Everybody who is using ACI for a few years now knows there are long term support releases and ‘other’ releases. The long term support releases have been the x.2 releases for the last few releases. So 3.2, 4.2 and 5.2 are (or have been) long term support releases. Of these there were always two current releases. At the time of writing this post those are currently ACI 4.2 and ACI 5.
Cisco released a nice toolset based on Terraform to help us automate our fabrics. The mayor benefit of this toolset is that no programming knowledge is required. You don’t even need any Terraform knowledge to get started. It is awesome. I was honored to be able to talk about this solution with Cisco in the Cisco Champion Radio episode about this. That episode can be listened to here: CCR Automate ACI Deployments with Terraform
You might have seen my ACI lab in a previous post. I’ve installed that lab two years ago and ever since it has seen some heavy usage. It also lost some hardware due to ACI 5.x being installed on it and the Gen 1 hardware not supporting that version. Since the lab is used by me and co-workers to perform tests, training and lots and lots more it was time for a winter cleaning.
ACI 5.2 has been released in the summer of 2021. Recently (october 18th) version 5.2(3) has been released. That version has been earmarked by Cisco for a long time to become the recommended, long term support release. At the moment I’m writing this it hasn’t gotten the designation “Recommended” yet, but that will likely happen in the next few days to weeks. One of the most important things is that for ACI 5.
It has been possible to integrate VMware vCenter with ACI for years. However, more and more environments are dependent on NSX-T to manage their VMWare infrastructure. They use NSX to deploy port groups and more. When your environment runs both ACI and NSX-T you might be interested in integrating these two. There are some benefits to this integration. Most benefits are the same as the benefits you get from integrating ACI and vCenter.
This is a short post about the SSD issue in ACI leaf switches. Now ACI fabrics are approaching 5 or 6 years of operations people start noticing error codes F3073 and F3074. When you Google on these faults you’re likely to find this technote from Cisco. The issue is that the SSDs in the switches are nearing the end of their life. Error F3074 will tell you the SSD has reached 80% of its lifetime and F3073 is raised when the SSD reaches 90% of its lifetime.
ACI 5.1 has been released about three months ago. That means that ACI 5.2 is likely imminent. Usually I review a version when it becomes available, like I’ve done for versions 3.2, 4.0, 4.2, 5.0 and 5.1. I will do something similar when 5.2 will be released, but for now I thought it would be nice to speculate a bit. Disclaimer: The information provided in this blog is purely speculation. I did not talk to Cisco to obtain any of this information.
On October 26, 2020 Cisco released ACI version 5.1. As has been customary for me I write a blogpost about this new ACI version looking into some of the new features. When we look into the release notes of version 5.1 it would appear that there aren’t any major new features. The biggest new features aren’t listed in the release notes at this time. That might be because some of these features are as of yet undocumented.
ACI is made for automation. There are a lot of blog posts about automating ACI out there, but this is some documentation of my own progress on this matter. I’m no complete beginner in the field of automation. When I stage an ACI environment for a customer I use several scripts that automate almost 95% of the process for me. However, these scripts are home grown and one of the issues I encounter is the lack of portability to other engineers (as I know the scripts by heart and know which things work and which do not).
In my post about the new features of ACI 5.0 (link) I explained the concept of the ESG shortly. This post explores the Endpoint Security Groups in more detail. First we need to appreciate the fact that the introduction of the Endpoint Security Groups is the biggest change in the tenant policy model since ACI’s inception. The tenant policy model hasn’t changed in any major way since ACI 1.0 (as far as I know).