ACI integration with VM

Thushan Pramod · ‎05-03-2017

Hi,

is it true that cisco aci does not support VM Ware integration?

Robert Burns · ‎05-03-2017

Not at all. APIC still works perfectly fine (and will continue to do so) managing the native VMware vDS through ACI VMM integration.

APIC will continue to work with the Cisco AVS on VMware up to vSphere 6, Update 2 release (at the end of the year).

The announcement VMware recently made to end 3rd party switch support as of version 6U2, which affects the Cisco AVS and other vendors as well, is a poor move by VMware. It's tells more about VMware's lack of vision & ecosystem support along with removing a customer's ability for choice. Many of our joint-customers have advised us they are now moving off VMware's Hypervisor in favor other Hypervisors (Microsoft, OpenStack, KVM etc). They don't like where VMware is going with this framework closure, or higher per-VM costing, this was just the final nail in the coffin for them.

AVS is not done, we will have a replacement version coming in the near future that will not require VMKernel integration that N1K or AVS leverages today, while will provide the exact same features & capabilities.

Cisco continues to give both our and VMware's customers the choice on virtual switch platforms, rather than mandate the use of our own.

You can read more here: https://blogs.cisco.com/datacenter/our-commitment-to-innovation-choice-and-openness-in-next-generation-virtual-switching

Regards,

Robert

Thushan Pramod · ‎05-03-2017

Hi Robert,

Then one of our customer has the requirement to implement micro segmentation in VM Ware using Cisco ACI which the project will be started in mid of MAY (They are planning to migrate their exsisting legacy DC to Cisco ACI by MAY) Is it possible to use Cisco AVS since the customer is excited whether is it acievable or not, Please confirm.

Robert Burns · ‎05-03-2017

Yes, absolutely. Microsegementation is available on both Cisco AVS & VMware vDS. Just make the customer aware there may be some "migration" consideration if/when the Upgrading vSphere beyond versions 6 update 2 to maintain AVS operation.

Robert

Thushan Pramod · ‎05-03-2017

Hi Robert,

Thanks for the information provided. The customer is having different servers in same vlan in VM environment and he needs to restrict the communication between those servers, so how can I use ACI to accomplish that. Can you provide the necessary links or documents to refer to achieve that. It is appreciated if you can provide the required process which I need to perform in ACI side.

Claudia de Luna · ‎05-04-2017

Hi Thushan,

So you have two options within ACI

1. Enable Intra-EPG Isolation - this is quite literally a "check box" in the EPG configuraiton - see this document for more information. So you know you within an EPG there can be communication between the hosts. This disables that. So with intra epg isolation, Web1 and Web2 in Web-EPG cannot communicate.

2. If that is too much isolation, then you can create micro EGP segments based on VM attributes (IP, etc.) Take a look at this posting for a good example. If you want to go right to the instructions try this link.

Hope this helps!

Thushan Pramod · ‎05-04-2017

Hi Claudia,

Thanks and it is really helpful.