Introducing Cisco Cloud Community Controller on Google Cloud Platform – Half 1


This yr has been fairly important for Cisco’s multicloud networking software program evolution. Earlier within the yr Cisco launched, together with different thrilling software program options bulletins, Google Cloud Platform (GCP) assist for Cisco Cloud Community Controller (CNC), previously referred to as Cisco Cloud APIC. This weblog collection introduces the GCP assist capabilities subdivided into three components:

  • Half 1: Native Cloud Networking Automation
  • Half 2: Contract-based Routing and Firewall Guidelines Automation
  • Half 3: Exterior Cloud Connectivity Automation

Extra in regards to the rebranding and different expanded capabilities on our Modernize your Multi-Cloud Community with Cisco Cloud Community Controller weblog. For brevity, Cisco CNC might be used all through the collection.

The Want for Multicloud Networking Software program

Whereas organizations are more and more changing into extra mature with their to the cloud methods, these days there was a shift in focus to within the cloud networking, as additionally noticed by Gartner of their first Market Information for Cloud Networking Software program and subsequent releases. This collection will present how a cloud-like coverage mannequin may help addressing contained in the cloud challenges with the purpose to maintain bettering operations in public cloud environments and augmenting native cloud networking capabilities, as wanted.

Excessive Stage Structure

Google Cloud sources are organized hierarchically, and the Challenge degree is essentially the most related from the Cisco CNC perspective as a tenant is mapped one-to-one to a GCP venture. Cisco CNC is deployed from the Google Cloud Market right into a devoted infra VPC (Digital Personal Cloud) contained inside a venture mapped to the infra tenant, whereas consumer VPCs are provisioned in devoted or shared tasks related to their very own tenants inside the Cisco CNC.

The Cisco CNC structure on GCP is much like that of AWS and Azure, because it additionally helps BGP IPv4 or BGP EVPN to on-premises or different cloud websites utilizing Cisco Cloud Router (CCR) primarily based on Cisco Catalyst 8000v. It additionally helps native GCP Cloud Router with Cloud VPN gateway for exterior connectivity. As for inner cloud connectivity, it leverages VPC Community Peering between consumer VPCs inside the similar or throughout areas as illustrated on the diagram under.

Native Cloud Networking Automation

A short overview of the Cisco CNC GUI earlier than continuing. The left aspect of the GUI accommodates the navigation pane which will be expanded for visualization of cloud sources or configuration. The appliance administration tab is the place one can go to make configurations, or alternatively, use the blue intent icon on the high proper which gives easy accessibility to varied configuration choices.

To reveal how Cisco CNC automates inter-region routing throughout VPCs, let’s construct a easy situation with two VPCs in numerous areas contained inside the similar user-tenant venture referred to as engineering. Word that the identical situation may exist with these two VPCs in the identical area, as VPC networks in GCP are world sources and never related to any area, in contrast to subnets that are regional sources.

Provisioning VPC Networks and Regional Subnets

Step one is to create a Tenant and map it to a GCP Challenge as depicted under. The entry kind is about to Managed Identification, which permits Cisco CNC to make adjustments to user-tenant tasks by the use of a pre-provisioned service account in the course of the preliminary deployment.

The configuration under illustrates the creation of two Cloud Context Profiles used as a mapping device for a VPC. It’s contained inside a Tenant and gives the area affiliation to find out which area(s) a VPC will get deployed to, together with regional subnets. Moreover, a Cloud Context Profile is at all times related to a logical VRF.

profile for vpc-1
profile for vpc-2

By creating these two profiles and mapping to VPCs in numerous areas, every with their respective CIDR and subnet(s), the Cisco CNC interprets them into native constructs within the Google Cloud console underneath VPC networks as seen under. Word that the VRF title defines the title of the VPC, on this instance, network-a and network-b.

Cisco CNC GUI gives the identical degree of visibility, underneath Utility Administration the place extra VPCs will be created or underneath Cloud Assets.

Route Leaking Between VPCs

For this situation, a route leak coverage is configured to permit inter-VRF routing which is finished independently of contract-based routing or safety insurance policies to be reviewed on half 2 of this weblog collection. As seen beforehand, the VRF affiliation to a selected VPC is finished inside the Cloud Context Profile.

Whereas the “Add Reverse Leak Route” possibility is just not depicted for brevity, it is usually enabled to permit for bi-directional connectivity. On this situation, since it’s only inter-VPC route leaking, VRFs are labeled as inner and all routes are leaked.

Within the GCP console, it automates VPC community peering between network-a and network-b with correct imported and exported routes.

Peering routes are auto generated for each VPCs, together with default routes automated throughout VPC setup.


It is a easy situation with solely two VPCs as to introduce Cisco CNC capabilities in automating cloud networking inside GCP. It goes from provisioning VPCs to establishing route ads, automating peering, and offering visibility and management over what’s being deployed.

Cisco CNC can automate different situations and use instances in just some clicks. These will be single VPC throughout a number of areas or a number of VPC networks in the identical area, inside the similar or totally different tasks. This permits prospects to scale their cloud environments utilizing a standard coverage mannequin that abstracts native cloud networking and accelerates their cloud journey.

Half 2 of this weblog collection will present how Cisco CNC can even use contract-based routing together with automating VPC firewall guidelines in GCP by extending the identical coverage mannequin.



Cisco Cloud Community Controller for Google Cloud – Set up Guides

Cisco Cloud Community Controller for Google Cloud – Consumer Guides

Modernize your Multi-Cloud Community with Cisco Cloud Community Controller – weblog

Weblog Sequence: Introducing Cisco Cloud Community Controller on Google Cloud Platform

Half 2: Contract-based Routing and Firewall Guidelines Automation- Coming Quickly

Half 3: Exterior Cloud Connectivity Automation – Coming Quickly



Leave a Reply

Your email address will not be published. Required fields are marked *