Beruflich Dokumente
Kultur Dokumente
Ivan Andjelkovic
Systems Engineer
Agenda
© 2013-2014 Cisco and/or its affiliates. All rights reserved. Cisco Confidential 2
Industry Trends
DevOps
New operational models are driving the need for infrastructure change.
© 2013-2014 Cisco and/or its affiliates. All rights reserved. Cisco Confidential 3
Agile Networking Needed
Datacenter Spending (%) Over Time
100%
• Operating expenses
90%
represent over 80%
80%
of DC spending
70%
0%
06 07 08 09 10 11 12 13
Server Spending Standalone Servers - Mgnt & Admin
Virtual Servers - Mgnt & Admin Power & Cooling Expense
© 2013-2014 Cisco and/or its affiliates. All rights reserved. Source: IDC, 2011 “New Economic Model for the Datacenter” Cisco Confidential 4
Agenda
© 2013-2014 Cisco and/or its affiliates. All rights reserved. Cisco Confidential 5
ACI Introduces Logical Network Provisioning of Stateless
Hardware
Web App DB
APIC
© 2013-2014 Cisco and/or its affiliates. All rights reserved. Cisco Confidential 6
ACI Fabric
ACI Spines
L4 -7 Services
External L2 / L3 Servers
OOB Managment
© 2013-2014 Cisco and/or its affiliates. All rights reserved. Cisco Confidential 7
Multi-Hypervisor-Ready Fabric
Network
Admin
Hypervisor Integration APIC
APIC
ACI Fabric
• Integrated gateway for VLAN,
VxLAN, NVGRE networks from
virtual to physical
VLAN VLAN VLAN VLAN
VXLAN NVGRE VXLAN
• Normalization for NVGRE, VXLAN,
and VLAN networks ESX Hyper-V KVM
• Resource consumption
APIC
Integrate with workload placement or
migration
VXLAN Physical and
Per-Hop Virtual as One
© 2013-2014 Cisco and/or its affiliates. All rights reserved.
Visibility Cisco Confidential 9
Northbound API System Automation
• Rapid integration with existing Management Tools
management frameworks
• OpenStack
Hypervisor Orchestration
• Tenant- and application-aware Management Frameworks
Object-Oriented Comprehensive
Open Ecosystem
Centralized Automation Programmability and
RESTful XML / JSON Framework System Access
Southbound API
• Publish data model
• Open source
• Enables application portability
C97-730020-01 © 2013 Cisco and/or its affiliates. All rights reserved. Cisco Confidential 10
Agenda
C97-730020-01 © 2013 Cisco and/or its affiliates. All rights reserved. Cisco Confidential 11
Application Language Barriers
Application VLANs
Tiers
Subnets
Provider / Protocol
Consumer s
Relationship Ports
s
© 2013-2014 Cisco and/or its affiliates. All rights reserved. Cisco Confidential 12
© 2013-2014 Cisco and/or its affiliates. All rights reserved. Cisco Confidential 13
© 2013-2014 Cisco and/or its affiliates. All rights reserved. Cisco Confidential 14
What is an Application to the Network?
© 2013-2014 Cisco and/or its affiliates. All rights reserved. Cisco Confidential 15
Application Policy Model and Instantiation
Application
Client
Application policy model: Defines the
application requirements (application Storage Storage
network profile)
Web App Tier DB Tier
Tier
All forwarding in the fabric is managed through the application network profile
• IP addresses are fully portable anywhere within the fabric
• Security and forwarding are fully decoupled from any physical or virtual network attributes
• Devices autonomously update the state of the network based on configured policy requirements
© 2013-2014 Cisco and/or its affiliates. All rights reserved. Cisco Confidential 16
Application Network Profiles
Inbound/Outbound Inbound/Outbound
Policies - Contracts Policies - Contracts
Application Network profiles are a group of EPGs and the policies that define the communication
between them.
© 2013-2014 Cisco and/or its affiliates. All rights reserved. Cisco Confidential 17
Filter Action Label
TCP Port 80 Permit Web Access
Contract 1
Contracts define
Subject 1
communication
between source and Subject 2
destination EPGs
Subject 3
C97-730020-01 © 2013 Cisco and/or its affiliates. All rights reserved. Cisco Confidential 18
18
Policy Table Size Reduction
Sources Destinations
1 Filters
1
Total policy entries = n * m * f
2 1 - Allow x
2
3 2 - Deny y
3
Standard model requires 100
policy entries
4 3 - Allow x
4
5 4 - Deny y
5 – Allow x
n=5 f=5 m=4
1 Filters
1
2 1 - Allow x
2 ACI model requires 5 policy
3 2 - Deny y
3 entries
4 3 - Allow x
4
5 4 - Deny y
5 – Allow x
n=1 f=5 m=1
© 2013-2014 Cisco and/or its affiliates. All rights reserved. Cisco Confidential 19
ACI Layer 4 - 7 Service Integration
Centralized, Automated, and Supports Existing Model
Service
…..
Graph
• Automation of service bring-up / tear- begin Stage 1 Stage N end
Service Profile
• Supports existing operational model inst inst
Providers
Service
…
when integrated with existing services Admin inst
……..
inst
DHCP VM
Future End-Points Subnet DNS * DNS Pool Attribute
© 2013-2014 Cisco and/or its affiliates. All rights reserved. Cisco Confidential 21
Agenda
© 2013-2014 Cisco and/or its affiliates. All rights reserved. Cisco Confidential 22
Logical Model Overview
root\uni
Tenant A Tenant B
Subnet C
© 2013-2014 Cisco and/or its affiliates. All rights reserved. Cisco Confidential 25
Agenda
© 2013-2014 Cisco and/or its affiliates. All rights reserved. Cisco Confidential 26
Lab Topics
1)GUI Overview
2)API Inspector and Postmen
3)ACI Forwarding Constructs
4)Application Networking Profile (ANP)
5)Integration with vCenter
6)External L2 connectivity
7)External L3 connectivity
© 2013-2014 Cisco and/or its affiliates. All rights reserved. Cisco Confidential 27
Lab Logistics
- Ask me with any question you might have!
- There are 3 documents
ACI Fundamentals Lab Guide – THE lab guide
ACI Lab Setup and Connectivity – Missing steps to be
used when setting up your ACI from scratch
Optional ACI Simulator Lab – Steps from the previous
document available on the Simulator
- Link to documents, the password and pod assignment
are provided by instructor. The rest is in the lab guide.
- Replace X with your pod number!
- Ask me with any questions you might have!
© 2013-2014 Cisco and/or its affiliates. All rights reserved. Cisco Confidential 28
Resources
Both Lab resources and Cisco Live content are free of charge for
Cisco partners. You will have to go through sign up process.
© 2013-2014 Cisco and/or its affiliates. All rights reserved. Cisco Confidential 29