Extending ACI and AWS integration
Cisco and AWS are extending their partnership across multiple domains such as campus, WAN, branch, data center and cloud using a policy-based, automated approach. This blog will focus on how customers can leverage the new AWS capabilities and enhancements to build a better Automated Cloud Infrastructure for their data centers.
Our customers started to deploy Application Centric Infrastructure in their own data centers using Nexus 9000 fabrics 5 years ago. Key tenets of the ACI operation model have been:
AWS announced multiple innovations and enhancements this week:
These innovation and enhancements map very well to the ACI operational model our customers have deployed today.
AWS Outposts are Amazon’s on-premise services for running applications that require the lowest possible latency or that have local data-processing requirements. Earlier this year, we announced the availability of Cisco Cloud ACI on AWS for hybrid clouds. Therefore, extending ACI enterprise-grade networking to AWS Outposts becomes very easy. As Figure 1 shows customers can now leverage Cisco Multi-Site Orchestrator to manage ACI fabrics on-premises, Cloud ACI instances in the AWS cloud, as well as AWS Outposts instances connected to ACI or NX-OS Nexus fabrics all at the same time.
Key benefits of using ACI with AWS Outposts for our customers are:
• Enterprise-grade network connectivity • Consistent segmentation (e.g. zones, tenants) • Automated service insertion and service chaining (more on this below) • End-to-end visibility and troubleshooting
Figure 1: ACI extension to AWS hybrid cloud and AWS Outposts
A more detailed solution brief discussing how to connect AWS Outposts to existing Cisco Nexus data center fabrics is available here.
Amazon VPC Ingress Routing is a service that helps customers simplify the integration of virtual network and security appliances within their AWS VPC network topology. ACI enables customers today to define policies for automated service insertion and chaining. Many customers are using that functionality in their on-premises data centers. With the availability of AWS VPC Ingress Routing, they will be able to use the same policy-based approach for their AWS network designs as well.
Key benefits of using ACI with AWS VPC Ingress Steering
• Enterprise-grade service chain functionality for hybrid cloud • Consistent service insertion for cloud-native and 3rd party L4-& service appliances in AWS cloud and on-premises • Automated service insertion and service chaining
Figure 2: ACI Automated Service Insertion in Hybrid Cloud
AWS Transit Gateway provides efficient and high performance interconnect between multiple AWS VPCs. The integration with Cisco ACI will provide customers with the ability to maintain and manage their multi-tenant on-prem data center environment while automating connectivity to multiple AWS VPC instances in the cloud-connected through AWS TGW.
Figure 3: ACI Integration with AWS Transit Gateway
Key benefits of using ACI with AWS Transit Gateway
• Enterprise-grade segmentation and multi-tenancy • Enable higher inter-VPC throughput provided by AWS TGW • Secure automated connectivity from on-premises to AWS TG
Cisco ACI and AWS integrations enable customers to also simplify their day2operations by providing a single pane of glass (Multi-Site Orchestrator) for visibility, troubleshooting their network connectivity and segmentation across on-premises and cloud environments.
In addition to enabling the above innovations, we are also helping customers to accelerate their automated cloud infrastructure deployments through a ‘Cisco Cloud ACI’ promotional offer.
In summary, what started 5 years ago as a new paradigm for Cisco data center customers to design more Application Centric Infrastructure is now the foundation to extend these designs to Automated Cloud Infrastructure. The same key tenets of policy-based automation apply.
Source: Blogs.cisco.com
Cisco ACI and Amazon Web Services
