The Policy Driven Data Center with ACI: Architecture, Concepts, and Methodology / Edition 1 available in Paperback, eBook
The Policy Driven Data Center with ACI: Architecture, Concepts, and Methodology / Edition 1
- ISBN-10:
- 1587144905
- ISBN-13:
- 9781587144905
- Pub. Date:
- 01/04/2015
- Publisher:
- Cisco Press
- ISBN-10:
- 1587144905
- ISBN-13:
- 9781587144905
- Pub. Date:
- 01/04/2015
- Publisher:
- Cisco Press
The Policy Driven Data Center with ACI: Architecture, Concepts, and Methodology / Edition 1
Buy New
$66.49Buy Used
$56.47-
SHIP THIS ITEM— Temporarily Out of Stock Online
-
PICK UP IN STORE
Your local store may have stock of this item.
Available within 2 business hours
Temporarily Out of Stock Online
-
SHIP THIS ITEM
Temporarily Out of Stock Online
Please check back later for updated availability.
Overview
Use policies and Cisco® ACI to make data centers more flexible and configurable—and deliver far more business value
Using the policy driven data center approach, networking professionals can accelerate and simplify changes to the data center, construction of cloud infrastructure, and delivery of new applications. As you improve data center flexibility, agility, and portability, you can deliver far more business value, far more rapidly.
In this guide, Cisco data center experts Lucien Avramov and Maurizio Portolani show how to achieve all these benefits with Cisco Application Centric Infrastructure (ACI) and technologies such as python, REST, and OpenStack. The authors explain the advantages, architecture, theory, concepts, and methodology of the policy driven data center. Next, they demonstrate the use of python scripts and REST to automate network management and simplify customization in ACI environments.
Drawing on experience deploying ACI in enterprise data centers, the authors review design considerations and implementation methodologies. You will find design considerations for virtualized datacenters, high performance computing, ultra-low latency environments, and large-scale data centers. The authors walk through building multi-hypervisor and bare-metal infrastructures, demonstrate service integration, and introduce advanced telemetry capabilities for troubleshooting.
Leverage the architectural and management innovations built into Cisco® Application Centric Infrastructure (ACI)
- Understand the policy driven data center model
- Use policies to meet the network performance and design requirements of modern data center and cloud environments
- Quickly map hardware and software capabilities to application deployments using graphical tools—or programmatically, via the Cisco APIC API
- Increase application velocity: reduce the time needed to move applications into production
- Define workload connectivity instead of (or along with) subnets, VLAN stitching, and ACLs
- Use Python scripts and REST to automate policy changes, parsing, customization, and self-service
- Design policy-driven data centers that support hypervisors
- Integrate OpenStack via the Cisco ACI APIC OpenStack driver architecture
- Master all facets of building and operating multipurpose cloud architectures with ACI
- Configure ACI fabric topology as an infrastructure or tenant administrator
- Insert Layer 4–Layer 7 functions using service graphs
- Leverage centralized telemetry to optimize performance; find and resolve problems
- Understand and familiarize yourself with the paradigms of programmable policy driven networks
Product Details
ISBN-13: | 9781587144905 |
---|---|
Publisher: | Cisco Press |
Publication date: | 01/04/2015 |
Series: | Networking Technology Series |
Pages: | 384 |
Product dimensions: | 7.30(w) x 9.00(h) x 1.00(d) |
About the Author
Lucien Avramov , CCIE 19945, is a Senior Technical Marketing Engineer at Cisco. Lucien specializes in the Nexus data center portfolio and the ACI. Lucien designs datacenter networks worldwide and has a wide experience in switch architectures, QoS, ultra-low latency networks, high-performance computing designs, and OpenStack. Lucien is a distinguished Cisco Live speaker and former TAC technical leader, he has several industry certifications, authors RFCs at IETF, and owns an active patent. Lucien holds a master’s degree in Computer Science and a bachelor’s degree in General Engineering from Ecole des Mines d’Ales, France. In his spare time, Lucien can be found hiking, biking, running marathons around the world, and on Twitter: @flying91.
Maurizio Portolani , Distinguished Technical Marketing Engineer at Cisco Systems, focuses on the design of data center networks. He coauthored Data Center Fundamentals for Cisco Press, and holds several patents on current data center technologies. He attended the Politecnico of Torino (“Laurea in Ingegneria”) and Ecole Centrale Paris (“Diplôme d’Ingénieur”) where he majored in Electronics.
Table of Contents
Foreword xx
Introduction xxi
Chapter 1 Data Center Architecture Considerations 1
Application and Storage 1
Virtualized Data Center 2
Introduction 2
Definition and Virtualization Concepts 3
Network and Design Requirements 6
Storage Requirements 7
Big Data 7
Definition 7
Network Requirements 9
Cluster Design with the Hadoop Building Blocks: the POD 10
Storage Requirements 11
Design Considerations 11
High-Performance Compute 14
Definition 14
Network Requirements 14
Storage Requirements 14
Design Considerations 14
Design Topologies 15
Ultra-Low Latency 16
Definition 16
Network Requirements 17
Storage Requirements 18
Design Considerations 18
Design Topologies 19
Massively Scalable Data Center 21
Definition 21
Network Requirements 23
Storage Requirements 24
Design Considerations 24
Design Topologies 25
Design Topologies Examples 25
The POD-based Designs 26
The POD Model or the Data Model for Shared Infrastructure and Cloud Computing 26
The FlexPod Design 28
Data Center Designs 29
End of Row 29
Middle of Row 30
Top of Rack: The Modern Data Center Approach 30
Single-Homed Servers Design 32
Logical Data Center Design with the Spine-Leaf ACI Foundation Architecture 33
Summary 35
Chapter 2 Building Blocks for Cloud Architectures 37
Introduction to Cloud Architectures 37
Network Requirements of Clouds and the ACI Solution 39
Amazon Web Services Model 41
Automating Server Provisioning 43
PXE Booting 43
Deploying the OS with Chef, Puppet, CFengine, or Similar Tools 44
Chef 45
Puppet 46
Orchestrators for Infrastructure as a Service 47
vCloud Director 47
OpenStack 48
Project and Releases 48
Multi-Hypervisor Support 49
Installers 49
Architecture Models 50
Networking Considerations 51
UCS Director 51
Cisco Intelligent Automation for Cloud 52
Conciliating Different Abstraction Models 55
Summary 56
Chapter 3 The Policy Data Center 57
Why the Need for the Policy-Based Model? 57
The Policy Theory 59
Cisco APIC Policy Object Model 61
Endpoint Groups 63
Cisco APIC Policy Enforcement 66
Unicast Policy Enforcement 66
Multicast Policy Enforcement 69
Application Network Profiles 70
Contracts 71
Understanding Cisco APIC 79
Cisco ACI Operating System (Cisco ACI Fabric OS) 79
Architecture: Components and Functions of the Cisco APIC 80
Policy Manager 81
Topology Manager 81
Observer 82
Boot Director 82
Appliance Director 83
VMM Manager 83
Event Manager 83
Appliance Element 84
Architecture: Data Management with Sharding 84
Effect of Replication on Reliability 84
Effect of Sharding on Reliability 85
Sharding Technology 86
User Interface: Graphical User Interface 87
User Interface: Command-Line Interface 87
User Interface: RESTful API 88
System Access: Authentication, Authorization, and RBAC 88
Summary 89
Chapter 4 Operational Model 91
Introduction to Key Technologies and Tools for Modern Data Centers 92
Network Management Options 92
REST Protocol 93
XML, JSON, and YAML 94
Python 96
Python Basics 96
Where Is the main() Function? 97
Functions Definition 97
Useful Data Structures 98
Parsing Files 99
Verifying Python Scripts 101
Where to Run Python 101
Pip, EasyInstall, and Setup Tools 101
Which Packages Do I Need? 101
virtualenv 102
Git and GitHub 103
Basic Concepts of Version Control 103
Centralized Versus Distributed 104
Overview of Basic Operations with Git 104
Installing/Setting Up Git 105
Key Commands in Git 105
Operations with the Cisco APIC 106
Object Tree 108
Classes, Objects, and Relations 109
Naming Conventions 113
Object Store 114
Using REST to Program the Network 114
Tools to Send REST Calls 115
REST Syntax in Cisco ACI 117
Modeling Tenants in XML 119
Defining the Relationship Among EPGs (Providers and Consumers) 120
A Simple Any-to-Any Policy 121
ACI SDK 122
ACI Python Egg 122
How to Develop Python Scripts for ACI 123
Where to Find Python Scripts for ACI 124
For Additional Information 124
Summary 125
Chapter 5 Data Center Design with Hypervisors 127
Virtualized Server Networking 128
Why Have a Software Switching Component on the Server? 129
Overview of Networking Components 132
Virtual Network Adapters 132
Virtual Switching 133
Endpoint Groups 133
Distributed Switching 133
Hot Migration of Virtual Machines 134
Segmentation Options 134
VLANs 134
VXLANs 134
VXLAN Packet Format 135
VXLAN Packet Forwarding 136
VXLANs Without Multicast 137
Microsoft Hyper-V Networking 137
Linux KVM and Networking 141
Linux Bridging 142
Open vSwitch 143
OVS Architecture 143
Example Topology 145
Open vSwitch with OpenStack 146
OpenFlow 147
VMware ESX/ESXi Networking 149
VMware vSwitch and Distributed Virtual Switch 150
VMware ESXi Server Traffic Requirements 151
VXLAN Tagging with vShield 151
vCloud Director and vApps 152
vCloud Networks 153
Cisco Nexus 1000V 155
Port Extension with VN-TAG 158
Cisco ACI Modeling of Virtual Server Connectivity 160
Overlay Normalization 160
VMM Domain 161
Endpoint Discovery 162
Policy Resolution Immediacy 162
Cisco ACI Integration with Hyper-V 162
Cisco ACI Integration with KVM 163
Cisco ACI Integration with VMware ESX 164
Summary 165
Chapter 6 OpenStack 167
What Is OpenStack? 167
Nova 168
Neutron 169
Swift 173
Cinder 173
Horizon 174
Heat 174
Ironic 174
OpenStack Deployments in the Enterprise 176
Benefits of Cisco ACI and OpenStack 177
Cisco ACI Policy Model 178
Physical and Virtual Integration 179
Fabric Tunnels 179
Service Chaining 179
Telemetry 179
OpenStack APIC Driver Architecture and Operations 180
How Integration Works 180
Deployment Example 182
Installation of Icehouse 183
Configuration of the Cisco APIC Driver 185
Neutron.conf File 186
ML2_conf.ini File 186
ML2_cisco_conf.ini File 186
Configuration Parameters 187
Host-Port Connectivity 188
External Networks 188
PortChannel Configuration 188
Troubleshooting 188
The Group Based Policy Project at OpenStack 190
Summary 191
Chapter 7 ACI Fabric Design Methodology 193
Summary of ACI Fabric Key Functionalities 194
ACI Forwarding Behavior 194
Prescriptive Topology 194
Overlay Frame Format 196
VXLAN Forwarding 197
Pervasive Gateway 198
Outside Versus Inside 199
Packet Walk 201
Segmentation with Endpoint Groups 202
Management Model 204
Hardware and Software 207
Physical Topology 208
Cisco APIC Design Considerations 210
Spine Design Considerations 211
Leaf Design Considerations 212
Unknown Unicast and Broadcast 213
Use of VLANs as a Segmentation Mechanism 214
VLANs and VXLANs Namespaces 215
Concept of Domain 216
Concept of Attach Entity Profile 217
Multi-tenancy Considerations 218
Initial Configuration Steps 219
Zero-Touch Provisioning 220
Network Management 221
Policy-based Configuration of Access Ports 223
Configuring Switch Profiles for Each Leaf 228
Configuring Interface Policies 228
Interface Policy Groups and PortChannels 228
Interface Policy Groups 229
PortChannels 229
Virtual PortChannels 231
Virtual Machine Manager (VMM) Domains 233
VMM Domain 233
AEP for Virtualized Servers Connectivity 234
Configuring a Virtual Topology 235
Bridge Domain 237
Hardware Proxy 237
Flooding Mode 238
fvCtx 238
Endpoint Connectivity 238
Connecting a Physical Server 239
Connecting a Virtual Server 239
External Connectivity 240
Summary 241
Chapter 8 Service Insertion with ACI 243
Overview of ACI Design with Layer 4 Through Layer 7 Services 244
Benefits 244
Connecting Endpoint Groups with a Service Graph 244
Extension to Virtualized Servers 245
Management Model 245
Service Graphs, Functions, and Rendering 246
Hardware and Software Support 247
Cisco ACI Modeling of Service Insertion 248
Service Graph Definition 249
Concrete Devices and Logical Devices 250
Logical Device Selector (or Context) 251
Splitting Bridge Domains 251
Configuration Steps 252
Definition of a Service Graph 253
Defining the Boundaries of the Service Graph 253
The Metadevice 254
Defining an Abstract Node’s Functions 255
Defining an Abstract Node’s Connectors 257
Abstract Node Elements Summary 258
Connecting Abstract Nodes to Create the Graph 258
Definition of Concrete Devices and Cluster of Concrete Devices 260
Configuration of the Logical Device and Concrete Device 261
Configuration of the Logical Device Context (Cluster Device Selector) 264
Naming Summary 265
Summary 266
Chapter 9 Advanced Telemetry 267
Atomic Counters 267
The Principle 267
Further Explanation and Example 268
Atomic Counters and the APIC 270
Latency Metrics 271
ACI Health Monitoring 272
Statistics 273
Faults 274
Events, Logs, Diagnostics 279
Health Score 280
The Centralized show tech-support ACI Approach 281
Summary 282
Chapter 10 Data Center Switch Architecture 285
Data, Control, and Management Planes 285
Separation Between Data, Control, and Management Planes 286
Interaction Between Control, Data, and Management Planes 287
Protection of the Control Plane with CoPP 288
Control Plane Packet Types 288
CoPP Classification 290
CoPP Rate-Controlling Mechanisms 290
Data Center Switch Architecture 291
Cut-through Switching: Performance for the Data Center 292
Crossbar Switch Fabric Architecture 295
Unicast Switching over Crossbar Fabrics 297
Multicast Switching over Crossbar Fabrics 298
Overspeed in Crossbar Fabrics 298
Superframing in the Crossbar Fabric 299
The Scheduler 301
Crossbar Cut-through Architecture Summary 301
Output Queuing (Classic Crossbar) 302
Input Queuing (Ingress Crossbar) 303
Understanding HOLB 304
Overcoming HOLB with VoQ 304
Multistage Crossbar 305
Centralized Shared Memory (SoC) 306
Multistage SoC 307
Crossbar Fabric with SoC 307
SoC Fabric 308
QoS Fundamentals 309
Data Center QoS Requirements 309
Data Center Requirements 311
Type of QoS Used in Different Data Center Use Cases 312
Trust, Classification, and Marking Boundaries 313
Data Center QoS Capabilities 315
Understanding Buffer Utilization 315
The Buffer Bloat 317
Priority Flow Control 318
Enhanced Transmission Selection 319
Data Center Bridging Exchange 320
ECN and DCTCP 320
Priority Queue 321
Flowlet Switching: Nexus 9000 Fabric Load Balancing 322
Nexus QoS Implementation: The MQC Model 324
Summary 326
Conclusion 329
TOC, 9781587144905, 12/03/2014