The document discusses the integration of HashiCorp Terraform with Cisco ACI to address the evolving demands of modern data centers, emphasizing the shift from static to dynamic infrastructures. It highlights the importance of infrastructure as code for efficient management and compliance while ensuring business innovation in a multi-cloud environment. A demonstration of ACI provisioning workflows showcases how Terraform can facilitate rapid delivery and collaboration among teams.

1. Cisco ACI with
HashiCorp Terraform
Copyright © 2019 HashiCorp
Dan Kirkwood Camillo Rossi
Solutions Engineer
Hashicorp
Technical Marketing Engineer
Cisco

2. Agenda
1. Generational Transition for IT
2. Business Requirements Driving Change
3. HashiCorp Terraform and Cisco ACI
4. Infrastructure as Code with ACI
5. Demo
6. Q&A

3. A generational transition is underway
Traditional datacenter
“Static”
Modern datacenter
“Dynamic”
Dedicated infrastructure Private cloud
SYSTEMS OF RECORD SYSTEMS OF ENGAGEMENT
Public multi-cloud
+

4. Evolving application workload delivery
Challenge
How to deliver applications to
the cloud with consistency?
PHYSICAL VMs CONTAINERS SERVICES
APP SERVER CLOUD NATIVE SERVERLESS EDGE
DEVICES
AppUsers
Workflows, not technologies

5. Consumer Simplicity
Technology has enhanced how we
shop, bank, and vacation - all from
our phones or laptops.
IT Ops Complexity
Data Centers have to deliver with
no room for error or downtime to
support these innovations.
Cloud Advantage
It’s not just about cost and agility anymore,
business innovation is the competitive
advantage.
Multi-cloud Hurdles
Security, compliance, migration,
cost control, performance, lock-in,
skills gaps….
Apps on-prem & cloud
New generation of cloud, container,
virtual workloads move around fast
and go where the resources reside
Wide Attack Surface
Compromised security posture due
to inconsistent policies and not
enough resources to
focus on malware and breaches
Business Requirements driving change

6. Remote Leaf / Virtual PoD
Remote Location
IP WAN
Any Cloud, Any Application, Any Platform, Anywhere
ACI Anywhere
Public Cloud
Multi-cloud ExtensionsIP WAN
On Premise
APIC / Multi-Site
Automation Security Mobility Visibility
ACI Architecture

7. Terraform
Unified Provisioning for Multi-Cloud
Infrastructure as Code to safely and efficiently
provision and manage any infrastructure at any scale.
Multi-Cloud Compliance & Management to
provision any infrastructure with one workflow.
Operations Team can enforce compliance and
governance at provision time
Self-Service infrastructure teams to easily
collaborate to provision infrastructure on-demand
with a library of approved infrastructure modules
300+
Customers
100K+
Weekly D/Ls
200
Providers

8. Infrastructure as Code
● Proven technique to safely and
efficiently provision and manage
infrastructure at any scale.
● Track, manage, and restore the
changes made through version
control
● Codification enables automation -
“executable documentation”
● Collaboration codifies tribal
knowledge
● Reduce human error and snowflakes
by re-using validated infrastructure
modules
Managing and provisioning infrastructure with machine-readable definition files.
● Test and Validate changes prior to
production
● Governance
Policy as Code

9. • 65+ APIC and 15+ cloud APIC resources/data sources available
• ACI provider upstreamed to Terraform during Q3 CY2019
Cloud APIC APIC
Cisco ACI + HashiCorp Terraform
Capabilities Outcomes
Configuration automation through IaC Cost Savings and Compliance
Safe and Predictable changes Higher uptime
Multi-cloud Business Agility and Innovation

10. • ACI has a modeled representation of everything APIC knows
• ACI object model is a distributed MIT (Management Information Tree) structure, fully accessible
through REST API
• Every node is a managed object (MO) with class, attributes and a distinguished name (Dn)
Root
Policy
Universe
Tenants
Applications
VLANs
Virtual
Network
Fabric
Nodes
Hypervisors
Tenant
VRF
BD 10.10.0.1/24
EPG
VLAN 1001
EPG
VLAN 1002
API
Infrastructure as Code with ACI

11. ● Interpolations are parsed in
resource and provider
configurations to determine
dependencies.
● No need to manually sequence
dependent resources within
and between providers
● Independent resources can be
provisioned in parallel
Tenant
VRF
BD
Subnet
ANP
EPG
vSphere VM
Resource Graph

12. Demo: ACI Provisioning with Terraform
Workflow 1: On-prem Self-serve infrastructure
Workflow 2: Cloud co-deployment
‘I need a
subnet’
Best practice
fabric policies
Workflow tool
integration
Fast delivery
with guard-rails
DevTeam
Needs a New
App
NetOps Team:
Networking
Constructs
DevTeam:
Consumes Network
Resources
Fast delivery
across teams

13. Modules for enabling speed + best practice
We want connectivity
We need to maintain an
available and performant
network

14. Demo: ACI Provisioning with Terraform
Workflow 1: On-prem Self-serve infrastructure
Workflow 2: Cloud co-deployment
‘I need a
subnet’
Best practice
fabric policies
Workflow tool
integration
Fast delivery
with guard-rails
DevTeam
Needs a New
App
NetOps Team:
Networking
Constructs
DevTeam:
Consumes Network
Resources
Fast delivery
across teams

15. © 2017 Cisco and/or its affiliates. All rights reserved. Cisco Confidential
Important Resources
GitHub Terraform
Repository
Cisco Developer
Community
developer.cisco.com
Terraform ACI Provider
Documentation
Engage with your local Cisco or HashiCorp teams for any queries
Learn Terraform

16. © 2017 Cisco and/or its affiliates. All rights reserved. Cisco Confidential
Stay tuned…..
Multi-Site Orchestrator
+

17. Thank You
dk@hashicorp.com
camrossi@cisco.com
learn.hashicorp.com
hashicorp.com/events
17