Cisco Application Centric Infrastructure Study Notes

CHAPTER 4: Describe Cisco Application Centric Infrastructure

Overview

Business and individual data creation is increasing exponentially, resulting in complex data center networks that challenge traditional management tools. To enhance performance, redundancy, visibility, and ease of management, automation, programmatic solutions, and Software-Defined Networking (SDN) frameworks are essential.

Key Topics in the Chapter

  1. Cisco Application Centric Infrastructure (ACI) Overview
    1.1. Cisco Application Policy Infrastructure Controller (APIC)
    1.2. Automation, policy-driven application profiles
    1.3. Software flexibility and hardware performance scalability

  2. Cisco ACI Initial Setup
    2.1. Fabric Discovery
    2.2. Fabric Upgrade
    2.3. Fabric Access Policies

  3. Cisco ACI Fabric Building Blocks
    3.1. Policy Model
    3.2. VMM Domains

  4. Self-Assessment
    4.1. Do I Know This Already? Quiz

Cisco Application Centric Infrastructure (ACI) Overview

  • Definition and Functionality:
    Cisco ACI is a data center SDN architecture designed to enable central management and automatic configuration to meet application requirements efficiently. ACI separates the control plane from the data plane, thus automating IT tasks, improving business agility, and speeding up data center operations.
  • Endpoints and Policies:
    Endpoints in ACI can include virtual machines (VMs) and physical servers, grouped into endpoint groups (EPGs) based on similar needs. Policies are defined to manage interactions among these groups, including communication channels and parameters such as Quality of Service (QoS).
Benefits of Cisco ACI
  • Centralized, policy-defined automation management
  • Holistic application-based solutions enhancing flexibility and automation
  • Automatic fabric deployment and configuration
  • Reduced manual errors through automation of repetitive tasks
  • Comprehensive security and monitoring
  • Open APIs and standards for better integration with ecosystem partners

Cisco ACI Initial Setup, Fabric Discovery, Upgrade, and Access Policies

Initial Setup
  • Cabling Requirements:
    • Spines connect only to leaves; no connection between leaves.
    • All endpoints must connect to leaves, including Layer 2, Layer 3, and Layer 4-7 devices.
    • A Cisco APIC must connect to two different leaves (dual-homed).
  • Key Configuration Options During Initial Setup:
    • Fabric name, number of controllers, controller ID, address pool for Tunnel Endpoint (TEP) addresses, VLAN ID for infrastructure, OOB management IP address, and default gateway must be specified during the setup.
Fabric Discovery
  • Process: Automated discovery uses Link Layer Discovery Protocol (LLDP) and DHCP to assign switch node addresses and install the necessary firmware. Steps of Discovery:
    1. Neighbor discovery via LLDP.
    2. TEP address assignment from the TEP pool (default 10.0.0.0/16).
    3. Necessary software upgrades from the APIC repository.
    4. Establishing Intra-Fabric Messaging (IFM) for policy elements.
Fabric Upgrade
  • Management of Upgrades:
    APIC allows centralized fabric upgrade management. Connectivity is crucial for successful upgrades, and switches should be organized into groups for upgrading sequentially to ensure operational integrity.
  • Upgrade Steps:
    1. Ensure necessary APIC firmware version compatibility.
    2. Download both APIC and switch images to the repository.
    3. Upgrade APIC cluster.
    4. Verify operational status before progressing.
Fabric Access Policies
  • Creation and Management: Fabric policies govern fabric interface operations and can include various protocols and functions.
    • Categories of Policies:
    • Switch profiles
    • Module profiles
    • Interface profiles
    • Global policies
    • Pod profiles
    • Monitoring and troubleshooting policies

Cisco ACI Fabric Building Blocks, Policy Model, and VMM Domains

Fabric Building Blocks
  • Decoupling of Endpoints:
    ACI's main objective is the decoupling of endpoints from physical networks, utilizing a distributed Layer 3 gateway for optimal forwarding. The ACI fabric supports standard bridging and routing while encapsulating traffic in VXLAN.
Policy Model
  • Managed Objects and Policies:
    The policy model allows administrators to create policies that enforce application-specific requirements across the fabric.
  • Logical Constructs:
    • Endpoints, bridge domains, contracts, and EPGs depend on the higher-level tenant objects to guide all operations smoothly. The APIC manages all changes based on defined policies, enabling automation and provisioning flexibility.
VMM Domains
  • Integration with Virtual Machine Managers: Allows fabric administrators to have a consolidated view of physical and virtual workloads and supports provisioning automation.
    • VMM Components:
    • Virtual Machine Manager domain profile, Credential, Controller, EPG Association, AEP Association, VLAN Pool Association.

Conclusion

Each section of Tableau portrays different elements crucial for understanding Cisco ACI's operational efficiency and integration, from initial setup to overall management and troubleshooting practices.