Have an account?

  •   Personalized content
  •   Your products and support

Need an account?

Create an account

Network Infrastructure Automation for Cisco ACI using Consul-Terraform-Sync Solution Overview

Networking Solution Solution Overview

Available Languages

Download Options

  • PDF
    (315.7 KB)
    View with Adobe Reader on a variety of devices
Updated:March 30, 2021

Available Languages

Download Options

  • PDF
    (315.7 KB)
    View with Adobe Reader on a variety of devices
Updated:March 30, 2021

Table of Contents

 

 

Accelerate Application Delivery by Automating Network-related Tasks and enable End-to-end Automation of your Network Infrastructure

Migrating to cloud offers organizations greater scale and agility for deploying applications. But with that agility comes greater complexity and a higher volume manual tasks. These challenges prevent operators from taking full advantage of the benefits the cloud offers and increases strain on their teams. In order to address these challenges, operators need a way to automate and optimize their existing processes to move at the speed that cloud networking demands.

Network Infrastructure Automation is how HashiCorp Consul addresses the complexities of cloud-based networking and enables dynamic updating of network infrastructure devices triggered by service changes. One way that Consul provides Network Infrastructure Automation is through Consul-Terraform-Sync (CTS), a tool that utilizes Consul as a data source for networking information and health status of those services, for example, APIs, front-end applications, and databases. CTS uses Terraform as the underlying automation tool and leverages the Terraform provider ecosystem to drive relevant changes to the network infrastructure.

Declarative, Service and Workflow driven Network Automation

Figure 1.            

Declarative, Service and Workflow driven Network Automation

Benefits

Eliminate manual ticketing processes

Consul-Terraform-Sync is designed to automate many different tasks across many different network devices that are traditionally handled manually by networking operators, for example updating load balancer member pools or applying firewall rules.

Reduce risk

Minimize impact from misconfigurations across multiple networking devices.

Cisco ACI with Consul-Terraform-Sync (CTS)

Cisco ACI®, the industry-leading software-defined networking solution, facilitates application agility and data center automation. Cisco ACI enables scalable multi-cloud networks with a consistent policy model and provides the flexibility to move applications seamlessly to any location or anywhere APIC has been deployed while maintaining security and high availability.

HashiCorp Consul is a service networking tool that enables secure service-to-service communication and integrates with Cisco ACI to provide L4-L7 visibility. As the network topology becomes more dynamic and complex, HashiCorp’s Consul and Cisco ACI provide a consistent, automated workflow for gathering application information and network health data.

The Cisco and Terraform module allows users to dynamically create and update Cisco ACI Service Redirection Policy and Destinations by leveraging Consul catalog information. Using this Terraform module in conjunction with Consul-Terraform-Sync helps organizations achieve network infrastructure automation and enables administrators to automatically scale out or scale in backend server pools without having to manually reconfigure Cisco ACI policies.

How it works

      Consul-Terraform-Sync runs as a daemon that enables a publisher-subscriber paradigm between Consul and Cisco ACI to support Network Infrastructure Automation.

      Consul-Terraform-Sync subscribes to updates from the Consul catalog and executes one or more automation “tasks” with appropriate values of service variables based on those updates. Consul-Terraform-Sync leverages Terraform as the underlying automation tool and utilizes the Terraform provider ecosystem to drive relevant change to the network infrastructure.

      Each task consists of a runbook automation written as a compatible Terraform module using resources and data sources for the underlying network infrastructure provider.

Cisco ACI Architecture

Figure 2.            

Cisco ACI Architecture

Use cases

Dynamic load balancing

The Cisco ACI fabric can act as a distributed stateless load-balancer sitting in front of any pool of workloads, regardless of their form factor. For this feature to work, the user should have deployed a service-graph template with Policy-Based Redirection (PBR) and service redirection enabled.

Network policy management

This module supports the following:

      Create, update, and delete redirection destination policies.

      Create and update service redirection policies.

Cisco Capital

Flexible payment solutions to help you achieve your objectives

Cisco Capital makes it easier to get the right technology to achieve your objectives, enable business transformation and help you stay competitive. We can help you reduce the total cost of ownership, conserve capital, and accelerate growth. In more than 100 countries, our flexible payment solutions can help you acquire hardware, software, services and complementary third-party equipment in easy, predictable payments.
Learn more.

 

 

 

Learn more