Académique Documents
Professionnel Documents
Culture Documents
Architecture and
Deployment
Max Ardica
Principal Engineer - INSBU
Agenda
ACI Single Pod Fabric ACI Stretched Fabric ACI Multi-Pod Fabric ACI Multi-Site
IPN IP
Pod ‘A’ Pod ‘n’ Fabric ‘A’ Fabric ‘n’
… …
APIC Cluster
© 2017 Cisco and/or its affiliates. All rights reserved. Cisco Public 4
Regions and Availability Zones
OpenStack and AWS Definitions
OpenStack
Application
workloads
deployed across
availability zones
© 2017 Cisco and/or its affiliates. All rights reserved. Cisco Public
Creation of Two Independent Fabrics/AZs
Deployment of Two (or More) Pods per Fabric/AZ
‘Classic’ Active/Active
© 2017 Cisco and/or its affiliates. All rights reserved. Cisco Public
ACI Multi-Site Deep Dive
Overview and Use Cases
ACI Multi-Site VXLAN
ACI 3.0 Release
Overview IP Network
MP-BGP - EVPN
REST
GUI
API Availability Zone ‘B’
Availability Zone ‘A’
Region ‘C’
Separate ACI Fabrics with independent APIC clusters MP-BGP EVPN control plane between sites
ACI Multi-Site pushes cross-fabric configuration to Data Plane VXLAN encapsulation across sites
multiple APIC clusters providing scoping of all End-to-end policy definition and enforcement
configuration changes
© 2017 Cisco and/or its affiliates. All rights reserved. Cisco Public 11
ACI Multi-Site
Network and Identity Extended between Fabrics
MP-BGP - EVPN
© 2017 Cisco and/or its affiliates. All rights reserved. Cisco Public 12
ACI Multi-Site
Namespace Normalization
Translation of Class-ID, VNID
Translation of Source IP Network (scoping of name spaces)
VTEP address
MP-BGP - EVPN
Maintain separate name spaces with ID translation performed on the spine nodes
Requires specific HW on the spine to support for this functionality
© 2017 Cisco and/or its affiliates. All rights reserved. Cisco Public 13
ACI Multi-Site
Hardware Requirements
© 2017 Cisco and/or its affiliates. All rights reserved. Cisco Public 14
ACI Multi-Site
The Easiest DCI Solution in the Industry!
Communication between endpoints in separate sites (Layer 2 and/or Layer 3) is enabled simply by creating and
pushing a contract between the endpoints’ EPGs
IP
S1 S2 S3 S4 S5 S6 S7 S8
EP1 EP2
IP Network
MP-BGP - EVPN
Future Support planned in CY18 for FX line cards and 9364C platform
© 2017 Cisco and/or its affiliates. All rights reserved. Cisco Public 16
ACI Multi-Site Networking Options
Per Bridge Domain Behavior
Layer 3 only across sites IP Mobility without L2 Full Layer 2 and Layer
flooding 3 Extension
L3 L3 L3
Site Site Site Site 2
Site Site Site
1 2 1 2 1 2
© 2017 Cisco and/or its affiliates. All rights reserved. Cisco Public 17
Introducing ACI Multi-Site
Policy Manager
ACI Multi-Site
Multi-Site Policy Manager
Micro-services architecture
• Multiple VMs are created and run concurrently
(active/active)
• vSphere only support at FCS (KVM and physical
REST
GUI appliance support scoped for future releases)
API
OOB Mgmt connectivity to the APIC clusters
ACI Multi-Site deployed in separate sites
• Support for 500 msec to 1 sec RTT
VM VM VM
Main functions offered by ACI Multi-Site:
• Monitoring the health-state of the different ACI Sites
Hypervisor • Provisioning of day-0 configuration to establish
inter-site EVPN control plane
….. • Defining and provisioning policies across sites
Site 1 Site 2 Site n (scope of changes)
• Inter-site troubleshooting (post-3.0 release)
© 2017 Cisco and/or its affiliates. All rights reserved. Cisco Public 19
ACI Multi-Site
Deployment Considerations
Intra-DC Deployment Interconnecting DCs over WAN
New York
Site3
IP Network
WAN
Milan Rome
Hypervisor Hypervisor Hypervisor Site1 Site2
VM VM VM
ACI Multi-Site
Hypervisor Hypervisor
ACI
VM VM Multi-Site VM
Hypervisors can be connected directly to the DC OOB network Moderate latency (~150 msec) supported between ACI Multi-Site
Each ACI Multi-Site VM has a unique routable IP nodes
Async calls from ACI Multi-Site to APIC Higher latency (500 msec to 1 sec RTT) between ACI Multi-Site nodes
and remote APIC clusters
If possible deploy a node in each site for availability purposes
(network partition scenarios)
© 2017 Cisco and/or its affiliates. All rights reserved. Cisco Public
20
ACI Multi-Site
Dashboard
© 2017 Cisco and/or its affiliates. All rights reserved. Cisco Public 21
ACI Multi-Site
Templates and Profiles
Profile
Template = APIC policy definition POLICY
EP1 EP2
© 2017 Cisco and/or its affiliates. All rights reserved. Cisco Public 22
APIC vs. ACI Multi-Site Functions
Maintains runtime data (VTEP address, VNID, End-to-end visibility and troubleshooting
Class_ID, GIPo, etc.) No run time data, configuration repository
No participation in the fabric control and data No participation in the fabric control and data
planes planes
© 2017 Cisco and/or its affiliates. All rights reserved. Cisco Public 23
Inter-Site Connectivity
Deployment Considerations
ACI Multi-Site
Inter-Site IP Network Requirements
MP-BGP EVPN
© 2017 Cisco and/or its affiliates. All rights reserved. Cisco Public 25
Migration Scenarios
ACI Multi-Site
Migration Paths
Fabric 1
Multi-Site
APIC Cluster
APIC Cluster
Fabric 1 Fabric 2
Multi-Fabric Design to
Inter-Site Site 1 Site 2
App Multi-Site
L2/L3
DCI
Multi-Fabric Scoped for the future © 2017 Cisco and/or its affiliates. All rights reserved. Cisco Public 35
Conclusions and Q&A
Conclusions
Cisco ACI offers different multi-fabric
options that can be deployed today
There is a solid roadmap to evolve
those options in the short and mid term
Multi-Pod represents the natural
evolution of the existing Stretched
Fabric design
Multi-Site will replace the Dual-Fabric
MP-BGP EVPN MP-BGP EVPN
approach
© 2017 Cisco and/or its affiliates. All rights reserved. Cisco Public 37
Where to Go for More Information
© 2017 Cisco and/or its affiliates. All rights reserved. Cisco Public 38
Thank you