Step 1
|
Log in to the APIC 1 using https://APIC1-IP.
If you have completed the deployment of virtual APICs using ESXi (OVF template) or remote AWS (CFT), then, you output on the VM console similar to the following example:
System pre-configured successfully.
Use: https://172.31.1.2 to complete the bootstrapping.
The IP address to access the bootstrapping GUI (APIC Cluster Bringup) is explicitly indicated, as shown in the example. You can proceed to step 2.
After deploying Cisco APIC on AWS, keep the OOBMgmt IP address handy to access the Cluster Bringup GUI. You can get the OOBMgmt IP address from the
Stacks Outputs tab on the AWS GUI.
For physical APICs, log in to the APIC 1 KVM console using the CIMC; you will see a screen as shown below:
APIC Version: 6.0(2a)
Welcome to Cisco APIC Setup Utility
Press Enter Or Input JSON string to bootstrap your APIC node.
If you see only a black screen on the KVM, connect to the CIMC using SSH and use serial over LAN (SoL) ("connect host") to
connect to the console.
Choose either of these options (given below) before proceeding to step 2:
-
On APIC 1, click Enter to provide the information interactively. The IP address to access the bootstrapping GUI (APIC Cluster Bringup) is explicitly indicated.
admin user configuration ...
Enter the password for admin [None]:
Reenter the password for admin [None]:
Out-of-band management configuration ...
Enter the IP Address [192.168.10.1/24]: 172.20.7.79/23
Enter the IP Address of default gateway [192.168.10.254]: 172.20.6.1
Would you like to edit the configuration? (y/n) [n]:
System pre-configured successfully.
Use: https://172.20.7.79 to complete the bootstrapping
-
Provide information about the cluster as a JSON string. Before you enter the JSON string, change to the text mode and ensure you enter the string as a single line. The following
example has been expanded with line feeds, spaces, and indentations for readability, but does not represent how you should
enter the string.
{
"cluster": {
"fabricName": "<fabric_name>",
"fabricId": 1,
"clusterSize": 3,
"layer3": false,
"gipoPool": "225.0.0.0/15",
"adminPassword": "<password>",
"infraVlan": 2
},
"nodes": [{
"nodeName": "<node_name>",
"controllerType": "physical",
"serialNumber": "<serial_number>",
"nodeId": 1,
"podId": 1,
"cimc": {
"address4": "<ip_address>",
"username": "admin",
"password": "<password>"
},
"oobNetwork": {
"address4": "<ip_address>",
"gateway4": "<gateway_address>",
"enableIPv4": true,
"enableIPv6": false,
"address6": "",
"gateway6": ""
}
}, {
"nodeName": "<node_name>",
"controllerType": "physical",
"serialNumber": "<serial_number>",
"nodeId": 2,
"podId": 1,
"cimc": {
"address4": "172.23.140.175",
"username": "admin",
"password": "<password>"
},
"oobNetwork": {
"address4": "<ip_address>",
"gateway4": "<gateway_address>",
"enableIPv4": true,
"enableIPv6": false,
"address6": "",
"gateway6": ""
}
}, {
"nodeName": "<node_name>",
"controllerType": "physical",
"serialNumber": "<serial_number>",
"nodeId": 3,
"podId": 1,
"cimc": {
"address4": "<ip_address>",
"username": "admin",
"password": "<password>"
},
"oobNetwork": {
"address4": "<ip_address>",
"gateway4": "<gateway_address>",
"enableIPv4": true,
"enableIPv6": false,
"address6": "",
"gateway6": ""
}
}],
"pods": [{
"podId": 1,
"tepPool": "10.0.0.0/16"
}]
}
The IP addresses displayed above are samples. The IP address(es), based on your deployment, may vary.
|
Step 2
|
Using the OOB address, log in to the APIC Cluster Bringup GUI. The GUI screen has four parts. Enter the details in the following screens:
-
Connection Type
-
Cluster Details
-
Controller Registration
-
Summary
Each of the above screens are discussed in detail in the subsequent steps. The screens are marked as steps with sequential
numbers, 1,2,3,4; after you have entered and saved the required details in each of these screens, the number is replaced with
a tick-mark.
|
Step 3
|
The first step is entering the Connection Type information. In the Connection Type screen, select the type of connection between the APIC and the fabric.
The options are:
If it is virtual APIC using AWS, the system detects that the APIC is remotely-attached through a Layer 3 network and proceeds directly to the Cluster Details screen.
|
Step 4
|
Click Next.
|
Step 5
|
The second step is entering the Cluster Details. Enter the fabric-level details in the Cluster Details screen.
-
Fabric Name—Enter a name for the fabric.
-
Cluster Size—The default cluster size displayed is "3", which is the recommended minimum cluster size. You can modify this
value, based on your cluster size. The supported values are 1,3,4,5,6,7,8,9.
-
GiPo Pool—Enter the IP address used for fabric multicast. The default address is 225.0.0.0/15. Valid range is, 225.0.0.0/15
to 231.254.0.0/15, prefixlen must be 15 (128k IPs).
You can not change this value after you have completed the configuration. Having to modify this value requires a wipe of the
fabric.
-
Pod ID—(applicable only for directly connected APICs (virtual and physical)) the pod ID is displayed. If this is your first APIC, "1" is auto-populated. Subsequent APICs of the cluster can be associated with any pod number.
For a remotely-attached APICs, pod is 0.
-
TEP Pool—(applicable only for directly connected APICs (ESXi virtual APIC and physical APIC)) enter the subnet of addresses used for internal fabric communication. The size of the subnet used will impact the scale
of your pod.
You can not change this value after you have completed the configuration. Having to modify this value requires a wipe of the
fabric.
-
Infrastructure VLAN—Enter the VLAN ID for fabric connectivity (infra VLAN). This VLAN ID should be allocated solely to ACI, and not used by any other legacy device(s) in your network. Default value is 3914. Supported range is from 0 to 4093.
You can not change this value after you have completed the configuration. Having to modify this value requires a wipe of the
fabric.
-
Enable IPv6 on APICs (not applicable for virtual APIC on AWS)—select this check-box if you want to enable IPv6 addresses for out of band management.
|
Step 6
|
Click Next.
|
Step 7
|
The third step is entering the Controller Registration details. Click Add Controller to add the first APIC (of the cluster). Enter the following details:
-
Controller Type—The bootstrapping procedure auto-detects the deployment for which the configuration is being carried out.
Based on that, either Virtual or Physical is selected. The options displayed for the virtual and physical controller types are discussed in substeps (a) and (b), respectively.
Follow either of these substeps based on the controller type.
-
When the Controller Type is Virtual:
-
Virtual Instance—The management IP used to access the APIC cluster bringup GUI. Only for the first APIC, this IP address is auto-populated. For the nodes that you subsequently add to the cluster, you will need to enter the management
IP address and click Validate.
The management IP addresses are defined during the deployment of the VMs using ESXi/AWS. As mentioned in the prerequisites,
keep all the required IP addresses handy while bringing up the cluster.
-
General pane
-
Name—User-defined name for the controller.
-
Controller ID—The ID is auto-populated. If this is the first APIC of the cluster, the ID is "1". If you are adding the second controller of the cluster, "2" is auto-populated (and so on).
-
Pod ID—(Applicable only for directly connected virtual APIC on ESXi) The pod ID is auto-populated for APIC 1 of the cluster. For subsequent controllers of the cluster, enter a value.
Range is from 1 to 128.
-
Serial Number—The serial number of the VM is auto-populated.
-
Out of Band Network pane
If you have enabled IPv6 addresses for OOB management earlier (Step 5), enter the IPv6 address and gateway.
-
Infra L3 Network pane (this pane is displayed only if the Connection Type earlier selected is- Remotely attached through an L3 network.
-
IPv4 Address—Enter the infra network address.
-
IPv4 Gateway—Enter the IP address of the gateway.
-
VLAN—(Applicable only for remotely attached virtual APIC- ESXi) Enter the interface VLAN ID to be used.
The Infra L3 Network pane is not displayed when you deploy the virtual APIC using AWS.
After you have entered and saved the first APIC details, click Add Controller on the Controller Registration screen to add another APIC to the cluster.
-
When the Controller Type is Physical:
-
CIMC Details pane
-
IP Address—The CIMC IP address. Only for the first Cisco APIC, this IP address is auto-populated. When you add more controllers to the cluster, you need to enter the CIMC IP addresses.
-
Username—The username to access the CIMC. The username is auto-populated (for the first controller and subsequent controllers).
-
Password—Enter the password to access CIMC. For the first controller, the password is auto-populated. For the subsequent controllers,
enter the password.
-
Click Validate. Validation success is displayed on successful authentication.
If the CIMC is unreachable from the Cisco APIC out of band management IP address due to the CIMC NIC mode settings, change the NIC mode or enter JSON strings to perform
the bootstrap.
-
General pane
-
Name—Enter a name for the controller.
-
Controller ID—If it is the first controller of the cluster, "1" is auto-populated. If it is the second controller, "2" is
auto-populated, and so on (increasing order).
-
Pod ID—(applicable only for a directly-connected APIC) the pod ID is auto-populated for APIC 1 of the cluster. For subsequent controllers of the cluster, enter a value. Range
is from 1 to 128.
-
Serial Number—The serial number is auto-populated (for APICs 1 to N, where N is the cluster size) after CIMC validation.
APIC 1 verifies the reachability of the CIMC IP addreses and also captures the serial number of the new APICs.
-
Out of Band Network pane
-
IPv4 Address—For APIC 1, the address is auto-populated. For subsequent APICs, enter the IP address (as defined during the deployment).
-
IPv4 Gateway—For APIC 1, the gateway address is auto-populated. For subsequent APICs, enter the IP address (as defined during the deployment).
If you have enabled IPv6 addresses for OOB management earlier (Step 5), enter the IPv6 address and gateway.
-
Infra L3 Network pane (this pane is displayed only if the Connection Type earlier selected is remotely attached through a Layer 3 network).
On the Controller Registration screen, after you have entered and saved the first APIC details, click Add Controller to add another APIC to the cluster.
(Optional, applicable only for virtual APICs) On the Controller Registration screen, select the Import existing security certificates check-box to import existing security certificates for fabric recovery in virtual APICs. After selecting the check-box, enter the required details in the following fields:
-
The Remote Server IP Address which contains the configuration file.
-
The Remote Path which contains the configuration file.
-
The configuration File Name.
-
The AES Encryption Passphrase which was earlier used while backing up the configuration. The backup configuration file is linked to this key (passphrase).
-
Select the Protocol. The options are— FTP, SFTP, SCP.
-
Remote Port
-
(applicable only for SFTP and SCP Protocols) Select the Authentication Type. The options are— Use Password, Use SSH Private Key Files.
-
The Username to access the remote server.
-
The Password to authenticate access to the remote server.
-
(applicable only for Use SSH Private Key Files Authentication Type) Enter the SSH Key Contents here.
-
(applicable only for Use SSH Private Key Files Authentication Type) Specify the SSH Key Passphrase used for encrypting the private key.
For details about the Import/Export procedure, see the Cisco ACI Configuration Files: Import and Export document.
The Import existing security certificates is applicable only for virtual APICs (deployed using AWS/ ESXi). Physical APICs have in-built certificates. However, in case of virtual APICs, when you are restoring using backup configuration to recover the fabric, the existing security certificates can be re-used.
|
Step 8
|
Click Next.
The Next button is disabled until all the controllers for a cluster are added. This is defined by the value you have entered for Cluster Size in the Cluster Details screen.
You can use the Back button to navigate to an earlier screen. After adding an APIC, click Edit Details to edit the information for an APIC. Except the first APIC, you can delete the other controllers, if required, by clicking the delete icon.
|
Step 9
|
In the Summary screen, review the updates, and click Deploy.
|
Step 10
|
The Cluster Status page is displayed which shows the current status of the cluster formation. Wait for a few minutes after which you will be
automatically redirected to the standard Cisco APIC GUI.
|