Configuring Cisco ACI in VMware vCenter

Configuring Cisco ACI with the Cisco ACI HTML5 vCenter Plug-in

The Cisco Application Centric Infrastructure (ACI) HTML5 vCenter plug-in enables you to perform basic Cisco ACI configuration tasks in VMware vCenter. This makes it easy for the virtualization manager create tenants, application profiles, and other key objects without having to use the Cisco Application Policy Infrastructure Controller (APIC).

Although the Cisco ACI HTML5 vCenter plug-in enables you to perform key configuration tasks, you need to use the Cisco APIC to perform more sophisticated configurations.

See the following documents on Cisco.com for instructions for configuring virtual switches that use the VMware vCenter:

Create a Tenant

This section describes how to create a tenant in VMware vCenter.


Note
When you create a tenant using the Cisco Application Centric Infrastructure (ACI) HTML5 vCenter plug-in, the following objects are automatically created: an application profile, tenant_name_default; a Virtual Routing and Forwarding context (VRF), tenant_name_default; and a bridge domain, tenant_name_default.

Before you begin

Ensure that a Cisco ACI fabric is registered. For more information, see Connecting the Cisco ACI HTML5 vCenter Plug-in to your Cisco ACI Fabric.

Procedure

Step 1

Log into the VMware vSphere Client.

Step 2

Go to Cisco ACI Fabric > Tenants.

At the upper left of the Tenants work pane, make sure that the correct fabric is chosen from the Fabric drop-down menu.

Step 3

In the upper right of the work pane, click ACTIONS and then choose Create Tenant.

You can later return to the ACTIONS button to edit or delete a tenant.

Step 4

In the Create New Tenant dialog box, in the Name field, enter a name for the tenant.

Step 5

In the Description field, enter a description of the tenant.

Step 6

Click OK.

The Tenants work pane displays information about the newly created tenant.

What to do next

If you do not see the newly created tenant in the Tenants work pane, you can verify that the tenant was created:

  • In the upper right of the Tenants work pane, click the clipboard icon.

  • In the ACI Tasks & Settings pane, look for the Create Tenant entry for the tenant that you just created.

    You can also find the tenant by entering its name in the Filter field under Actions.

Create an Application Profile

This section describes how to create a new application profile for a tenant.

Before you begin

You must have configured a tenant. See Create a Tenant.

Procedure

Step 1

Log into the VMware vSphere Client.

Step 2

Go to Cisco ACI Fabric > Tenants, and in the work pane, click the tenant where you want to create an application profile.

The work pane displays the Summary page with information about the tenant, including the health and any configurations for the tenant.

Step 3

Click the Application Management tab.

Step 4

In the work pane, left of the table displaying the tenant, click Application Profiles, click the white ACTIONS button, and then choose Create App. Profile

You can later return to the ACTIONS button to edit or delete an application profile.

Step 5

In the Create New Application Profile dialog box, complete the following steps:

  1. In the Name field, enter a name for the application profile.

  2. In the Description field, enter text to describe the application profile.

  3. Click OK.

    The Application Profiles work pane displays information about the newly created application profile.

What to do next

If you do not see the application profile in the Application Profiles work pane, you can verify that the application profile was created:

You can also find the application profile by entering its name in the Filter field under Actions.

  • In the upper right of the Tenants work pane, click the clipboard icon.

  • In the ACI Tasks & Settings pane, look for the Create App entry for the tenant that you just created.

Create a VRF

This section describes how to create a Virtual Routing and Forwarding context (VRF).

Before you begin

You must have created a tenant; see Create a Tenant.

Procedure

Step 1

Log into the VMware vSphere Client.

Step 2

Go to Cisco ACI Fabric > Tenants, and in the work pane, click the tenant where you want to create a VRF.

The work pane displays the Summary page with information about the tenant, including the health and any configurations for the tenant.

Step 3

Click the Application Management tab.

Step 4

In the work pane, left of the table displaying the tenant, click VRFs, click the white ACTIONS button, and then choose Create VRF.

You can return to the ACTIONS button to edit or delete a VRF.

Step 5

In the Create New VRF dialog box, complete the following steps:

  1. In the Name field, enter a name for the VRF.

  2. In the Description field, enter a description for the VRF.

    The Enforce Policies check box is checked by default.

  3. Click OK.

    the VRFs work pane displays information about the newly created VRF.

What to do next

If you do not see the VRF in the VRFs work pane, you can verify that the VRF was created:

  • In the upper right of the Tenants work pane, click the clipboard icon.

  • In the ACI Tasks & Settings pane, look for the Create VRF entry for the tenant that you just created.

    You can also find the VRF by entering its name in the Filter field under Actions.

Create a Bridge Domain

This section describes how to create a bridge domain.

Before you begin

You must have created a virtual routing and forwarding context (VRF); see Create a VRF.

Procedure

Step 1

Log into the VMware vSphere Client.

Step 2

Go to Cisco ACI Fabric > Tenants, and in the work pane, click the tenant where you want to create a bridge domain.

The work pane displays the Summary page with information about the tenant, including the health and any configurations for the tenant.

Step 3

Click the Application Management tab.

Step 4

In the work pane, left of the table displaying the tenant, click Bridge Domains, click the white ACTIONS button, and then choose Create Bridge Domain.

You can return to the ACTIONS button to edit or delete a bridge domain.

Step 5

In the Create New Bridge Domain dialog box, complete the following steps:

  1. In the Name field, enter a name for the bridge domain.

  2. In the Description field, enter a description for the bridge domain.

  3. From the VRF drop-down list, choose a VRF.

  4. (Optional) In the Private Subnets: area, if you want to add a subnet, click Add Gateway, enter the address in the Gateway field, and then click the check mark.

  5. Click OK.

    The Bridge Domains work pane displays information about the newly created bridge domain.

What to do next

If you do not see the newly created bridge domain in the Bridge Domains work pane, you can verify that the bridge domain was created:

  • In the upper right of the Tenant work pane, click the clipboard icon.

  • In the ACI Tasks & Settings pane, look for the Create Bridge Domain entry for the bridge domain that you just created.

    You can also find the bridge domain by entering its name in the Filter field under ACTIONS.

Create an EPG

This section describes how to create a new endpoint group (EPG) for a tenant. During the procedure you associate a virtual machine manager (VMM) domain with the EPG.

Before you begin

You must have created an application profile; see Create an Application Profile.

Procedure

Step 1

Log into the VMware vSphere Client.

Step 2

Go to Cisco ACI Fabric > Tenants, and in the work pane, click the tenant where you want to create an endpoint group.

The work pane displays the Summary page with information about the tenant, including the health and any configurations for the tenant.

Step 3

Click the Application Management tab.

Step 4

In the work pane, left of the table displaying the tenant, click EPGs, click the white ACTIONS button, and then choose Create EPG.

You can later return to the ACTIONS button to edit or delete an EPG.

Step 5

In the Create EPG dialog box, complete the following steps:

  1. In the Name field, enter a name for the EPG.

  2. From the Application Profile drop-down list, choose the application profile.

  3. In the Description field, enter text to describe the EPG.

  4. In the Domains area, click ACTIONS, and then choose Add Domain.

  5. In the Add VMM Domain Association dialog box, choose a domain from the Domain drop-down list.

  6. (Optional) In the Enhanced Lag Policy area, choose a policy from the drop-down list.

    For information about Enhanced LACP policy, see the chapter "Cisco ACI with VMware VDS Integration" in the Cisco ACI Virtualization Guide or the Cisco ACI Virtual Edge Configuration Guide on Cisco.com

  7. Click OK.

Step 6

In the Create EPG dialog box, from the Bridge Domains drop-down list, choose a bridge domain.

Step 7

(Optional) Check the Intra EPG Isolation check box.

For information about intra-EPG isolation, see the chapter "Intra-EPG Isolation Enforcement and Cisco ACI" in the Cisco ACI Virtualization Guide or the chapter "Intra-EPG Isolation Configuration" in the Cisco ACI Virtual Edge Configuration Guide on Cisco.com

Step 8

Click OK.

The EPGs work pane displays information about the newly created EPG.

What to do next

If you do not see the newly created EPG in the EPGs work pane, you can verify that the EPG was created:

  • In the upper right of the Tenant work pane, click the clipboard icon.

  • In the ACI Tasks & Settings pane, look for the Create EPG entry for the EPG that you just created.

    You can also find the EPG by entering its name in the Filter field under Actions.

Create a Filter

This section describes how to create a filter.

Before you begin

You must have configured a tenant. See Create a Tenant.

Procedure

Step 1

Log into the VMware vSphere Client.

Step 2

Go to Cisco ACI Fabric > Tenants, and in the work pane, click the tenant where you want to create a filter.

The work pane displays the Summary page with information about the tenant, including the health and any configurations for the tenant.

Step 3

Click the Application Management tab.

Step 4

In the work pane, left of the table displaying the tenant, click Filters, click the white ACTIONS button, and then choose Create Filter

You can return to the ACTIONS button to edit or delete the filter.

Step 5

In the Create New Filter dialog box, complete the following steps:

  1. In the Name field, enter a name for the filter.

  2. In the Description field, enter a description for the filter.

  3. In the Entries: area, right-click ACTIONS and from the drop-down list, choose Create Entry.

  4. In the Create New Entry dialog box, enter a name for the entry in the Name field.

  5. Complete one of the following series of steps:

    • If you want a simple entry, enter a name for the entry in the Name field, leave the Advanced check box unchecked, in the Port: area, choose a port from the selector or check the Any check box, and then click OK.

    • If you want an advanced entry, enter a name for the entry in the Name field, check the Advanced check box, choose a type from the Ethernet type drop-down list, choose a protocol from the IP protocol drop-down list, configure the Source Port and Destination Port fields, in the TCP Rules area, check the check box next to one of the rules, and then click OK.

  6. In the Create New Entry dialog box, click OK.

    The Filters work pane displays information about the newly created filter. Click the filter to display information about the filter's entries below the list of filters.

What to do next

If you do not see the filter in the Filters work pane, you can verify that the filter was created:

  • In the upper right of the Tenants work pane, click the clipboard icon.

  • In the ACI Tasks & Settings pane, look for the Create Filter entry for the tenant that you just created.

    You can also find the filter by entering its name in the Filter field under Actions.

Create a Contract

This section describes how to create a contract.

Procedure

Step 1

Log into the VMware vSphere Client.

Step 2

Go to Cisco ACI Fabric > Tenants, and in the work pane, click the tenant where you want to create a contract.

Step 3

Click the Application Management tab.

Step 4

In the work pane, left of the table displaying the tenant, click Contract, click the white ACTIONS button, and then choose Create Contract.

You can later return to the ACTIONS button to edit or delete a contract.

Step 5

In the Create New Contract dialog box, complete the following steps:

  1. In the Consumers: area, click the plus (+) icon.

  2. In the Select EPG dialog box, in the Available objects column, check the check box for the EPG that you want to be the consumer of the contract, click ADD, and then click OK.

  3. In the Providers: area, click the plus (+) icon.

  4. In the Select EPG dialog box, in the Available objects column, check the check box for the EPG that you want to be the provider of the contract, click ADD, and then click OK.

  5. In the Create New Contract dialog box, enter a name for the contract in the Name field.

  6. (Optional) In the Description field, enter a description for the contract.

  7. (Optional) In the Traffic: area, click the Filters: plus (+) icon.

  8. (Optional) In the Select Filters dialog box, in the Available objects column, check the check box for the filter that you want to apply to the contract, click ADD, and then click OK.

    The filters shown are those configured for the tenant and the common tenant.

  9. (Optional) In the Create New Contract, check the Bidirectional check box if you want the contract to be bidirectional.

  10. Click OK.

    The Contracts work pane displays information about the newly created contract.

What to do next

If you do not see the contract in the Contracts work pane, verify that the contract was created:

  • In the upper right of the Tenant work pane, click the clipboard icon.

  • In the ACI Tasks & Settings pane, look for the Create Contract entry for the contract that you just created.

    You can also find the contract by entering its name in the Filter field under Actions.