For disaster recovery, political, and organizational reasons, enterprises like to have multiple data centers, and now they are going hybrid with public cloud capacity adding in the mix. Having networks scattered across the globe brings operational challenges, from being able to easily migrate and manage workloads across the multiple sites and increased complexity around networks, security to adopting emerging datacenter technologies like containers.
As the world becomes more cloud-centric, organizations are looking for ways to gain greater visibility and scalability across their environments, automate as many processes as possible and manage all these sites as a single entity.
Cisco Systems is putting new features into the latest release of its Application Centric Infrastructure (ACI) software that they say can address many of those problems, including more easily managing multiple ACI network fabrics in different geographical locations and integrating Kubernetes for better container management.
And today, Lumos is here to explore Cisco ACI software’s most recent update. But before anything else, let’s have a quick review of Cisco’s take on software defined networks.
Cisco ACI: A New Take on SDN
The change mentioned earlier has been happening for quite some time now. As data centers over the years, so did physical servers. It didn’t take long enough for people to realize that there’s a developing demand for a simpler network configuration.
Frankly speaking, traditional servers with external connections are hard to manage. If data center networks were to catch up, they needed to change things up. They need to figure out a way to automate processes — hence, Software Defined Networks.
SDN was a new network approach created in hopes of controlling them through one software. It breaks up the traditional network configuration and traffic engineering of hardware infrastructure, replacing it with a more holistic approach such as a virtual switch.
Long after SDN was developed, Cisco decided to create its own interpretation called Application Centric Infrastructure. As the networking industry scrambled for a way to configure networking machines in unison instead of doing it one by one, the networking giant unveiled Cisco ACI in late 2013 as an answer to the growing network virtualization trend that was being driven by the likes of VMware, smaller startups, and open source projects.
The idea was to create a network architecture that responded to the demands of applications, ensuring the necessary resources were available. Integrating both software and hardware, the Cisco ACI design guide uses APIC Controllers as its centralized policy management. It’s defined as a policy enforcement engine focused on the software itself, abstracting its network functionality underneath.
ACI’s design uses three main hardware components that when combined together, creates its entire fabric — spines, leafs, and APIC.
Spines refer to the group of Cisco Nexus 9000 switches that connect all of ACI’s leaf switches. The leafs are 300 Nexus 9000 switches cabled to the spine switches as uplinks, providing all connectivity into the ACI fabric for virtual servers. And lastly, APIC is the central brain of the ACI solution.
Instead of managing different data center switches, Cisco created a giant virtual switch and router into one logical device!
ACI 3.0 And New Horizons
Since its release, the response has been good. The company now has more than 4,000 ACI customers and the number of training offered online grew. By Cisco’s fiscal fourth quarter, the solution’s revenue grew 38 percent year-over-year.
Ultimately, the update was needed. Several people were already enjoying its benefits and it’s only apt that the company took things up a notch. ACI 3.0 is the latest version of the software that drives Cisco’s software-defined networking (SDN) strategy.
Cisco unveiled an initiative called Network Intuitive, which is designed to drive the development of intent-based networks that are intelligent enough through machine learning and advanced analytics to anticipate needed actions, offer predictive network analysis, address security threats before they become a problem and essentially evolve by learning over time.
Intent-based networks are a key part of Cisco’s larger efforts to respond to customer needs in the growing multi-cloud world, CEO Chuck Robbins said during a conference call in August to discuss the quarterly numbers.
“We are helping our customers take full advantage of a multi-cloud world that has become the norm in managing their applications and hybrid cloud solutions,” Robbins explained, noting the combination of ACI with the company’s Unified Compute Systems (UCS) as well as the new intent-based network. “Our goal is to deliver the best multi-cloud platform built on an intelligent Intuitive Network enabling faster automated and highly secured delivery of applications in the cloud.”
ACI 3.0 is their latest step into that path. A key new feature is Multi-Site Management, which enables ACI customers to more seamlessly connect and manage multiple ACI fabrics, whether they’re scattered across multiple datacenter or private cloud sites or within the same on-premises environment but running on multiple clusters!
Cisco ACI Software’s Expanding Reach
Much of the work, from connectivity to policy management, can be automated, according to Srini Kotamraju, director of product management for Cisco data center networking. Using traditional datacenter interconnect technologies in such distributed environments is difficult, complex and expensive.
Kotamraju explained that the multi-site appliance will allow its clients to federate ACI policy across different sites. He added that the recent update will allow clients to create tenants, application profiles, security policies and more. Aside from this, Kotamraju said that the update will also provide admins with the ability to have an overview of the changes to a site or sites.
It’s a great advantage Cisco users can use to deploy a production software to one site and verify it first before stretching it to other sites. Furthermore, ACI 3.0 has decided to provide support to the increasingly popular container management called Kubernetes!
Kubernetes has a Container Networking Interface or CNI that enables networking technologies and with the new update, Cisco’s Nexus 900 Switches and ACI’s fabric will now be used to allow container networking! Komraju explained they’ll be using CNI alongside a set of containers under Kubernetes including their OpFlex agent.
The said update also gave ACI’s security a boost by enhancing its capabilities to defend itself against different types of attacks. Among the new features is First Hop Security. The new security enhancement can be utilised to help prevent IP/MAC spoofing by authenticating workload and enforcing granular security policies.
Ultimately, Cisco is expanding its global market share of ACI installations at a speedy rate. As the ecosystem grows, more and more partners are adding their own products like firewalls, load balancers and more to the Cisco ACI solution.
source: https://www.nextplatform.com/2017/10/13/cisco-stretches-aci-network-fabrics-eases-management/
