Dario Lo Presti - Fotolia


Learn the basics of ACI network technology

Application-centric infrastructure is one way to support an SDN setup. By learning the basics, admins can manage networks with automation and data abstraction.

Software-defined networking technologies seek to eliminate storage and server limitations, abstracting the underlying hardware from a logical control layer and helping admins provision and manage the network with a much greater degree of automation and flexibility.

Application-centric infrastructure (ACI) is Cisco's variation of SDN. It allows network provisioning and management based on software needs and the quality of the corresponding UX. ACI's use of automation and hardware abstraction are the top reasons for implementation. 

Basics of an ACI network

ACI is an approach to network virtualization and provisioning that shifts the focus from infrastructure components to the application. ACI performs network virtualization in hardware instead of software, using an application-aware network policy and management layer.

Software-defined networking (SDN) is essentially a software stack that separates the network control system from the traffic management system, enabling network components to be more interchangeable. ACI changes network infrastructure into a service. Admins then manage the network application, its performance and the consequential UX rather than the underlying switches, routers and ports.

UX monitoring demands a new assortment of instrumentation within the infrastructure and application. This instrumentation collects different metrics, such as application responsiveness, traffic levels, application availability and uptime. For effective UX monitoring, admins must see how applications talk and exchange data across the network or view component interdependencies in a distributed application.

An ACI network can change troubleshooting approaches. With a traditional infrastructure, admins must log into discrete network devices, review logs, examine networking state information and make configuration changes. ACI helps admins examine the application and gather any correlated details about the application itself. Then admins can take actions to change or correct the network until the application runs as expected.

Ways to implement network virtualization

Depending on an organization's current infrastructure, admins can go with Cisco-written ACI or VMware's NSX network virtualization software.

Admins can build Cisco ACI fabric with a variety of hardware configurations. Setups must meet several criteria, such as physical-layer connectivity, memory space, analytics support, multicast routing support, support for link-layer encryption and Fibre Channel over Ethernet support.

Cisco's ACI is built as a two-layer leaf-spine network topology. Leaf switches connect to servers and storage, while spine switches mesh the leaf switches together into a greater fabric. With this setup, admins can minimize latency and data processing bottlenecks.

Cisco leaf-spine network topology
Distribution of a Cisco leaf-spine network fabric

A Cisco ACI network fabric typically involves Cisco Nexus 9300 leaf switches and Nexus 9500 spine switches directed by one or more application policy infrastructure controllers running a policy model.

Implementing network virtualization through an offering such as NSX requires no specialized hardware. A simple deployment evaluation uses VMware vCenter to create a number of ESXi hosts, a vSphere-based distributed switch and an NSX Manager virtual appliance. Once admins complete the evaluation and get all the software, most of the work focuses on software setup and configuration.

VMware NSX
Setup for VMware NSX network virtualization

Careful considerations for ACI setups

An ACI network provides several compelling advantages. Through network hardware abstraction from the logical control layer, ACI brings effective automation, network visibility, versatile integration via APIs and better security through techniques such as microsegmentation.

ACI monitors and gathers metrics that provide meaningful detail about application performance within the network, allowing more effective optimization and faster troubleshooting -- potentially identifying application problems before users even notice.

But ACI also carries some possible disadvantages. As a Cisco product, ACI is hardware-reliant and vendor-specific, and organizations must consider the implications of vendor lock-in and the effectiveness of any external integrations.

ACI relies heavily on networking policies and automation, but as with any automated infrastructure, this requires ongoing management, review and updates. Automation is not automatic.

Finally, ACI can impose a steep learning curve for admins primarily familiar traditional infrastructure provisioning strategies. It can be difficult for someone with more hardware-based networking expertise to start thinking in terms of applications, application performance and UX.

Dig Deeper on SDN and other network strategies