ACI and Full Stack Automation
|
|
- Madeline Logan
- 5 years ago
- Views:
Transcription
1
2 ACI and Full Stack Automation Steve Sharman and Russ Whitear BRKACI-2770
3 Abstract ACI and Full Stack Automation provides the attendee with a view on how network and application constructs can be delivered in an automated manner to an ACI network. We will take a look at the tools required to provision the full stack from network provisioning through to application delivery. Technologies discussed will include Cisco Application Policy Infrastructure Controller (APIC), UCS Director and Cisco Cloud Center (Formerly CliQr). The focus will be on providing structured methodologies that can be used to satisfy the requirements and desires of both infrastructure admins and application developers alike. BRKACI Cisco and/or its affiliates. All rights reserved. Cisco Public 3
4 Session objectives Provide you with an understanding on ACI networking constructs Explain how UCS Director can be used to Automate ACI Explain how Cisco Cloud Center can interact with ACI Provide you with a clear understanding where to use the different tools available BRKACI Cisco and/or its affiliates. All rights reserved. Cisco Public 4
5 Before we start, let s get to know each other
6 Agenda Why Automate? ACI Primer Infrastructure as a Service with UCS Director Controlling ACI with Cisco Cloud Center
7 Let s start with an obvious question
8 Why are customers looking to automate in the Data Center?
9 There are actually many different reasons: Cost reduction Simplicity Consistent configuration (Policy conformance, elimination of human error) Reduction in maintenance windows Structured changes during the business day Service Catalogue for IT services UCSD IaaS Cisco Cloud Center Hybrid Cloud Management BRKACI Cisco and/or its affiliates. All rights reserved. Cisco Public 9
10 Automation means different things to different people!
11 Network centric, Server centric, Application centric Switch Interfaces Tenants VRFs Bridge Domains (L2) VLAN Extension Bridge Domains (L3) External L3 Application Network Profiles Endpoint Groups Contracts VMware Portgroups Firewall Configuration SLB Configuration Storage LUNs Storage zoning Server Configuration (BIOS etc) Bare Metal Deployments Operating System Virtual Machine Deployment Multi server deployment Application containers Server Configuration (BIOS etc) Virtual Machine Deployment Load balancers Database BRKACI Cisco and/or its affiliates. All rights reserved. Cisco Public 11
12 ACI Primer
13 To help understand ACI, let s look at a real customer example
14 CPoC Large Financial Organisation APIC APIC APIC OSPF Area 0 L2 L3 e1/3 e1/7 e1/8 e1/1 e1/2 e1/1 e1/2 e1/5 e1/6 e1/15 e1/11 e1/12 e1/15 e1/15 c3850 OSPF Area 10 (stub) n n n7706 n n n9504 Spirent Test Center ESX-02 ESX-01 Spirent Test Center Spirent Test Center OSPF Area 20 OSPF Area 30 BRKACI Cisco and/or its affiliates. All rights reserved. Cisco Public 14
15 Firstly, we needed to configure the switch interfaces
16 Network Provisioning Quick Start wizard Manual setup BRKACI Cisco and/or its affiliates. All rights reserved. Cisco Public 16
17 Policy Defined Network APIC APIC APIC Switch Policies Leaf Profiles Leafs_101_and_102 Concrete Model Logical Model Virtual Machine Domains (vswitches) vcenter-01-dvs-01 Security Domain (optional) Leaf Profile vpc_to_ucs_fi_a Interface Policies Leaf Profiles Interface Selector 1/21 Pools VLAN/VXLAN vcenter-01-dvs-01 UCS-phys-svrs Outside-Fabric Phy/Out Domains (VLAN mgmt) UCS-phys-svrs Outside-Fabric AAEP (Allowed VLANs) vcenter-01-dvs-01 UCS-phys-svrs Outside-Fabric Interface Policies Leaf Policy Groups vpc_to_ucs_fi_a SVI_to_outside Interface Policies Policies CDP_enabled LACP_Active BRKACI Cisco and/or its affiliates. All rights reserved. Cisco Public 17
18 Notes to remember: Interface Policies can be reused across any interface type Leaf Policy Groups for Access ports can be used by different Leaf Profiles Leaf Policy Groups for PC/vPC cannot be used by different Leaf Profiles Leaf Profiles can be used by different Switch Profiles BRKACI Cisco and/or its affiliates. All rights reserved. Cisco Public 18
19 A consistent naming convention is critical for simple troubleshooting
20 Example Rack Layout Row ID A Rack ID A1 A2 A3 A4 A5 A6 A7 A8 A9 A10 ToR ID ToR ID B Rack ID B1 B2 B3 B4 B5 B6 B7 B8 B9 B10 ToR ID ToR ID C Rack ID C1 C2 C3 C4 C5 C6 C7 C8 C9 C10 ToR ID ToR ID D Rack ID D1 D2 D3 D4 D5 D6 D7 D8 D9 D10 ToR ID ToR ID BRKACI Cisco and/or its affiliates. All rights reserved. Cisco Public 20
21 Example Naming Approach VLAN Pool Domains (L2, L3, Phys) AAEP (allowed VLANs) Interface Polices (settings) Leaf Policy Groups (aggregated settings) Leaf Profiles (settings mapped to interfaces) Switch Profiles (interfaces mapped to switches) Tenant_Name Tenant_Name Tenant_Name Enabled/Disabled PortSpeed_PortType_Usage Rack_ID/Switch_ID_to_ConnectedDevice Rack_ID or Rack_ID_SwitchID Customer_A_01 Customer_A_L3_01 Customer_A_01 10G, CDP_enabled 10G_access_c _to_c A1_101 BRKACI Cisco and/or its affiliates. All rights reserved. Cisco Public 21
22 How does this look?
23 10G_acc_c3850 Concrete Model Logical Model Leaf Profile Leafs_101_and_102 Leaf Profile li07_to_ ld04-c Rack/Switch to connected device Interface setting group Interface Selector 1/3 Leaf Policy Group 10G_acc_c3850 VLAN Pool Customer_A_01 External Routed Domain Customer_A_L3_01 AAEP Customer_A_01 Interface Policies 10G Interface Policies CDP_enabled BRKACI Cisco and/or its affiliates. All rights reserved. Cisco Public 24
24 10G_acc_n7706 Concrete Model Logical Model Leaf Profile Leafs_101_and_102 Leaf Profile li07_to_ lg05-n Rack/Switch to connected device Interface setting group Interface Selector 1/7 Leaf Policy Group 10G_acc_n7706 VLAN Pool Customer_A_01 External Routed Domain Customer_A_L3_01 AAEP Customer_A_01 Interface Policies 10G Interface Policies CDP_enabled BRKACI Cisco and/or its affiliates. All rights reserved. Cisco Public 25
25 10G_acc_n9504 Concrete Model Logical Model Leaf Profile Leafs_101_and_102 Leaf Profile li07_to_ lg11-n Rack/Switch to connected device Interface setting group Interface Selector 1/8 Leaf Policy Group 10G_acc_n9504 VLAN Pool Customer_A_01 External Routed Domain Customer_A_L3_01 AAEP Customer_A_01 Interface Policies 10G Interface Policies CDP_enabled BRKACI Cisco and/or its affiliates. All rights reserved. Cisco Public 26
26 10G_vPC_esx_li07-c220m4-01 Concrete Model Logical Model Leaf Profile Leafs_103_and_104 Leaf Profile li08_to_ li07-c220m4-01 Rack/Switch to connected device Unique Interface setting group Interface Selector 1/11 Leaf Policy Group 10G_vPC_esx_ li07-c220m4-01 Interface Policies LACP_active VLAN Pool Customer_A_01 Physical Domain Customer_A_Phys_01 AAEP Customer_A_01 Interface Policies 10G Interface Policies LLDP_enabled BRKACI Cisco and/or its affiliates. All rights reserved. Cisco Public 28
27 10G_vPC_esx_li07-c220m4-02 Concrete Model Logical Model Leaf Profile Leafs_101_and_102 Leaf Profile li07_to_ li07-c220m4-02 Rack/Switch to connected device Unique Interface setting group Interface Selector 1/12 Leaf Policy Group 10G_vPC_esx_ li07-c220m4-02 Interface Policies LACP_active VLAN Pool Customer_A_01 Physical Domain Customer_A_Phys_01 AAEP Customer_A_01 Interface Policies 10G Interface Policies LLDP_enabled BRKACI Cisco and/or its affiliates. All rights reserved. Cisco Public 29
28 Couldn t we reduce the number of Leaf Policy Groups?
29 Yes provided that they are Access Policy Groups with the same Interface Policies
30 10G_acc_ c3850 n7706 n9504 Concrete Model Leaf Profile Leafs_101_and_102 Leaf Profile Leafs_101_and_102 Leaf Profile Leafs_101_and_102 Logical Model Leaf Profile li07_to_ ld04-c Leaf Profile li07_to_ lg05-n Leaf Profile li07_to_ lg11-n Interface Selector 1/3 Interface Selector 1/7 Interface Selector 1/8 All Leaf Policy Groups use the same Interface Policies (Settings and allowed VLANs) Leaf Policy Group 10G_acc_c3850 Leaf Policy Group 10G_acc_n7706 Leaf Policy Group 10G_acc_n9504 VLAN Pool Customer_A_01 External Routed Domain Customer_A_L3_01 AAEP Customer_A_01 Interface Policies 10G Interface Policies CDP_enabled BRKACI Cisco and/or its affiliates. All rights reserved. Cisco Public 32
31 10G_acc_to_external_L3_switch Concrete Model Leaf Profile Leafs_101_and_102 Leaf Profile Leafs_101_and_102 Leaf Profile Leafs_101_and_102 Logical Model Leaf Profile li07_to_ ld04-c Leaf Profile li07_to_ lg05-n Leaf Profile li07_to_ lg11-n Interface Selector 1/3 Interface Selector 1/7 Interface Selector 1/8 Leaf Policy Group 10G_acc_to_external_ L3_switch Consolidated Leaf Policy Group for Interfaces which use the same Interface Policies (Settings and allowed VLANs) VLAN Pool Customer_A_01 External Routed Domain Customer_A_L3_01 AAEP Customer_A_01 Interface Policies 10G Interface Policies CDP_enabled BRKACI Cisco and/or its affiliates. All rights reserved. Cisco Public 33
32 Couldn t we reduce the number of Leaf Profiles?
33 Yes provided that they use the same interfaces on the physical switch(es)
34 10G_acc_to_external_L3_switch Concrete Model Leaf Profile Leafs_101_and_102 Leaf Profile Leafs_101_and_102 Leaf Profile Leafs_101_and_102 Logical Model Leaf Profile li07_to_ ld04-c Leaf Profile li07_to_ lg05-n Leaf Profile li07_to_ lg11-n Interface Selector 1/3 Interface Selector 1/7 Leaf Policy Group 10G_acc_to_external_ L3_switch Interface Selector 1/8 Multiple Leaf Profiles / Interface Selectors consume the same Leaf Policy Group (Settings and allowed VLANs) VLAN Pool Customer_A_01 External Routed Domain Customer_A_L3_01 AAEP Customer_A_01 Interface Policies 10G Interface Policies CDP_enabled BRKACI Cisco and/or its affiliates. All rights reserved. Cisco Public 36
35 10G_acc_to_external_L3_switch Concrete Model Logical Model Leaf Profile Leafs_101_and_102 Leaf Profile li07_to_external L3_switch Interface Selector 1/3, 1/7, 1/8 Leaf Policy Group 10G_acc_to_external_ L3_switch Consolidated Leaf Profiles / Interface Selectors consume the same Leaf Policy Group (Settings and allowed VLANs) VLAN Pool Customer_A_01 External Routed Domain Customer_A_L3_01 AAEP Customer_A_01 Interface Policies 10G Interface Policies CDP_enabled BRKACI Cisco and/or its affiliates. All rights reserved. Cisco Public 37
36 Automating Access Policies abstracts the naming rules away from APIC thus ensuring configuration conformance BRKACI Cisco and/or its affiliates. All rights reserved. Cisco Public 38
37 In large organisations having an automated approach to interface configuration could allow the rack/stack team to configure the switches from a simple IT services catalogue BRKACI Cisco and/or its affiliates. All rights reserved. Cisco Public 39
38 Secondly, we needed to consume the switch interfaces Tenant Configuration
39 Network Consumption Tenants Quick Start wizard BRKACI Cisco and/or its affiliates. All rights reserved. Cisco Public 41
40 ACI Nomenclature Refresher A Tenant is just an Administrative boundary A VRF is a VRF as you know it today A Bridge Domain is a L2 segment where flooding rules apply think VLAN but without a VLAN ID A Bridge Domain is the scope of one or more subnets think SVI and IP Secondary An EPG is just a logical grouping of devices think interfaces and VLANs An EPG is a Port Group in VMware An EPG can contain different VLANs, e.g. when mixing dynamic Virtual Port Groups and Physical machines think hardware VTEP Devices in an EPG are allowed to communicate (by default) Isolated EPGs block communication within the EPG think PVLAN Micro Segmentation (µseg) EPGs are used to dynamically move devices from a base EPG into a more specific EPG An Application Network Profile is a group of one or more EPGs remember an EPG can only be inside one ANP Communication between EPGs and/or from devices off the ACI fabric require Contracts (ACLs) BRKACI Cisco and/or its affiliates. All rights reserved. Cisco Public 42
41 Network Interfaces must be configured first! ANP: My_App APIC EPG: Web Domain: Production_Svrs APIC APIC Path: vpc_to_ucs_fi_a VLAN_10 Path: vpc_to_ucs_fi_b VLAN_10 Concrete Model Leaf Profiles (Target Switches) Leafs_101_and_102 Logical Model Leaf Profile vpc_to_ucs_fi_a Leaf Profiles Interface Selector 1/21 Security Domain (optional) Leaf Profile vpc_to_ucs_fi_b Interface Selector 1/22 VLAN/VXLAN (Pools) UCS-phys-svrs VLAN mgmt (Phy/Out Domain) UCS-phys-svrs AAEP (Allowed VLANs) UCS-phys-svrs Leaf Policy Group vpc_to_ucs_fi_a Leaf Policy Group vpc_to_ucs_fi_b Interface Policies CDP_enabled LACP_Active BRKACI Cisco and/or its affiliates. All rights reserved. Cisco Public 43
42 What about VLANs, SVIs, ACLs, etc?
43 Option 1: Single EPG on a Single BD with a Single Subnet standard networking APIC APIC APIC VRF: 01 (Anycast gateway) BD: X Hardware Proxy: No ARP Flooding: Yes Unknown Unicast Flooding: Yes IP Routing: No BD: x Hardware Proxy: No ARP Flooding: Yes Unknown Unicast Flooding: Yes IP Routing: No BD: x Hardware Proxy: No ARP Flooding: Yes Unknown Unicast Flooding: Yes IP Routing: No Endpoints in EPG identified by Switch/Interface and VLAN ID / / / / / /24 ANP: My_App EPG Tag: Web (VLAN 10) Security Zone EPG Tag: App (VLAN 11) Security Zone EPG Tag: DB (VLAN 12) Security Zone Tenant: My_Tenant Communication allowed within EPG Communication allowed within EPG Communication allowed within EPG BRKACI Cisco and/or its affiliates. All rights reserved. Cisco Public 45
44 Option 2: Multiple EPGs on a Single BD with a Single Subnet µsegmentation in IP space APIC APIC APIC VRF: 01 (Anycast gateway) Bridge Domain: X_24 Gateway: Bridge Domain Hardware Proxy: Yes ARP Flooding: No Unknown Unicast Flooding: No IP Routing: Yes Layer 2 Segment Endpoints in EPG identified by Switch/Interface and VLAN ID / / / / / /24 ANP: My_App EPG Tag: Web (VLAN 10) Security Zone EPG Tag: App (VLAN 11) Security Zone EPG Tag: DB (VLAN 12) Security Zone Tenant: My_Tenant Communication allowed within EPG Communication allowed within EPG Communication allowed within EPG BRKACI Cisco and/or its affiliates. All rights reserved. Cisco Public 46
45 Just because you can doesn't always mean you should
46 Option 3a: Multiple EPGs on a Single BD with Multiple Subnets IP secondary APIC APIC APIC VRF: 01 (Anycast gateway) Bridge Domain: multiple_subnets Gateway: Bridge Domain Hardware Proxy: Yes ARP Flooding: No Unknown Unicast Flooding: No IP Routing: Yes Endpoints in EPG identified by Switch/Interface and VLAN ID / / / / / /24 ANP: My_App EPG Tag: Web (VLAN 10) Security Zone EPG Tag: App (VLAN 11) Security Zone EPG Tag: DB (VLAN 12) Security Zone Tenant: My_Tenant Communication allowed within EPG Communication allowed within EPG Communication allowed within EPG BRKACI Cisco and/or its affiliates. All rights reserved. Cisco Public 48
47 Option 3b: Multiple EPGs on a Single BD with Multiple Subnets IP secondary APIC APIC APIC VRF: 01 (Anycast gateway) Bridge Domain: multiple_subnets Gateway: Bridge Domain Hardware Proxy: Yes ARP Flooding: No Unknown Unicast Flooding: No IP Routing: Yes Endpoints in EPG identified by Switch/Interface and VLAN ID / / / / / /24 ANP: My_App EPG Tag: Web (VLAN 10) Security Zone EPG Tag: App (VLAN 11) Security Zone EPG Tag: DB (VLAN 12) Security Zone Tenant: My_Tenant Communication allowed within EPG Communication allowed within EPG Communication allowed within EPG BRKACI Cisco and/or its affiliates. All rights reserved. Cisco Public 49
48 What about segmenting inside an EPG?
49 Options 1, 2, and 3 µsegmentation within an EPG/Port Group (no East/West traffic flows) APIC APIC APIC VRF: 01 (Anycast gateway) Bridge Domain: X_24 Gateway: Bridge Domain Hardware Proxy: Yes ARP Flooding: No Unknown Unicast Flooding: No IP Routing: Yes Layer 2 Segment Endpoints in EPG identified by Switch/Interface and VLAN ID / / / / / /24 ANP: My_App EPG Tag: Web (VLAN 10) Security Zone Tenant: My_Tenant Communication allowed within EPG BRKACI Cisco and/or its affiliates. All rights reserved. Cisco Public 51
50 Options 1, 2, and 3 µsegmentation within an EPG/Port Group based on machine attribute APIC APIC APIC VRF: 01 (Anycast gateway) Bridge Domain: X_24 Gateway: Bridge Domain Hardware Proxy: Yes ARP Flooding: No Unknown Unicast Flooding: No IP Routing: Yes Layer 2 Segment Endpoints in EPG identified by Switch/Interface and VLAN ID Name Contains: Web_1 Name Contains: Web_2 Name Contains: Web_ / / / / / /24 ANP: My_App EPG Tag: All_Web_Servers (VLAN 10) Security Zone Tenant: My_Tenant Communication allowed within useg EPG BRKACI Cisco and/or its affiliates. All rights reserved. Cisco Public 52
51 External VLANs L2 connection to legacy networks
52 Option 1: Same VLANs Outside/Inside (No Contract Required) APIC APIC vlan-10 APIC VRF: 01 (Anycast gateway) Bridge Domain: outside_vlan_10 Gateway: Bridge Domain Hardware Proxy: No ARP Flooding: Yes Unknown Unicast Flooding: Yes IP Routing: Yes vpc_to_ucs_a vlan-10 vpc_to_ucs_b vlan-10 vpc_to_n5ks vlan-10 ANP: Outside_VLANs Tenant: My_Tenant EPG: Host-Mgmt Communication allowed within EPG BRKACI Cisco and/or its affiliates. All rights reserved. Cisco Public 54
53 Option 2: Different VLANs Outside/Inside (Contract Required) APIC APIC vlan-10 APIC VRF: 01 (Anycast gateway) Bridge Domain: outside_vlan_10 Gateway: Bridge Domain Hardware Proxy: No ARP Flooding: Yes Unknown Unicast Flooding: Yes IP Routing: Yes L2out vpc_to_n5ks vlan-10 vpc_to_ucs_a vlan-100 vpc_to_ucs_b vlan-100 ANP: Outside_VLANs Tenant: My_Tenant EPG: Host-Mgmt Communication allowed within EPG Communication allowed to External EPG EPG BRKACI Cisco and/or its affiliates. All rights reserved. Cisco Public 55
54 External Subnets
55 External Routed Connections APIC Outside APIC APIC VRF: 01 (Anycast gateway) Bridge Domain: x_22 Gateway: Bridge Domain Hardware Proxy: Yes ARP Flooding: No Unknown Unicast Flooding: No IP Routing: Yes L3out: Area0 101/1/96: /30 102/1/96: /30 OSPF Configuration Security Import Subnet* i.e which external subnets can be accessed through this EPG / / / /24 ANP: My_App Tenant: My_Tenant EPG Tag: Web (VLAN 10) Security Zone EPG Tag: App (VLAN 11) Security Zone Communication allowed to /24 Communication allowed to all External Subnets EPG /24 Permit access to remote subnet: /24 EPG /0 Permit access to all remote subnets: /0 BRKACI Cisco and/or its affiliates. All rights reserved. Cisco Public 57
56 A quick note about contracts
57 Contracts permit communication between EPGs / / / /24 EPG: Web_1 EPG: App_1 ANP: MyApp_1 BD: x BD: X BD: x VRF: / /24 EPG: DB_1 ANP: DB / /24 EPG: Web_1 ANP: MyApp_ / /24 EPG: App_1 Tenant: My_Tenant BRKACI Cisco and/or its affiliates. All rights reserved. Cisco Public 59
58 Now that we have a better understanding of ACI, lets consider what customers typically want to automate
59 Customer Use Cases Credit Services Multi-Tier application Deployments Tenants VRFs Bridge Domains Endpoint Groups Contracts Load Balancing (Citrix) VM creation Banking VRFs Bridge Domains Endpoint Groups Contracts Switch Interfaces VM creation OS Installation Media Tenants VRFs Bridge Domains Endpoint Groups Contracts Switch Interfaces BRKACI Cisco and/or its affiliates. All rights reserved. Cisco Public 61
60 What should you look to do first? A. Automate the building of networking infrastructure B. Automate the consumption of networking resources Blueprints for Tenants, L2 (EPG/VLAN/VXLAN), L3, L4-7 services IP Address Management (IPAM) Summary routes into the fabric Virtual machine creation Containers Application Provisioning Self service offering C. Automate both infrastructure and consumption D. Automate application deployment BRKACI Cisco and/or its affiliates. All rights reserved. Cisco Public 62
61 Take a step back, most customers actually require a number of pre defined functional Blueprints
62 Sample Network Blueprints Clients Clients Clients External Router to WAN Gateway External Router to WAN External Router to WAN ACI Gateway (not used) ACI Gateway ACI Gateway L2 Fabric (external g/w) L3 Fabric L3 Fabric with external firewall BRKACI Cisco and/or its affiliates. All rights reserved. Cisco Public 64
63 Sample Network Blueprints Clients Clients Clients External Router to WAN External Router to WAN External Router to WAN ACI External Gateway ACI External Gateway SLB SLB ACI Internal Gateway ACI Internal Gateway ACI Gateway L3 Fabric with firewall on fabric L3 Fabric with SLB on fabric L3 Fabric with firewall and SLB BRKACI Cisco and/or its affiliates. All rights reserved. Cisco Public 65
64 Let s consider the consumers of a cloud provider. The consumers don t concern themselves with server connectivity BRKACI Cisco and/or its affiliates. All rights reserved. Cisco Public 66
65 They simply concern themselves with the IP addresses/gateway for their applications, and the security rules which allow access to those applications BRKACI Cisco and/or its affiliates. All rights reserved. Cisco Public 67
66 Automating Tenant configuration allows teams other than the network team to consume network services BRKACI Cisco and/or its affiliates. All rights reserved. Cisco Public 68
67 If we now understand the why
68 We next need to understand the how
69 How Many of You... Are already scripting and automating common tasks? In my experience, most of us are not Are really good at copy and paste? That s me that is!! BRKACI Cisco and/or its affiliates. All rights reserved. Cisco Public 71
70 Congratulations! BRKACI Cisco and/or its affiliates. All rights reserved. Cisco Public 72
71 Being Serious For A Moment We talk to a lot of partner and customer engineers all over the world It is clear that some knowledge of programming concepts is quite valuable these days The top question is always Do I need to learn programming to keep doing my job? I ve got some good news for you... In a nutshell, the answer is No... But only if you learn to consume the easy-to-use tools and processes out there BRKACI Cisco and/or its affiliates. All rights reserved. Cisco Public 73
72 ACI and the API
73 What is ACI? It is all about the API and Object Model APIC APIC APIC BRKACI Cisco and/or its affiliates. All rights reserved. Cisco Public 75
74 ACI and REST API REST is fundamental to APIC interaction All other tools are built around it Understand REST, understand ACI automation The second time you need to do something, think about automating it instead!! BRKACI Cisco and/or its affiliates. All rights reserved. Cisco Public 76
75 Using REST HTTP(S) to the URL or Address of an object Select an Action to perform (GET, POST etc) Send the Payload (in XML or JSON format) BRKACI Cisco and/or its affiliates. All rights reserved. Cisco Public 77
76 Common (Free) Tools For The Network Engineer Use these to automate things in ACI Postman Plugin for Google Chrome API Inspector APIC GUI COBRA SDK Python IDE (Pycharm, Atom, others) Git / Github ARYA ACI Toolkit Many Others BRKACI Cisco and/or its affiliates. All rights reserved. Cisco Public 78
77 Different Engineers, Different Tools Powerful/Complex APIC GUI REST API SDK APIC CLI Simple/Rigid BRKACI Cisco and/or its affiliates. All rights reserved. Cisco Public 79
78 API Inspector a REST API Sniffer Record your GUI interaction as JSON Modify and replay with tools like Postman BRKACI Cisco and/or its affiliates. All rights reserved. Cisco Public 80
79 API Inspector a REST API Sniffer Record your GUI interaction as JSON Modify and replay with tools like Postman BRKACI Cisco and/or its affiliates. All rights reserved. Cisco Public 80
80 Postman Plugin for Google Chrome BRKACI Cisco and/or its affiliates. All rights reserved. Cisco Public 82
81 Python SDK (aka Cobra ) + ARYA Full featured access to entire APIC REST API Native ACI language configure in GUI and turn into Cobra SDK Contributors include: Business Unit Engineers, Technical Services Engineers, Advanced Services Engineers Complete user use cases all possible XML/JSON arya.py Python code {"fvtenant":{"attributes":{"dn":"uni/tn- Cisco","name":"Cisco","rn":"tn- Cisco","status":"created"},"children":[{"fvBD":{"attribut es":{"dn":"uni/tn-cisco/bd- CiscoBd","mac":"00:22:BD:F8:19:FF","name":"CiscoBd","rn": "BD- CiscoBd","status":"created"},"children":[{"fvRsCtx":{"att ributes":{"tnfvctxname":"cisconetwork","status":"created, modified"},"children":[]}},{"fvsubnet":{"attributes":{"dn ":"uni/tn-cisco/bd-ciscobd/subnet- [ /8]","ip":" /8","rn":"subnet- [ /8]","status":"created"},"children":[]}}]}},{"fv Ctx":{"attributes":{"dn":"uni/tn-Cisco/ctx- CiscoNetwork","name":"CiscoNetwork","rn":"ctx- CiscoNetwork","status":"created"},"children":[]}}]}} fvtenant = cobra.model.fv.tenant(topmo, name='cisco') fvctx = cobra.model.fv.ctx(fvtenant, name='cisconetwork') fvbd = cobra.model.fv.bd(fvtenant, mac='00:22:bd:f8:19:ff', name='ciscobd') fvrsctx = cobra.model.fv.rsctx(fvbd, tnfvctxname=fvctx.name) fvsubnet = cobra.model.fv.subnet(fvbd, ip=' /8') BRKACI Cisco and/or its affiliates. All rights reserved. Cisco Public 83
82 Practical example of tool usage BRKACI Cisco and/or its affiliates. All rights reserved. Cisco Public 83
83 Practical example of tool usage BRKACI Cisco and/or its affiliates. All rights reserved. Cisco Public 83
84 Cisco on Github BRKACI Cisco and/or its affiliates. All rights reserved. Cisco Public 86
85 Customer demo
86 BRKACI Cisco and/or its affiliates. All rights reserved. Cisco Public 88
87 UCSD Director for IAAS ACI Network Configuration
88 Introduction
89 Cisco ONE Enterprise Cloud Suite Infrastructure Management Build and run a Private Cloud Cisco UCS Director (Infrastructure) Virtual Physical Hypervisor Builds and manages Private Cloud Infrastructure Physical and Virtual, including ACI In pure IaaS deployments provides VM provisioning E.G. Through vcenter for ESX and SCVMM for HyperV Provides a end-user self service portal for IaaS provisioning BRKACI Cisco and/or its affiliates. All rights reserved. Cisco Public 91
90 UCS Director Topology and Optional Components UCS Nexus Physical & Virtual Infrastructure BRKACI Cisco and/or its affiliates. All rights reserved. Cisco Public 92
91 Orchestrating with UCS Director Model Based Orchestration Object, not script, based ~2,000 infrastructure tasks included Graphical Design Interface Logical processing of Conditionals and Loops Versioning Support BRKACI Cisco and/or its affiliates. All rights reserved. Cisco Public 91
92 Orchestrating with UCS Director Model Based Orchestration Object, not script, based ~2,000 infrastructure tasks included Graphical Design Interface Logical processing of Conditionals and Loops Versioning Support BRKACI Cisco and/or its affiliates. All rights reserved. Cisco Public 91
93 UCSD Director for IaaS ACI
94 Different Catalogues for Different User Types BRKACI Cisco and/or its affiliates. All rights reserved. Cisco Public 93
95 Different Catalogues for Different User Types Network Admins ACI Fabric Provisioning BRKACI Cisco and/or its affiliates. All rights reserved. Cisco Public 93
96 Different Catalogues for Different User Types Network Admins ACI Fabric Provisioning BRKACI Cisco and/or its affiliates. All rights reserved. Cisco Public 93
97 Different Catalogues for Different User Types Network Admins ACI Fabric Provisioning BRKACI Cisco and/or its affiliates. All rights reserved. Cisco Public 93
98 Different Catalogues for Different User Types Network Admins ACI Fabric Provisioning Network Administrator Tasks Create VLAN Pool Create Domain and Bind to VLAN Pool Create AAEP and Bind to Domain & Leaf Policy Group Create Leaf Profile and Bind to Switch Profile Create Interface selector and Bind to Leaf Profile &Leaf Policy Group Create Switch Profile BRKACI Cisco and/or its affiliates. All rights reserved. Cisco Public 93
99 Different Catalogues for Different User Types Tenant Admins ACI Tenant Operations BRKACI Cisco and/or its affiliates. All rights reserved. Cisco Public 94
100 Different Catalogues for Different User Types Tenant Admins ACI Tenant Operations BRKACI Cisco and/or its affiliates. All rights reserved. Cisco Public 94
101 Different Catalogues for Different User Types ACI Tenant Administrator Tasks Tenant Admins Create New Tenant ACI Tenant Operations Create VRF & Bind to Tenant Create L3out & Bind to VRF Create Bridge Domain (L2) & Bind to VRF Create Bridge Domain (L3) & Bind to VRF Create EPG & Bind to Bridge Domain Create Contract & Filter & Bind to EPGs Create a BD/EPG with Flooding Enabled & a Static Binding to a VLAN BRKACI Cisco and/or its affiliates. All rights reserved. Cisco Public 94
102 Different Catalogues for Different User Types Network Operations ACI Service Expansion BRKACI Cisco and/or its affiliates. All rights reserved. Cisco Public 95
103 Different Catalogues for Different User Types Network Operations ACI Service Expansion BRKACI Cisco and/or its affiliates. All rights reserved. Cisco Public 95
104 Different Catalogues for Different User Types Network Operations Tasks Add additional Interface to a L3out Add Subnets to existing L3out Add Ports to an existing Filter Add Filters to an existing Contract Add an additional EPG to a Bridge Domain Add an additional Domain to an EPG Add a Static Binding to an EPG Add new vswitch to Virtual Center Network Operations ACI Service Expansion BRKACI Cisco and/or its affiliates. All rights reserved. Cisco Public 95
105 Creating a New Workflow/Catalogue Entry BRKACI Cisco and/or its affiliates. All rights reserved. Cisco Public 96
106 Creating a New Workflow/Catalogue Entry BRKACI Cisco and/or its affiliates. All rights reserved. Cisco Public 96
107 Creating a New Workflow/Catalogue Entry BRKACI Cisco and/or its affiliates. All rights reserved. Cisco Public 96
108 Creating a New Workflow/Catalogue Entry BRKACI Cisco and/or its affiliates. All rights reserved. Cisco Public 96
109 Creating a New Workflow/Catalogue Entry BRKACI Cisco and/or its affiliates. All rights reserved. Cisco Public 96
110 Creating a New Workflow/Catalogue Entry BRKACI Cisco and/or its affiliates. All rights reserved. Cisco Public 96
111 Creating a New Workflow/Catalogue Entry BRKACI Cisco and/or its affiliates. All rights reserved. Cisco Public 97
112 Creating a New Workflow/Catalogue Entry BRKACI Cisco and/or its affiliates. All rights reserved. Cisco Public 97
113 Creating a New Workflow/Catalogue Entry BRKACI Cisco and/or its affiliates. All rights reserved. Cisco Public 97
114 Creating a New Workflow/Catalogue Entry BRKACI Cisco and/or its affiliates. All rights reserved. Cisco Public 97
115 Creating a New Workflow/Catalogue Entry BRKACI Cisco and/or its affiliates. All rights reserved. Cisco Public 97
116 Creating a New Workflow/Catalogue Entry BRKACI Cisco and/or its affiliates. All rights reserved. Cisco Public 97
117 Configure ACI Network via UCS Director BRKACI Cisco and/or its affiliates. All rights reserved. Cisco Public 98
118 Configure ACI Network via UCS Director BRKACI Cisco and/or its affiliates. All rights reserved. Cisco Public 98
119 Configure ACI Network via UCS Director This creates a new ACI Interface Leaf Profile BRKACI Cisco and/or its affiliates. All rights reserved. Cisco Public 98
120 Configure ACI Network via UCS Director with the following Interface Selectors BRKACI Cisco and/or its affiliates. All rights reserved. Cisco Public 98
121 Configure ACI Network via UCS Director BRKACI Cisco and/or its affiliates. All rights reserved. Cisco Public 99
122 Configure ACI Network via UCS Director BRKACI Cisco and/or its affiliates. All rights reserved. Cisco Public 99
123 Configure ACI Network via UCS Director BRKACI Cisco and/or its affiliates. All rights reserved. Cisco Public 99
124 Configure ACI Network via UCS Director Select the ACI switch policy leaf profile to associate Interface Leaf Profile to BRKACI Cisco and/or its affiliates. All rights reserved. Cisco Public 99
125 Configure ACI Network via UCS Director...and select the Interface Leaf Profile that was created in the previous request BRKACI Cisco and/or its affiliates. All rights reserved. Cisco Public 99
126 Configure ACI Network via UCS Director BRKACI Cisco and/or its affiliates. All rights reserved. Cisco Public 100
127 Configure ACI Network via UCS Director BRKACI Cisco and/or its affiliates. All rights reserved. Cisco Public 100
128 Configure ACI Network via UCS Director BRKACI Cisco and/or its affiliates. All rights reserved. Cisco Public 100
129 Configure ACI Network via UCS Director Select the physical switch port to connect the new host to the BMA EPG BRKACI Cisco and/or its affiliates. All rights reserved. Cisco Public 100
130 Configure ACI Network via UCS Director BRKACI Cisco and/or its affiliates. All rights reserved. Cisco Public 100
131 Configure ACI Network via UCS Director BRKACI Cisco and/or its affiliates. All rights reserved. Cisco Public 100
132 Create New ACI Tenant, VRF, BD and Subnet BRKACI Cisco and/or its affiliates. All rights reserved. Cisco Public 101
133 Create New ACI Tenant, VRF, BD and Subnet BRKACI Cisco and/or its affiliates. All rights reserved. Cisco Public 101
134 Create New ACI Tenant, VRF, BD and Subnet BRKACI Cisco and/or its affiliates. All rights reserved. Cisco Public 101
135 Create New ACI Tenant, VRF, BD and Subnet BRKACI Cisco and/or its affiliates. All rights reserved. Cisco Public 101
136 Create New ACI Tenant, VRF, BD and Subnet BRKACI Cisco and/or its affiliates. All rights reserved. Cisco Public 101
137 Northbound API Access
138 UCSD Access via its Northbound API BRKACI Cisco and/or its affiliates. All rights reserved. Cisco Public 107
139 UCSD Access via its Northbound API BRKACI Cisco and/or its affiliates. All rights reserved. Cisco Public 107
140 UCSD Access via its Northbound API BRKACI Cisco and/or its affiliates. All rights reserved. Cisco Public 107
141 UCSD Access via its Northbound API { } "param0": "Add Device to ACI Fabric", "param1": { "list": [ { "name": "Device Type", "value": "r01_1g_acc_wibble_esx" }, { "name": "Enter Interface(s)", "value": "1/79" } ] }, "param2": -1 BRKACI Cisco and/or its affiliates. All rights reserved. Cisco Public 107
142 UCSD Access via its Northbound API UCS Nexus Physical & Virtual Infrastructure BRKACI Cisco and/or its affiliates. All rights reserved. Cisco Public 107
143 Flexible automation models
144 Flexible Automation Models ITSM vcenter APIC APIC APIC BRKACI Cisco and/or its affiliates. All rights reserved. Cisco Public 109
145 Flexible Automation Models Service Request ITSM vcenter APIC APIC APIC BRKACI Cisco and/or its affiliates. All rights reserved. Cisco Public 109
146 Flexible Automation Models Service Request ITSM vcenter APIC APIC APIC BRKACI Cisco and/or its affiliates. All rights reserved. Cisco Public 109
147 Flexible Automation Models Service Request ITSM vcenter APIC APIC APIC BRKACI Cisco and/or its affiliates. All rights reserved. Cisco Public 109
148 Flexible Automation Models Service Request ITSM vcenter APIC APIC APIC BRKACI Cisco and/or its affiliates. All rights reserved. Cisco Public 109
149 Flexible Automation Models Service Request ITSM vcenter APIC APIC APIC BRKACI Cisco and/or its affiliates. All rights reserved. Cisco Public 109
150 Flexible Automation Models Service Request ITSM vcenter APIC APIC APIC BRKACI Cisco and/or its affiliates. All rights reserved. Cisco Public 109
151 Flexible Automation Models Service Request ITSM vcenter APIC APIC APIC BRKACI Cisco and/or its affiliates. All rights reserved. Cisco Public 109
152 UCSD Director for IaaS When 230 OOB ACI tasks are not enough!
153 APIC API Inspector BRKACI Cisco and/or its affiliates. All rights reserved. Cisco Public 111
154 APIC API Inspector BRKACI Cisco and/or its affiliates. All rights reserved. Cisco Public 111
155 APIC API Inspector BRKACI Cisco and/or its affiliates. All rights reserved. Cisco Public 111
156 APIC API Inspector BRKACI Cisco and/or its affiliates. All rights reserved. Cisco Public 111
157 UCS Director ACI JSON Convertor BRKACI Cisco and/or its affiliates. All rights reserved. Cisco Public 112
158 UCS Director ACI JSON Convertor BRKACI Cisco and/or its affiliates. All rights reserved. Cisco Public 112
159 UCS Director ACI JSON Convertor BRKACI Cisco and/or its affiliates. All rights reserved. Cisco Public 112
160 UCS Director ACI JSON Convertor BRKACI Cisco and/or its affiliates. All rights reserved. Cisco Public 112
161 Useful Links Cisco Communities ( >300 Examples ) APIC Inspector to UCS Director Workflow Task Convertor Convertor Script: Baseline WF Template: HowTo Video: BRKACI Cisco and/or its affiliates. All rights reserved. Cisco Public 167
162 Coming soon. Updated interface
163 Preview: HTML5 Admin Interface BRKACI Cisco and/or its affiliates. All rights reserved. Cisco Public 115
164 Preview: HTML5 Admin Interface BRKACI Cisco and/or its affiliates. All rights reserved. Cisco Public 115
165 Preview: HTML5 Admin Interface BRKACI Cisco and/or its affiliates. All rights reserved. Cisco Public 171
166 Preview: HTML5 Admin Interface BRKACI Cisco and/or its affiliates. All rights reserved. Cisco Public 117
167 Preview: HTML5 Admin Interface BRKACI Cisco and/or its affiliates. All rights reserved. Cisco Public 117
168 Multi Cloud Management Cisco Cloud Center
169 Introduction
170 LoB requirements A widening Cloud Gap Cloud applications Cloud Gap Between what cloud applications require Traditional applications IT capabilities People Processes Tools and what IT is capable of reliably and confidently supporting today. Time BRKACI Cisco and/or its affiliates. All rights reserved. Cisco Public
171 CloudCenter Unique Value Model Once. Deploy and Manage Anywhere. Data Center DEPLOY MODEL Private Cloud MANAGE Public Cloud One Integrated Platform Lifecycle Management New and Existing Applications BRKACI Cisco and/or its affiliates. All rights reserved. Cisco Public
172 What Does Model Once Mean? Script-Based Application Profile-Based Infrastructure-Centric Application-Centric Cloud-Specific workflows and Scripts Cloud-Agnostic Labor /Services Intensive Unique Script / Workflow Unique Script / Workflow Unique Script / Workflow Low TCO BRKACI Cisco and/or its affiliates. All rights reserved. Cisco Public 178
173 CloudCenter Terminology Application Profile Repositories An application profile is comprised of services. The services define a function of the application (e.g.- web, firewall, database, etc.) Services are instantiated using packages and customized using artifacts. Artifacts can consist of scripts, code snippets, applications. Repositories contain the artifacts and can contain packages. Services bash sql Artifacts package perl 2017 Cisco and/or its affiliates. All rights reserved. Cisco Public
174 Topology Modeling UI BRKACI Cisco and/or its affiliates. All rights reserved. Cisco Public 180
175 CloudCenter Integration into ACI
176 Cloud Center and ACI Seamless Integration Zero Touch automation Powerful Benefits Application Security Ops Efficiency User Agility CloudCenter Model-Based Approach Application Profile ACI Policy-Based Approach Application Network Profile BRKACI Cisco and/or its affiliates. All rights reserved. Cisco Public 182
177 Cloud Center Automation of ACI CloudCenter Manager CloudCenter Orchestrator APIC APIC APIC VRF: 01 (Anycast gateway) Bridge Domain: x_22 Gateway: Bridge Domain Hardware Proxy: Yes ARP Flooding: No Unknown Unicast Flooding: No IP Routing: Yes L3out: Area0 101/1/96: /30 102/1/96: / / / / /24 ANP: My_App Tenant: My_Tenant EPG Tag: Web (VLAN 10) Security Zone Communication allowed to App EPG Tag: App (VLAN 11) Security Zone Communication allowed to /24 Communication allowed to all External Subnets EPG /24 Permit access to remote subnet: /24 EPG /0 Permit access to all remote subnets: /0 BRKACI Cisco and/or its affiliates. All rights reserved. Cisco Public 183
178 Additional Resources
179 Additional Resources Title CloudCenter Overview Video CloudCenter and ACI Automation Video CloudCenter with ServiceNow Video Cisco dcloud CloudCenter Installation Video Description - Learn how CloudCenter enables IT organizations to put the right workload in the right environment to take advantage of hybrid IT. - Get the full power and scale of SDN with Cisco CloudCenter and ACI together. - Leverage your ServiceNow investment to get the benefits and controls of ITSM with the power of Cisco CloudCenter. dcloud.cisco.com provides fully working environments of Cisco products, search for Cisco CloudCenter Install, Configure, and Manage Lab v1 - Once you ve purchased CloudCenter, steps to perform a basic installation of the platform. For more details, please visit: Questions? Speak with your Cisco account team BRKACI Cisco and/or its affiliates. All rights reserved. Cisco Public 185
180 Summary
181 Questions?
182 Other Sessions of Interest BRKACI-2301 Practical Applications of Cisco ACI µsegmentation LTRACI ACI microsegmentation deployment techtorial lab LABACI ACI Micro Segmentation Lab LTRSEC Deep Dive Lab on ASA, FTD, and Firepower in ACI BRKACI Real World ACI L4-L7 Service Integration Design LTRSEC Integrating Cisco TrustSec and Cisco ACI Together BRKACI ACI and Container Networking BRKACI Cisco and/or its affiliates. All rights reserved. Cisco Public 188
183 Complete Your Online Session Evaluation Please complete your Online Session Evaluations after each session Complete 4 Session Evaluations & the Overall Conference Evaluation (available from Thursday) to receive your Cisco Live T-shirt All surveys can be completed via the Cisco Live Mobile App or the Communication Stations Don t forget: Cisco Live sessions will be available for viewing on-demand after the event at CiscoLive.com/Online BRKACI Cisco and/or its affiliates. All rights reserved. Cisco Public 189
184 Thank you!!
185
Multi-Cloud and Application Centric Modeling, Deployment and Management with Cisco CloudCenter (CliQr)
Multi-Cloud and Application Centric Modeling, Deployment and Management with Cisco CloudCenter (CliQr) Jeremy Oakey Senior Director, Technical Marketing and Integrations Agenda Introduction Architecture
More informationMulti-Cloud and Application Centric Modeling, Deployment and Management with Cisco CloudCenter (CliQr)
Multi-Cloud and Application Centric Modeling, Deployment and Management with Cisco CloudCenter (CliQr) Jeremy Oakey - Sr. Director, Technical Marketing & Integrations BRKCLD-2008 Agenda Introduction Architecture
More informationCisco UCS Director and ACI Advanced Deployment Lab
Cisco UCS Director and ACI Advanced Deployment Lab Michael Zimmerman, TME Vishal Mehta, TME Agenda Introduction Cisco UCS Director ACI Integration and Key Concepts Cisco UCS Director Application Container
More informationCisco CloudCenter Solution with Cisco ACI: Common Use Cases
Cisco CloudCenter Solution with Cisco ACI: Common Use Cases Cisco ACI increases network security, automates communication policies based on business-relevant application requirements, and decreases developer
More informationIntegration of Hypervisors and L4-7 Services into an ACI Fabric. Azeem Suleman, Principal Engineer, Insieme Business Unit
Integration of Hypervisors and L4-7 Services into an ACI Fabric Azeem Suleman, Principal Engineer, Insieme Business Unit Agenda Introduction to ACI Review of ACI Policy Model Hypervisor Integration Layer
More informationLayer 4 to Layer 7 Design
Service Graphs and Layer 4 to Layer 7 Services Integration, page 1 Firewall Service Graphs, page 5 Service Node Failover, page 10 Service Graphs with Multiple Consumers and Providers, page 12 Reusing a
More informationCustomer s journey into the private cloud with Cisco Enterprise Cloud Suite
Customer s journey into the private cloud with Cisco Enterprise Cloud Suite Peter Charpentier, Senior Solution Architect, Cisco AS Cisco Spark How Questions? Use Cisco Spark to communicate with the speaker
More informationService Graph Design with Cisco Application Centric Infrastructure
White Paper Service Graph Design with Cisco Application Centric Infrastructure 2017 Cisco and/or its affiliates. All rights reserved. This document is Cisco Public Information. Page 1 of 101 Contents Introduction...
More informationHybrid Cloud Solutions
Hybrid Cloud Solutions with Cisco and Microsoft Innovation Rob Tappenden, Technical Solution Architect rtappend@cisco.com March 2016 Today s industry and business challenges Industry Evolution & Data Centres
More informationCloudCenter for Developers
DEVNET-1198 CloudCenter for Developers Conor Murphy, Systems Engineer Data Centre Cisco Spark How Questions? Use Cisco Spark to communicate with the speaker after the session 1. Find this session in the
More informationACI Terminology. This chapter contains the following sections: ACI Terminology, on page 1. Cisco ACI Term. (Approximation)
This chapter contains the following sections:, on page 1 Alias API Inspector App Center Alias A changeable name for a given object. While the name of an object, once created, cannot be changed, the Alias
More information5 days lecture course and hands-on lab $3,295 USD 33 Digital Version
Course: Duration: Fees: Cisco Learning Credits: Kit: DCAC9K v1.1 Cisco Data Center Application Centric Infrastructure 5 days lecture course and hands-on lab $3,295 USD 33 Digital Version Course Details
More informationCisco Application Centric Infrastructure and Microsoft SCVMM and Azure Pack
White Paper Cisco Application Centric Infrastructure and Microsoft SCVMM and Azure Pack Introduction Cisco Application Centric Infrastructure (ACI) is a next-generation data center fabric infrastructure
More informationCisco ACI Terminology ACI Terminology 2
inology ACI Terminology 2 Revised: May 24, 2018, ACI Terminology Cisco ACI Term Alias API Inspector App Center Application Policy Infrastructure Controller (APIC) Application Profile Atomic Counters Alias
More informationIntuit Application Centric ACI Deployment Case Study
Intuit Application Centric ACI Deployment Case Study Joon Cho, Principal Network Engineer, Intuit Lawrence Zhu, Solutions Architect, Cisco Agenda Introduction Architecture / Principle Design Rollout Key
More informationCisco Cloud Architecture with Microsoft Cloud Platform Peter Lackey Technical Solutions Architect PSOSPG-1002
Cisco Cloud Architecture with Microsoft Cloud Platform Peter Lackey Technical Solutions Architect PSOSPG-1002 Agenda Joint Cisco and Microsoft Integration Efforts Introduction to CCA-MCP What is a Pattern?
More informationMigration from Classic DC Network to Application Centric Infrastructure
Migration from Classic DC Network to Application Centric Infrastructure Kannan Ponnuswamy, Solution Architect, Cisco Advanced Services Acronyms IOS vpc VDC AAA VRF STP ISE FTP ToR UCS FEX OTV QoS BGP PIM
More informationCisco HyperFlex Systems
White Paper Cisco HyperFlex Systems Install and Manage Cisco HyperFlex Systems in a Cisco ACI Environment Original Update: January 2017 Updated: March 2018 Note: This document contains material and data
More informationDevNet Technical Breakout: Introduction to ACI Programming and APIs.
DevNet Technical Breakout: Introduction to ACI Programming and APIs. Michael Cohen Agenda Introduction to ACI ACI Policy ACI APIs REST API Python API L4-7 Scripting Opflex 3 Application Centric Infrastructure
More informationDeploy Microsoft SQL Server 2014 on a Cisco Application Centric Infrastructure Policy Framework
White Paper Deploy Microsoft SQL Server 2014 on a Cisco Application Centric Infrastructure Policy Framework August 2015 2015 Cisco and/or its affiliates. All rights reserved. This document is Cisco Public.
More informationOrchestrating the Cloud Infrastructure using Cisco Intelligent Automation for Cloud
Orchestrating the Cloud Infrastructure using Cisco Intelligent Automation for Cloud 2 Orchestrate the Cloud Infrastructure Business Drivers for Cloud Long Provisioning Times for New Services o o o Lack
More informationDeploying Cloud-Agnostic Applications with Cisco CloudCenter
LTRCLD-2303 Deploying Cloud-Agnostic Applications with Cisco CloudCenter Zack Kielich CloudCenter Product Manager Vince Motto Sr. Technical Leader Andrew Horrigan Consulting Engineer Matt Tarkington Consulting
More informationCisco UCS Director Tech Module Cisco Application Centric Infrastructure (ACI)
Cisco UCS Director Tech Module Cisco Application Centric Infrastructure (ACI) Version: 1.0 September 2016 1 Agenda Overview & Architecture Hardware & Software Compatibility Licensing Orchestration Capabilities
More informationManage Hybrid Clouds with a Cisco CloudCenter, Cisco Application Centric Infrastructure, and Cisco UCS Director Solution
White Paper Manage Hybrid Clouds with a Cisco CloudCenter, Cisco Application Centric Infrastructure, and Cisco UCS Director Solution 2017 Cisco and/or its affiliates. All rights reserved. This document
More informationCisco ACI vcenter Plugin
This chapter contains the following sections: About Cisco ACI with VMware vsphere Web Client, page 1 Getting Started with, page 2 Features and Limitations, page 7 GUI, page 12 Performing ACI Object Configurations,
More informationReal World ACI Deployment and Migration
Real World ACI Deployment and Migration #clmel Kannan Ponnuswamy Solution Architect Cisco Advanced Services Icons and Terms APIC Application Policy Infrastructure Controller (APIC) Cisco Nexus 9500 Cisco
More informationReal World ACI Deployment and Migration Kannan Ponnuswamy, Solutions Architect BRKACI-2601
Real World ACI Deployment and Migration Kannan Ponnuswamy, Solutions Architect BRKACI-2601 Icons and Terms APIC Application Policy Infrastructure Controller (APIC) Cisco Nexus 9500 Cisco Nexus 9300 Nexus
More informationCisco Application Policy Infrastructure Controller Data Center Policy Model
White Paper Cisco Application Policy Infrastructure Controller Data Center Policy Model This paper examines the Cisco Application Centric Infrastructure (ACI) approach to modeling business applications
More informationAutomation of Application Centric Infrastructure (ACI) with Cisco UCS Director
Automation of Application Centric Infrastructure (ACI) with Cisco UCS Director Raju Penmetsa @RajuPenmetsa1 Data Center Group Agenda IT Complexity Solution for ACI Automation Cisco UCS Director Application
More informationTaming the Multi-Cloud With Simplicity and Openness. Minh Dang Cisco Systems Vietnam 2018 January
Taming the Multi-Cloud With Simplicity and Openness Minh Dang Cisco Systems Vietnam 2018 January Multi-Cloud Challenge Growth in Applications and Infrastructure Many Operating Env COST Data Center Many
More informationDesign Guide for Cisco ACI with Avi Vantage
Page 1 of 23 Design Guide for Cisco ACI with Avi Vantage view online Overview Cisco ACI Cisco Application Centric Infrastructure (ACI) is a software defined networking solution offered by Cisco for data
More informationRunning RHV integrated with Cisco ACI. JuanLage Principal Engineer - Cisco May 2018
Running RHV integrated with Cisco ACI JuanLage Principal Engineer - Cisco May 2018 Agenda Why we need SDN on the Data Center What problem are we solving? Introduction to Cisco Application Centric Infrastructure
More informationbelieve in more SDN for Datacenter A Simple Approach
believe in more SDN for Datacenter A Simple Approach 1 Agenda ACI Overview Fabric Policy Constructs Hypervisor Support A migra>on scenario One management umbrella: UCS Director Q&A 2 Applica,on Language
More informationService Insertion with Cisco Application Centric Infrastructure
Guide Service Insertion with Cisco Application Centric Infrastructure August 2014 2014 Cisco and/or its affiliates. All rights reserved. This document is Cisco Public Information. Page 1 of 21 Contents
More informationData Center and Cloud Automation
Data Center and Cloud Automation Tanja Hess Systems Engineer September, 2014 AGENDA Challenges and Opportunities Manual vs. Automated IT Operations What problem are we trying to solve and how do we solve
More informationCisco ACI Simulator Release Notes, Release 1.1(1j)
Cisco ACI Simulator Release Notes, This document provides the compatibility information, usage guidelines, and the scale values that were validated in testing this Cisco ACI Simulator release. Use this
More informationConfiguring Layer 4 to Layer 7 Resource Pools
Configuring Layer 4 to Layer 7 Resource Pools About Layer 4 to Layer 7 Resource Pools, page 1 About External IP Address Pools, page 2 About External Layer 3 Routed Domains and the Associated VLAN Pools,
More informationCisco CloudCenter Solution with VMware
Cisco CloudCenter Solution with Extend, any application, and any cloud The Cisco CloudCenter hybrid cloud management platform securely provisions infrastructure resources and deploys application components
More informationCisco ACI Multi-Pod/Multi-Site Deployment Options Max Ardica Principal Engineer BRKACI-2003
Cisco ACI Multi-Pod/Multi-Site Deployment Options Max Ardica Principal Engineer BRKACI-2003 Agenda ACI Introduction and Multi-Fabric Use Cases ACI Multi-Fabric Design Options ACI Stretched Fabric Overview
More informationTitle DC Automation: It s a MARVEL!
Title DC Automation: It s a MARVEL! Name Nikos D. Anagnostatos Position Network Consultant, Network Solutions Division Classification ISO 27001: Public Data Center Evolution 2 Space Hellas - All Rights
More informationCisco Application Centric Infrastructure (ACI) Simulator
Data Sheet Cisco Application Centric Infrastructure (ACI) Simulator Cisco Application Centric Infrastructure Overview Cisco Application Centric Infrastructure (ACI) is an innovative architecture that radically
More informationPSOACI Why ACI: An overview and a customer (BBVA) perspective. Technology Officer DC EMEAR Cisco
PSOACI-4592 Why ACI: An overview and a customer (BBVA) perspective TJ Bijlsma César Martinez Joaquin Crespo Technology Officer DC EMEAR Cisco Lead Architect BBVA Lead Architect BBVA Cisco Spark How Questions?
More informationCisco ACI Multi-Site Fundamentals Guide
First Published: 2017-08-10 Last Modified: 2017-10-09 Americas Headquarters Cisco Systems, Inc. 170 West Tasman Drive San Jose, CA 95134-1706 USA http://www.cisco.com Tel: 408 526-4000 800 553-NETS (6387)
More informationBuilding NFV Solutions with OpenStack and Cisco ACI
Building NFV Solutions with OpenStack and Cisco ACI Domenico Dastoli @domdastoli INSBU Technical Marketing Engineer Iftikhar Rathore - INSBU Technical Marketing Engineer Agenda Brief Introduction to Cisco
More informationCisco Enterprise Cloud Suite Overview Cisco and/or its affiliates. All rights reserved.
Cisco Enterprise Cloud Suite Overview 2015 Cisco and/or its affiliates. All rights reserved. 1 CECS Components End User Service Catalog SERVICE PORTAL Orchestration and Management UCS Director Application
More informationCisco ACI Virtual Machine Networking
This chapter contains the following sections: Cisco ACI VM Networking Supports Multiple Vendors' Virtual Machine Managers, page 1 Virtual Machine Manager Domain Main Components, page 2 Virtual Machine
More informationVerified Scalability Guide for Cisco APIC, Release 3.0(1k) and Cisco Nexus 9000 Series ACI-Mode Switches, Release 13.0(1k)
Verified Scalability Guide for Cisco APIC, Release 3.0(1k) and Cisco Nexus 9000 Series ACI-Mode Switches, Release 13.0(1k) Overview 2 General Scalability Limits 2 Fabric Topology, SPAN, Tenants, Contexts
More informationUCS Director: Tenant Onboarding Cisco ACI & Microsoft HyperV. Dec. 2016
UCS Director: Tenant Onboarding Cisco ACI & Microsoft HyperV Dec. 2016 The following presentation covers tenant onboarding in UCS Director with ACI and a HyperV-based VMM Domain Tenant Onboarding: Quick
More informationCisco ACI Virtual Machine Networking
This chapter contains the following sections: Cisco ACI VM Networking Supports Multiple Vendors' Virtual Machine Managers, page 1 Virtual Machine Manager Domain Main Components, page 2 Virtual Machine
More informationIntegration of Hypervisors and L4-7 Services into an ACI Fabric
Integration of Hypervisors and L4-7 Services into an ACI Fabric Bradley Wong Principal Engineer, INSBU Technical Marketing #clmel This session provides a technical introduction to how the ACI fabric handles
More informationVerified Scalability Guide for Cisco APIC, Release 3.0(1k) and Cisco Nexus 9000 Series ACI-Mode Switches, Release 13.0(1k)
Verified Scalability Guide for Cisco APIC, Release 3.0(1k) and Cisco Nexus 9000 Series ACI-Mode Switches, Release 13.0(1k) Overview 2 General Scalability Limits 2 Fabric Topology, SPAN, Tenants, Contexts
More informationConfiguring Policy-Based Redirect
About Policy-Based Redirect, page 1 About Symmetric Policy-Based Redirect, page 8 Using the GUI, page 8 Using the NX-OS-Style CLI, page 10 Verifying a Policy-Based Redirect Configuration Using the NX-OS-Style
More informationCisco SDN 解决方案 ACI 的基本概念
Cisco SDN 解决方案 ACI 的基本概念 Presented by: Shangxin Du(@shdu)-Solution Support Engineer, Cisco TAC Aug 26 th, 2015 2013 Cisco and/or its affiliates. All rights reserved. 1 Type Consumption Delivery Big data,
More informationCisco ACI Virtual Machine Networking
This chapter contains the following sections: Cisco ACI VM Networking Supports Multiple Vendors' Virtual Machine Managers, page 1 Virtual Machine Manager Domain Main Components, page 2 Virtual Machine
More informationTenant Onboarding. Tenant Onboarding Overview. Tenant Onboarding with Virtual Data Centers
Overview, page 1 with Virtual Data Centers, page 1 with Resource Groups, page 5 Overview In Cisco UCS Director, tenants enable you to securely control and allocate the virtual and physical infrastructure
More informationCisco Container Platform
Cisco Container Platform Pradnesh Patil Suhail Syed Cisco Spark How Questions? Use Cisco Spark to communicate with the speaker after the session 1. Find this session in the Cisco Live Mobile App 2. Click
More informationAutomate Application Deployment with F5 Local Traffic Manager and Cisco Application Centric Infrastructure
Automate Application Deployment with F5 Local Traffic Manager and Cisco Application Centric Infrastructure White Paper 2016 Cisco F5 Networks. All rights reserved. Page 1 Contents What You Will Learn...
More informationConfiguring Cisco Nexus 9000 Series Switches in ACI Mode (DCAC9K) v3.0
Configuring Cisco Nexus 9000 Series Switches in ACI Mode (DCAC9K) v3.0 What you ll learn in this course The Configuring Cisco Nexus 9000 Series Switches in ACI Mode (DCAC9K) v3.0 course is designed for
More informationCisco VTS. Enabling the Software Defined Data Center. Jim Triestman CSE Datacenter USSP Cisco Virtual Topology System
Cisco Virtual Topology System Cisco VTS Enabling the Software Defined Data Center Jim Triestman CSE Datacenter USSP jtriestm@cisco.com VXLAN Fabric: Choice of Automation and Programmability Application
More informationConfiguring APIC Accounts
This chapter contains the following sections: Adding an APIC Account, page 1 Viewing APIC Reports, page 3 Assigning an APIC account to a Pod, page 15 Handling APIC Failover, page 15 Adding an APIC Account
More informationEZ Cloud Reference Material EZ Cloud Type 1: Release 1 Use Cases
EZ Cloud Type 1: Release 1 Cases Cases Case: Onboard New Group Case: a New Basic Project Case: New Virtual Machine Case: New Bare Metal Server Automate the provisioning steps in the compute, storage and
More informationTransform Your Business with Hybrid Cloud
Transform Your Business with Hybrid Cloud Cisco gives you greater choice and cost savings, so you can transform IT operations in a way that works best for your organization. We offer an open framework
More informationF5 Demystifying Network Service Orchestration and Insertion in Application Centric and Programmable Network Architectures
F5 Demystifying Network Service Orchestration and Insertion in Application Centric and Programmable Network Architectures Jeffrey Wong - Solution Architect F5 Networks February, 2015 Agenda F5 Synthesis
More information2018 Cisco and/or its affiliates. All rights reserved. Cisco Public
2018 Cisco and/or its affiliates. All rights reserved. Cisco Public PSODCN-1030 Intent Based Systems Deliver Automation Dave Malik Cisco Fellow and Chief Architect Advanced Services @dmalik2 2018 Cisco
More informationDeploying Cloud Network Services Prime Network Services Controller (formerly VNMC)
Deploying Cloud Network Services Prime Network Services Controller (formerly VNMC) Dedi Shindler - Sr. Manager Product Management Cloud System Management Technology Group Cisco Agenda Trends Influencing
More informationQuick Start Guide (SDN)
NetBrain Integrated Edition 7.1 Quick Start Guide (SDN) Version 7.1a Last Updated 2018-09-03 Copyright 2004-2018 NetBrain Technologies, Inc. All rights reserved. Contents 1. Discovering and Visualizing
More informationDevNet Workshop-Hands-on with CloudCenter and Jenkins
DevNet Workshop-Hands-on with CloudCenter and Jenkins Tuan Nguyen, Technical Marketing Engineer, CPSG Cisco Spark How Questions? Use Cisco Spark to communicate with the speaker after the session 1. Find
More informationApplication Provisioning
Overview, page 1 Application Categories, page 1 Application Containers, page 2 Catalogs, page 7 Self-Service Provisioning, page 8 Overview After you have allocated your resources among your user groups,
More informationTenants. ACI Tenancy Models. ACI Tenancy Models, on page 1 Application Profile, on page 3
ACI Tenancy Models, on page 1 Application Profile, on page 3 ACI Tenancy Models ACME Inc. will be using tenancy for a couple of use cases. They will be using tenant constructs for the application lifecycle
More informationACI Multi-Site Architecture and Deployment. Max Ardica Principal Engineer - INSBU
ACI Multi-Site Architecture and Deployment Max Ardica Principal Engineer - INSBU Agenda ACI Network and Policy Domain Evolution ACI Multi-Site Deep Dive Overview and Use Cases Introducing ACI Multi-Site
More informationSchema Management. Schema Management
, page 1 Creating a Schema Template, page 2 Configuring an Application Profile, page 2 Configuring a Contract, page 3 Configuring a Bridge Domain, page 4 Configuring a VRF for the Tenant, page 4 Configuring
More informationConfiguring Policy-Based Redirect
About Policy-Based Redirect, page 1 About Symmetric Policy-Based Redirect, page 8 Policy Based Redirect and Hashing Algorithms, page 8 Using the GUI, page 9 Using the NX-OS-Style CLI, page 10 Verifying
More informationVirtual Machine Manager Domains
This chapter contains the following sections: Cisco ACI VM Networking Support for Virtual Machine Managers, page 1 VMM Domain Policy Model, page 3 Virtual Machine Manager Domain Main Components, page 3,
More informationIntegrating Cisco UCS with Cisco ACI
Integrating Cisco UCS with Cisco ACI Marian Klas, mklas@cisco.com Systems Engineer Data Center February 2015 Agenda: Connecting workloads to ACI Bare Metal Hypervisors UCS & APIC Integration and Orchestration
More informationService Insertion with ACI using F5 iworkflow
Service Insertion with ACI using F5 iworkflow Gert Wolfis F5 EMEA Cloud SE October 2016 Agenda F5 and Cisco ACI Joint Solution Cisco ACI L4 L7 Service Insertion Overview F5 and Cisco ACI Integration Models
More informationCisco ACI Simulator Release Notes, Release 2.2(3)
Cisco ACI Simulator Release Notes, Release 2.2(3) This document provides the compatibility information, usage guidelines, and the scale values that were validated in testing this Cisco ACI Simulator release.
More informationCisco Application Centric Infrastructure (ACI) - Endpoint Groups (EPG) Usage and Design
White Paper Cisco Application Centric Infrastructure (ACI) - Endpoint Groups (EPG) Usage and Design Emerging IT technologies have brought about a shift from IT as a cost center to IT as a business driver.
More informationMicrosegmentation with Cisco ACI
This chapter contains the following sections:, page 1 Microsegmentation with the Cisco Application Centric Infrastructure (ACI) provides the ability to automatically assign endpoints to logical security
More informationPSOACI Tetration Overview. Mike Herbert
Tetration Overview Mike Herbert Cisco Spark How Questions? Use Cisco Spark to communicate with the speaker after the session 1. Find this session in the Cisco Live Mobile App 2. Click Join the Discussion
More informationModeling an Application with Cisco ACI Multi-Site Policy Manager
Modeling an Application with Cisco ACI Multi-Site Policy Manager Introduction Cisco Application Centric Infrastructure (Cisco ACI ) Multi-Site is the policy manager component used to define intersite policies
More informationExam Questions
Exam Questions 300-170 DCVAI Implementing Cisco Data Center Virtualization and Automation (DCVAI) https://www.2passeasy.com/dumps/300-170/ 1. Which management interface is selected by the Cisco APIC by
More informationHybrid Cloud Automation using Cisco CloudCenter API
Hybrid Cloud Automation using Cisco CloudCenter API Ray Doerr, Advanced Services Engineer Cisco Spark How Questions? Use Cisco Spark to communicate with the speaker after the session 1. Find this session
More informationIntegration of Hypervisors & L4-7 Services with ACI
Integration of Hypervisors & L4-7 Services with ACI Bradley Wong Principal Engineer, INSBU @brawong Maurizio Portolani Distinguished TME, INSBU This session provides a technical introduction to how the
More informationCisco ACI Virtual Machine Networking
This chapter contains the following sections: Cisco ACI VM Networking Supports Multiple Vendors' Virtual Machine Managers, page 1 Virtual Machine Manager Domain Main Components, page 2 Virtual Machine
More informationCisco ACI vpod. One intent: Any workload, Any location, Any cloud. Introduction
Cisco ACI vpod One intent: Any workload, Any location, Any cloud Organizations are increasingly adopting hybrid data center models to meet their infrastructure demands, to get flexibility and to optimize
More informationCisco ACI Simulator Release Notes, Release 3.0(2)
Cisco ACI Simulator Release Notes, Release 3.0(2) This document provides the compatibility information, usage guidelines, and the scale values that were validated in testing this Cisco ACI Simulator release.
More informationPolicy Driven Data Centre with ACI
Policy Driven Data Centre with ACI Chris Gascoigne Technical Solutions Architect #clmel Agenda Introduction What is policy Network policy Application policy Conclusion Introduction Traditional Data Centre
More informationQuick Start Guide (SDN)
NetBrain Integrated Edition 7.1 Quick Start Guide (SDN) Version 7.1 Last Updated 2018-07-24 Copyright 2004-2018 NetBrain Technologies, Inc. All rights reserved. Contents 1. Discovering and Visualizing
More informationCisco ACI and Cisco AVS
This chapter includes the following sections: Cisco AVS Overview, page 1 Installing the Cisco AVS, page 5 Key Post-Installation Configuration Tasks for the Cisco AVS, page 14 Distributed Firewall, page
More informationMP-BGP VxLAN, ACI & Demo. Brian Kvisgaard System Engineer, CCIE SP #41039 November 2017
MP-BGP VxLAN, ACI & Demo Brian Kvisgaard System Engineer, CCIE SP #41039 November 2017 Datacenter solutions Programmable Fabric Classic Ethernet VxLAN-BGP EVPN standard-based Cisco DCNM Automation Modern
More informationCisco ACI Simulator VM Installation Guide
Cisco ACI Simulator VM Installation Guide New and Changed Information 2 About the Application Policy Infrastructure Controller 2 About the ACI Simulator Virtual Machine 2 Simulator VM Topology and Connections
More informationConfiguring Policy-Based Redirect
About Policy-Based Redirect, on page 1 About Multi-Node Policy-Based Redirect, on page 3 About Symmetric Policy-Based Redirect, on page 3 Policy Based Redirect and Hashing Algorithms, on page 4 Policy-Based
More informationVirtualization Design
VMM Integration with UCS-B, on page 1 VMM Integration with AVS or VDS, on page 3 VMM Domain Resolution Immediacy, on page 6 OpenStack and Cisco ACI, on page 8 VMM Integration with UCS-B About VMM Integration
More informationCisco Virtual Application Container Services 2.0 Lab v1
Cisco Virtual Application Container Services 2.0 Lab v1 Last Updated: 02-SEP-2015 About This Solution Cisco Virtual Application Container Services (VACS) enables simplified deployment of Secure Application
More informationIntra-EPG Isolation Enforcement and Cisco ACI
This chapter contains the following sections: Intra-EPG Isolation for VMware VDS or Microsoft vswitch, on page 1 Intra-EPG Isolation Enforcement for Cisco AVS, on page 6 Intra-EPG Isolation Enforcement
More informationCisco ACI Multi-Site, Release 1.1(1), Release Notes
Cisco ACI Multi-Site, Release 1.1(1), Release Notes This document describes the features, caveats, and limitations for the Cisco Application Centric Infrastructure Multi-Site software. The Cisco Application
More informationCisco ACI App Center. One Platform, Many Applications. Overview
White Paper Cisco ACI App Center One Platform, Many Applications Overview Cisco Application Centric Infrastructure (Cisco ACI ) is a comprehensive software-defined networking (SDN) solution designed from
More informationSecurity for shared infrastructure in Cisco ONE Enterprise Cloud Suite BRKPCA-2040
Security for shared infrastructure in Cisco ONE Enterprise Cloud Suite Roxana Diaz TSA, CCIE BRKPCA-2040 @roxadiaz2 Agenda Introduction Cisco VACS Overview VACS Configuration Security Use-cases Customers
More informationDesigning and Implementing Cisco Network Programmability (NPDESI) v1.0
Data Sheet Learning Services Designing and Implementing Cisco Network Programmability (NPDESI) v1.0 Overview The Designing and Implementing Cisco Network Programmability (NPDESI) version 1.0 Cisco Training
More informationDisclaimer This presentation may contain product features that are currently under development. This overview of new technology represents no commitme
PBO1221BE Beginners Guide to the Software-Defined Data Center Kyle Gleed, Group Manager, Technical Marketing Ben Sier, Staff Architect, Technical Marketing #VMworld #PBO1221BE Disclaimer This presentation
More information