Lab 1a: ACI Fabric Discovery

Activity Objective
In this activity, you will work alone to setup the three APIC controllers and discover the ACI
fabric by registering the Cisco Nexus 9000 Switches to the primary APIC controller. You will
also gain a basic understanding of the APIC GUI.

Visual Objective
The figure illustrates the lab objective.

Required Resources
These are the resources and equipment required to complete this activity:
n Workstation with Internet access
n ACI Simulator

Task Summary
n Task 1: Connect to remote Lab environment
n Task 2: Initial Setup of APIC
n Task 3: Fabric Discovery
n Task 4: Explore APIC GUI

© 2014 Business Technology Architects Lab Guide 3

Task 1: Connect to the remote lab environment
In this task, you will connect to the lab terminal server and gain access to the student desktop.

Activity Procedure
Complete these steps:
Step 1 Open a 64 bit web browser (such as Internet Explorer or Safari).

Note If you are using a Linux based Laptop (such as a MacBook), it is recommended that you use
a Windows Virtual Machine to complete the lab exercises. Occasionally keyboard-mapping
errors occur when accessing the console of a VM as done in Task 2 of this lab exercise.

Step 2 Access http://labs.labgear.net and enter your credentials (assigned by your

instructor).

Step 3 From the labgear interface select the MGMT_PC and login to Windows
n Username: administrator password: 1234QWer

Tip Choose middle icon for full-screen interface.

Step 4 Continue to the next task.

4 ACI Implementation v0.1 © 2014 Business Technology Architects

Task 2: Initial Setup of APICs
In this task, you setup the Application Policy Infrastructure Controllers on the APIC Simulator.
The simulator is emulating 3 APICs, 2 Leafs, and 2 Spines in a single appliance.

Activity Procedure
Complete these steps:
Step 1 From the MGMT_PC Desktop, open the vSphere Client and login to your
assigned ESXi host 172.16.1.x.
n User: root Password: 1234QWer

Login Host Login Host

P01 172.16.1.81 P09 172.16.1.89
P02 172.16.1.82 P10 172.16.1.90
P03 172.16.1.83 P11 172.16.1.91
P04 172.16.1.84 P12 172.16.1.92
P05 172.16.1.85 P13 172.16.1.93
P06 172.16.1.86 P14 172.16.1.94
P07 172.16.1.87 P15 172.16.1.95
P08 172.16.1.88 P16 172.16.1.96

Step 2 Check box “Install this certificate…”

n Click Ignore à OK on warning notice.

Step 3 Expand the host; right-click APIC-SIM > power on.

© 2014 Business Technology Architects Lab Guide 5

 Step 4 Right-click APIC-SIM > Open Console.

Step 5 The initial setup dialog is presented by the APIC; Initial setup is performed on
all APIC appliances.
— Press the Alt and F1 keys to start the setup on APIC1
— Fabric Name: <Enter> (default ACI Fabric1)
— Number of Controllers: <Enter> (default 3)
— Controller ID: <Enter> (default 1)
— Controller name: <Enter> (default apic1)
— Address Pool for TEP addresses: <Enter> (default 10.0.0.0/16 )
— VLAN ID for Infra network: <Enter> (default for simulator VLAN 4)
— Address Pool for BD Multicast address (GIPO): <Enter> (default 225.0.0.0/15)
— OOB IP address: 192.168.1.11/24
— OOB Default gateway: 192.168.1.253
— Interface speed/duplex auto mode: <Enter> (default auto)

6 ACI Implementation v0.1 © 2014 Business Technology Architects

 Step 6 Enable strong passwords? N (case-sensitive).
n admin password : 1234QWer

Step 7 Review the configuration for accuracy.

n <Enter> if no errors (default n).

Step 8 (Optional) Setup for APIC2.

n Press ALT-F2 to configure the APIC2
n Accept defaults for all Cluster configuration settings.
n Enter the IP address 192.168.1.12/24
n Enter the default gateway as 192.168.1.253
Step 9 (Optional) Setup for APIC3.
n Press ALT-F3 to configure the APIC3
n Accept defaults for all Cluster configuration settings.
n Enter the IP address 192.168.1.13/24
n Enter the default gateway as 192.168.1.253

Note You will be able to login to APIC1. APICs 2 & 3 are not accesible.

© 2014 Business Technology Architects Lab Guide 7

Task 3: Fabric Bring up
In this task, you will register the switches to the apic.

Activity Procedure
Complete these steps:
Step 1 Open Chrome and browse to https://192.168.1.11.
n If Your connection is not private appears à Advanced
n Click Proceed to 192.168.1.11 (unsafe); login screen will appear

Step 2 Login with admin/1234QWer credentials.

Note If you are unable to login, return to the APIC1 console and verify login. It takes a couple of
minutes for the APIC to boot.

8 ACI Implementation v0.1 © 2014 Business Technology Architects

 Step 3 You will now see the System Dashboard. The Dashboard provides and overview of
the system health. Observe there are no stats data to display, a single APIC in the
cluster, and it is Fully Fit.

Step 4 Next we will go through the fabric discovery process; select Controllers.
n Expand Controllers (Controllers menu displays property and status
information about the APIC instance. Notice that only apic1 is displayed.)
n Expand apic1 à open Cluster folder

Note Here you can view the members of a cluster. The current size of the cluster is one because
sycronization takes places across the fabric and the fabric has not been discovered.

© 2014 Business Technology Architects Lab Guide 9

 Step 5 As time permits, view the additional information about apic1’s interfaces, status
of components etc. Next you will register the switches.

Step 6 To register the switch nodes to APIC, choose Fabric à Inventory.

n Choose Fabric Membership (the table in the right pane displays the switch
serial number TEP-1-101 with ID 0 and role leaf)
n Double-click TEP-1-101 (under serial number in the right pane)
n NODE ID: 101 (APIC controllers reserve ids 1-100)
n NODE NAME: Leaf1
n Click UPDATE

APIC discovers new switches that are directly connected to any currently managed registered
switch. Each APIC instance (in the cluster) will first discovers only the leaf switch it is directly
connected to. After the leaf switch is registered with APIC, the leaf will discover all directly
connected spine switches. As each spine switch is registered, APIC discovers all leaf switches
that are connected to that spine switch. This cascaded discovery allows APIC to discover the
entire fabric topology in a few simple steps.
Whenever you click the top menu entries, the white sub-menu text is where the view is located.
Other views from that sub-menu have the text color in “grey” are not in view but can be
selected. For example when you click on the top menu “FABRIC”, the default view is set to
“INVENTORY”. The Inventory menu displays the set of controllers, switches, and blade
switches belonging to the fabric. .

10 ACI Implementation v0.1 © 2014 Business Technology Architects

 Step 7 After 15-30 seconds a /32 IP address is assigned (used for VxLAN
tunnel endpoint). With the first fabric switch registered, APIC1 will
automatically start discovering the additional switches in the fabric as well as
the other controllers.
n In approximately a minute or less the spine switches will appear with serial
numbers TEP-1-103 and TEP-1-104; the ROLE should indicate spine with Node
ID 0.

Note In some pods, TEP-1-104 maybe the first discovered.

Step 8 Repeat the process to finish registering each switch according to the table.
Node ID Node Name
TEP-1-103 103 Spine1
TEP-1-104 104 Spine2
TEP-1-102 102 Leaf2

Note With the spines discovered, wait approximately 1 minute for the fabric to discover the
second leaf switch.

Note Completed fabric discovery is shown above.

© 2014 Business Technology Architects Lab Guide 11

 Step 9 Next, familiarize yourself with the physical switches in the fabric. On
the left-hand panel expand the Pod1 entry by clicking on the “+”

Step 10 Expand Leaf1 à click + .

Step 11 Select (click) switch Leaf1 (Node101)

12 ACI Implementation v0.1 © 2014 Business Technology Architects

 Step 12 Review the Dashboard for this specific switch (displayed on the right)

Step 13 Click on the TOPOLOGY tab

© 2014 Business Technology Architects Lab Guide 13

 Step 14 A view of Leaf1 appears.
n Click on the green port 42, an APIC2 will appear.
n Click on the green port 41, APIC1 will appear.

Step 15 On the leaf hand side, select Pod 1.

n Click on the TOPOLOGY tab

14 ACI Implementation v0.1 © 2014 Business Technology Architects

 Step 16 The topology should show 3 APIC nodes, where APIC1 and APIC2 are
connected to Leaf1 and APIC3 is connected to Leaf2. Then there should also be
connections from Leaf1 to both Spine1 and Spine2 and connections from Leaf2
to Spine1 and Spine2. If you do not see lines as shown in the figure, please wait
up to 5 minutes as it varies between pods for the environment to build out the
connections.

Step 17 As time permits, explore the rest of this section of the GUI.

© 2014 Business Technology Architects Lab Guide 15

 Step 18 Return to the System view by selecting SYSTEM
n Expand Controllers; notice 3 controllers displayed.
n Expand the apic1 (Node-1)

Step 19 Select the Cluster folder

n Review the Target Size, Current Size and Operation State of the APIC
cluster.

Step 20 As time permits, explore the rest of this section of the GUI.

16 ACI Implementation v0.1 © 2014 Business Technology Architects

Task 4: APIC GUI Overview
In this task, you will review the top level options in the ACI GUI.

Activity Procedure
Complete these steps:
Step 1 Click on the welcome, admin section of the GUI on the far right of the screen
as shown below
n Familiarize yourself with all the options that can be done with this pull down.
This includes all the AAA options, as well API Inspector and API
Documentation.

Step 2 Next click on the search ICON as shown below.

n This is a tool that can be used to search for items in the GUI as shown below.

© 2014 Business Technology Architects Lab Guide 17

 Step 3 Click the book icon in the work pane, as shown below.

You will see a window with help on this topic; in this case how APIC Clusters are
supposed to work. The book icon will give you help on the theory of this subject.

Step 4 Click on the i icon in the work pane; not the one in the blue banner.

This will bring up a window with more help in this subject, but specifically geared to the
options in the window and how to configure them. This icon will give you help in the
practice of this subject.
Step 5 Next click on the L4-L7 Services as shown below; notice Inventory and
Packages sub items as shown below.
n Read the Quick Start Help for this section. Notice that you can click the
triangle icon to bring up videos on this subject.

18 ACI Implementation v0.1 © 2014 Business Technology Architects

 Step 6 Next, choose VM Networking; notice Inventory and Polices sub items.
n Inventory displays VMs, hypervisors, and virtual switches belonging to the
fabric. Also provides VM statistics including packet counters, byte counters,
CPU usage, and memory usage.
n Policies allow you to configure connectivity policies for virtual machine
providers such as VMware (vCenter, vShield) and Microsoft (SCVMM).

Step 7 Next click on the Fabric menu item.

n You should already be familiar with the INVENTORY item.

© 2014 Business Technology Architects Lab Guide 19

 Step 8 Familiarize yourself with the other two sub menu items. Click on FABRIC
POLICIES.
n Fabric Policies configure interfaces that connect spine and leaf switches. Fabric
policies can enable features such as monitoring (statistics collection and
statistics export), troubleshooting (on-demand diagnostics and SPAN), or NTP.

20 ACI Implementation v0.1 © 2014 Business Technology Architects

 Step 9 Click on ACCESS POLICIES.
n Access policies configure external-facing interfaces that do not connect to a
spine switch. External-facing interfaces connect to external devices such as
virtual machine controllers and hypervisors, hosts, routers, or fabric extenders
(FEX). Access policies enable configuring port channels and virtual port
channels, protocols such as LLDP, CDP or LACP, and features like monitoring
or diagnostics.

Step 10 Choose Tenants. A Tenant is a logical container or a folder for application

policies. This container can represent an actual tenant, an organization, security
zone, application or a domain. A Tenant can also just be used for the
convenience of organizing information.
n Notice three Tenants are preconfigured common, infra and mgmt

Note The common tenant is preconfigured for defining policies that provide common behavior for
all the tenants in the fabric. A policy defined in the common tenant is usable by any tenant.

© 2014 Business Technology Architects Lab Guide 21

 Step 11 Choose SYSTEM (a very useful menu item for learning about ACI and APIC).
n The Quick Start section assists in performing common and basic procedures.

Step 12 The Concepts menu displays APIC online help that discusses the building
blocks of ACI.

Step 13 As previously seen the Dashboard provides an overview of the system health
and the Controllers menu displays property and status information about the
APIC instances and clusters.
Step 14 At this point you should be comfortable navigating the top level options of the
APIC GUI. This completes this lab exercise.

22 ACI Implementation v0.1 © 2014 Business Technology Architects