One of my subscribers wondered whether it would make sense to build a traditional leaf-and-spine fabric or go for Cisco ACI. He started his email with:
One option is a "standalone" Spine/Leaf VXLAN-with EVPN deployment based on Nexus equipment. This approach could probably be accompanied by some kind of automation like Ansible to ease operation/maintenance of the network.
This is what I would do these days if the customer feels comfortable investing at least the minimum amount of work into an automation solution. Having simpler technology + well-understood automation solution is (in my biased opinion) better than having a complex black box.
To learn how to build and automate such a fabric, start with Leaf-and-Spine Fabric Architectures (to cover the design aspects), continue with EVPN Technical Deep Dive (to master EVPN), and explore how others automate their fabrics in Network Automation Use Cases webinar (or enroll into the automation online course).
The other option is the ACI that is highly promoted by Cisco. This certainly offers some good features and (if it works as they say) it will make our life easier in many aspects. But then you have all the disadvantages of a proprietary solution, that hides some of the complexity and adds another level of complexity as you know better than I do. What are others doing in similar cases?
I’ve seen people doing both. In the end, it comes down to “do you want to control your network because you think it’s a mission-critical infrastructure or do you see it as an unnecessary expense that’s best handled as a black box”. I covered this dilemma in a blog post and a presentation.
For more details, check out the NSX, ACI or EVPN webinar.