VMware

Putting this here as the author decided to delete valid comments. Anyone have experience with ACI implementation on VMware.

Putting this here as the author decided to delete valid comments. Anyone have experience with ACI implementation on VMware.



View Reddit by vXan_coView Source

 

To see the full content, share this page by clicking one of the buttons below

Related Articles

5 Comments

  1. I’ve done a PoC that went pretty deep. I quite liked some aspects of ACI such as the ease of programmatic access to network state via the controllers; ultimately however it was too weak an overall offering and too fragile to trust production on it.

    The level of lock-in was unacceptable compared to EVPN implementations that achieve the same outcomes as network-centric mode ACI.

    The automation capabilities it offers wasn’t compelling compared to just putting the effort into ansible and having a tool that then works across more platforms (storage, compute, non-network aspects of hypervisors, etc).

    The VMWare integration assisted in some workflows, but unless your team is highly segregated by technology silo I didn’t see any overall wins in efficiency.

  2. I’ve seen it deployed a few times and it can work well. Cisco even has a CVD for it (https://www.cisco.com/c/en/us/products/collateral/switches/nexus-9000-series-switches/white-paper-c11-740124.html). VMware has several design guides and VMworld sessions on the topic too.

    My view on it is if you’re locked in to Cisco and VMware, it can make sense. Personally where I’ve seen it make the most sense is using ACI for fabric/macroseg and NSX for security (microseg and L4-L7 service insertion). But YMMV, NSX has a lot of capabilities that might make sense to run a full blown overlay network instead.

    On the flip side, I’ve seen NSX ripped out a lot in the same scenario where it was really just an unnecessary overhead. Again, the products do have some capability overlap. Use cases matter a lot.

  3. What value do you expect to get from ACI?

    ECMP fabrics? Meh, maybe? I’ve seen too many fabric wide crashes of these kind of
    Things.

    Config management? There’s other ways.
    Security? Ehhhhh

Leave a Reply