Cisco Systems recently announced its strategy to address dynamically changing application requirements referred to as Application Centric Infrastructure (ACI) .ACI is a holistic architecture with centralized automation and policy-driven application profiles. It delivers software flexibility with the scalability of hardware performance and facilitates rapid systems integration and customization for network services, monitoring, management, and orchestration with visibility of both physical and virtual networks. It’s built upon a fabric foundation that delivers the best in class infrastructure by combining hardware, software, and ASIC innovations into an integrated system.
The architecture provides a common management framework for network, application, security and virtualization teams making IT more agile while reducing application deployment time. It is also optimized for running today’s physical and virtual applications along with being ready for tomorrow’s emerging architectures that will be needed to support an “application anywhere” model with complete freedom of application movement and placement. The Architecture is built for multi-tenancy, ensuring proper isolation and detailed telemetry for SLAs across different consumers of the infrastructure while also providing a consistent security policy across both physical and virtual applications.
Key characteristics of ACI include:
F5's Synthesis architecture is a vision for delivering Software Defined Application Services. Its high performance services fabric enables organizations to rapidly provision, manage and orchestrate a rich catalog of services using simplified business models that dramatically changes the economy of scale for Layer 4-7 services. The joint Cisco ACI and F5 Synthesis solution enables IT to operationalize critical data center network and Layer 4 through 7 services to meet business and consumer demands for application performance, security, and reliability in a compliant, standard, and repeatable way.
With the Cisco ACI and F5 solution’s fully programmable load-balancing services technology, customers can implement application-centric deployments with the Cisco ACI fabric, using contracts, filters, and service graphs to control traffic between application tiers. This model provides stateless load balancing for a three-tier application in the data center with agility and full automation. Traffic can be redirected to F5 BIG-IP LTM load-balancer devices (both physical and virtual) using an appropriate device package integrated into Cisco APIC.
The APIC manages F5 BIG-IP LTM devices and its supported functions through the use of device packages, which are used to define, configure, and monitor service devices. A device package allows adding, modifying, or removing a network service on the APIC without interruption. The Device Package is a zip file that contains all the information needed for the APIC to integrate with BIG-IP LTM.
Traditional approaches to inserting L4-L7 services into a network involve highly manual operations for example VLAN (Layer 2) or Virtual Routing and Forwarding (VRF) instance (Layer 3) stitching between network elements and service appliances, that takes days or even weeks to deploy an App. Likewise when an application is retired, removing a service device configuration, such as firewall rules, can be difficult.
Cisco ACI will provide customers with an automated Service Insertion and Policy management model which is the evolution of the next generation Data Center architecture compared to the “traditional” model of services insertion. Cisco ACI controller (APIC) can automate service insertion while acting as a central point of policy control. APIC can also automatically configure the service according to the application’s requirements, which allows organizations to automate service insertion and eliminate the challenge of managing the complex techniques of traditional service insertion.
F5 BIG-IP LTM integrates with Cisco APIC through well-established and open southbound APIs. This integration automates network and service provisioning across the F5 services fabric, providing end-to-end telemetry and visibility of applications and tenants. Cisco APIC acts as a central point of configuration management and automation for Layer 4 through 7 services and tightly coordinates service delivery, serving as the controller for network automation. Cisco APIC automates the insertion and provisioning of network services through the F5 BIG-IP platform: for example, SSL offload, server load balancing (SLB), and Microsoft SharePoint services.
F5 announced its device package for Cisco APIC integration in early August 2014. Cisco ACI-F5 BIG-IP joint solution was also showcased at F5 Agility, 2014 in New York during breakout sessions, in solution labs, solutions Expo and in keynote panel. Cisco also recently published a jointly written technical whitepaper, a solutions brief and a Design guide with F5
The F5 Device Package for Cisco Application Policy Infrastructure Controller ™ (APIC) is now available. To download at no cost, please visit https://downloads.f5.com/esd/productlines.jsp
Cisco Alliance page - https://f5.com/partners/product-technology-alliances/cisco
Cisco page on DevCentral - https://devcentral.f5.com/s/cisco
Cisco Blog on Device Package – http://blogs.cisco.com/datacenter/f5-device-package-for-cisco-apic-goes-fcs/
Technical Solution Whitepaper - http://www.cisco.com/c/dam/en/us/solutions/collateral/data-center-virtualization/application-centric...
Device Package integration demo - https://www.youtube.com/watch?v=5Nw2vtid7Zs