Cisco is continuing to walk the fine line between embracing software defined networking (SDN) and opening things all the way up, announcing the latest refresh of its Application Centric Infrastructure (ACI) environment.
The biggest surprise of the latest announcement isn't the various support partnerships The Borg has added, but rather that it's decided bare metal deployment of its software are inevitable.
More ReadingMicrosoft has crafted a switch OS on Debian Linux. Repeat, a switch OS on Debian LinuxCisco wants net admins to become programmers so they'll buy its SDN kitGoogle crafts custom networking CPU with parallel computing linksThe Register guide to software-defined infrastructureCisco forgot to install two LEDs in routers
It's not so long ago that former CEO John Chambers performed a metaphorical jig on the grave of white box networking, saying of the challengers “We took our challengers, understood what they did well then just out-executed them”.
Chuck Robbins seems to have a different idea, and ACI now has what the company calls “micro-segmentation” for bare metal installation.
As well as bare metal deployments, the micro-segmented ACI also supports VMWare VDS and Microsoft Hyper-V deployments, the company says.
Security is also on Cisco's mind, with the announcement noting: “Customers can dynamically enforce forwarding and security policies and quarantine compromised or rogue end points based on virtual machine attributes (such as Name, Guest OS, VM Identifier) or network attributes (such as IP address.)”
Docker endpoints are supported both through the Cisco Application Policy Infrastructure Controller (APIC) and the open-source Project Contiv. Policy enforcement happens through endpoint groups, which can represent bare metal servers, VMs, and containers.
In the cloud management space, ACI expands its existing Microsoft AzurePack support with VMWare vRealize automation, and OpenStack support. ACI policy can get pushed to hypervisors using Opflex on OpenStack. ®