Extending the Cisco ACI Fabric to the Public Cloud
Cisco Application Centric Infrastructure (ACI) customers who own a private cloud sometimes may run part of their workload on a public cloud. However, migrating workload to the public cloud requires working with a different interface and learning different ways to set up connectivity and define security policies. Meeting these challenges can result in increased operational cost and loss of consistency.
However, beginning in Cisco Application Policy Infrastructure Controller (APIC) Release 4.1(1), Cisco ACI can use Cisco Cloud APIC to extend a Cisco ACI multi-site fabric to Amazon Web Services (AWS) public clouds.
Beginning in APIC Release 4.2(1), Cisco ACI can also use Cisco Cloud APIC to extend a Cisco ACI multi-site fabric to Microsoft Azure public clouds.
What Cisco Cloud APIC Is
Cisco Cloud APIC is a software deployment of Cisco APIC that can be deployed on a cloud-based virtual machine (VM). Cisco Cloud APIC provides the following features:
-
Provides an interface that is similar to the existing Cisco APIC to interact with the Amazon AWS or Microsoft Azure public clouds.
-
Automates the deployment and configuration of cloud deployment.
-
Configures the cloud router control plane.
-
Configures the data path between the on-premises Cisco ACI fabric and the cloud site.
-
Translates Cisco ACI policies to cloud native policies.
-
Discovers endpoints.
How Users Can Benefit from Cisco ACI Extension to the Public Cloud
Cisco Cloud APIC is a key part of Cisco ACI extension to the public cloud. Cisco Cloud APIC provides consistent policy, security, and analytics for workloads deployed either on or across on-premises data centers and the public cloud.
Cisco ACI extension to the public cloud also provides an automated connection between on-premises data centers and the public cloud with easy provisioning and monitoring. It also provides a single point for managing, monitoring, and troubleshooting policies across on-premises data centers and the public cloud.
AWS GovCloud Support
Starting with Release 4.1(2), Cisco Cloud APIC supports AWS GovCloud only for the us-gov-west region. The us-gov-east region is not currently supported.
Note that these areas have a unique configuration when you deploy a Cisco Cloud APIC on AWS GovCloud:
-
You will subscribe to the CSR on the commercial account
-
You will subscribe to the Cisco Cloud APIC on the commercial account
-
You will launch the Cloud Formation template from the commercial account, which redirects the request to AWS GovCloud for the login