


    2013-2014 Cisco and/or its affiliates. All rights reserved.

    Cisco Confidential

    12

    2013-2014 Cisco and/or its affiliates. All rights reserved.

    Cisco Confidential

    13

    2013-2014 Cisco and/or its affiliates. All rights reserved.

    Cisco Confidential

    14

    What is an Application to the Network?


    It is More than just a VM or Server

    It is collection of all the Applications End Points

    The Applications L2 L7 Network Policies

    plus
    plus

    The Relationship between these End Points and their Policies

    External
    Network

    QoS

    Web Tier
    End Points

    QoS

    App Tier
    End Points

    QoS

    Service

    Service

    Service

    Filter

    Filter

    Filter

    2013-2014 Cisco and/or its affiliates. All rights reserved.

    DB Tier
    End Points

    Cisco Confidential

    15

    Application Policy Model and Instantiation


    Application
    Client

    Application policy model: Defines the


    application requirements (application
    network profile)

    Storage

    Storage
    App Tier

    Web
    Tier

    DB Tier

    Policy instantiation: Each device


    dynamically instantiates the required
    changes based on the policies

    APIC
    VM

    VM

    VM

    VM

    VM

    VM

    10.2.4.7 10.9.3.37

    VM

    10.32.3.7

    All forwarding in the fabric is managed through the application network profile
    IP addresses are fully portable anywhere within the fabric
    Security and forwarding are fully decoupled from any physical or virtual network attributes
    Devices autonomously update the state of the network based on configured policy requirements
    2013-2014 Cisco and/or its affiliates. All rights reserved.

    Cisco Confidential

    16

    Application Network Profiles


    Application Network Profile

    Inbound/Outbound
    Policies - Contracts

    Inbound/Outbound
    Policies - Contracts

    Application Network profiles are a group of EPGs and the policies that define the communication
    between them.
    2013-2014 Cisco and/or its affiliates. All rights reserved.

    Cisco Confidential

    17

    Filter

    Action

    Label

    TCP Port 80

    Permit

    Web Access

    Subject

    Filter | Action | Label

    Subjects are a combination of


    A filter, an action and a label

    Contract 1
    Contracts define
    communication
    between source and
    destination EPGs

    Subject 1
    Subject 2
    Subject 3

    Contracts are groups of subjects which define communication between EPGs.


    C97-730020-01 2013 Cisco and/or its affiliates. All rights reserved.

    18

    Cisco Confidential

    18

    Policy Table Size Reduction


    Sources

    1
    2
    3
    4
    5
    n=5

    Destinations
    Filters
    1 - Allow x
    2 - Deny y
    3 - Allow x
    4 - Deny y
    5 Allow x
    f=5

    Source EPG

    1
    2
    3
    4
    5
    n=1

    1
    2
    3
    4

    Total policy entries = n * m * f


    Standard model requires 100
    policy entries

    m=4
    Destination EPG

    Filters
    1 - Allow x
    2 - Deny y
    3 - Allow x
    4 - Deny y
    5 Allow x
    f=5

    2013-2014 Cisco and/or its affiliates. All rights reserved.

    1
    2
    3
    4

    ACI model requires 5 policy


    entries

    m=1
    Cisco Confidential

    19

    ACI Layer 4 - 7 Service Integration

    Centralized, Automated, and Supports Existing Model


    Elastic service insertion architecture for
    physical and virtual services
    Application
    Admin

    Web
    App
    Server

    Server

    Chain
    Security 5

    Stage 1

    ..

    inst
    inst
    Firewall

    inst
    ..

    Service
    Admin

    Stage N

    inst
    Load Balancer

    end

    Service Profile

    begin

    Service
    Graph

    Security 5 Chain Defined

    Automation of service bring-up / teardown through programmable interface

    Service enforcement guaranteed,


    regardless of endpoint location
    2013-2014 Cisco and/or its affiliates. All rights reserved.

    App Tier
    B

    Web
    Web
    Server
    Server

    APIC as central point of network control


    with policy coordination

    Supports existing operational model


    when integrated with existing services

    Policy Redirection

    Providers

    Helps enable administrative separation


    between application tier policy and
    service definition

    Web Tier
    A

    Cisco Confidential

    20

    End-Point Groups

    FCS End-Points

    Future End-Points

    2013-2014 Cisco and/or its affiliates. All rights reserved.

    VLAN

    Subnet

    Phys
    Port

    DNS *

    Virtual
    Port

    VxLAN

    DNS

    DHCP
    Pool

    NVGRE

    VM
    Attribute

    Cisco Confidential

    21

    Agenda
    1)Why Application Centric Infrastructure (ACI)
    2)ACI components
    3)What is Application in ACI
    4)Logical model
    5)Lab logistics

    2013-2014 Cisco and/or its affiliates. All rights reserved.

    Cisco Confidential

    22

    Logical Model Overview


    root\uni
    Tenant A

    Tenant B
    Private-L3 A

    Private-L3 A

    Private-L3 B

    Bridge Domain

    Bridge Domain

    Bridge Domain

    Bridge Domain

    Subnet A

    Subnet B

    Subnet A

    Subnet D

    Subnet C

    Private-L3 and subnets are independent between tenants


    2013-2014 Cisco and/or its affiliates. All rights reserved.

    Cisco Confidential

    23

    Mapping the ACI Logical Model to 7 Layer OSI for Network


    Engineers
    7 Layer OSI Model

    ACI Constructs that apply

    Application
    Presentation
    Session
    Transport

    Contracts, Graphs, ANP

    Network

    BD (SVI), Private Network (VRF lite)

    Data Link

    EPG, BD, Policy Groups (VPC, PC,


    Interfaces), Encapsulation (VLAN,
    VXLAN, NVGRE)

    Physical

    Policy, AEP, Domains


    (Physical/VMM)

    2013-2014 Cisco and/or its affiliates. All rights reserved.

    Cisco Confidential

    24

    How to connect with the external devices

    2013-2014 Cisco and/or its affiliates. All rights reserved.

    Cisco Confidential

    25

    Agenda
    1)Why Application Centric Infrastructure (ACI)
    2)ACI components
    3)What is Application in ACI
    4)Logical model
    5)Lab logistics

    2013-2014 Cisco and/or its affiliates. All rights reserved.

    Cisco Confidential

    26

    Lab Topics
    1)GUI Overview
    2)API Inspector and Postmen
    3)ACI Forwarding Constructs
    4)Application Networking Profile (ANP)
    5)Integration with vCenter
    6)External L2 connectivity
    7)External L3 connectivity
    2013-2014 Cisco and/or its affiliates. All rights reserved.

    Cisco Confidential

    27

    Lab Logistics
    - Ask me with any question you might have!
    - There are 3 documents
    ACI Fundamentals Lab Guide THE lab guide
    ACI Lab Setup and Connectivity Missing steps to be
    used when setting up your ACI from scratch
    Optional ACI Simulator Lab Steps from the previous
    document available on the Simulator
    - Link to documents, the password and pod assignment
    are provided by instructor. The rest is in the lab guide.
    - Replace X with your pod number!
    - Ask me with any questions you might have!

    2013-2014 Cisco and/or its affiliates. All rights reserved.

    Cisco Confidential

    28

    Resources
    - dCloud (5 ACI related labs)
    http://dcloud.cisco.com/

    - TNI Lab used for ACI FE bootcamp


    http://dcv-labs.labgear.net/Home.asp

    - Adam Raffe blog (great Cisco Live presentation)


    http://adamraffe.com/2015/02/04/my-cisco-live-milan-acisessions/

    Both Lab resources and Cisco Live content are free of charge for
    Cisco partners. You will have to go through sign up process.
    2013-2014 Cisco and/or its affiliates. All rights reserved.

    Cisco Confidential

    29

    You might also like

    pFad - Phonifier reborn

    Pfad - The Proxy pFad of © 2024 Garber Painting. All rights reserved.

    Note: This service is not intended for secure transactions such as banking, social media, email, or purchasing. Use at your own risk. We assume no liability whatsoever for broken pages.


    Alternative Proxies:

    Alternative Proxy

    pFad Proxy

    pFad v3 Proxy

    pFad v4 Proxy