Solution overview

Cisco public

Cisco Application Centric

Infrastructure (ACI) Release 5.2
Cisco ACI solution
Cisco® Application Centric Infrastructure
(Cisco ACI®) is part of our intent-based
networking framework to enable agility and
resiliency in the data center. It captures higher-
level business and user intent in the form of a
policy and translates this policy into the network
constructs necessary to dynamically provision
the network, security, and infrastructure services.
Built on top of the industry-leading Cisco
Nexus® 9000 platform, Cisco ACI uses a holistic,
systems-based approach, with tight integration
between hardware and software and between
physical and virtual elements, an open ecosystem
model, and innovative Cisco Application-Specific
Integrated Circuits (ASICs) to enable unique
business value for modern data centers.
Cisco ACI is the industry’s most secure,
open, and comprehensive Software-Defined
Networking (SDN) solution.
Cisco ACI enables automation that accelerates
infrastructure deployment and governance,
simplifies management to easily move workloads
across a multifabric and multicloud framework,
Contents
and proactively secures against risk arising from
anywhere. It radically simplifies, optimizes, and
expedites the application deployment lifecycle. Cisco ACI solution
Modern data centers are dynamic. IT operations Benefits
must meet the expectation of quality of
service business needs in a rapidly changing
environment. Cisco ACI transforms IT operations
Cisco ACI building blocks
from reactive to proactive with a highly intelligent
set of software capabilities that analyzes Cisco ACI
every component of the data center to ensure deployment models
business intent, guarantee reliability, and identify
performance issues in the network before Cisco Nexus Dashboard
they happen.
As application usage gets more pervasive across Cisco ACI Anywhere:
the enterprise network, IT professionals are popular integrations
looking to build solutions for consistent policy
and encryption from the campus to the data
center. For example, Cisco ACI integrations with
Cisco Capital
Cisco® Software-Defined Access (SD-Access)
/Cisco DNA Center and Cisco SD-WAN allow Cisco ACI Open Ecosystem
customers to automate and extend policy,
security, assurance, and insights across their For more information
entire networking ecosystem.

©
© 2021
2019 Cisco
Cisco and/or
and/or its
its affiliates.
affiliates. All
All rights
rights reserved.
reserved.
Solution overview
Cisco public

Benefits Figure 1. Cisco ACI differentiated business benefits

Cisco ACI Anywhere

To keep up with the massive influx of data and the increased
demands on the network for speed and agility, networking Cisco ACI Anywhere
professionals are learning to broker, connect, build, and
govern their networks not only in the data center, but also
across a vast multicloud landscape. Operational simplicity
Same “look and feel”
Cisco Application Centric Infrastructure (Cisco ACI) was built as on premises Containers Hypervisor

to simplify the IT infrastructure and operations by automating

the network, providing pervasive security, and, if required, Cisco ACI
accelerate businesses to move to a multicloud environment. Automated policy translation
Consistency across the Anywhere
With Cisco ACI, customers can manage complexity, entire data center
Cloud
maximize business benefits, and deploy workloads in any Data
exchange
center
location, small and large, on premises and remote, in private Common governance
and public clouds, satellite data centers, and 5G-enabled End-to-end discovery,
telecom edges. visibility and troubleshooting On-premises
cloud

IoT edge
With Cisco ACI, you can build a better network anywhere.

Digital transformation and business resiliency

Applications are at the center of the drive to modernize traditional businesses and the foundation of their digital transformation. The current discussion is
about how applications have changed the very nature of data – how the data is generated, how it is analyzed, and how it is delivered. These are fundamentally
new classes of applications that need to be considered in order to enhance the overall resiliency and agility of a business. These new applications have the
following characteristics. They are.
• Modular and distributed across the enterprise. Applications follow the data. Now organizations need—and can get—data from everywhere, from
every device and at any time to answer questions about their markets and customers. As a result, monolithic applications are dissolving rapidly into
interconnected agile microservices that are delivered through a variety of virtual and physical workloads, including containers, across the entire enterprise.
• Built continuously and rapidly. The decentralization of application development enables companies to build new applications and services at vastly faster
speeds and greater scales than were possible in the old centralized, “waterfall development” methods. Today, new applications are custom built, are
updated by the minute, and often have a shelf-life of only a few days.
• Increasingly ML-enabled, AI-powered. The emergence of AI-powered and Machine Learning (ML)―enabled applications for both business and consumer
use will lead to a whole new world of connected, intelligent, and automated devices that are deployed everywhere.

© 2021 Cisco and/or its affiliates. All rights reserved.

Solution overview
Cisco public

The main benefits of Cisco ACI include the following:

Cisco ACI building blocks
Accelerate network operations Cisco ACI and architectural solutions are built with the following
A flexible and yet highly available network that allows agile application building blocks:
deployment within a site, across sites, and across global data centers while
• Cisco Application Policy Infrastructure Controller (APIC)
removing the need for complex Data Center Interconnect (DCI) infrastructure.
• Cisco Nexus 9000 Series spine and leaf switches for Cisco ACI
• Operational simplicity, with common policy, management, and operation
Figure 2. Cisco ACI building blocks
models across application, network, and security resources
• Centralized network management and visibility with full automation and
real-time network health monitoring Cisco APIC
• Seamless integration of underlay and overlay Centralized policy model

• Open northbound APIs to provide flexibility for DevOps teams and Open API for entire system

ecosystem partner integration

• A cloud-ready SDN solution Cisco Nexus 9000
Series Switches
• Common platform for managing physical and virtual environments
Industry-leading:
• Automation of IT workflows and application deployment agility
Price

Securely expand to multicloud Performance

• Create business continuity and provide disaster recovery Port-density

Physical, virtual, WAN IP storage Network
Programmability and container interconnect service
• Inherent security with a zero-trust whitelist model and innovative features in workloads appliances

policy enforcement, microsegmentation, and analytics Power efficiency

Visibility and telemetry

• Integrated security with Cisco security products and ecosystem partners
• Consistent security posture at scale across a multicloud environment

Deliver superior application experience

• Single policy and seamless connectivity across any data center and public
cloud
• Through any hypervisor, for any workload, at any location, using any cloud
• Cloud automation enabled by integration with vRealize, Azure Pack,
OpenStack, OpenShift, Kubernetes, and Cisco UCS® Director
• Open APIs and a programmable SDN fabric, with 65+ ecosystem partners
Cisco Application Policy Infrastructure Controller (APIC)
The infrastructure controller is the main architectural component of the
Cisco ACI solution. It is the unified point of automation and management for
the Cisco ACI fabric, policy enforcement, and health monitoring. The APIC
appliance is a centralized, clustered controller that optimizes performance
and unifies the operation of physical and virtual environments. The controller
manages and operates a scalable multitenant Cisco ACI fabric.

© 2021 Cisco and/or its affiliates. All rights reserved.

Solution overview
Cisco public
The main features of the Cisco APIC include the following:
• Application-centric network policies
• Data-model-based declarative provisioning
• Application and topology monitoring and troubleshooting
• Third-party integration
- Layer 4 through Layer 7 (L4-L7) services
- VMware vCenter and vRealize
- Microsoft Hyper-V, Microsoft System Center Virtual Machine Manager
(SCVMM), and Azure Pack
- Open vSwitch (OVS) and OpenStack
- Kubernetes
• Image management (spine and leaf)
• Cisco ACI inventory and configuration
• Implementation on a distributed framework across a cluster of appliances
New features in Cisco ACI Release 5.2 include the following
• APIC cluster connectivity to fabric over
Layer 3 network
- Supports deployment of APIC clusters
in remote locations (for example, a DMZ
network) and connects the clusters to the
fabric (spine and leaf) over an IP network
- Provides flexibility and improves ease
of deployment
• Software maintenance upgrade support
- Capability to upgrade APIC or a fabric
switch using a patch
- Provides flexibility and improves usability of
the product
© 2021 Cisco and/or its affiliates. All rights reserved.
• Health scores for critical managed objects (tenants, application profiles,
switches, etc.)
• Fault, event, and performance management
Cisco Nexus 9000 series spine and leaf switches for Cisco ACI
Cisco Nexus 9300 and 9500 platform switches support Cisco ACI.
Organizations can use them as spine or leaf switches to take full advantage
of an automated, policy-based, systems management approach.
Cisco Nexus 9000 Series Switches include modular and fixed 1, 10, 25, 40,
50, 100 and 400 Gigabit Ethernet switch configurations that are designed
to operate either in NX-OS mode for compatibility and consistency with the
current Cisco Nexus switches (using Cisco NX-OS Software) or in ACI mode
to take full advantage of Cisco ACI application-policy-based services and
infrastructure automation features. This dual-function capability provides
customers with investment protection and ease of migration to Cisco ACI
through a software upgrade.
• Support for back-to-back link between remote • Policy based routing enhancements
leaf pairs - Provides support for PBR on L3Out
- East-west traffic between nodes behind a - Provides dynamic MAC learning on
pair of remote leafs now can leverage the Layer 3 PBR
physical links between the remote leaf pairs
- Provides inter-EPG contract support on
instead of hair-pinning
L3Out with permit, deny, and PBR actions
- Improves ease of deployment and TCO
- Improves ease of use and deployment
• Endpoint Security Group (ESG) enhancements
The controller framework enables broad
- Provides support for additional classifiers
ecosystem and industry interoperability with Cisco
(MAC and VM tags)
ACI. It enables interoperability between a Cisco
- Provides tag-selector support, which ACI environment and management, orchestration,
enables migration of EPGs to ESGs virtualization, and L4-L7 services from a broad
- Improves ease of use and deployment range of vendors.
Solution overview
Cisco public

Cisco ACI Figure 3. Cisco ACI MultiPod

deployment models
Cisco ACI consists of the following architectural
solutions:

• Cisco ACI MultiPod

• Cisco Nexus Dashboard Orchestrator
Interpod IP network
• Cisco Cloud ACI
- Cloud ACI extended to AWS and Microsoft
Azure
- Cloud-only solutions
Site A Site B
- Cisco Cloud APIC
- Cisco Cloud Service Router (CSR)
1000v Series
A single APIC cluster extends network virtualization
- Cisco Nexus Dashboard Orchestrator policy and services to multiple pods

• Cisco ACI Physical Remote Leaf Active/active data Virtual metro Stretch VRF, EPG, BD Up to 50ms
centers clusters across pods with VXLAN latency
• Cisco ACI Mini Fabric

Cisco ACI MultiPod

Cisco ACI MultiPod is part of the “single APIC
cluster/single domain” family of solutions; a Cisco Nexus Dashboard Orchestrator
single APIC cluster is deployed to manage all the
The Cisco Multi-Site Orchestrator (MSO) has become the Nexus Dashboard Orchestrator.
different ACI networks that are interconnected.
The Nexus Dashboard Orchestrator provides a single point of provisioning for multiple Cisco ACI
These separate ACI networks are called “pods,”
fabrics operating in a coordinated way. When this solution is combined with the latest networking
and each of them looks like a regular two-tiers
enhancements of Cisco ACI, organizations can manage extension network elements such as Virtual
spine-leaf topology. The same APIC cluster
Routing and Forwarding (VRF) instances, bridge domains, and subnets across multiple fabrics. It
can manage several pods, and, to increase the
enables centralized policy and security controls across geographically distributed fabrics and very large
resiliency of the solution, the various controller
scaled-out fabrics with automation and operations from a common point, allowing for a global cloud-
nodes that make up the cluster can be deployed
scale infrastructure.
across different pods.

© 2021 Cisco and/or its affiliates. All rights reserved.

Solution overview
Cisco public

The main features of Cisco Nexus Dashboard Orchestrator include the
following:
• Single point of administration for multiple Cisco ACI fabrics
• Capability to map tenants, applications, and associated networks to
specific availability domains within the Cisco ACI multisite
• Change control across multiple fabrics, allowing staging, testing, and if
required, clean backout of any policy changes
• Automatic configuration and management of fabric network interconnects
across an IP backbone
Figure 4. Cisco Nexus Dashboard Orchestrator
cloud environments. It uses a holistic approach to enable application
availability and segmentation for bare-metal, virtualized, containerized, or
microservices-based applications deployed across multiple cloud domains.
The common policy and operating model drastically reduces the cost
and complexity of managing multicloud deployments. It provides a single
management console to configure, monitor, and operate multiple disjoint
environments spread across multiple clouds. Cisco Cloud ACI is available
on AWS and Microsoft Azure; future availability for Google Cloud has been
announced.

Cisco Nexus
What’s new in Cloud ACI for Cisco ACI Release 5.2:
Dashboard
Orchestrator • Brownfield VNet import on Azure: This feature will enable Azure
Cloud customers to view existing brownfield VNets from within
the Cloud APIC purview and connect their greenfield VNets to the
A A A A

Site 1 - DCNM Site 2 Site 3 Public cloud

brownfield VNets imported into Cloud ACI.

• AWS Transit Gateway Connect: Using this feature, customers will be

able to auto-configure their AWS Transit Gateway Connect through a
Cloud APIC to support dynamic routing between Cisco Cloud Service
Routers (CSRs) and AWS Transit Gateway.
Single pane of Consistent High availability Simple fault No latency
management policy and scale isolation domain issues • Private IP Address for Cloud APIC and CSRs on AWS: This will
enable customers to deploy their Cloud ACI solution with a private
backbone network between their on-premises and AWS data centers.

• VNet Peering across Azure Active Directories: This feature

enables operational flexibility for customers who want to use multiple
Cisco Cloud ACI
Azure subscriptions to manage their application segments within
Cisco Cloud Application Centric Infrastructure (Cisco Cloud ACI) is a Azure cloud.
comprehensive solution for simplified operations, automated network
connectivity, consistent policy management, and visibility for multiple
on-premises data centers and public clouds or multicloud environments.
The solution captures business and user intents and translates them
into native policy constructs for applications deployed across various

© 2021 Cisco and/or its affiliates. All rights reserved.

Solution overview
Cisco public

Figure 5. Cisco Cloud ACI Cisco ACI Physical remote leaf

Cisco Nexus
Dashboard
With Cisco ACI Physical Remote Leaf, customers can place a regular leaf
Orchestrator
switch in a remote/satellite location and connect back to the spine switch
in the main (on-premises) location and, in turn, extend Cisco ACI policy
into the remote/satellite location. By doing so, customers can also take
Site 1 Site 2 Site 3 Site 4
advantage of all the benefits of the Physical Remote Leaf, from diverse
interfaces to superior performance and scale and built-in encryption.
Figure 6. Cisco ACI Physical Remote Leaf

ACI - on premises
Google Cloud
Platform
Consistent network and policy

Hybrid cloud integration Multi-cloud only Health scores, Zero-touch automatic

EPG stats discovery of remote leaf

Cloud-only solutions
Any routed IP network
Cisco offers, with a Cisco Cloud ACI, a cloud only approach, which
uncouples the solution from the on-premises data center and allows you to Stretch EPG, Two remote leaves,
BD, VRF, for up to 20 remote
securely connect and segment workloads not only in the public cloud, but tenant, contract locations
Remote location
also across public clouds.
Site A
Cisco Cloud ACI: required components
• Cisco Cloud APIC
Manage multiple cloud regions and Cisco Cloud Services Routers (CSR)
1000v Series from a single instance of Cisco Cloud APIC and enable Cisco ACI Mini fabric
consistent policy, security, and operations through secure interconnect for
a multicloud environment. With the introduction of Cisco Mini ACI Fabric, customers can now leverage
an optimized Cisco ACI solution for their small-scale deployments. This
• Cisco Nexus Dashboard Orchestrator
Responsible for provisioning, health monitoring, and managing the full solution comprises APIC-CLUSTER-XS (one physical and two virtual
lifecycle of Cisco ACI networking policies and stretched tenant policies controllers) along with two spines and a minimum of two and a maximum of
across Cisco ACI sites around the world, both on premises and in the four leaves.
cloud. It is the single source of truth for policies.
• Cisco Cloud Services Router 1000v Series
Cloud ACI uses the Cisco Cloud Services Router (CSR) 1000v Series
as the cloud router for connectivity between on-premises and
cloud environments.
© 2021 Cisco and/or its affiliates. All rights reserved.
Solution overview
Cisco public

Figure 7. Cisco ACI Mini Fabric • Easy to use

- Customizable role-based UI view to provide a focused view on network
operators use cases
Preconfigured, making it easier - Single Sign-On (SSO) for a seamless user experience across
to get the right components
operation services
- Single console for health monitoring and quick service turnup
Priced to offer great value
• Easy to scale
Based on the latest
technology, to help make
- High availability, scale-out operations from a single dashboard
business future ready
- Scale use cases, leveraging flexible deployment options
- Operations that span across on-premises, multicloud, and edge networks

Easy to order and great value • Easy to maintain

- Seamless integration and lifecycle management of operational services
- Onboarding and managing of operational services across on-premises,
cloud, or hybrid environments
- Single point of integration for critical third-party applications and tools

Cisco Nexus Dashboard Figure 8. Cisco Nexus Dashboard

Cisco Nexus Dashboard provides a single automation platform to access

operational services and tools for the data center and network. Using Cisco Nexus Dashboard Single dashboard to view health
the Cisco Nexus Dashboard platform, customers can deploy Cisco Single UI to consume application services

Nexus Dashboard Orchestrator (NDO), Cisco Nexus Dashboard Insights, Nexus Nexus Dashboard
Proactive notifications

Configuration compliance
and Cisco Nexus Dashboard Data Broker. The Cisco Nexus Dashboard Dashboard Insights* Data Broker**
Real-time telemetry collection
becomes even more of a collaborative focal point with the inclusion of Faster resolution through correlation

operations-critical, third-party applications and tools. From the Nexus Cisco Nexus
Dashboard, you can cross-launch any of the sites’ controllers, including Dashboard Orchestrator Centralized model for multiple fabrics
APIC, Cloud APIC, and Cisco Data Center Network Manager (DCNM) Line-rate performance and scale
fabrics, which drives the adoption of cloud-native application practices. MSO
Automation and policy Hardware-based telemetry
Cisco Nexus Dashboard provides the following benefits.
* Cisco Network Assurance Engine included
** Roadmap
Networkinfrastructure
Network infrastructure Cisco Nexus 9K,Nexus
N7K,9KN3K, third-party
andtelemetry
and telemetry

© 2021 Cisco and/or its affiliates. All rights reserved.

Solution overview
Cisco public

Cisco Nexus Dashboard Insights
Cisco Nexus Dashboard Insights gives customers the ability to monitor
and analyze their fabric in real time to identify anomalies, to provide root-
cause analysis and capacity planning, and to accelerate troubleshooting. By
tracking historical context, collecting and processing hardware and software
telemetry data, and correlating customer designs with Cisco best-practices,
customers can get excellent visibility and awareness of issues affecting
their environment and take corrective actions. Nexus Dashboard Insights is
a microservices-based application designed to be hosted on Cisco Nexus
Dashboard.
Cisco ACI Anywhere: popular integrations
Utilize Cisco Infrastructure-as-Code (IaC) integrated solutions
with HashiCorp and Red Hat Ansible
Infrastructure as Code (IaC) is an innovative approach to building
application and software infrastructure with code. IaC enables automated
provisioning and management of the full technology stack by translating
Cisco ACI and Cisco SD-WAN integration
Cisco offers an ACI and SD-WAN integration for branch offices (network
edge). This is an integral component of customers’ cloud journey, which
requires secure, policy-driven interconnects between the data center and
branch offices that are a cost-efficient alternative to provisioning dedicated
connections. Through this integration, customers can now automate a WAN
path selection between the branch office and the on-premises data center
based on application policy.
For example, traffic from a stock trader in a branch office in Chicago can be
automatically sent over the fastest possible WAN link to access the trading
application hosted in a data center in New York, based on the application
policies and SLAs configured.
Figure 9. Cisco ACI to Cisco SD-WAN integration
Data center
San Francisco data center
Campus FW

manual, repetitive tasks into reusable, robust, and distributable code. IaC
VPC DB App
server server Web
server
Subnet 10.1.1.0/24

relies on practices that have been successfully used for years in software Nexus Dashboard Nexus Dashboard Region west

development, such as versioning, automated testing, release tagging, Orchestrator Orchestrator

continuous delivery, etc. SD-WAN

Data center
Germany data
SD-WAN
fabric fabric FW
VPC DB App
server server Web

Cisco Data Center Network (DCN) IaC solutions cover integrations with
server
Subnet 10.1.1.0/24

Los Angeles Chicago

common third-party tools from HashiCorp and Ansible. These solutions branch branch Region east

enable customers to empower application services to define network and

security requirements at the infrastructure layer in an automated and fully
synchronized manner. With this approach, you can embrace a DevOps
Connect data centers, branches, campuses, colocation facilities, and Enforce a common set of access control policies uniformly
model by accelerating applications deployment and optimize network cloud to improve network speed, security, and efficiency throughout the enterprise

compliance in a safe and predictable manner.

Benefits of IaC
• Scalability • Automation • Higher ROI
and reliability and agility and lower TCO

© 2021 Cisco and/or its affiliates. All rights reserved.

Solution overview
Cisco public

Cisco ACI and AppDynamics integration
Digital transformation is a complex team effort across business and
IT, requiring end-to-end application management and awareness.
AppDynamics® provides IT teams the application-layer visibility and
monitoring required in an intent-based architecture to validate that IT
and business policies are being implemented across the network. Cisco
ACI and AppDynamics integration provides dynamic correlation between
application and network constructs. This combined solution provides high-
quality application performance monitoring, richer diagnostic capability for
application and network performance, and faster root-cause analysis of
problems, with fast triage, sent quickly to appropriate team members – for
example, does a given problem pertain to an application or to the network?
Figure 10. Cisco ACI and AppDynamics integration
This integration does the following:
• Dynamically maps the application and service components to the Cisco
ACI network elements, thus providing a shared view of the application and
infrastructure across teams
• Provides a dynamic view of application use in the infrastructure for the
network operations team
• Provides a cross-launch for application teams to correlate network and
application fault and performance data
• Baselines application health status in AppDynamics by correlating the Cisco
ACI network health and faults
Customers are on a continuous quest to correlate application service-
level management with infrastructure monitoring. This new integration will
significantly reduce the time it takes to identify and troubleshoot end-to-end
application performance issues.

Any routed IP network

Cisco ACI and Cisco SD-Access integration
Microsegmentation
Mapping applications
and service components
Hyper-distributed applications and highly mobile users, increased
based on
application tiers
to Cisco ACI
(standalone application)
cybersecurity threats, and increased regulatory requirements make network
AppDynamics
Network and application
segmentation a must for reducing risk and achieving better compliance.
health correlation
Policy integration between Cisco ACI and Cisco SD-Access allows the
marrying of Cisco ACI’s application-based microsegmentation in the
Baseline application health Cross-launch data center with Cisco SD-Access’s user-group-based segmentation
status In AppDynamics by AppDynamics and APIC
correlating with ACI MO to correlate network and across the campus and branch. This integration automates the mapping
health and faults application data
and enforcement of segmentation policy based on the user’s security
profile as they access resources within the data center. It enables security
Cisco ACI AppDynamics
standalone application administrators to manage segmentation seamlessly from end to end, user
to application. A common and consistent identity-based microsegmentation
capability is provided from the user to the application.

© 2021 Cisco and/or its affiliates. All rights reserved.

Solution overview
Cisco public
Figure 11. Cisco ACI and Cisco SD-Access integration
Application groups User and device groups
SD-Access and Cisco ACI exchange
user and application groups
Cisco SD-Access
campus and branch
As a result of this integration, the attack surface is greatly reduced, and any
unauthorized or suspicious access to resources and potential threats can
quickly be controlled and remediated. The solution is fully qualified for up
to 25,000 Cisco SD-Access campus users, with plans to expand scale as
needed by our customers.
Cisco ACI and ServiceNow
Enterprises are increasingly embracing a multicloud strategy to deliver
applications with the intent to accelerate innovation and reduce costs.
However, this strategy brings in its wake inherent challenges in application
agility and security. Enterprises demand business services to be up and
running rapidly to serve their end users. End users often demand that IT
departments quickly and flexibly offer services that can help them get
their jobs done. This goal leaves many IT teams struggling to maintain the
business services needed to help ensure that end users remain productive.
Some of the challenges they face in helping ensure the uptime of critical
business services include:
• A manual service mapping process that can take weeks or months,
depending on service complexity
• Lack of correlation between infrastructure changes and the business
services they support
© 2021 Cisco and/or its affiliates. All rights reserved.
• Disconnected infrastructure tools and portals for change management and
troubleshooting
• Inefficient root-cause analysis for service outages as a result of inaccurate
service maps
Cisco Application Centric Infrastructure (Cisco ACI) integration with
ServiceNow automates the discovery, application to business service
Cisco ACI
data center and cloud mapping, firmware management, and provisioning of the Cisco ACI fabric
from the ServiceNow instance.
Integrating Cisco ACI with ServiceNow delivers visibility and automation
from the application tier down to the physical infrastructure, improving the
speed and efficiency of IT provisioning, management, and troubleshooting,
including
• Faster troubleshooting and root-cause analysis
• Improved operational efficiency
• Reduced TCO
Cisco ACI and Kubernetes Anywhere
Cisco ACI is designed to offer policy-based automation, security, mobility,
and visibility for application workloads regardless of whether they run on
bare-metal servers, hypervisors, or Linux containers. The Cisco ACI system-
level approach extends the support for Linux containers by providing tight
integration of Kubernetes, a popular container orchestration platform, and
the Cisco ACI platform.
This integration allows Cisco ACI to provide a ready-to-use, secure
networking environment for Kubernetes. The integration maintains the
simplicity of the user experience in deploying, scaling, and managing
containerized applications while still offering the controls, visibility, security,
and isolation required by an enterprise.
Solution overview
Cisco public

Cisco Capital The Cisco ACI and Kubernetes solution offers the following benefits:

• Flexible approach to policy

Flexible payment solutions to help you
• Automated, integrated load-balancing services
achieve your objectives.
• Secure multitenancy
Cisco Capital® makes it easier to get the
right technology to achieve your objectives, • Visibility and telemetry information
enable business transformation and help you Figure 12. Kubernetes anywhere integrated with Cisco ACI
stay competitive. We can help you reduce
the total cost of ownership, conserve capital, Remote
data center
and accelerate growth. In more than 100
countries, our flexible payment solutions can
Cisco Nexus
help you acquire hardware, software, services Dashboard
and complementary third-party equipment in Orchestrator

easy, predictable payments. Learn more.

RHEV 4.1+
OpenShift Openstack
Kubernetes

Primary
data center

Security everywhere Analytics everywhere Policy everywhere

© 2021 Cisco and/or its affiliates. All rights reserved.

Solution overview
Cisco public
For more information
Use the following links for additional
information:
• Cisco ACI Overview
• Cisco APIC Data Sheet
• Cisco Nexus 9000 Series Switches
Data Sheet
• Cisco Cloud ACI Overview
• Get Cisco Cloud ACI on AWS
• Get Cisco Cloud ACI on Microsoft Azure
• Cisco ACI Multi Site White paper
• Cisco ACI Remote Leaf
• Case Studies
• Walkthrough Demonstrations
• Download Cisco ACI software
• Cisco Nexus Dashboard
• Cisco ACI ROI Calculator
Cisco ACI Open Ecosystem
Table 1. Features of the Cisco ACI Open Ecosystem
Feature Description
Third-party integration enabled Avoid vendor lock-in and expand choice and flexibility to
by open APIs build your own data center solution
Jointly certified software solutions Employ a best-in-class SDN ecosystem with more than 65
with ecosystem partners technology partners, with partners publishing a certification
matrix to guide customers to install and upgrade
compatible software versions
L4-L7 service integration through Deploy multivendor service graphs with a Cisco ACI
service chaining integration mode of your choice to meet your operational
and organizational needs
These L4-7 integrations are supported through NB REST
API with respective ADC/firewall vendors or applications on
Cisco ACI App Center
Cisco ACI App Center Cisco ACI applications help you get the best applications
for Cisco ACI in an efficient way. The Cisco ACI App
Center:
• Accelerates innovations related to the Cisco ACI
open ecosystem
• Enables Cisco internal partners, customers, and
third-party developers to add value to Cisco
ACI networks
• Allows customers to efficiently extract value from their
networking investments
© 2021 Cisco and/or its affiliates. All rights reserved. Cisco and the Cisco logo are trademarks or registered trademarks of Cisco and/or its affiliates in the U.S. and other
countries. To view a list of Cisco trademarks, go to this URL: www.cisco.com/go/trademarks. Third-party trademarks mentioned are the property of their respective owners.
The use of the word partner does not imply a partnership relationship between Cisco and any other company. (1110R) C22-741487-03  05/21