Getting Started with Cisco ACI

“Congrats and condolences on your ACI journey.”

Micheline Murphy, Cisco Champion

I’ve always known about ACI, read about it in my studies, but never to any sort of deep level, so I am very excited to dive deeper!

But first – about that opening quote. When I got started in ACI I went to Micheline, a fellow Cisco Champion, and asked her if she could recommend a starting point. She gave me some really great advice – which I am also sharing in this blog – but she started by saying “Congrats and condolences on your ACI journey.” I thought it was the perfect way to started this article!

What follows is a list of resources that have been recommended to me, and I have found through my own pawing around, if you will. I hope you find this a useful start to your ACI journey!

But first, how about an overview?

ACI stands for Application Centric Infrastructure. It’s a whole new way of thinking about networking, but it’s fun and exciting! ACI doesn’t use the traditional 3-tier network design – Core, Distribution (or Aggregation), and Access. Instead ACI relies upon the Clos method, or Leaf-Spine architecture.

Tradition 3 Tier Architecture (Image courtesy of Cisco.com)

The Leaf-Spine architecture was meant for scaling out. Need more bandwidth? Add more spines. Need more ports? Add more leafs. All of the leafs connect to all of the spines, but never are connections made from leaf-to-leaf or spine-to-spine. It is best implemented in data centers. The network can now scale with the data center – very easily!

Sample Leaf-Spine Architecture (Image courtesy of Cisco.com)

At the heart of the Cisco ACI network is the APIC – Application Policy Infrastructure Controller. The controller is where the network administrator creates and enforces policies throughout the network. But, it is not the control plane of the network. So, in a situation when you lose your APICs you will not lose your network. The network will remain up and functional, you just won’t be able to change, create, or remove policies in place at the time of loss or until you bring your APICs back up. It’s important to note that if you lose all but one APIC the last one remains in a read-only mode until you’re able to bring up the others.

There will always be an odd number of APICs, this is to prevent a split-brain scenario where the controllers disagree on configuration. The majority will always rule. Even in the smallest of ACI networks there should be at least 3 APICs present. This will scale out to as many as 9 under the current version, which is 4.X as of the time of this writing.

Important Concepts

There are some important concepts that you should be aware of before starting your ACI journey. These concepts are the building blocks of ACI. They are not covered to any great depth of detail in the CCNA Routing and Switching outline, if that’s your base of knowledge. I, personally, did cover these topics in depth during my CCDA studies – and therefore would also recommend the CCDA exam book as part of your learning.

MP-BGP – Multi-Protocol Border Gateway Protocol

VxLAN – Virtual Extensible LAN

IS-IS – Intermediate System to Intermediate System

COOP – Cooperative Key Server Protocol

It’s worth noting that there is no manual configuration of the above items within the ACI fabric. This is all done natively and automatically by the APIC. However, since these are the protocols that overlay the fabric they are important to know and understand, even if only at a high conceptual level, before going in.

Resources

So, as I said, there have been a number of resources that have either been recommended/provided to me or that I have found myself. I want to compile them all here to create a “one stop shop” of sorts for others just getting started in ACI.

YouTube

There are two short video series on ACI that were recommended to me that I would honestly say is a “start here” point. These videos give a great overview of ACI and will help you start to build your foundation.

Photo by Breakingpic on Pexels.com

The first is from Cisco UK. Cisco Technical Solutions Architect Steve Sharman gives a really solid overview in a short series called ACI Simple. He is giving this from the perspective of a SE helping a client understand ACI. That may be you, or perhaps you’re the customer – regardless it’s a great over view.

ACI Made Simple video series from Cisco UK, with host Steve Sharman.

The series starts with an overview of the physical topology and then he dives into logical components, design, micro-segmentation, and ends with external connectivity. Each video is nice and bit size so you can watch the entire series in under an hour or bite off smaller chunks as you see fit.

Another video series is the Initial setup of the ACI environment by Lumos Consulting. The series walks you through the setup of your first APIC, fabric discovery, and the various types of policies you’ll setup initially. This series also gives a lot of great recommendations based on their experience, like naming conventions of the various parts and pieces within ACI. Basic rule – Keep it Simple!

Cisco Live

When starting research on any new (to me) topic that is Cisco related, I generally start with the Cisco Live On-Demand Library. The On-Demand Library contains recorded sessions from past Cisco Live events from all around the world. You can generally find a few courses for a given topic ranging from beginner to more advanced and in depth. If you go to the library and do a quick search for “ACI” it’ll literally return you hundreds of results!

These recorded sessions are great, but they are also long! In addition to the recorded sessions you can also download a PDF copy of the presentation to follow along with and/or take notes on. However, don’t dive into one of these unless you’ve got some time to dedicate.

For someone just starting out I recommend the following sessions: (please note that you’ll need a Cisco.com account to login and view this recorded sessions or download a copy of the presentation)

BRKACI-1000 – Introduction to ACI

BRKACI-1001 – Your First 7 Days of ACI

BRKACI-2004 – How to Setup an ACI Fabric from Scratch

It’s also worth noting that these same sessions have been presented multiple times over the years at various Cisco Live events. You can use filters, on the left hand side of the On-Demand libary page, to view results from a specific Cisco Live event, like San Diego 2019 or Las Vegas 2017, Melbourne 2018, etc.

Beyond that there are a ton of great sessions on troubleshooting, automation, the ACI API, and so much more! Depending on how you’re approaching ACI those courses may be a better fit for you, but I’d recommend these for the ACI novice.

Books

There are two books I have found to be particularly helpful for the beginner:

The first Deploying ACI: The complete guide to planning, configuring, and managing Application Centric Infrastructure.

While I haven’t yet read the book cover-to-cover I do enjoy it very much. It starts at a very high conceptual level and with every chapter you dig deeper and deeper! It covers topics from building and bringing up the fabric, to multi-tenancy, multi-site design, t-shooting ACI, and getting started with the ACI API.

In fact, right now on Cisco Gateway, if you earn enough points, you can get a copy of this book for free! Don’t know what Cisco Gateway is? Check it out!

The second: Cisco ACI Cookbook.

First off – I absolutely love Packt Pub books! I read the Mastering VMware vSphere 6.5 book and learned so much from it! (If you’re interested, here is the vSphere 6.7 version)

That being said, this book is not standalone, at least I wouldn’t recommend it. It’s a great book because it will explain something to you, and then show you how to do it screen shot by screen shot. That’s great! However, I find this book works better if you have access to lab, or other option (I’ll get to those later). I happen to have access to an APIC through work, but if you don’t I wouldn’t make this your first pick.

Web

There are tons and tons of great ACI resources on the web. Here are a few of my favorites (again some of these were referred to me):

Cisco’s ACI Home Page – This has ALL of the ACI product information you could ever want. I’d recommend taking a look here as you might find something useful for your specific use case than the other links I’ve provided here.

Cisco ACI Fundamentals, Release 4.0 – This is a great companion no matter what you’re reading or watching. It’s like having a glossary of terms you can quickly reference.

Setting up ACI Fabric – This walks you through step-by-step on the initial setup of your APIC and your fabric.

Get some Hands-on Experience!

Cisco dCloud – This requires a Cisco account! This is a great resource for a lab environment. You can reserve time for specific labs, of which there are a few ACI related. They are version specific so observe the version of the lab you’re choosing. Once you’re in you can use the lab guide to following along or you can just play without worry of breaking a Production setup.

Cisco Devnet – Along the same lines as dCloud there is Cisco Devnet. They have some great modules on getting started with the ACI REST API, and the ACI Toolkit.

ACI Simulator – You can only download this if you have purchased ACI already. Once downloaded you can load the OVA into a virtual environment and learn ACI in a simulator. This is great if you already have ACI and want to explore the latest version before making the commitment to go to the next version, or if you just want to design, play and learn without potentially impacting production.

If you’ve got a great resource please shout it out in the comments as I’d love to add it to my collection!

Stay tuned as I’ll surely be writing more articles on ACI!

Leave a Reply

Fill in your details below or click an icon to log in:

Gravatar
WordPress.com Logo

You are commenting using your WordPress.com account. Log Out /  Change )

Facebook photo

You are commenting using your Facebook account. Log Out /  Change )

Cancel

Connecting to %s