The documentation set for this product strives to use bias-free language. For the purposes of this documentation set, bias-free is defined as language that does not imply discrimination based on age, disability, gender, racial identity, ethnic identity, sexual orientation, socioeconomic status, and intersectionality. Exceptions may be present in the documentation due to language that is hardcoded in the user interfaces of the product software, language used based on RFP documentation, or language that is used by a referenced third-party product. Learn more about how Cisco is using Inclusive Language.
Overview of the Cisco ACI Multi-Site Orchestrator GUI
The Cisco ACI Multi-Site (Multi-Site) Orchestrator GUI is a browser-based graphical interface for configuring and monitoring your ACI and APIC implementations.
The GUI is arranged according to function. For example, after you log in and are on the Dashboard click Schemas to go to your schemas page. You can view all of your existing schemas or to create a new schema on this page.
The functionality of each Multi-Site Orchestrator GUI page is described in the following sections:
The top of each page shows the controller status indicating how many controllers are operational.
Click the Welcome link to run a troubleshooting report, reset your password, or to log out.
Dashboard
The Multi-Site dashboard displays the list of all of your site implementations in addition to their current functionality and health.
The following screen shot shows the Multi-Site dashboard display:
The Dashboard has the following functional areas:
Site Status: The site status table lists your sites according to name and location. The table also indicates the current health status
for your implementation according to a descriptive color code.
The Controller State column indicates the number of controllers available and running. You can have a maximum number of 3
controllers in your Multi-Site implementation. For example, if one out of the 3 controller is down it is represented as 2/3.
The Connectivity column provides an operational status of the BGP sessions and the dataplane unicast and multicast tunnels
that are connected to the peer sites for each site in the dashboard. This functionality is available starting with Cisco ACI
Multi-Site, Release 1.0(2).
When one or more BGP sessions or tunnels fail to establish, ACI Multi-Site provides the information about which exact local
spines and remote spines failed to establish the BGP session or the tunnel. ACI Multi-Site should be enabled in the site in
the infrastructure configuration, for the BGP sessions and the dataplane unicast and multicast tunnels to be established to
the peer sites.
BGP Sessions
When the BGP peering type is full-mesh in Infra-> General Settings, the spine node in a site with the BGP peering enabled will establish the BGP sessions to all the spine nodes with the BGP
peering enabled in all the peer sites.
When the BGP peering type is route-reflector in Infra-> General Settings, the spine node in a site with both BGP peering enabled and route-reflector enabled, will establish the BGP sessions to all
the spine nodes with the BGP peering enabled in all the peer sites. In the route-reflector mode, at least the local spine
node or the remote spine node or both should have the route-reflector enabled. Otherwise, the BGP session is not established
between them.
If the local and the remote ASNs are different, then it is eBGP. Therefore, the sessions between those sites are always full-mesh,
irrespective of the BGP peering type and the route-reflector configuration.
Unicast and Multicast Tunnels: A spine node in a site that is connected to ISN and has infrastructure configuration, will
establish a tunnel to all the spine nodes that are connected to ISN in the peer sites.
The color codes indicate the following conditions:
Critical (red)
Major (orange)
Minor (yellow)
Warning (green)
The numbers in the color indicator columns indicate the number of faults per site.
+ Add Site: enables you to add another site to our implementation. When you click + Add Site, you must provide the following site details information on the Connection Settings page:
Name: the name of the site
Labels: the label identifier of the site. Multiple labels can be associated to a site.
APIC Controller URL: you can add more APIC controllers with a distinguishing URL of a cluster.
Username and Password: APIC login info with admin level privileges.
Specify Domain For Site: click the switch to on and provide the domain name if default authentication domain is configured in APIC.
After you have entered your details for your new site, click the Save button.
Schema Health: provides a listing of your schemas with locales and health.
Click the magnifying glass icon and enter a schema name to search for a subject schema.
Click + Add Schema to start the procedure for adding a new schema to your site.
Click the site locale in the Schema Health table to view the schema details and status for a template.
The Schema Health table provides a heat map type of display; that is, the health of the subject schema is displayed according to color. Schemas
that span two columns (i.e, locales) indicate a stretched condition.
Click the color highlighted table cell to further discover what policies are incorporated into the subject schema. On the
schema details page, you can click the arrow to go into the schema builder and update the policy details in the subject schema.
The color coded slider enables you to select a range for identifying schemas whose health require further review. For example,
you can adjust the slider value to between 80 and 100. Then all of your schema implementations that fall within that specific
range are displayed on the accompanying Schema Health table.
Sites Page
The Multi-SiteSites page displays all of the sites in your implementation. An example of the Sites page is shown in the following screen shot:
The Sites page consists of the following two panes:
Site Name or Label: the site status table lists your sites and then indicates the current health status for your implementation according to
the following color coded identifiers:
Critical (red)
Major (orange)
Minor (yellow)
Warning (green)
When you click a specific site, you can view or edit the site's details on the Connection Settings display:
Name
Labels
APIC Controller URL
Username and Password
Specify Domain For Site
APIC Site ID
If you have made changes to the listed fields, click the Save button.
APIC Controller URLs: the associated APIC URLs for your Multi-Site implementation
Add Site: click the Add Site button to add a site to your implementation. The following details are required for adding a site:
Name: the site name.
Label: select an existing or create a new label.
APIC Controller URL: the existing URL - click + to add a new APIC Controller URL.
Username: the site username.
Password: the unique site password for access.
Specify Domain for Site: click the selector to On to specify a domain for the site.
Actions: drop down menu list option to edit, delete, or open a subject site in the APIC user interface.
Audit Logs
Click the Audit Log icon next to the Configure Infra tab to list the log details for the Sites page. The Audit Logs: Sites List page is displayed.
The table on the page displays the following details:
Date
Action
Details
User
Click the Most Recent tab to select the audit logs during a particular time period. For example, when you select the range from November 14, 2017
to November 17, 2017 and click Apply, the audit log details for this time period are displayed on the Audit Logs page.
Click the Filter icon next to the Most Recent tab to filter the log details using the following criteria:
User: Select one user name or all users and click Apply to filter the log details using the user name.
Action: Select the action, for example, created, updated, or deleted, and click Apply to filter the log details according to the action.
Schemas Page
The Multi-Site Schemas page lists all schemas that are associated with your implementation.
The following screen shot shows an example display:
Use the magnifying glass and associated field to search for a specific schema. Use schemas to configure or import tenant policies,
including the VRF, application profile with EPGs, filters and contracts, bridge domains, and external EPGs.
The Schemas table shows the following information in tabular form:
Name: click the schema name to view or update the settings for the subject schema.
Templates: displays the name of the template that is used for the schema. Templates are analogous to profiles in the ACI context, which
group policies. You can create templates for stretched objects or site-specific objects.
Tenants: displays the name of the tenant that is used for the subject schema.
Actions: click the Action field with the associated schema to either edit or delete the subject schema.
Click the Add Schema button to add a new schema to your implementation. Further details on creating a schema are described in Schema Management.
Audit Logs
Click the Audit Log icon next to the Add Schema tab to list the log details for the Schemas page. The Audit Logs: Schemas List page is displayed.
The table on the page displays the following details:
Date
Action
Details
User
Click the Most Recent tab to select the audit logs during a particular time period. For example, when you select the range from November 10, 2017
to November 14, 2017 and click Apply, the audit log details for this time period are displayed on the Audit Logs page.
Click the Filter icon next to the Most Recent tab to filter the log details using the following criteria:
User: Select one username or all users and click Apply to filter the log details using the username.
Action: Select the action, for example, created, updated, or deleted, and click Apply to filter the log details according to the action.
For more information about creating schemas, refer to Schema Management.
Tenants Page
The Multi-SiteTenants page lists all of the tenants that comprise your implementation.
The following screen shot provides an example:
The table on the Tenants page displays the following:
Tenant Name
Assigned to Sites
Assigned to Users
Assigned to Schemas
Actions
The features and functionality on this page include the following:
Name: click a tenant name to access the Tenant Details settings page. On the Tenant Details page you can edit or update the following sections:
General Settings: change the Display Name and Description as required.
Associated Sites: view the sites associated with the subject tenant.
Associated Users: view the users associated with the subject tenant - you can associate a user with the subject tenant by checking the empty
box next to the user name.
Associated Schemas: click the Associated Schema listing to view the schemas associated with the subject tenant.
Actions: click the Actions listing to edit the subject tenant's details sites or to create a new network mapping.
Note
You can delete the Tenant object by selecting Delete on the Actions drop down menu.
Add Tenant: click Add Tenant button to add an existing tenant to your implementation. On the proceeding Tenant Details page, you can add the tenant name,
description, security domain, and associated users.
Audit Logs
Click the Audit Log icon next to the Add Tenant tab to list the log details for the Tenants page. The Audit Logs: Tenants List page is displayed.
The table on the page displays the following details:
Date
Action
Details
User
Click the Most Recent tab to select the audit logs during a particular time period. For example, when you select the range from November 10, 2017
to November 14, 2017 and click Apply, the audit log details for this time period are displayed on the Audit Logs page.
Click the Filter icon next to the Most Recent tab to filter the log details using the following criteria:
User: Select one user name or all users and click Apply to filter the log details using the user name.
Action: Select the action, for example, created, updated, or deleted, and click Apply to filter the log details according to the action.
For more information about adding tenants, refer to Tenant Management.
Users Page
The Multi-SiteUsers page displays all of the identified users in your Multi-Site implementation. An example of the Users page is as follows:
The Users page features a table containing all of the identified users by username and associated email and current activity status.
If you click a selected Username, you can access the General Setting page attributable to the subject user. On the General Setting page, you can edit the details associated with the subject user such as username, password, email, and switch-on user roles.
Click Add User to add a new user to your Multi-Site implementation. The General Setting page display enables you to assign username, password, email, and switch-on user roles associated with your Multi-Site implementation.
Audit Logs
Click the Audit Log icon next to the Add User tab to list the log details for the Users page. The Audit Logs: Users List page is displayed.
The table on the page displays the following details:
Date
Action
Details
User
Click the Most Recent tab to select the audit logs during a particular time period. For example, when you select the range from November 10, 2017
to November 14, 2017 and click Apply, the audit log details for this time period are displayed on the Audit Logs page.
Click the Filter icon next to the Most Recent tab to filter the log details using the following criteria:
User: Select one user name or all users and click Apply to filter the log details using the user name.
Action: Select the action, for example, created, updated, or deleted, and click Apply to filter the log details according to the action.
Admin Page
When you select the Admin tab from the Cisco ACI Multi-Site Orchestrator navigation bar, it expands the following additional selection of administrative pages:
Providers
Login Domains
Backups
Audit Logs
Security
Providers
The Providers page under the Admin heading displays information about any configured external authentication providers. The following details are shown for
each provider:
The Login Domains page under the Admin heading displays information about the available login domains. The following details are shown for each domain:
The Backups page under the Admin heading displays information about any backups that have been created. The following details are shown for each domain:
The Security page under the Admin heading displays information about the custom certificates and key rings you have configured for use by the Orchestrator.
The following details are shown: