Cisco ACI Review

The tenancy model means we don't need to buy a dedicated setup for each customer

What is our primary use case?

I am an engineer who deploys ACI. Most of the deployments cover L2 Out and L3 Out and migrations.

How has it helped my organization?

Some of our cloud-based customers integrate it with UCS Director or CloudCenter and are able to automate services. ACI supports automation, like Ansible automation or HTTP automation. It adds stability for cloud-deployment use cases. Cloud-based businesses don't need to create policies. They can do so with an automation orchestration tool like UCS Director or CloudCenter. A few customers are using it this way.

Some other customers are refreshing their data centers with SDN. They have a traditional data center but they want to restructure it. Cisco customers are now going for the Cisco SDN.

What is most valuable?

The most valuable features include

  • microsegmentation
  • L3 Out features
  • the common tenant and tenancy model.

Regarding microsegmentation, generally, in Layer 2, there are restrictions between VLANs. When you do microsegmentation, by name, by IP address, or MAC address, you can create a microsegmented EPG and you can group within an EPG. Generally, all the endpoints that are part of an EPG can talk to each other. But when you create a microsegmented EPG you are creating restrictions.

Regarding the tenancy model, when you have a host data center and multiple customers and you want to build a dedicated infrastructure for a customer, you have to physically suppress the devices and you have to think a lot about security features. But with ACI, you don't need to buy a dedicated setup for each customer. Using one setup, you can create multiple tenants, and each tenant represents one customer. There are common services that are used by all the customers, like a DNS server or any web servers. You can keep the servers on the common tenant. In that way you can use the tenancy model efficiently.

What needs improvement?

They are still working on Multi-Site and Multipod but there are many customers that are looking for these in their Features page. 

We are having challenges with these features. For Multipod we need Layer 3 devices that support multicast. Customers ask: "Why can't ACI do that? Why do we need a dedicated Layer 3 device for this?" If they go for Multi-Site there is no need for that, ACI can do it. So Cisco needs to increase the Multipod features in ACI.

For one customer we found CloudCenter doesn't support Cisco Multi-Site scenarios.

For how long have I used the solution?

One to three years.

What do I think about the stability of the solution?

I feel the stability is very good. We have had some issues but the support we get from Cisco is always good.

What do I think about the scalability of the solution?

In terms of scalability, you can go with the two-spine and get very good bandwidth, but if you need more than this you can increase the spine count. If you need more devices you can increase the leaf count. Scalability is there.

How are customer service and technical support?

I have been a bit disappointed with technical support from Cisco. They will often take some time to respond. But once they start they are okay. I feel they need to improve their service.

How was the initial setup?

The initial setup is very straightforward. If you have some basic knowledge you will be able to deploy ACI. Some of the guys feel that it is a little complicated but if they understood tenancy more and the object structure, they would be easily able to deploy ACI.

We can deploy everything in less than two days. The difficulty is that we are working in data centers so we need to look for downtime for the customers. If they are using automation we can deploy everything in a single day. If we are doing manual, it can take three or four days.

But in real scenarios, customers cannot always give us downtime. They tell us to wait for some time and they do migration one by one.

On my team, I am the only one who does deployment. We don't need anybody's help for migration. But we expect a few team members to be involved on the customer's side, people from the server team and the network team, because we need support from them.

Maintenance is very easy. If there are two spines and you are doing an upgrade, you can shut down one spine and do the maintenance. Once that is done you bring up the one you shut down and do the second spine, and similarly for all leaves and all APICs. There is no impact to the server base and zero downtime.

What other advice do I have?

I would rate ACI at ten out of ten. I don't see any bad features in it. I always think about the positive side. I don't see any negativity on the ACI side. There are a lot of features, like automation, that reduce manual efforts that would otherwise be time-consuming.

Disclosure: My company has a business relationship with this vendor other than being a customer: Partner.
Add a Comment
Sign Up with Email