ACI Components

1
Agenda

• ACI Component
Overview
• Nexus 9000
• APIC Introduction
• ACI Configuration

4
ACI Component Overview

5
ACI Fabric – Virtual Chassis

ACI Spines

ACI Leafs
External L4–7
L2 / L3 Services
Servers

APIC Cluster APIC APIC APIC

OOB Management

6
Leaf Switch

• Role • Typical Leaf Switches

– External connectivity Nexus 9396PX
• Servers
• L2 switches
• L3 Routers Nexus 9372PX
• Appliances (L4-L7 devices)
– Policy enforcement
– Forwarding tables
– Tunnel End Points Nexus 9332PQ

– Encapsulation
Normalisation

7
Spine Switch

• Role • Typical Spine

– COOP (Central repository) Switches
– Distributed database
– Leaf – leaf switching
– Proxy
Nexus 9336PQ

X9736PQ

8
Traffic flow through ASICs

Broadcom
Cisco ASE NFE
ASIC ASIC

Broadcom Broadcom
Cisco ALE Cisco ALE
NFE NFE
ASIC ASIC
ASIC ASIC

9
Where to connect the spines?
• Spines can only be connected to the Leaf’s 40G
uplink ports
• All 10GE interfaces are for hosts or APICs
40G GEM

10
Nexus 9000 Overview

11
Common Platform: Two Modes of Operation

NX-OS ACI
NXOS w/ Enhancements Open, Flexible, & Choice of Policy Controller
iNXOS
Programmability Modes

APIC

Per-Box 1/10/40/100GE Centralized Fabric

Programmability Common Platform Programmability

Network Ops Driven, Switch Policy Based Fabric Automation

Automation

12
NEXUS 9000 ACI Platforms
ACI LEAVES
ACI SPINES
9396PX
ACI CONTROLLER
9396TX

APIC 93128TX

9372PX

9372TX
9516 9508

93120TX

9332PQ
9504 9336PQ

http://www.cisco.com/c/en/us/products/switches/nexus-9000-series-switches/models-listing.html
13
Portfolio – ACI
1. Spine
– Modular Spine: 4/8 x 36p 40/100G
– Fixed Spine: 36p 40G

2. Leaf (Fixed)
– 48p 1/10/25G server ports
– 96p 1/10G server ports
– 32p 40G server ports
– 6p or 12p 40/100G uplinks

3. APIC Appliance
– Medium: up to 1,000 tenants/VRFs APIC APIC APIC
– Large: up to 3,000 tenants/VRFs

4. Interconnect
– 40/100G links

14
Current Fabric Scalability

• 6 Spines • Refer Verified

• 80-200 Leaves scalability Limits
• 180k End Points documentation
• 1000-3000 • Version 2.1 link below
Tenants/VRFd
http://www.cisco.com/c/en/us/td/docs/switches/datacenter/aci/apic/sw
/2-x/verified_scalability/b_Verified_Scalability_2_1_1x.pdf

15
FEX Support
Part Number Description
N2K-C2248PQ-10GE Cisco Nexus 2248PQ 10GE Fabric Extender
N2K-C2248TP-E-1GE Cisco Nexus 2248TP-E Fabric Extender
N2K-C2248TP-1GE Cisco Nexus 2248TP GE Fabric Extender
N2K-C2232PP-10GE Cisco Nexus 2232PP 10GE Fabric Extender
N2K-C2232TM-E-10GE Cisco Nexus 2232TM 10GE Fabric Extender
N2K-2348UPQ 40G Cisco Nexus 2348UPQ 10GE Fabric Extender
N2K-B22DELL-P B22 FEX for Dell
N2K-B22HP-P B22 FEX for HP
N2K-B22IBM-P B22 FEX for IBM

16
APIC
APIC Introduction

17
What is APIC?

APIC is the policy

controller
• It’s not the control plane
• It’s not in the data path
APIC

• It’s a highly redundant

cluster of servers
– 3 minimum (N+2)
– Up to 5 supported

18
APIC Hardware Ports

m n

j k l
1. Console Port 4. VIC
2. CIMC 5. Inband Ports to
3. OOB Management Leafs

19
APIC

20
The Observer Functionality
Statistics Faults, Events

67%
Link
Utilization
Unicast
pkt drops

OBSERVER
Health Scores Logs, Forensics
Diagnostics

21
APIC Clustering
 Shard is a unit of data mgmt Each APIC Node has all APIC functions,
• Data is placed into shards however, processing is evenly distributed
• Each shard has a primary & 2 replicas
• Shards are evenly distributed Allows horizontal (scale-out) scaling.
Simplifies replications scope.

Node
APIC
Policy Topology Observer Boot
 Shard data assignments are based on
pre-determined hash function.
Shard C

Shard
 Static shard layout determines the

Node
APIC
Shard A

Shard G
F
5 Node Cluster

assignment of shards to appliances

ACI Fabric
 Each replica in the shard has use

Node
APIC
preference (1..3)
Shard D

 Writes happen to the highest

preference reachable
Shard B

Shard E

Shard H

Node
APIC
Shard F

 In case of split-brain, automatic

reconciliation is performed
Shard
C

Node
APIC

22
APIC ACI Configuration

23
ACI Configuration Options
• All configuration is via centralised APIC
• Nodes can be accessed for Read Only CLI
• Management Information Model
– Component objects and relationships
• Options
– GUI
– CLI
– Programming

24
Designed around Open APIs & Open Source
Python SDK • Object Oriented
• Comprehensive access to underlying
information model
• Consistent object naming directly mapped
to URL
REST API
• Supports object, sub-tree and class-level
queries
• RESTFul over HTTP(s)
APIC • JSON + XML
• Unified: automatically delegates request to
ACI-enabled L4-7 corresponding components
fabric devices SCRIPTING • Transactional
APIS • Single Management Entity yet fully
independent components

25
APIC GUI Overview - Main Navigation

Two Level Top Navigation

• Main Sections
• System • HTTP(s)://<IP APIC>
• Tenants
• Fabric • HTML5 Application
• VM Networking
• L4-L7 Services
• Admin
• Operations

26
APIC GUI – System Dashboard

27
Basic Elements – Tree (Explorer)
• Hierarchical
Organization
• Folders/Tree Nodes
• Context Menu
• Workspace syncs with
navigation tree
• Consistency right-click
on tree and Action
button

28
Basic Elements – Properties

• Properties page always up-to date (Websockets)

• Refresh (for peace of mind)
• Download Object
• Actions

29
Basic Elements – History

Historical Records for:

• Faults (faults raised/cleaned/etc)
• Events (when the system did what)
• Health (when the object health score changed)
• Audit Logs (who did what)

31
Basic Elements – Health

• Explore Health Information

• Drill down to cause
• Examine Problematic Object(s)

33
End

34