Cisco's ACI Stretches Tendrils Into Other Data Centers
Cisco is sharpening the capabilities behind multi-site deployments of Application-Centric Infastructure (ACI), opening the possibility to use the technology for data center interconnect (DCI).
Version 3.0 of the ACI, Cisco's foray into SDN, is being launched today. The marquee feature is the ability to have one set of policies apply to ACI instances across many data centers. They become like colony creatures, creating one ACI policy domain that spans multiple locations, all managed through policies stored in a centralized spot called the Multi-Site Appliance.
This setup assumes that Cisco's ACI is present in each of the data centers being connected, of course. Multi-Site, as the capability is called, is being used for connecting one data center's ACI fabric to another.
This could be useful for, say, splitting an application between two sites. "I can have an instance where the web tier is sitting in Site A and the application tier is sitting in Site B. I can then set a policy that says the web tier can talk to the application tier," says Srini Kotamraju, Cisco product manager.
But it also opens the possibility for using ACI for DCI, and not just because it's fun to say out loud. "DCI" in this context, refers to the Layer 2 connection between those two sites. That's not the same thing as the long-haul optical DCI touted by the likes of Ciena and Infinera (and Cisco too). They're separate markets, notes analyst Ray Mota of ACG Research.
"A lot of people just refer to that piece of functionality, but there are a lot of ways to look at the architecture," Mota says. "You can actually do data center-to-data center interconnect using MPLS switching or some protocol like VXLAN."
The new pitch is that Multi-Site ACI can make Layer 2 DCI easier than that. "If you just have IP connectivity between Site A and Site B, we add the Layer 2 capability for you," Kotamraju says. "You don't need the Layer 2 emulation that OTV gives you."
Other use cases for Multi-Site ACI include migrating an application to a second data center as a backup -- which is a favorite example of product managers these days, given the recent spate of natural disasters. In this case, the elements being migrated would retain their IP addresses, as they would be assigned from that centralized Multi-Site Appliance. "Every instance of ACI gets access to the global namespace," Kotamraju says.
Cisco has long been able to create an ACI fabric that straddles more than one location. What's different with Multi-Site is that all these locations can be controlled under set of policy rules, which are stored in the Multi-Site Appliance.
A word about policy
ACI is a policy-driven architecture, where the switches configure themselves in accordance with policy rules. That's essentially the same idea behind intent-based networking (IBN), which Cisco is touting with its Catalyst 9000 switch line.
But that product, also called the intuitive network or Network Intuitive, was developed independently of ACI. The intuitive network is also aimed at campus networks, whereas ACI was designed for the data center. (See Cisco Makes 'Intuitive' Bet to Reconquer Networks.)
Despite the publicity around the Network Intuitive, the ACI team still considers itself an entry in intent-based networking. (IBM startup Apstra begs to differ.) In fact, the URL intentbasednetworking.com reroutes to a Cisco ACI product page, as analyst Scott Raynovich of Futuriom pointed out earlier this week.
Other ACI goodies
Eventually, ACI Multi-Site will support 256 sites. The first release supports five sites with up to 400 leaf nodes per site.
"It's just a qualifier and timing issue for us," Kotamraju says of the limited first release. "European customers including very large service providers will be going into production with up to 400 leafs per site."
Other features of ACI 3.0 include:
- The ability to create Layer 4-7 service chains spanning multiple locations
- Kubernetes integration. ACI previously supported container orchestration by using Contiv, an open source project initiated by Cisco. It's the latest case of a vendor conceding to Kubernetes' momentum. (See Kubernetes Assimilates Mesosphere, Honoring Borg Ancestry and Mirantis Pivots as OpenStack Loses 'Wow Factor'.)
- Policy at a more granular level. ACI originally applied policy to groups of endpoints; now, policy can differ between elements in a group.
All the features of ACI 3.0 are available now, as software upgrades. The ACI product itself is pure software, but it runs only on Cisco gear, specifically the Nexus 9000 family of switches.
- Cisco's 'Network Intuitive': A Risky Transition
- Cisco's ACI Could Close the Cloud, SDN Gap
- Cisco Takes Networking Fight to Amazon, Microsoft & Google
- Intent-Based Networking: What Does It Mean for Your Cloud?
— Craig Matsumoto, Editor-in-Chief, Light Reading