What is Application Centric Infrastructure (ACI)?
Simplest definition: A data center architecture which abstracts network building blocks (VLAN, VRF, Subnets, etc.) using policies!
In ACI architecture, from the HLD point of view, Nexus 9000 will act as the physical switching fabric, and Application Policy Infrastructure Controller (APIC), in the form of a clustered policy management system, will take care of policies.
As I called the word “fabric”, you can imagine a fabricpath-like topology, but:
- spines are not connected to each other
- leaves are not connected to each other
- leaves are connected to all spines
- all other connectivities are via the leaf nodes (no thing will be directly attached to spines!)
So, tell me where an APIC should be connected?
Obviously, to a leaf!
It’s all about policies! Policies define all the system configuration/administration. Also, a policy model define how applications and attached systems communicate.
ACI defines some new concepts, such as Service Graphs, Contracts, Filters, Application Profiles, Endpoint groups, etc. Hopefully, I’ll cover them in future posts.
By the concept of Service Graph, ACI is able to be highly integrated with Layer 4 to Layer 7 services devices. A Service Graph could be translated as a description of “where a service, such as a firewall, should be placed in the traffic flow”.
Ok, before diving into anything else, the first step would be provisioning a fabric and let it on. Interested? It will be more interesting in the next post!
By the way, I forgot to mention that, it would be nice to have Cisco ACI Fundamentals open while reading this.