Cisco ACI Virtual Pod Release Notes, Release 4.2(5)
This document describes the features, bugs, and limitations for the Cisco Application Centric Infrastructure (ACI) Virtual Pod (vPod) software.
Note: Use this document in combination with the Cisco Application Policy Infrastructure Controller (APIC) Release Notes, which you can view at the following location:
Release notes are sometimes updated with new information about restrictions and bugs. See this website for the most recent version of this document.
The following table shows the online change history for this document.
Date |
Description |
2020-09-15 |
Cisco ACI vPod Release 4.2(5l) became available. |
2020-08-22 |
Cisco ACI vPod Release 4.2(5k) became available. |
This document includes the following sections:
Cisco Application Centric Infrastructure (ACI) Virtual Pod (vPod) is a software-only solution that enables you to virtually extend the Cisco ACI fabric into bare-metal cloud environments and other remote locations.
You can deploy Cisco ACI vPod wherever you have at least two servers on which you can run the ESXi hypervisor. It allows you to use Cisco ACI Virtual Edge where you do not have a physical leaf.
Cisco ACI vPod and its components—a pair of virtual spines (vSpines), a pair of virtual leafs (vLeafs), and Cisco ACI Virtual Edge—run on the ESXi hypervisor. The vSpines and vLeafs handle control plane management, and the Cisco ACI Virtual Edge handles packet forwarding, policy enforcement, and all data plane management.
Cisco ACI vPod manages a data center defined by the VMware vCenter Server. You can have up to 32 instances of Cisco ACI Virtual Edge in each Cisco ACI vPod in the remote location. You use Cisco APIC to manage Cisco ACI vPod nodes and enforce Cisco ACI policy in the virtual data center.
Cisco ACI vPod communicates with a physical, on-premises pod or multipod over an interpod network. You configure the physical pod or multipod, the interpod connection, and Cisco ACI vPod in Cisco APIC. You then use the Cisco ACI vCenter plug-in, a Python script, or PowerCLI to deploy Cisco ACI vPod component virtual machines (VMs).
Cisco ACI vPod is compatible with any server hardware listed in the VMware Hardware Compatibility Guide on the VMware website.
Note: When you install or configure Cisco ACI vPod, you may see Cisco ACI vPod options labeled vPod.
Cisco ACI Virtual Pod Release 4.2(5k) and Release 4.2(5l) are supported for Cisco APIC with releases 6.0, 6.5, and 6.7 of VMware vSphere.
Cisco ACI vPod Release 4.2(5k) is compatible with Cisco APIC 4.2(5k) and later versions. Cisco ACI vPod Release 4.2(5l) is compatible with Cisco APIC 4.2(5l) and later versions.
See the Cisco APIC and ACI Virtual Edge Support Matrix for details.
The Cisco ACI Virtualization Compatibility Matrix provides interoperability information for Cisco ACI components and configurations that have been tested and validated by Cisco, by Cisco partners, or both.
The Cisco APIC and ACI Virtual Edge Support Matrix is an interactive tool that enables you to choose an APIC version and view the compatible Cisco ACI vPod, Cisco ACI Virtual Edge, vSphere, and compatible Cisco APIC versions.
You can improve the efficiency of a network that is extended to a remote site by configuring a Layer 3 outside network connection (L3Out) through Cisco ACI Virtual Pod (vPod) in the remote site. Previously, to connect to outside networks, Cisco ACI vPod had to use an L3Out on a physical leaf in the on-premises data center. However, you can now configure L3Out directly through a Cisco Cloud Services Router (CSR) and the Cisco ACI GOLF feature.
We recommend that you install Cisco ACI vPod management components—vSpine and vLeaf pairs—on two different hosts. Deploy each pair on two separate hosts with one vSpine and one vLeaf on each host.
Each instance of Cisco ACI vPod supports two vSpines and two vLeafs—one vSpine and one vLeaf on each host.
Cisco ACI vPod management should be in a separate management cluster from any instance of Cisco ACI Virtual Edge.
We recommended that you do not reload or shut down both the vLeafs or vSpines at same time to avoid issues with endpoint attachment and traffic.
For Cisco ACI Virtual Edge scalability information, see the Verified Scalability Guide for Cisco ACI for the relevant Cisco APIC release.
Cisco ACI vPod is available only on the VMware ESXi hypervisor.
Cisco ACI vPod is not supported for Cisco ACI Multi-Site environments.
■ The server where you install Cisco ACI Virtual Edge must have an Intel Nehalem CPU or later. You also must set the cluster Enhanced vMotion Compatibility (EVC) to a Nehalem CPU or later. See the knowledge base article Enhanced vMotion Compatibility (EVC) processor support (1003212) on the VMware web site.
■ Only one Cisco ACI Virtual Edge per host is supported.
■ Removing Cisco ACI Virtual Edge or the ESXi host from the VMware vCenter and then adding it back in is not supported. If you do that, Cisco ACI Virtual Edge loses password, infra VLAN, IP address, and other key configurations. You should instead delete the original Cisco ACI Virtual Edge and deploy a new one.
■ After you deploy Cisco ACI Virtual Edge, if the Cisco ACI Virtual Edge VM is moved across VMware vCenter, all the configurations that you made during deployment are lost.
■ We recommend that you install Cisco ACI vPod vSpines and vLeafs on a dedicated VMware cluster.
If you configure a management interface IP address, the Cisco ACI vPod vSpines and vLeafs must have IPv4 addresses.
Cisco ACI vPod vSpines and vLeafs are not supported for VMware vSphere vMotion.
Note: After you migrate VMs using cross-data center VMware vMotion in the same VMware vCenter, you may find a stale VM entry under the source DVS. This stale entry can cause problems, such as host removal failure. The workaround for this problem is to enable "Start monitoring port state" on the vNetwork DVS. See the KB topic "Refreshing port state information for a vNetwork Distributed Virtual Switch" on the VMware Web site for instructions.
Remote leaf is not supported for Cisco ACI vPod in this release.
The deletion of VLAN pools that are associated to a VMM domain is not supported. You can add a new range of VLANs to the VLAN pool whenever it is required.
Cisco ACI Virtual Edge is not supported for the following features when it is part of Cisco ACI vPod:
■ VMware vSphere Proactive HA
■ SPAN and ERSPAN
■ Subnets configured under EPGs
When both vLeafs are powered off, continuous WAN traffic stops. There are no WAN routes on vSpine Council of Oracles Protocol (COOP), and learned WAN endpoints on Cisco ACI Virtual Edge are removed.
If you want to delete the bridge domain or VRF or change the association, first ensure that there are no EPGs associated with the bridge domain or that any associated EPGs do not contain any endpoints. Otherwise, you may encounter connectivity problems.
Use the Bug Search tool to search for a specific bug or to search for all bugs in a release.
1. Go to http://tools.cisco.com/bugsearch.
2. At the Log In screen, enter your registered Cisco.com username and password; then, click Log In. The Bug Search page opens.
Note: If you do not have a Cisco.com username and password, you can register for them at http://tools.cisco.com/RPF/register/register.do.
3. To search for a specific bug, enter the bug ID in the Search For field and press Return.
4. To search for bugs in the current release:
a. In the Search For field, enter a problem, feature, or a product name and press Return. (Leave the other fields empty.)
b. When the search results are displayed, use the filter tools to find the types of bugs you are looking for. You can search for bugs by modified date, status, severity, and so forth.
5. To export the results to a spreadsheet, click the Export Results to Excel link.
The following table lists the open issues for Cisco ACI vPod for the 4.2(5) release:
Bug ID |
Headline |
Physical spine drops redirected traffic when L4-L7 device is on a physical pod and provider and consumer endpoints are in a vPod |
|
Keep microsegmented and base EPGs in same bridge domain for Cisco ACI Virtual Edge when it is part of Cisco ACI vPod |
|
Traffic loss for 40 seconds on flood traffic upon designated Cisco ACI Virtual Edge failover. |
Cisco ACI vPod virtual spines (vSpines) currently do not support the use of OpFlex to communicate certain control plane configurations for Cisco ACI vPod GOLF to work. So certain trigger operations result in the removal of WAN routes on vSpines from the GOLF router. Such operations include deletion or addition of a Layer 3 outside network connection (L3Out) EPG and the deletion or addition of a VRF.
A soft BGP reset on the GOLF router (CSR, ASR) is required for routes to be advertised again from GOLF side.
Using VMware vMotion can result in up to 2 minutes of traffic loss after failover when using Cisco Adaptive Security Virtual Appliance (ASAv). The issue can occur when you use ASAv as a service device in high availability (HA) mode with policy-based redirect (PBR) and the active and standby devices switch roles because of a failover.
You can avoid this problem by not using VMware vMotion to migrate the standby device when the roles are switched. If the device needs to be migrated, force a failover so that the primary device becomes active, and then initiate VMware vMotion.
When failover occurs, the VM is moved to a new Cisco ACI Virtual Edge when it is part of Cisco ACI vPod. Other data VMS try to communicate with the original Cisco ACI Virtual Edge. Traffic recovers when the learned entry times out after 5 minutes.
Cisco APIC documentation is available at the following URL:
Cisco APIC documentation includes the Cisco ACI Virtualization Guide, which provides detailed information about Distributed Firewall with Cisco ACI.
To provide technical feedback on this document or report an error or omission, please send your comments to avs-docfeedback@cisco.com. We appreciate your feedback.
For information on obtaining documentation, using the Cisco Bug Search Tool (BST), submitting a service request, and gathering additional information, see What’s New in Cisco Product Documentation at: http://www.cisco.com/en/US/docs/general/whatsnew/whatsnew.html.
Subscribe to What’s New in Cisco Product Documentation, which lists all new and revised Cisco technical documentation, as an RSS feed and deliver content directly to your desktop using a reader application. The RSS feeds are a free service.
Cisco and the Cisco logo are trademarks or registered trademarks of Cisco and/or its affiliates in the U.S. and other countries. To view a list of Cisco trademarks, go to this URL: www.cisco.com/go/trademarks. Third-party trademarks mentioned are the property of their respective owners. The use of the word partner does not imply a partnership relationship between Cisco and any other company. (1110R)
Any Internet Protocol (IP) addresses and phone numbers used in this document are not intended to be actual addresses and phone numbers. Any examples, command display output, network topology diagrams, and other figures included in the document are shown for illustrative purposes only. Any use of actual IP addresses or phone numbers in illustrative content is unintentional and coincidental.
© 2020 Cisco Systems, Inc. All rights reserved.