ACI Integration and Migration Lab

Ivan Andjelkovic
Channels SE
Cisco Systems
 Agenda

• Brief overview of ACI components and objects

• Lab Content
 ACI Fabric
ACI Spines

ACI Leafs

L4 -7
External L2 / Servers
Services
L3

APIC APIC APIC APIC Cluster

OOB Managment
© 2013-2014 Cisco and/or its affiliates. All rights reserved. Cisco Confidential 3
Application Profile and ACI Networking Objects

Tenant

L3 - Private Network Context (VRF-Lite)

Bridge Domain A Bridge Domain B
Subnet C, Subnet D Subnet: E

EPG Web_Servers EPG App_Servers

App_Contract
 Building ACI Contracts

Filter Action Label

TCP Port 80 Permit Web Access

Subjects are a combination of

Subject Filter | Action | Label
A filter, an action and a label

Contract 1
Contracts define
Subject 1
communication
between source and Subject 2
destination EPGs
Subject 3

Contracts are groups of subjects which define communication between EPGs.

C97-730020​-01 © 2013 Cisco and/or its affiliates. All rights reserved. Cisco Confidential 5
5
 Interface Configuration

VLAN Pool

Interface Policies Domain

Interface Policy Group Attachable Access

Entity Profile (AEP)

Interface Profile

Switch Profile vPC Domain

© 2013-2014 Cisco and/or its affiliates. All rights reserved. Cisco Confidential 6
 Lab Content

- Verification of the lab setup

- L3 Integration using BGP

- L2 Integration
- Adding compute resources to existing application using L2
EPG extension
- Migration to ACI

- ASAv integration with ACI

© 2013-2014 Cisco and/or its affiliates. All rights reserved. Cisco Confidential 7
 Lab Topology

© 2013-2014 Cisco and/or its affiliates. All rights reserved. Cisco Confidential 8
 L3 integration (BGP)

© 2013-2014 Cisco and/or its affiliates. All rights reserved. Cisco Confidential 9
Existing Application for L3 Integration
(set up before the lab)

TenantX

TX_Production L3 Context
BD-VMData-Web BD-VMData-App

Subnet: 192.168.10.1/24 Subnet: 192.168.11.1/24

EPG Web_Servers EPG App_Servers

 L2 Integration

Agg1 Agg2 VLANs:

111-126 vMotion
e1/7 e1/7 201-216 LegacyWeb Server
221-236 LegacyApp Server

e1/7 e1/8

ACI Border Leaf

 L2 extension (EPG)

Default gateway and services

Agg1 Agg2

e1/7 e1/7
Vlan 220+X

e1/7 e1/8

ACI Border Leaf

Vlan 220+X Vlan from VMM pool

Vlan 200+X
Bridge Domain LegacyVMData_App

App EPG
Legacy_Web-Server LegacyApp1-Server LegacyApp2-Server
172.16.200+X.10 172.16.220+X.10 172.16.220+X.20
 Vmknic as an End Point

Default gateway and services

Agg1 Agg2

e1/7 e1/7
Vlan 110+X

e1/7 e1/8

ACI Border Leaf

Vlan 110+X Vlan from VMM pool

Bridge Domain vMotion-BD

vMotion-EPG
vMotion vmknic vMotion vmknic
10.10.110+X.10 10.10.110+X.20
 L2 extension (vMotion)

Default gateway and services

Agg1 Agg2

e1/7 e1/7
Vlan 220+X

e1/7 e1/8

ACI Border Leaf

Vlan from VMM pool

Vlan 200+X
Bridge Domain LegacyVMData_App

App EPG
Legacy_Web-Server LegacyApp1-Server LegacyApp2-Server
172.16.200+X.10 172.16.220+X.10 172.16.220+X.20
L2 extension (Bridge Domain)
Contracts for Legacy Application
Basic L4-L7 Services Setup
ASAv