ACI Simulator VM on VMware ESXi
If you are a network engineer who works on Data Center infrastructures, you should certainly be familiar with being in 2 or 3-tier architecture depending on the size of the DC. This common design of Cisco data center technologies are built with DC network evolution leveraging Spanning Tree, vPCs, FabricPath or VXLAN (Flood & Learn).
Now all DCs that remain with Cisco in their infrastructure have migrated or are in the process of doing so to either VXLAN with EVPN or ACI (Cisco's SDN solution).
In this series of articles, I'll help you better understand these new technologies, new perspective and their benefits.
First article we’ll discuss how to install the Application Centric Infrastructure Simulator on VMware ESXi. This tool will help you better understand the Policy Model and facilitate your transition to Cisco ACI.
About the ACI Simulator Virtual Machine
The intent of the ACI Simulator is to provide real, fully-featured APIC controller software, along with a simulated fabric infrastructure of leaf switches and spine switches in one virtual machine. Because the ACI Simulator includes APICs with real production software, you can use it to understand features, exercise APIs, and initiate integration with third-party orchestration systems and applications. The native GUI and CLI of the APIC use the same APIs that are published to third parties.
Step 1 : Download the Open Virtualization Appliance (OVA) file.
Link below :
You can see below that you would need a valide service service contract that can allow you to download these files. For my part I cannot provide any software from Cisco.
Step 2: Aggregate the OVA files
For the release i’m using, the .OVA file is divided into 6 parts. So you will have to download all related files of the release you will choose then aggregate them into one OVA file using the cat command (Linux) or the type command (Windows).
This operation is quite long, it may take a long time. Take a break and go for a coffee.
Step 3 : ACI Simulator VM into VMware ESXi
Configure the VM, import new .OVA file
Enable Promiscuous Mode on the VMware vSwitch to which the simulator is connected. In the vSwitch Properties dialog box, select Accept in the Promiscuous Mode field.
Confirm the virtual machine allocated the required Disk, CPU and Memory and Power on the virtual machine.
Step 4 : Complete the APIC initial Setup
Remember ACI Simulator is to provide real, fully-featured APIC controller software, along with a simulated fabric infrastructure of leaf switches and spine switches in one virtual machine. So, You will go through the same steps of configuration of a real ACI APIC controller. You will be prompted to provide the fabric and name ID, the number of controllers, the POD ID, GIPO, TEP pool …etc.
I suggest you accept all of the default settings with the exception of the password, IP address and netmask, and the gateway. You must put the ip address on which you could access the APIC via SSH or by GUI.
Note (From Cisco) : If you change any of the settings other than the password, IP address and netmask, or the gateway, the installation will succeed, but the Cisco Application Policy Infrastructure Controller (APIC) will fail to discover the virtual leaf switches and spine switches
You can choose to enable a strong password or not.
Review your configuration. Click y/n to edit or n to continue. The setup will be done during reboot.
The login prompt will appear after reboot
APIC has detected the leaf on which it is connected. We will do the registration in the next steps
You should be able to connect to the simulator via SSH
or Web GUI interface
Step 5 : Fabric Discovery
With the APIC fully configured, now we will login to the GUI and complete the discovery process for our switch nodes.
When logging in for the first time, you may have to accept the Cert warnings and/or add your APIC to the exception list
Go ahead and login with the admin account and password you assigned during the setup procedure.
On first login you will presented with a “What’s New” Window which highlight some of the new features and videos included with this version of APIC. You can optionally click “Do not show me this again” if you wish to prevent this popping up at each login.
Now you’ll proceed with the fabric discovery procedure
You can keep this popup and just Click Begin Fisrt Time Setup
On the Fabric Membership tab click Begin and you should see the first Leaf switch waiting discovery.
This would be one of the Leaf switches where the APIC is directly connected to.
Select Register.
The Register wizard will pop up and require some details to be entered including the Node ID you wish to assign, and the Node Name (hostname).
After the first Leaf has been discovered and move to an Active state, it will then discovery the Spine switch it’s connected to.
Go ahead and register the Spine switch in the same manner.
Since each Leaf Switch connect to the Spine switch, once the Spine completes the discovery process, you should see remaining Leaf switch pending registration. Go ahead with Registering this last node.
In our case, we have only one controller, one spine and two leafs. All the virtual switches are now online & active
Click on Topology under Fabric > Inventory to have a full overview of the ACI simulator topology
This concludes the entire fabric discovery process. All switches & controllers will now be in sync and under a single pane of management. The ACI simulator will be managed from the APIC IP. The APIC are active and maintains a consistent operational view of your virtual ACI lab environment.
Limitations
The ACI Simulator includes simulated switches, so you cannot validate a data path. The simulator allows you to connect external management entities such as ESX servers, vCenters, vShields, bare metal servers, L4-L7 services, AAA systems, and other physical or virtual service appliances. In addition, the ACI Simulator allows simulation of faults and alerts to facilitate testing and to demonstrate features
References :
Sr. Network Engineer at Wyndham Worldwide
2 年@S. Oumar NDIAYE, very nice article. Thanks so much for sharing. One question: since it is impossible to connect external device to this simulator, can we setup ACI lab in ESXi/EVE using ACI ios (not simulator)? so that we can test the relation between ACI and external device.
Network Expert CCIE#68510
3 年Hi, about limitation part how can the simulator allow me to connect external management entities such as ESX servers ?
Consultant Telecom & Security CCIE# 63349, CISA
4 年Thanks Oumar, very useful to start !