* Cisco Application Centric Infrastructure Overview

1. Cisco Application Centric Infrastructure Overview

2. Why CISCO Application Centric Infrastructure?

3. CISCO Application Centric Infrastructure Components

4. Cisco ACI Features

5. How To Transform to ACI

* Outlines

• CISCO ACI is innovative datacenter architecture designed to remove complexity between applications tier and hardware devices, centralize management and monitoring of all physical and virtual resources, increase security and help infrastructure team to understand the developers and operation teams.

• Application centric infrastructure is a full system-based approach with tight integration between physical and virtual elements and innovation application specific integrated circuits (ACISCs) built to get a complete hardware and software information.

• This unique approach uses a common policy-based operating model across a network that support ACI to :

• Simplifies, optimizes, and accelerates the entire application deployment lifecycle

• Eliminate IT big efforts and reduce cost and complexity.

* Cisco Application Centric Infrastructure

* CISCO Application Centric Infrastructure Components

• Simplified automation with an application-based policy model

• Common platform for managing physical, virtual and cloud-based environments

• Centralized visibility with real-time application health monitoring

• Operation simplicity, with common policy, management, and operation models across application, network and security resources.

• Open software flexibility for development and operations (DevOps) teams.

• Scalable performance and secure multitenancy

* Why CISCO Application Centric Infrastructure?

1.Cisco Application Policy Infrastructure Controller(APIC)

2.Application Network Profiles (EPG)3.Cisco ACI Fabric: Cisco Nexus Portfolio (NEXUS

9000)

* CISCO Application Centric Infrastructure Components

• Cisco APIC is deployed as a cluster of three or more appliances, although you can still create new policies even with a single controller, and the fabric can forward traffic even without controllers.

• Cisco APIC is shipped as a physical server appliance on Cisco UCS C220 M3 server with two 10 Gigabit Ethernet interfaces that must be connected to any two leaf switches and with Gigabit Ethernet interfaces for out-of-band management.

* 1. Cisco Application Policy Infrastructure Controller

• Cisco APIC is a physically distributed but logically centralized controller that provides DHCP, bootstrap configuration, and image management to the fabric for automated startup and upgrades.

• Cisco APIC is completely removed from the data path. This means that the fabric can still forward traffic even when communication with the APIC is lost.

• APIC Provides: • centralized management for the fabric, policy enforcement, health monitoring, optimizes

performance, supports any application anywhere, unifies operation of physical and virtual environments

• responsible for tasks ranging from fabric activation, maintenance of switches firmware, network policy configuration.

* 1. Cisco Application Policy Infrastructure Controller

• An Application Network Profile within the fabric is a collection of the endpoint groups, their connections, and the policies that define those connections. Application Network Profile is the logical representation of all components of the application on the application fabric.

• ACI collect Endpoints that required similar policy into Endpoint groups, each endpoint represent an application or set of services.

• Application Network Profiles are designed to be modeled in a logical way that matches the way that applications are designed and deployed.

• The configuration and enforcement of policies and connectivity are then handled by the system through the Cisco APIC rather than an administrator.

* 2. Application Network Profiles

* 2. Application Network Profiles

• The CISCO ACI Fabric replace the traditional design (Access- Distribution- Core) to newly design contain Leaf and Spine layers

• CISCO ACI Network deployment based on nexus 9000 series switches, which offers modular and fixed 1/10/40 Gigabit Ethernet switch.

• Nexus 9000 take full advantage of Cisco ACI application policy–based services and infrastructure automation features. This dual-function capability provides customers with investment protection and ease of migration to Cisco ACI through a software upgrade.

* 3. Cisco ACI Fabric: Cisco Nexus Portfolio

* 3. Cisco ACI Fabric: Cisco Nexus Portfolio

• Centralized fabric management• Cisco ACI availability (  3 APIC node clusters with N+2 redundancy)• Automated Software Management of all components• Layer 4 through 7 services integration• Troubleshooting GUI• Secure user authentication ( RADIUS- LDAP- TACACS+ - Local authentication with

password and RBAC• Provide multiple tenants and isolated private networks• Provide full Network topologies and drawings• Virtualization integration handle virtual machines in parallel with physical

machines • ACI Endpoint Tracker application (track all packets move through ACI Fabric)• System wide application visibility and troubleshooting(SPAN- Atomic counters -

Application and tenant health scores)

* Cisco ACI Features

• Relationship is formed between APIC and Virtual Machine Manager (VMM)

• Multiple VMMs likely on a single ACI Fabric

• Each VMM and associated Virtual hosts are grouped within APIC

• Integrated with VMware Vcenter, Microsoft SCVMM and Azure Pack, Open stack, LINUX Container.

* ACI Virtualization and cloud based Integration

• Automate Service Insertion Through APIC

• Create Service Graph

• Automatic endpoint addition/removal with ACI

• Easily add and remove ACL rules

• Publish new applications use Python API

* ACI Integration of Layer 4 – 7 Services

• We didn’t need to replace all devices to start ACI fabric• Cisco provide some services can help customers to upgrade to ACI • Cisco business strategy

capabilities help you articulate the strategy and develop the business case and an architectural-led master plan for ACI. • Cisco readiness planning capabilities

help transform your data center networks to an aci by identifying risks and opportunities, analyzing operational elements, and recommending detailed migration plans to enable a smooth and successful transition to aci.

• Cisco data center services for operations enablementprepare your environment for aci while addressing all stages of the operations lifecycle.

* How To Transform to ACI

Islam Salah