LA Networks is pleased to present information and hands-on demos in an effort to educate network engineers about Cisco ACI. Cisco has introduced Application Centric Infrastructure, or ACI, as a holistic systems-based approach to infrastructure management.
The Dashboard in ACI will look different to you. You’ll notice the health scores for individual items. System health is the overall functionality of the fabric. Here you’ll find node health, tenant health and more information that feeds into the system health. If one component has a problem, it will affect the total system health.
Faults are sorted by type: Critical, Major, Minor, and Warning. You’ll get to love these faults over time because they allow you to troubleshoot much faster than through the command line (a little something to get used to for the traditional network engineer.)
The Controller Status reveals the fitness of your controllers.
The Tenant Menu allows you to exercise domain-based access control. However, the only tenants you can manipulate are those you are assigned to administer. You’ll spend about 80% of your time in this menu. It’s where you’ll create your application profiles, EPGs (endpoint groups), bridge domains, all those sorts of things. Plus, here you’ll implement your service insertion policies and contracts.
When you first bring up the Fabric Menu you’ll see three sub-tabs. You will not spend as much time here in the long run, but up front, you will spend a lot of time here These three sub-menus are:
- Inventory: This is where you’ll find Fabric Discovery, Topology, and go to the Pod Level to see the status of specific interfaces.
- Fabric Policies: These are global style policies to help you set up your fabric and pod-wide policies.
- Access Policies: This is where you’ll set up your switch profiles, interface policies, physical domains, VLAN pools, etc.
VM Networking: You can integrate with either Microsoft, Open Stack or VMware. The integration is managed as a Virtual Domain, and integration will use API to manage the hypervisor. There are APIs that go between the ACI Application Policy Infrastructure Controller (APIC) and hypervisor API (Application Programming Interface).
L4 to L7 Services (Layer 4-7) This is where you would start for Service Insertion. Cisco has taken a very open approach, working with over 100 different vendors to get ACI support. Service insertion (also called L4-L7 insertion) is a fairly complex task and we will not cover it at this time.
The Admin Menu: There is some overlap between this menu and the Fabric Policies menu. Under admin you’ll find your AAA policy, you can set up your roles, and integrate with ACS (a common first step). You can also do your Firmware upgrades here, set up for Roll Back and Config Roll Backs, Imports and Exports, and more. Be sure to investigate the import/export capabilities, as these work great and can be a great tool.
Operations: This tab has changed a lot over time as ACI has evolved. The ACI Endpoint Tracker application tracks all the attachment, detachment, and movement of Endpoints on the ACI Fabric – even virtual nodes. It stores this activity in a database so you can examine and query the data to gain deep visibility into what’s happening in the network.
There’s also a nice troubleshooting tool here. ACI will draw a map for you with only the leaves that are involved, and the critical interfaces you need to know about based on the endpoint information that you provide. Also, go to settings and check out the tree selections. You can get pretty deep and go several layers down. ACI remembers where you started from when doing this, which is a big help.