Cisco ACI

[mmcgurty]

Looks like we might be getting some Cisco ACI lab gear to play with before too long.  We spent all day on Friday with Cisco at their offices looking at Cisco ACI and how we might be able to leverage it in our network.  I am excited to play with this in our own environment and see what kind of time it can save us.

[icecream-guy]

it can really only save time for various tasks that can be automated. rather than think what SDN can do for you, think about traffic flows and how repetitive tasks can be automated.  i.e. when your primary link hits 80%. you'd want to push some traffic over the secondary link.

[NetworkGroover]

Sweet!  Please do keep us updated - I'd love to hear your experiences with it.

[mmcgurty]

Sweet!  Please do keep us updated - I'd love to hear your experiences with it.

Absolutely!

[mmcgurty]

it can really only save time for various tasks that can be automated. rather than think what SDN can do for you, think about traffic flows and how repetitive tasks can be automated.  i.e. when your primary link hits 80%. you'd want to push some traffic over the secondary link.

I think it will save us more time for TEST/DEV environments from a network/VMware/F5 perspective.  Being able to bring up environments and tear them down with a click of a button could save us lots of time.

[icecream-guy]

it can really only save time for various tasks that can be automated. rather than think what SDN can do for you, think about traffic flows and how repetitive tasks can be automated.  i.e. when your primary link hits 80%. you'd want to push some traffic over the secondary link.

I think it will save us more time for TEST/DEV environments from a network/VMware/F5 perspective.  Being able to bring up environments and tear them down with a click of a button could save us lots of time.

Not really what SDN is all about, there are many other pieces of the pie to make this sort of thing work in an SDN environment.
but have a go at it, and if you can start to get some good reading under your belt.


try some of these:

http://www.cisco.com/c/en/us/td/docs/switches/datacenter/aci/apic/sw/1-x/aci-fundamentals/b_ACI-Fundamentals.pdf

http://www.cisco.com/c/dam/en/us/td/docs/switches/datacenter/aci/apic/sw/1-x/Operating_ACI/Cisco_OperatingApplicationCentricInfrastructure.pdf

[wintermute000]

I STRONGLY recommend attending training or at least reading the book before tearing into it. You'll be completely at sea otherwise, its like learning a new language.

Re: automating test/dev deployments, to be brutally honest, you can vagrant up in AWS.... ACI really doesn't do anything special in this regard. Also, not to be a naysayer, but ask your Cisco rep about ACI's integration into Vsphere6...... because I didn't like the answer 6 months ago, not sure what the answer is now. Also, I know for a fact F5 integration is flat out broken. One of our deployments the team has had more attempts (counting it via backed out changes ) at it than the fingers on my hand and still isn't working.

[mmcgurty]

I STRONGLY recommend attending training or at least reading the book before tearing into it. You'll be completely at sea otherwise, its like learning a new language.

Re: automating test/dev deployments, to be brutally honest, you can vagrant up in AWS.... ACI really doesn't do anything special in this regard. Also, not to be a naysayer, but ask your Cisco rep about ACI's integration into Vsphere6...... because I didn't like the answer 6 months ago, not sure what the answer is now. Also, I know for a fact F5 integration is flat out broken. One of our deployments the team has had more attempts (counting it via backed out changes ) at it than the fingers on my hand and still isn't working.

F5 integration isn't a deal breaker but VMware certainly is.  This is precisely why it will be in a lab environment and tested rather than rolling it out to production first and then taking it on the chin.

[NetworkGroover]

  This is precisely why it will be in a lab environment and tested rather than rolling it out to production first and then taking it on the chin.

Smart move...

[mmcgurty]

it can really only save time for various tasks that can be automated. rather than think what SDN can do for you, think about traffic flows and how repetitive tasks can be automated.  i.e. when your primary link hits 80%. you'd want to push some traffic over the secondary link.

I think it will save us more time for TEST/DEV environments from a network/VMware/F5 perspective.  Being able to bring up environments and tear them down with a click of a button could save us lots of time.

Not really what SDN is all about, there are many other pieces of the pie to make this sort of thing work in an SDN environment.
but have a go at it, and if you can start to get some good reading under your belt.


try some of these:

http://www.cisco.com/c/en/us/td/docs/switches/datacenter/aci/apic/sw/1-x/aci-fundamentals/b_ACI-Fundamentals.pdf

http://www.cisco.com/c/dam/en/us/td/docs/switches/datacenter/aci/apic/sw/1-x/Operating_ACI/Cisco_OperatingApplicationCentricInfrastructure.pdf

Thank you for the links!  I also have an Ebook from Cisco Press titled "Policy Driven Data Center with ACI, The: Architecture, Concepts, and Methodology" I won during Cisco Live this year.  If it truly operates in a way that Cisco Sales/Marketing says it will within our environment I think it will save the VMware guys tons of time.  We are already using all Cisco UCS blade chassis and FI's already, so I think that helps integration wise for that side.

[burnyd]

Why not just integrate NSX into your existing environment?

There are a lot of things you can do already with F5s/vsphere 6 capability to bring up environments easily with a vro workflow or script.

[icecream-guy]

If it truly operates in a way that Cisco Sales/Marketing says it will within our environment ....

sipping the Cisco cool aid?  does anything Cisco ever work the way their sales/marketing teams say??

We were sold by sales and marketing on several 9Ks, on the assurance that they support FEX.  still don't... keeps getting bumped into the future. (BTW since you are moving toward 9K's to run ACI, if you have a need for FEX... GL)

[mmcgurty]

Why not just integrate NSX into your existing environment?

There are a lot of things you can do already with F5s/vsphere 6 capability to bring up environments easily with a vro workflow or script.

Separate teams handle the VMware and Networking.

[mmcgurty]

If it truly operates in a way that Cisco Sales/Marketing says it will within our environment ....

sipping the Cisco cool aid?  does anything Cisco ever work the way their sales/marketing teams say??

We were sold by sales and marketing on several 9Ks, on the assurance that they support FEX.  still don't... keeps getting bumped into the future. (BTW since you are moving toward 9K's to run ACI, if you have a need for FEX... GL)

Good to know.  We do use FEX'es but we have them off of 5548's and 5600's right now.  I know they had talked about 9332's for our spine but not sure what was ever decided at the leaf level.  I think there are still some discussions on the lab kit we are looking to purchase/borrow.

[burnyd]

Why not just integrate NSX into your existing environment?

There are a lot of things you can do already with F5s/vsphere 6 capability to bring up environments easily with a vro workflow or script.

Separate teams handle the VMware and Networking.

Understood but where is the demarcation here when it comes to ACI?

Also there is no reason why you would not be able to run an NSX related environment.