The Policy Driven Data Center with ACI, Cisco 30th Anniversary Special Edition

The Policy Driven Data Center with ACI, Cisco 30th Anniversary Special Edition

By (author)  , By (author) 

List price: US$500.00

Currently unavailable

Add to wishlist

AbeBooks may have this title (opens in new window).

Try AbeBooks


Use policies and Cisco (R) ACI to make data centers more flexible and configurable-and deliver far more business value Using the policy driven data center approach, networking professionals can accelerate and simplify changes to the data center, construction of cloud infrastructure, and delivery of new applications. As you improve data center flexibility, agility, and portability, you can deliver far more business value, far more rapidly. In this guide, Cisco data center experts Lucien Avramov and Maurizio Portolani show how to achieve all these benefits with Cisco Application Centric Infrastructure (ACI) and technologies such as python, REST, and OpenStack. The authors explain the advantages, architecture, theory, concepts, and methodology of the policy driven data center. Next, they demonstrate the use of python scripts and REST to automate network management and simplify customization in ACI environments. Drawing on experience deploying ACI in enterprise data centers, the authors review design considerations and implementation methodologies. You will find design considerations for virtualized datacenters, high performance computing, ultra-low latency environments, and large-scale data centers. The authors walk through building multi-hypervisor and bare-metal infrastructures, demonstrate service integration, and introduce advanced telemetry capabilities for troubleshooting. Leverage the architectural and management innovations built into Cisco (R) Application Centric Infrastructure (ACI) Understand the policy driven data center model Use policies to meet the network performance and design requirements of modern data center and cloud environments Quickly map hardware and software capabilities to application deployments using graphical tools-or programmatically, via the Cisco APIC API Increase application velocity: reduce the time needed to move applications into production Define workload connectivity instead of (or along with) subnets, VLAN stitching, and ACLs Use Python scripts and REST to automate policy changes, parsing, customization, and self-service Design policy-driven data centers that support hypervisors Integrate OpenStack via the Cisco ACI APIC OpenStack driver architecture Master all facets of building and operating multipurpose cloud architectures with ACI Configure ACI fabric topology as an infrastructure or tenant administrator Insert Layer 4-Layer 7 functions using service graphs Leverage centralized telemetry to optimize performance; find and resolve problems Understand and familiarize yourself with the paradigms of programmable policy driven networksshow more

Product details

  • Paperback | 384 pages
  • 187 x 232mm
  • Pearson Education (US)
  • Cisco Press
  • Indianapolis, United States
  • English
  • 1587144409
  • 9781587144400

About Lucien Avramov

Lucien Avramov , CCIE 19945, is a Senior Technical Marketing Engineer at Cisco. Lucien specializes in the Nexus data center portfolio and the ACI. Lucien designs datacenter networks worldwide and has a wide experience in switch architectures, QoS, ultra-low latency networks, high-performance computing designs, and OpenStack. Lucien is a distinguished Cisco Live speaker and former TAC technical leader, he has several industry certifications, authors RFCs at IETF, and owns an active patent. Lucien holds a master's degree in Computer Science and a bachelor's degree in General Engineering from Ecole des Mines d'Ales, France. In his spare time, Lucien can be found hiking, biking, running marathons around the world, and on Twitter: @flying91. Maurizio Portolani , Distinguished Technical Marketing Engineer at Cisco Systems, focuses on the design of data center networks. He coauthored Data Center Fundamentals for Cisco Press, and holds several patents on current data center technologies. He attended the Politecnico of Torino ("Laurea in Ingegneria") and Ecole Centrale Paris ("Diplome d'Ingenieur") where he majored in more

Table of contents

Foreword xx Introduction xxi Chapter 1 Data Center Architecture Considerations 1 Application and Storage 1 Virtualized Data Center 2 Introduction 2 Definition and Virtualization Concepts 3 Network and Design Requirements 6 Storage Requirements 7 Big Data 7 Definition 7 Network Requirements 9 Cluster Design with the Hadoop Building Blocks: the POD 10 Storage Requirements 11 Design Considerations 11 High-Performance Compute 14 Definition 14 Network Requirements 14 Storage Requirements 14 Design Considerations 14 Design Topologies 15 Ultra-Low Latency 16 Definition 16 Network Requirements 17 Storage Requirements 18 Design Considerations 18 Design Topologies 19 Massively Scalable Data Center 21 Definition 21 Network Requirements 23 Storage Requirements 24 Design Considerations 24 Design Topologies 25 Design Topologies Examples 25 The POD-based Designs 26 The POD Model or the Data Model for Shared Infrastructure and Cloud Computing 26 The FlexPod Design 28 Data Center Designs 29 End of Row 29 Middle of Row 30 Top of Rack: The Modern Data Center Approach 30 Single-Homed Servers Design 32 Logical Data Center Design with the Spine-Leaf ACI Foundation Architecture 33 Summary 35 Chapter 2 Building Blocks for Cloud Architectures 37 Introduction to Cloud Architectures 37 Network Requirements of Clouds and the ACI Solution 39 Amazon Web Services Model 41 Automating Server Provisioning 43 PXE Booting 43 Deploying the OS with Chef, Puppet, CFengine, or Similar Tools 44 Chef 45 Puppet 46 Orchestrators for Infrastructure as a Service 47 vCloud Director 47 OpenStack 48 Project and Releases 48 Multi-Hypervisor Support 49 Installers 49 Architecture Models 50 Networking Considerations 51 UCS Director 51 Cisco Intelligent Automation for Cloud 52 Conciliating Different Abstraction Models 55 Summary 56 Chapter 3 The Policy Data Center 57 Why the Need for the Policy-Based Model? 57 The Policy Theory 59 Cisco APIC Policy Object Model 61 Endpoint Groups 63 Cisco APIC Policy Enforcement 66 Unicast Policy Enforcement 66 Multicast Policy Enforcement 69 Application Network Profiles 70 Contracts 71 Understanding Cisco APIC 79 Cisco ACI Operating System (Cisco ACI Fabric OS) 79 Architecture: Components and Functions of the Cisco APIC 80 Policy Manager 81 Topology Manager 81 Observer 82 Boot Director 82 Appliance Director 83 VMM Manager 83 Event Manager 83 Appliance Element 84 Architecture: Data Management with Sharding 84 Effect of Replication on Reliability 84 Effect of Sharding on Reliability 85 Sharding Technology 86 User Interface: Graphical User Interface 87 User Interface: Command-Line Interface 87 User Interface: RESTful API 88 System Access: Authentication, Authorization, and RBAC 88 Summary 89 Chapter 4 Operational Model 91 Introduction to Key Technologies and Tools for Modern Data Centers 92 Network Management Options 92 REST Protocol 93 XML, JSON, and YAML 94 Python 96 Python Basics 96 Where Is the main() Function? 97 Functions Definition 97 Useful Data Structures 98 Parsing Files 99 Verifying Python Scripts 101 Where to Run Python 101 Pip, EasyInstall, and Setup Tools 101 Which Packages Do I Need? 101 virtualenv 102 Git and GitHub 103 Basic Concepts of Version Control 103 Centralized Versus Distributed 104 Overview of Basic Operations with Git 104 Installing/Setting Up Git 105 Key Commands in Git 105 Operations with the Cisco APIC 106 Object Tree 108 Classes, Objects, and Relations 109 Naming Conventions 113 Object Store 114 Using REST to Program the Network 114 Tools to Send REST Calls 115 REST Syntax in Cisco ACI 117 Modeling Tenants in XML 119 Defining the Relationship Among EPGs (Providers and Consumers) 120 A Simple Any-to-Any Policy 121 ACI SDK 122 ACI Python Egg 122 How to Develop Python Scripts for ACI 123 Where to Find Python Scripts for ACI 124 For Additional Information 124 Summary 125 Chapter 5 Data Center Design with Hypervisors 127 Virtualized Server Networking 128 Why Have a Software Switching Component on the Server? 129 Overview of Networking Components 132 Virtual Network Adapters 132 Virtual Switching 133 Endpoint Groups 133 Distributed Switching 133 Hot Migration of Virtual Machines 134 Segmentation Options 134 VLANs 134 VXLANs 134 VXLAN Packet Format 135 VXLAN Packet Forwarding 136 VXLANs Without Multicast 137 Microsoft Hyper-V Networking 137 Linux KVM and Networking 141 Linux Bridging 142 Open vSwitch 143 OVS Architecture 143 Example Topology 145 Open vSwitch with OpenStack 146 OpenFlow 147 VMware ESX/ESXi Networking 149 VMware vSwitch and Distributed Virtual Switch 150 VMware ESXi Server Traffic Requirements 151 VXLAN Tagging with vShield 151 vCloud Director and vApps 152 vCloud Networks 153 Cisco Nexus 1000V 155 Port Extension with VN-TAG 158 Cisco ACI Modeling of Virtual Server Connectivity 160 Overlay Normalization 160 VMM Domain 161 Endpoint Discovery 162 Policy Resolution Immediacy 162 Cisco ACI Integration with Hyper-V 162 Cisco ACI Integration with KVM 163 Cisco ACI Integration with VMware ESX 164 Summary 165 Chapter 6 OpenStack 167 What Is OpenStack? 167 Nova 168 Neutron 169 Swift 173 Cinder 173 Horizon 174 Heat 174 Ironic 174 OpenStack Deployments in the Enterprise 176 Benefits of Cisco ACI and OpenStack 177 Cisco ACI Policy Model 178 Physical and Virtual Integration 179 Fabric Tunnels 179 Service Chaining 179 Telemetry 179 OpenStack APIC Driver Architecture and Operations 180 How Integration Works 180 Deployment Example 182 Installation of Icehouse 183 Configuration of the Cisco APIC Driver 185 Neutron.conf File 186 ML2_conf.ini File 186 ML2_cisco_conf.ini File 186 Configuration Parameters 187 Host-Port Connectivity 188 External Networks 188 PortChannel Configuration 188 Troubleshooting 188 The Group Based Policy Project at OpenStack 190 Summary 191 Chapter 7 ACI Fabric Design Methodology 193 Summary of ACI Fabric Key Functionalities 194 ACI Forwarding Behavior 194 Prescriptive Topology 194 Overlay Frame Format 196 VXLAN Forwarding 197 Pervasive Gateway 198 Outside Versus Inside 199 Packet Walk 201 Segmentation with Endpoint Groups 202 Management Model 204 Hardware and Software 207 Physical Topology 208 Cisco APIC Design Considerations 210 Spine Design Considerations 211 Leaf Design Considerations 212 Unknown Unicast and Broadcast 213 Use of VLANs as a Segmentation Mechanism 214 VLANs and VXLANs Namespaces 215 Concept of Domain 216 Concept of Attach Entity Profile 217 Multi-tenancy Considerations 218 Initial Configuration Steps 219 Zero-Touch Provisioning 220 Network Management 221 Policy-based Configuration of Access Ports 223 Configuring Switch Profiles for Each Leaf 228 Configuring Interface Policies 228 Interface Policy Groups and PortChannels 228 Interface Policy Groups 229 PortChannels 229 Virtual PortChannels 231 Virtual Machine Manager (VMM) Domains 233 VMM Domain 233 AEP for Virtualized Servers Connectivity 234 Configuring a Virtual Topology 235 Bridge Domain 237 Hardware Proxy 237 Flooding Mode 238 fvCtx 238 Endpoint Connectivity 238 Connecting a Physical Server 239 Connecting a Virtual Server 239 External Connectivity 240 Summary 241 Chapter 8 Service Insertion with ACI 243 Overview of ACI Design with Layer 4 Through Layer 7 Services 244 Benefits 244 Connecting Endpoint Groups with a Service Graph 244 Extension to Virtualized Servers 245 Management Model 245 Service Graphs, Functions, and Rendering 246 Hardware and Software Support 247 Cisco ACI Modeling of Service Insertion 248 Service Graph Definition 249 Concrete Devices and Logical Devices 250 Logical Device Selector (or Context) 251 Splitting Bridge Domains 251 Configuration Steps 252 Definition of a Service Graph 253 Defining the Boundaries of the Service Graph 253 The Metadevice 254 Defining an Abstract Node's Functions 255 Defining an Abstract Node's Connectors 257 Abstract Node Elements Summary 258 Connecting Abstract Nodes to Create the Graph 258 Definition of Concrete Devices and Cluster of Concrete Devices 260 Configuration of the Logical Device and Concrete Device 261 Configuration of the Logical Device Context (Cluster Device Selector) 264 Naming Summary 265 Summary 266 Chapter 9 Advanced Telemetry 267 Atomic Counters 267 The Principle 267 Further Explanation and Example 268 Atomic Counters and the APIC 270 Latency Metrics 271 ACI Health Monitoring 272 Statistics 273 Faults 274 Events, Logs, Diagnostics 279 Health Score 280 The Centralized show tech-support ACI Approach 281 Summary 282 Chapter 10 Data Center Switch Architecture 285 Data, Control, and Management Planes 285 Separation Between Data, Control, and Management Planes 286 Interaction Between Control, Data, and Management Planes 287 Protection of the Control Plane with CoPP 288 Control Plane Packet Types 288 CoPP Classification 290 CoPP Rate-Controlling Mechanisms 290 Data Center Switch Architecture 291 Cut-through Switching: Performance for the Data Center 292 Crossbar Switch Fabric Architecture 295 Unicast Switching over Crossbar Fabrics 297 Multicast Switching over Crossbar Fabrics 298 Overspeed in Crossbar Fabrics 298 Superframing in the Crossbar Fabric 299 The Scheduler 301 Crossbar Cut-through Architecture Summary 301 Output Queuing (Classic Crossbar) 302 Input Queuing (Ingress Crossbar) 303 Understanding HOLB 304 Overcoming HOLB with VoQ 304 Multistage Crossbar 305 Centralized Shared Memory (SoC) 306 Multistage SoC 307 Crossbar Fabric with SoC 307 SoC Fabric 308 QoS Fundamentals 309 Data Center QoS Requirements 309 Data Center Requirements 311 Type of QoS Used in Different Data Center Use Cases 312 Trust, Classification, and Marking Boundaries 313 Data Center QoS Capabilities 315 Understanding Buffer Utilization 315 The Buffer Bloat 317 Priority Flow Control 318 Enhanced Transmission Selection 319 Data Center Bridging Exchange 320 ECN and DCTCP 320 Priority Queue 321 Flowlet Switching: Nexus 9000 Fabric Load Balancing 322 Nexus QoS Implementation: The MQC Model 324 Summary 326 Conclusion 329 TOC, 9781587144400, 11/20/2014show more