Cisco ACI Cookbook

Cisco ACI Cookbook

By : Stuart Fordham

Buy this Book

Cisco ACI Cookbook

By: Stuart Fordham

Buy this Book

Overview of this book

Cisco Application Centric Infrastructure (ACI) is a tough architecture that automates IT tasks and accelerates data-center application deployments. This book focuses on practical recipes to help you quickly build, manage, and customize hybrid environment for your organization using Cisco ACI. You will begin by understanding the Cisco ACI architecture and its major components. You will then configure Cisco ACI policies and tenants. Next you will connect to hypervisors and other third-party devices. Moving on, you will configure routing to external networks and within ACI tenants and also learn to secure ACI through RBAC. Furthermore, you will understand how to set up quality of service and network programming with REST, XML, Python and so on. Finally you will learn to monitor and troubleshoot ACI in the event of any issues that arise. By the end of the book, you will gain have mastered automating your IT tasks and accelerating the deployment of your applications.

Title Page

Credits

About the Author

About the Reviewers

www.PacktPub.com

Customer Feedback

Preface

Free Chapter

Understanding Components and the ACI Fabric

Introduction

Understanding ACI and the APIC

An overview of the ACI fabric

Converting Cisco from Nexus NX-OS mode to ACI mode

ACI fabric overlay

An introduction to the GUI

Configuring Policies and Tenants

Introduction

Creating fabric policies

Creating access policies

Creating tenants

Configuring bridge domains

Configuring contexts

Creating application network profiles

Creating endpoint groups

Using contracts between tenants

Creating filters

Creating contracts within tenants

Creating management contracts

Hypervisor Integration (and Other Third Parties)

Introduction

Installing device packages

Creating VMM domains and integrating VMWare

Associating vCenter domains with a tenant

Deploying the AVS

Discovering VMWare endpoints

Adding virtual machines to a tenant

Tracking ACI endpoints

Integrating with A10

Deploying the ASAv

Integrating with OpenStack

Integrating with F5

Integrating with Citrix NetScaler

Routing in ACI

Introduction

Creating a DHCP relay

Utilizing DNS

Routing with BGP

Configuring a layer-3 outside interface for tenant networks

Associating a bridge domain with an external network

Using route reflectors

Routing with OSPF

Routing with EIGRP

Using IPv6 within ACI

Setting up multicast for ACI tenants

Configuring multicast on the bridge domain and interfaces

ACI transit routing and route peering

ACI Security

Introduction

Creating local users

Creating security domains

Limiting users to tenants

Connecting to a RADIUS server

Connecting to an LDAP server

Connecting to a TACACS+ server

Implementing Quality of Service in ACI

Introduction

Preserving existing CoS settings

Configuring user-defined classes

Creating a basic QoS configuration

Verifying QoS

Network Programmability with ACI

Introduction

Browsing the object store using the Object Store Browser

Programming the ACI through REST

Authenticating through REST and XML

Creating a tenant using REST and XML

Deleting a tenant using REST and XML

Creating an APN and an EPG using REST and XML

Creating an application profile and EPG using REST

Authenticating through REST and JSON

Creating a tenant using REST and JSON

Using the Python SDK

Logging into the APIC using Cobra

Creating a tenant using the SDK

Monitoring ACI

Introduction

Finding faults

Viewing events

Navigating the audit logs

Troubleshooting ACI

Layer 2 troubleshooting

Upgrading the ACI software

VMM troubleshooting

Routing verifications

Troubleshooting external connectivity

Multicast troubleshooting

QoS troubleshooting

An End-to-End Example Using the NX-OS CLI

Introduction

Setting up in-band and out-of-band access to the nodes

Creating the security domain

Creating the VLAN domain

Creating the VMWare domain

Creating the tenant

Creating the VRF

Creating the bridge domains

Creating the applications and EPGs

Creating the contract

Creating an L4-L7 device

Creating service templates

Setting up the client VMs

Customer Reviews

5 star

4 star

3 star

2 star

1 star

Creating tenants

Tenants can be anything we want them to be (within reason): they can be a customer, a business unit within an enterprise, or a grouping of policies. The term 'tenant' is flexible, but each tenant is (by default) an isolated unit within the fabric. It is a logical container, one that can remain self-contained or, through contracts, share resources with other tenants.

The MIT for the tenant is as follows:

Tenant MIT

As you can see from the diagram, tenants contain some different components, including application profiles, bridge domains, VRFs (also referred to as contexts), and contracts. Some of these components, such as bridge domains, have their own components, such as subnets.

We have a couple of tenants preconfigured. These are the “common” tenant (common), which holds policies for shared services, such as firewalls and DNS settings; the “infrastructure” tenant (infra), which holds policies and VXLAN pools; and the “management” tenant (mgmt), which is used for out-of-band...

Cisco ACI Cookbook

By : Stuart Fordham

Cisco ACI Cookbook

By: Stuart Fordham

Overview of this book

Related Content you might be interested in

Current Title:

Cisco ACI Cookbook

Building Modern Networks

Implementing Cisco UCS Solutions

Learning VMware NSX

Creating tenants