Cisco ACI Overview

Video Statistics and Information

Video
Captions Word Cloud
Reddit Comments
Captions
hi everyone my name is Nick I am CCIE Americans we check my youtube channel is about networking technologies and right now most of my videos are in Russian this is my initial attempt to record the video for international audience so please go easy on me in this video we will talk about Cisco ACI so let's get started here is our agenda I will explain what AC is why do we want to replace your current DC networking with a CI what are in CI components and how a CI architecture looks like so what is Cisco a CI a CI stands for application centric infrastructure it is Cisco's Sdn solutions for data centers and please do not confuse it with AC AEM where II M stands for enterprise module it is a different product with different purpose our topic today is just PCIe and as I mentioned before ACI is solution for data centers so you should plug in servers into it not pcs not IP phones or anything else that is clearly belongs to campus networking key features of ACI are automation focus on applications huge integration capabilities for example integration with virtualization platforms such as VMware vSphere or Microsoft hyper-v for example integration with container networking for example kubernetes integration with orchestration tools such as Cisco Cloud Center integration with public health at ranking and many more and of course a CIO SPO Network will benefit if you compare it with other DC solutions example of people networking benefit in my opinion is the excellent which is used by a CI versus all technology such as fabric path and let's talk about why you should want to replace your current gear with a CI at first place a CI simplifies datacenter networking and hides a lot of complexity from administrator a CI uses Vic stand behind the scenes and if you configure it vixen before on standalone nexus switches probably you will agree with me that it is not very simple configuration a CI hides that complexity from you and even more you don't have to configure each switch in your fabric separately in a CA you can figure all fabric as a whole so for example if you take your classical Nexus 5 key switches and Nexus 7 key switches for example and you want to configure the excellent inside your fabric and you do not have any automation software you will have to deal with each switch separately you can use CLI or REST API but the main goal is that you will have to configure each of your switches inside your fabric separately it is not the case for a CI for a CI you will configure all your fabric as a whole you will you will use cluster of AP controllers which allows you to configure to configure your fabric as a whole not not to configure each switch in your fabric separately and it points us to next bullet which is automation a CIA has REST API so its automation capabilities are much more better than for example CLI scraping which is still used since it is the only way to deal with all patterns next benefit of HCI is its integration capabilities which are huge you can integrate ACI a Visio VMware infrastructure hyper-v which virtualization OpenStack container networking orchestration tools and much more from my point of view the main goal of all this integration is to achieve rapid provisioning of networking of network infrastructure for end applications and here we come to application oriented nature of a CI when you use a CI you begin to think more about applications and much more less about classical networking elements such as the events subnets trunks routing whatever and the definitely has logic since at the very end we use all our events networking stuff just for one reason provide application to the customer next let's discuss pianist we can convert ages of a CI first advantage is the leaf spine leaf or cloth topology let's draw it really quick he leaves pine leaf topology we have two layers of hierarchy we have spine layer and leaf layer it is pretty simple and scalable topology so if you want to add more Leafs to connect your cells you just need to connect it to your spines if you run out of ports on your spines you just add a new spine and connect all your Leafs to it we will talk about we will talk more about this topology later and of course one more benefit of this topology is that any host inside your fabric has to traverse maximum of three hops to reach any other host so for example we have several sitting here and several to sitting here if server one wants to talk to sever to it will go to the fun then to spine1 for example very free and 7/2 so at the first case silver one will have to traverse one two three hops to reach its destination seller - of course if you have for example several free connected to the same leaf and several one wants to talk to several free it will traverse only single hope which is the leaf one let's go for the next advantage is ecmp which stands for equal cost multi pi think ACI allows for true active active is in P which is achieved by routing Ethernet frames I told you before that if several run wants to talk to several - it will traverse refund spine1 and leave free it is it is not all - truth actually since a CI is capable of doing a simpie when server one talks to sever - it can go that way leaf on spine one leave free it can go leaf one spine to leave free and it can go leaf one spine free leaf free so it's truly active active is in P let's clear that stuff and go to east-west traffic optimization ACI uses anycast can'twe on each leaf so let's draw it again and let's imagine that we have two servers which are connected to the same leaf sever one and several two and let's imagine that sever one has an IP 10.10 dot dot 10 slash 24 and sever to his IP then that then that very that tell that 24 so as you can see these servers are belong to different subnets so they need a default gateway to talk to each other since they recite on different subnets in case of a CI default gateway for that network and that network will will recite sorry will recite on refun leave too and if you have many and you have motives you will have that default gateway on all your lives so when seller 1 wants to talk to several - it has to traverse only leaf 1 routing will will will be happened here only one and if you really care about security and I can help with that as well with micro segmentation capabilities and whitelist policy which is implemented by default so let's go clear it again and talk about different keys what did he have several one and several two on the same subnet and you want to implement any networking policy between them for example a here in traditional networking of course it is possible you can put firewall in transparent mode between them but in ACI it's much more easier in Asia you have micro segmentation capabilities so basically you can attach a shield between hosts on the same subnet in a CAE it is called contract and we will talk about it later and as I mentioned before a CI implements white lead white list policy by default in a say you have EPG objects which which stands for end point group if if you have some objects inside EBG one and you have different objects different service different VMs inside EPG to they can not talk to each other by default if you want a PG one to be able to talk to a PG two you will need to define that access explicitly next well let's discuss a CA physical components ACI consists of two main components switches and controllers what about switches a CIA uses Nexus 99k switches nineteen serious switches and divided into two roots leaves and spines as far as I know there is no model which can be a spine or a leaf so every physical box model is tied to a specific fabric roll it is the spine or a leaf and of course one box cannot be spine in the leaf at the same time so if you want to build your ACI fabric you will buy some switches and every switch in your fabric will have only one roll and as I mentioned before it the on switch physical model so of course it also depends on your data center design and of course you have for example top of rack switches which usually has much more less density than spine switches which usually have a lot of poor a lot of ports and the ports have very huge bandwidth 40 gig Ethernet or for example 100 ecozone also most of Nexus 9 King 9k switches have two modes of operation it is a shy mode for a CI of course and an access mode for standalone usage so you can buy nexus 19 switch and use it with an excel nx-os mode as standalone switch which is not part of a CI fabric it is possible but I believe there are 102 models which supports only a CI mode second component is a peak controller epic stands for application policy infrastructure controller it is the brain of entire ACI system and should be deployed in high availability fashion with three or more controllers which forms the epic cluster the physical controller is a cisco ucs CSeries seller you can choose between different capacities for different fabric size of course if you have such a little fabric you don't have to buy the most powerful UCS C server but if you have a bigger fabric you should consider buying more powerful service for AP cluster right now the only way to build a P controller cluster is UCS e-series so you cannot use UCSB for example you cannot use non Cisco hardware you cannot use virtual machine VN or anything else you have to buy UCS season and let's talk about what our let's go back to the ACA architecture here you can see our spines spine 1 and spine to which from spine level here you can see leave one and leave two which form leaf level of course you can have more spines and motives is just a simple and little example of Asia a fabric and you can see here ap controller cluster which consists of a peak one a pictu and a peak free and you can see that we have no connections between spines and no connections between Leafs actually it is a CI and leaves by leaf topology rule you must not have any connections between spine switches and between leaf switches and the second rule is that all spine switches should have connections to all belief switches and vice versa all leaf switches who should have connections to all spines wishes so for example we have spine one and it should have connection to all these switches and it has to leave one and leave two and spine two should have connections to all these switches to leave one and leave two and vice versa for Leafs leave one has connections to all spines to spine one and spine to and leave two has connections to all spines to spine one is spine and spine to in our example end point should be plugged only into leaf switches so if you want to plug service into your fabric you will plug them into leaf switches in 99% of cases spice which is both have connections only to live switches but there are some exceptions but anyway you will not plug yourself into spine switches directly it is not supported that was brief overview of cisco sa product if you liked my video please put your thumb up and subscribe to my channel bye
Info
Channel: Sneaky Subnet
Views: 53,172
Rating: 4.8550396 out of 5
Keywords: CIsco, SDN, ACI, Application Centric Infrastructure, APIC, Leaf-Spine-Leaf, Leaf, Spine, CLOS, VxLAN, vxlan, VXLAN, Cisco ACI, DC, Data Center
Id: NxgNlRt641Q
Channel Id: undefined
Length: 23min 7sec (1387 seconds)
Published: Sat Feb 24 2018
Related Videos
The Story of Cisco ACI
John Swartz
54K
CCIE Datacenter Training - Cisco ACI Basics from Networkers Home. CCIE Playlist and videos on ACI.
NETWORKERSHOME
67K
Cisco ACI Ecosystem
Sneaky Subnet
1.6K
How Devices Connect to the Fabric: Understanding Cisco ACI Domains
Tech Field Day
361K
One of the Greatest Speeches Ever | Steve Jobs
Motivation Ark
10M
Understanding the Cisco ACI Policy Model
Tech Field Day
61K
Overview of Cisco Unified Communications Devices
Kevin Wallace Training, LLC
8.4K
Network Security 101: Full Workshop
SecureSet
1.6M
Cisco ACI Part 1 | What is Cisco ACI?
RichTechGuy
218
Cisco Network Insights Overview
Cisco
3K
01 ACI Intro
Jayachandran
59K
Note
Please note that this website is currently a work in progress! Lots of interesting data and statistics to come.