How to Determine If ACI Multi-Site is the Right Data Center Solution
In this article
Organizations purchase data center infrastructure due to End of Support (EOS) for current hardware, expansion, or to build new greenfield data centers. A modern data center needs to be secure and optimized for application delivery. With more end users and IT staff working from home, organizations must also look at automating their Day 0 through Day 2 operations and cloud connectivity from on-premise workloads.
With over 80 percent of most modern data center traffic moving East-West, it is also important to consider moving from a traditional 3-tier architecture to a spine/leaf architecture for increased efficiency and security enablement.
The following considerations must be explored as organizations go through the exercise to determine the best solution for their business and technology use cases.
What needs to be scrutinized is in bold, as these design considerations did not exist 7-10 years ago when organizations last did a data center refresh.
- Architectural flexibility to meet evolving requirements
- Automation and analytics (new to today's network designs)
- Integration and interoperability with existing networks and security
- The learning curve involved (new to today's network designs if going to spine/leaf)
- Data center interconnection considerations
- Cloud connectivity (new to today's network designs)
- Segmentation in the data center (new to today's network designs)
If you're trying to navigate today's design considerations and new architectures, WWT recommends our Data Center Discovery Workshop to help determine the best solutions based on business and technical requirements. We offer a vendor-agnostic view via this workshop into what architectures and technologies OEMs offer and what customers are deploying successfully in production.
We can provide unique insight into multiple vendors and hundreds of customer deployments to determine the best solution for the organization. Understand each solution's pros and cons and determine the best solution from a business use case and technical requirements.
Today there are 4 data center architectures, and data center interconnection (DCI) is as follows:
- Traditional 3-Tier Architecture using Core/Agg/Access switches
- Multiple data center interconnections via L2 extension (OTV, EoMPLS, VPLS)
- Spine\Leaf VXLAN Network with MP-BGP EVPN Control Plane
- Multiple data center interconnections via OTV or VXLAN
- Cisco Application Centric Infrastructure (ACI)
- Multiple data center interconnections via Multi-Pod/Multi-Site
- Using a Hypervisor-Based Software Overlay to Create the Software-Defined Data Center
- Multiple data center interconnections via software-based extensions
As part of this discovery process to determine the correct solution, we developed a 4 module tutorial and lab environment that will go over the business and technical aspects to review the ACI Multi-Site solutions. ACI Multi-Site is part of Cisco's ACI Anywhere vision, which allows a single security and connectivity policy with a single pane of glass to manage all multi-cloud environments. The key to ACI Anywhere is the ACI Multi-Site Orchestrator (MSO), which allows the administrator to create consistent security and connectivity policies across multiple physical, virtual, and cloud-based sites.
This series of 4 lab modules will go through all the steps necessary to bring up an ACI Multi-Site environment from scratch and is divided into smaller modules for the student to consume easier. The modules are broken into smaller 4-hour sections.
When you finish with the first module, you will deploy the second module, starting where you finished the previous one. You can also continue in the doc as a code lab guide if you have the time to go through all four modules or just 2 or 3 modules. This set of labs was designed to be flexible, so as you have more time, you can proceed to a second module.
The overall lab architecture consists of 2 ACI sites, MSITE-EAST and MSITE-WEST, connected via the Inter-Site Network (ISN). A vCenter and 3 Multi-Site Orchestrator (MSO) nodes are also Used to build out the environment. The lab does use ACI simulators, so there is no data plane testing; however, all configuration and verification steps are identical to a physical fabric.
By using the on-demand labs, organizations can work through the various scenarios of setting up ACI Multi-Site to determine if it fits their business and technical connectivity requirements.
Module 1 offers a deep dive tutorial and labs on the technical and business benefits of VXLAN and the ACI initial setup process.
- VXLAN basics and ACI overview
- Lab 1: Initial APIC setup (EAST and WEST)
- Lab 2: ACI Fabric discovery
- Lab 3: APIC GUI walkthrough and Tenant creation
- Lab 4: Fabric setup and creating a backup for Module 2
Module 2 offers a deep dive tutorial and labs on the technical and business benefits of ACI VMM integration and the ACI policy model.
- Restoring the fabric to the end of Module 1
- ACI policy discussion
- VMM discussion
- Lab 5: VMM integration with ACI Lab 5
- Physical and logical policy discussion
- Lab 6, Part 1: Creating bridge domains
- Contracts and filters discussion
- Lab 6, Part 2: creating filter and contract creation
- Bridge Domain forwarding and endpoint learning discussion
- Lab 7: Application profile creation, EPG, and contact integration VMM integration
Module 3 offers a deep dive tutorial and labs on the technical and business benefits of ACI L2/L3 connectivity and micro-segmentation using Intra-EPG isolation and uEPGs.
- Restoring APIC fabric from a backup of lab 2
- ACI L2/3 policy discussion
- Layer 2 extension discussion
- Lab 8: Layer-2 connectivity
- Layer 3 discussion
- Lab 9: Layer 3 connectivity
- Micro-segmentation discussion
- Lab 10: Intra-EPG isolation and micro-segmentation using uEPGs
Module 4 offers a deep dive into the MSO installation and deploying an ACI policy from the MSO and the technical and business benefits of MSO.
- Lab 11: Restoring to module 3
- Lab 12: Creating the MSO Cluster
- Lab 13: Multi-Site Orchestrator GUI walkthrough
- Lab 13: Importing MSITE-EAST and MSITE-WEST into MSO
- Lab 14: Creating APIC spine policies and ISN connectivity
- Lab 15: Creating the Infra policies using the MSO
- Lab 16: Creating a Tenant in MSO
- Lab 17: Creating the schema and templates for MSITE
- Lab 18: Creating policy inside the templates and deploying to sites
The goals of the Multi-Site tutorials and labs aim to familiarize organizations with the concepts of configuring an ACI fabric from scratch, deploying and configuring the MSO, and adding the ACI fabrics to the MSO. Once users complete the four modules, they will better understand how Cisco's ACI Multi-Site solution fits their business and technical connectivity requirements.
You can access the lab modules via these links: