What are the three main components of Cisco ACI?
Before discussing the components of Cisco ACI, it is crucial to understand why ACI was introduced in the first place when we already had SDN technology with us, which was robust, with a simple mechanism to control and manage devices in the entire network from one centralized plane.
So, let's start with What is SDN in Networking?
What is SDN in Networking?
SDN stands for Software-Defined Networking. It is a network management technology introduced to virtualize the network. Virtualizing makes SDN networks more dynamic, programmatically efficient for network configuration, and constant monitoring improves network performance.
When we talk about traditional routing, the router or switch architecture used to have its control plane and data plane in the same device. And the functions like routing decisions and packet forwarding are the responsibility of the device operating system.
Unlike traditional routing, SDN architecture moves the control plane from each network device to a central network intelligence and policy-making entity called the SDN controller. The SDN controllers, especially the control plane, are considered the SDN network's brain, where the whole intelligence is incorporated.
So, using SDN, network administrators can have an abstracted centralized view of the network from the control plane.
OpenFlow was the first SDN standard introduced to facilitate the communications interface defined between the controls and forwarding layers of SDN architecture. But it lacked scalability, visibility, security and were complex; That's why Cisco introduced a new approach and architecture driven from SDN called Application Centric Infrastructure (ACI).
ACI was a new approach emphasizing an essential part of the Datacenter.
What is Cisco ACI?
Application Centric Infrastructure (ACI) is the policy-based SDN solution for the Data Center environment. It is pretty popular in industries as it offers high software flexibility, efficient configuration, and scalability of hardware performance. Also, its management, policy framework, and protocols make it different from other SDN technologies.
ACI use the latest Cisco Nexus 9000 family of switches as the hardware and comprise Data Center Policy Engine, Additional Data Center Pod, and Non-directly Attached Virtual and Physical Leaf Switches along with its software.
Cisco ACI Benefits
Here are some of the significant benefits of using ACI,
- The application-driven policy model offers simplified Automation.
- Focus on Applications and their velocity. So, Data Center can handle any workload, anytime.
- Integration Capabilities - Investment protection by integrating with the existing fabric infrastructure, e.g. Nexus 7000
- Container networking
- Public Cloud networking
- Centralized visibility with real-time, application health monitoring
- Open software flexibility for DevOps teams and ecosystem partner integration
- Scalable performance and multi-tenancy in hardware
Core Components of Cisco ACI
Cisco ACI fabric comprises the APIC, ANP, and the Cisco Nexus 9000 series switches using two-tier spine-leaf topology as the core components of ACI architecture.
The three core components of Cisco ACI architecture:
APIC is considered the brain of the ACI architecture. A centralized software controller designed for programmability (Automation), centralized management, policy enforcement, and health monitoring.
APIC Full Form
The full form of APIC is Application Policy Infrastructure Controller and it is responsible for,
- Fabric Activation
- Maintenance of switch firmware
- Translating application policies into network programming.
- Optimizing performance.
- Supporting any application anywhere.
- Unifying operation of physical and virtual environments.
- Managing and operating a scalable multitenant Cisco ACI fabric.
Also, Cisco APIC does not manipulate the data path directly compared to the controllers in SDN. It centralizes the policy definition and programs the leaf switches to forward traffic based on the defined policies.
Moreover, when communication with the APIC is lost in a network, the fabric can still forward traffic because the APIC is completely removed from the data path. So, the availability needs are consistently met in ACI.
APIC is positioned between the ANP and the ACI-enabled network infrastructure in the ACI fabric. They expose a northbound API through XML and JSON and provide both a command-line interface (CLI) and GUI that use this API to manage the fabric.
It supports multiple configuration methods, including a GUI, a REST API, a Python API, Bash scripting, and a CLI. APIC also provides an open-source southbound API allowing third-party network service vendors to implement policy control of supplied devices.
Unlike APIC, Application Network Profile (ANP) is defined as the collection of endpoint groups (EPG), their connections, and the policies that define those connections. EPG is a logical grouping of similar endpoints representing an application tier or service set requiring a similar policy.
ANP logically represents all the application components and their interdependencies on the application fabric.
ANP Full Form
The full form of ANP is Application Network Profile. They are basically designed to be modelled in a logical way that matches the way the applications are designed and deployed. Moreover, the configuration, enforcement of policies and connectivity are handled by the system rather than manually by an administrator.
Steps required to create an Application Network Profile.
- Creating EPGs
- Building policies that define connectivity with rules such as Permit, Deny, Log, Mark, Redirect, Copy
- Creating contracts - Reusability and policy consistency for services that typically communicate with multiple EPGs.
3. Cisco ACI Fabric: Cisco Nexus Portfolio
With the recent introduction to Cisco Nexus 9000 Series Switches for both traditional and Cisco ACI data center deployments to the family of Nexus switches, we can tell Cisco is expanding its Nexus portfolio. These switches provide an application-aware switching fabric and work with an APIC to manage the virtual and physical network infrastructure.
They are highly in-demand as they offer modular and fixed 1/10/40 Gigabit Ethernet switch configurations. Also, they are designed in such a way to operate either in Cisco NX-OS mode or in Cisco ACI mode.
Both modes offer compatibility and consistency with the current Cisco Nexus switches and let the data centers take full advantage of Cisco ACI application policy-based services and infrastructure automation features.
These capabilities of using Cisco Nexus switches makes them the core ACI component. Over it, they provide customers with investment protection and ease of migration to Cisco ACI through a software upgrade.
So, these components of ACI make this technology an excellent fit for next-generation Data Centers switching and are accessible to customers of any size.
Required Training for Data Center Specialists
A data center specialist will require Cisco Nexus 9000 training to deploy and manage Cisco Nexus® 9000 Series Switches in NX-OS and ACI mode to fulfil the skill requirement.
With PyNet Labs, professionals can learn this trending technology as we offer Cisco DC ACI online training along with Cisco Nexus training from scratch.
So, if you are looking for Cisco Nexus training in Delhi, Bangalore, Hyderabad, Pune or any part of the country? Enroll with PyNet Labs and start your online Cisco Nexus + DCACI training from the comfort of your home.
To register for our Nexus + Cisco DC ACI training, you can connect with us on Call, WhatsApp, Telegram, Viber, Signal at +91 9821215002, or write us at [email protected].