Avatar

Cloud architects and IT operations need a consistent policy model for all applications and for the virtual and physical infrastructure hosting it. A policy model for control, monitoring, and enforcement contributes to bringing today’s siloed operational teams together, with the ability to integrate their workflows using automation tools. Today server virtualization is largely based on VMware so we frequently encounter VMware virtual infrastructure (VI) in our ACI customer environments.

There are three major aspects or points of integration between VMware VI and ACI to deliver simplified operations to the VI admin and net admins.

Integrating Cisco ACI with VMware

The first area is integration of programming of port groups for VMs.  The policy is enforced dynamically in the infrastructure, with full awareness of workload mobility and placement, with a choice of encapsulation methods.  This automates and simplifies the necessary plumbing required on the back end for the Net admins to support the VI admin.

The second point of integration between vCenter and APIC integrates tightly with vCenter open APIs to access the VM inventory and object information, such as VM attributes and network I/O stats, to manage configuration as well as provide visibility of virtual end points correlated with the physical topology. VI and Net admins can set policies based upon VM attributes and we can correlate that and push configurations based upon them (eg. VM names). VI and Net admins can also see the health of the physical and virtual infrastructure supporting the application. We can provide application and tenant level health information by correlating the telemetry and give the admins an end-to-end perspective on application or tenant health without requiring additional spending on complex external tools with limited correlation capabilities.

Another major point of integration is between vRealize and APIC exposing complete ACI networking services natively to vRealize automation. For example, through this integration vRealize admins can build multi-tier application designs that consume shared network services plans or dedicated virtual private cloud plans in a multi-tenant environment. Cloud and tenant admins can easily build such plans including load balancing or next-gen firewall services for their applications. This is accomplished while maintaining the advances in operations above mentioned, and without requiring additional investments to build a second overlay network because ACI delivers an integrated overlay without performance compromises.

Other vendors, like CliQR have built similar integration that leverages Cisco ACI and VMware vCenter, thus customers have maximum choice for cloud orchestration, since they can use APIC with vCenter and consume this from Cisco Enterprise Cloud Suite, CliQR, VMware vRealize, or others.

All of this is possible because Cisco APIC APIs are open, and because the industry can use these public APIs as well as those from VMware to provide value to our common customers. This is what SDN is all about.

It is important for companies like Cisco and partners such as VMware and Microsoft to provide public open access to their APIs. This enables integrated solutions by the partners that deliver choice, operational simplicity, and investment protection to their customers. The 50 or so partners in Cisco ACI ecosystem use our open APIs to do deliver value for our common customers today.

References:

Cisco SDN, the Disruptive ACI Technology, Leads to an Avalanche of Opportunities

Cisco Application Centric Infrastructure Fundamentals – Virtual Machine Manager Domains

Cisco ACI with VMware VDS and VMware vShield Integration

Cisco Application Centric Infrastructure and VMware Integration

Cisco ACI with VMware vRealize



Authors

Harry Petty

Director

Data Center and Cloud Marketing