The documentation set for this product strives to use bias-free language. For the purposes of this documentation set, bias-free is defined as language that does not imply discrimination based on age, disability, gender, racial identity, ethnic identity, sexual orientation, socioeconomic status, and intersectionality. Exceptions may be present in the documentation due to language that is hardcoded in the user interfaces of the product software, language used based on RFP documentation, or language that is used by a referenced third-party product. Learn more about how Cisco is using Inclusive Language.
This chapter contains the following sections:
Cisco Intercloud Fabric provides a faster and flexible response to business needs and addresses the potential challenges with hybrid clouds. A hybrid cloud is an interaction between private and provider clouds where private clouds extend to provider clouds and use provider cloud resources in a secure and scalable way. Intercloud Fabric enables you to place workloads across heterogeneous environments in multiple provider clouds. Intercloud Fabric provides the architectural foundation for secure hybrid clouds, which allows enterprises to easily and securely connect the private clouds to the provider cloud as needed and on demand. Intercloud Fabric provides the following benefits:
Provides a single point of management and control for virtual workloads across multiple provider clouds.
Provides a choice of cloud providers, such as Amazon Web Services, Microsoft Azure, and multiple Intercloud Fabric provider-based clouds.
Provides highly secure, scalable connectivity to extend private clouds to provider clouds.
Enforces consistent network and workload policies throughout the hybrid cloud.
The Cisco Intercloud Fabric architecture provides the following product configurations to address enterprise and service provider customers:
Cisco Intercloud Fabric for Business is intended for enterprise customers who want to transparently extend their private clouds into provider cloud environments, while keeping the same level of security and policy across environments. Cisco Intercloud Fabric for Business consists of the following components:
The Cisco Intercloud Fabric Installation Guide provides information on installing the components for Cisco Intercloud Fabric for Business.
Cisco Intercloud Fabric for Providers is intended for provider-managed cloud environments, allowing their enterprise customers to transparently extend their private cloud environments into the provider's cloud, while keeping the same level of security and policy across cloud environments.
The Cisco Intercloud Fabric Provider Installation Guide provides information on installing the components for Cisco Intercloud Fabric for Providers.
Cisco Intercloud Fabric is a hybrid cloud solution deployed as virtual machines (VMs) in the private cloud and in the provider cloud. Cisco Intercloud Fabric for Business consists of the following components:
Intercloud Fabric Virtual Machine: This VM contains the Intercloud Fabric components.
Secure Cloud Extension: This component contains the Intercloud Fabric Extender (ICX) and the Intercloud Fabric Switch (ICS).
Intercloud Fabric Provider Platform provides an extensible adapter framework to allow integration with different provider cloud infrastructure management platforms, and other cloud APIs. It is a virtual appliance that is deployed on the provider cloud and lets service provider customers access cloud resources using Intercloud Fabric APIs. It also translates API calls to different provider infrastructure platforms, giving customers the choice to move their workloads regardless of the cloud API exposed by the service provider.
Intercloud Fabric is the single point of management and consumption for hybrid cloud solutions for end users and IT administrators. It offers a single console so that end users and IT administrators can provision workloads to private and provider clouds. Intercloud Fabric exposes northbound APIs that allow customers to programmatically manage their workloads in a hybrid cloud environment or to integrate with other cloud management platforms.
Intercloud Fabric provides a self-service portal for IT administrators to manage and consume hybrid cloud offers, and for end users to consume services. For end users, Intercloud Fabric provides a service catalog that combines offers from multiple clouds and a single self-service IT portal for multiple provider clouds.
Intercloud Fabric has an IT administrative portal from which administrators can perform various tasks, such as configure users, create catalogs, and create virtual machine templates.
The Secure Cloud Extension forms the basis for the core switching and services infrastructure in the Cisco Intercloud Fabric solution. The Secure Cloud Extension provides the following features:
Secure Layer 2 network extension from a private cloud to a provider cloud.
Advanced switching features for applications running in the provider cloud.
Support for services such as zone-based firewalls and routing in the provider cloud.
The Secure Cloud Extension consists of several components working together to provide these functions. The private cloud is connected to the provider cloud through a highly secure tunnel that is established between a pair of virtual appliances. The Intercloud Fabric Extender (ICX) runs in the private cloud, and the Intercloud Fabric Switch (ICS) runs in the provider cloud. These appliances can be deployed in a high availability pair to provide redundancy. Virtual services are deployed within this environment to provide firewall and routing support in the provider cloud.
The Intercloud Fabric Extender is a VM that runs in the private cloud. It is responsible for establishing a secure tunnel to connect the Intercloud Fabric components in the private cloud with the provider cloud. The main functions of the Intercloud Fabric Extender are as follows:
The Intercloud Fabric Switch is a VM that runs in the provider cloud. It is responsible for establishing secure tunnels to connect VMs in the provider cloud to the private cloud VMs and other VMs in the cloud. The main functions of the Intercloud Fabric Switch are as follows:
Establishes a secure tunnel to the Intercloud Fabric Extender in the private cloud.
Establishes a secure access tunnel to the cloud VMs.
Switches traffic between the cloud VMs.
Switches traffic between cloud VMs and VMs in the private cloud.
Applies network policies to the cloud-switched network traffic.
Monitors and gathers cloud VM statistics.
The Cisco Intercloud Fabric Agent (ICA) provides a network overlay to the VMs in the cloud. It secures the guest VM traffic in the cloud and abstracts the cloud infrastructure. It is deployed in the provider cloud as a secure tunnel driver that runs within the cloud VM's operating system. It redirects network traffic to the secure overlay network as follows:
We recommend the following network topology for Intercloud Fabric, where the two servers are deployed in a VMware HA-enabled cluster: