Cisco updated its Application Centric Infrastructure (ACI) software to allow customers to connect multiple data centers across different geographic regions. It also moves the company closer toward bridging the gap between private data centers and public clouds.
ACI is the company’s software-defined networking (SDN) product for private data centers. One of the new features in the 3.0 release, announced today, gives customers a global view of network policy across multiple ACI fabrics though a single management portal.
ACI Multi-Site will simplify disaster recovery and make it easier for enterprises to scale out applications, according to Srini Kotamraju, director of product management for ACI at Cisco. Eventually the software will allow companies to scale up to 256 sites. This initial release will support up to five sites and each can deploy up to 400 leaf nodes.
This same technology will, in the future, allow customers to maintain consistent network policies across public clouds, Kotamraju said: “It becomes the foundation for us to enable the ACI architecture in public clouds. We want to extend ACI policy and make it applicable to any use case in any domain.”
Kotamraju said the company doesn’t have a set date for ACI’s public cloud move. But it does plan to add ACI capabilities for satellite data centers in the first quarter of 2018. These are typically smaller facilities “where customers don’t want to, because of state constraints or cost constraints, deploy a full ACI cluster,” Kotamraju said.
The satellite ACI technology will offer remote leaf node functionality to extend policy management into these data centers.
In addition to the new multi-site capabilities, the latest ACI release integrates with Kubernetes. This enables customers to deploy workloads as microservices in containers, define ACI policy for these through Kubernetes, and get unified networking constructs for containers, virtual machines, and bare-metal servers.
It’s also a nod to the container orchestrator’s surging support among enterprises.
The data center software already integrates with Docker. Kotamraju said Cisco is looking to add other container platforms in the future.
The software also adds new security features, including automatically authenticating workloads in-band and placing them in trusted security groups. Additionally, it supports granular policy enforcement for end points within the same security group.