Cisco chose to lead the stream of news announcements from its big conference in San Francisco this week with Application Centric Infrastructure. ACI is the company’s vision for software defined networking proposed as an alternative to the two other ways of automating network management: OpenFlow and virtual overlays.
At Cisco Live! on Monday, the company announced it would release the Application Policy Infrastructure Controller, the centerpiece of an ACI-enabled system, this summer. It also said that not only its latest Nexus 9000 network switches will do ACI, but customers will be able to enable older-generation products (Nexus 2000, 3000, 5000, 6000 and 7000) to be managed by the APIC.
Cisco said the management software for its server-and-network bundle Unified Computing System, called UCS Director, will support ACI. Converged-infrastructure stacks that combine UCS with NetApp storage (FlexPod) and with EMC storage (Vblock) will also be integrated with ACI.
Third Way to Do SDN
ACI, which Cisco initially announced one year ago, is yet another approach to SDN, which seeks to solve the problem of having to manually reconfigure the network every time an application expands in scale. The other two proposed solutions are OpenFlow, an open standard for communicating network configuration requirements, and virtual network overlays.
In an OpenFlow system, applications program the network through an OpenFlow controller, which acts as an intermediary. This can be a problem at scale, where the controller creates a potential bottleneck.
ACI is different because it disaggregates applications from the network. The application communicates its connectivity requirements (or policy) to the APIC and ACI-enabled network hardware; the network then self-configures to meet those requirements.
Virtual network overlays are the third way of doing SDN. In an overlay-based system, applications express connectivity needs to a virtual network layer sitting on top of the physical network and network configuration is managed by an application control layer, which is also separate from the application.
The biggest difference between ACI and overlays is that ACI forces you to use Cisco’s hardware only.
‘If You Like It, Put a Ring on It’
ACI is a proprietary technology that only works on Cisco’s networking gear, which may be a problem for enterprise data center managers, majority of whom have a “dual-vendor” strategy for buying infrastructure components. By proposing that they lock themselves into Cisco for SDN, the networking giant maybe shooting itself in the foot, since its competitors in the space are promoting the opposite approach – one where components by different vendors speak the same open protocols, so they can be interchangeable.
Dinesh Dutt, chief scientist at Cumulus Networks, a startup with a Linux-based network operating system for bare-metal switches, said all data center operators he has worked with preferred to have at least two vendors for every piece of technology. Dutt came to Cumulus in 2013 after 15 years at Cisco.
Dutt’s colleague Shrijeet Mukherjee, vice president of engineering at Cumulus, said a dual-vendor strategy encourages flexibility and agility. Buying from a single vendor leads to big markups and may slow innovation. “If you’re already locked in, they can gouge you on price and don’t need to innovate, as you’re stuck with them,” he said.
Dutt and Shrijeet do not necessarily buy into OpenFlow either because of the potential scaling issues it can lead to. “The OpenFlow model means a whole bunch of competing ‘asks’ are being made of the controller, which becomes a central compiler which programs the network for global optimization,” Mukherjee wrote in an email. “This is hard to scale and make work in practice.”
The most elegant solution, in his opinion, is the overlay approach: “The overlay solution is simple [and] does not need a sea change in how the network is done today and just fixes the problem that needs fixing.”
Non-Disruptive On-Ramp Crucial for Enterprise Install Base
Steve Garrison, VP of marketing at Pica8, said the prominent SDN startup saw Cisco as a “Johnny-come-lately” in the SDN space. After spending some time dismissing SDN, the company added support for OpenFlow, which it followed by acquisition of Insieme, the “spin-in” startup that developed its ACI vision.
“In some ways, they finally caught up,” Garrison said, but because Cisco added OpenFlow support and kicked off ACI so late, it lost some market opportunity. The company has lost a lot of business in the service provider market, and the ACI strategy seems to be focused squarely at the enterprise data center.
“We really see them very much protecting enterprise at this point,” Garrison said. This is why enabling ACI on the older Nexus switches is so important for Cisco strategically.
Cisco’s big advantage with enterprise data centers is the trust it has built over the years. Data center managers who have relied on Cisco gear throughout their entire careers may not be averse to locking themselves in with Cisco for SDN.
But, as Garrison explains, these are the customers who are the most averse to changing how they do things, which is why giving them an “on-ramp” to ACI by enabling it in their existing infrastructure is paramount. “For a customer who’s been buying into Cisco for a long time … the propensity to change is lower,” he said.
Mainstream SDN is Years Away
Garrison said the industry is still several years away from seeing mainstream adoption of SDN. “Here we are; Monday morning; who’s got time to do this stuff right now?” Cloud companies and service providers are early adopters because they are the only ones with the operational pains of scale and virtual-machine mobility that SDN is meant to address.
Enterprises simply do not have those problems today – their environments are not as dynamic – but as more of them adopt private or hybrid cloud strategies, the automated dynamic network will become more relevant for them.