Browse Library
Sign In Start Free Trial
Close icon Search icon
Account
Browse Library Advanced Search Sign In Start Free Trial

Add to playlist

Create a Playlist

Modal Close icon
You need to login to use this feature.
  • Book Overview & Buying Cisco ACI Cookbook
  • Table Of Contents Toc
  • Feedback & Rating feedback
Cisco ACI Cookbook

Cisco ACI Cookbook

By : Fordham
3.1 (7)
Buy this Book
close
close
Cisco ACI Cookbook

Cisco ACI Cookbook

3.1 (7)
By: Fordham
Buy this Book

Overview of this book

Cisco Application Centric Infrastructure (ACI) is a tough architecture that automates IT tasks and accelerates data-center application deployments. This book focuses on practical recipes to help you quickly build, manage, and customize hybrid environment for your organization using Cisco ACI. You will begin by understanding the Cisco ACI architecture and its major components. You will then configure Cisco ACI policies and tenants. Next you will connect to hypervisors and other third-party devices. Moving on, you will configure routing to external networks and within ACI tenants and also learn to secure ACI through RBAC. Furthermore, you will understand how to set up quality of service and network programming with REST, XML, Python and so on. Finally you will learn to monitor and troubleshoot ACI in the event of any issues that arise. By the end of the book, you will gain have mastered automating your IT tasks and accelerating the deployment of your applications.
Table of Contents (11 chapters)
close
close
close
Preface
Icon
Preface
Icon
What this book covers
Icon
What you need for this book
Icon
Who this book is for
Icon
Sections
Icon
Conventions
Icon
Reader feedback
Icon
Customer support
Free Chapter
1
Understanding Components and the ACI Fabric
Icon
Understanding Components and the ACI Fabric
Icon
Introduction
Icon
Understanding ACI and the APIC
Icon
An overview of the ACI fabric
Icon
Converting Cisco from Nexus NX-OS mode to ACI mode
Icon
ACI fabric overlay
Icon
An introduction to the GUI
2
Configuring Policies and Tenants
Icon
Configuring Policies and Tenants
Icon
Introduction
Icon
Creating fabric policies
Icon
Creating access policies
Icon
Creating tenants
Icon
Configuring bridge domains
Icon
Configuring contexts
Icon
Creating application network profiles
Icon
Creating endpoint groups
Icon
Using contracts between tenants
Icon
Creating filters
Icon
Creating contracts within tenants
Icon
Creating management contracts
3
Hypervisor Integration (and Other Third Parties)
Icon
Hypervisor Integration (and Other Third Parties)
Icon
Introduction
Icon
Installing device packages
Icon
Creating VMM domains and integrating VMWare
Icon
Associating vCenter domains with a tenant
Icon
Deploying the AVS
Icon
Discovering VMWare endpoints
Icon
Adding virtual machines to a tenant
Icon
Tracking ACI endpoints
Icon
Integrating with A10
Icon
Deploying the ASAv
Icon
Integrating with OpenStack
Icon
Integrating with F5
Icon
Integrating with Citrix NetScaler
4
Routing in ACI
Icon
Routing in ACI
Icon
Introduction
Icon
Creating a DHCP relay
Icon
Utilizing DNS
Icon
Routing with BGP
Icon
Configuring a layer-3 outside interface for tenant networks
Icon
Associating a bridge domain with an external network
Icon
Using route reflectors
Icon
Routing with OSPF
Icon
Routing with EIGRP
Icon
Using IPv6 within ACI
Icon
Setting up multicast for ACI tenants
Icon
Configuring multicast on the bridge domain and interfaces
Icon
ACI transit routing and route peering
5
ACI Security
chevron up
Icon
ACI Security
Icon
Introduction
Icon
Creating local users
Icon
Creating security domains
Icon
Limiting users to tenants
Icon
Connecting to a RADIUS server
Icon
Connecting to an LDAP server
Icon
Connecting to a TACACS+ server
6
Implementing Quality of Service in ACI
Icon
Implementing Quality of Service in ACI
Icon
Introduction
Icon
Preserving existing CoS settings
Icon
Configuring user-defined classes
Icon
Creating a basic QoS configuration
Icon
Verifying QoS
7
Network Programmability with ACI
Icon
Network Programmability with ACI
Icon
Introduction
Icon
Browsing the object store using the Object Store Browser
Icon
Programming the ACI through REST
Icon
Authenticating through REST and XML
Icon
Creating a tenant using REST and XML
Icon
Deleting a tenant using REST and XML
Icon
Creating an APN and an EPG using REST and XML
Icon
Creating an application profile and EPG using REST
Icon
Authenticating through REST and JSON
Icon
Creating a tenant using REST and JSON
Icon
Using the Python SDK
Icon
Logging into the APIC using Cobra
Icon
Creating a tenant using the SDK
8
Monitoring ACI
Icon
Monitoring ACI
Icon
Introduction
Icon
Finding faults
Icon
Viewing events
Icon
Navigating the audit logs
Icon
Setting up Call Home
Icon
Configuring SNMP
Icon
Configuring Syslog
Icon
Configuring NetFlow
9
Troubleshooting ACI
Icon
Troubleshooting ACI
Icon
Introduction
Icon
Layer 2 troubleshooting
Icon
FEX troubleshooting
Icon
SSL troubleshooting
Icon
Switch diagnostics
Icon
APIC troubleshooting
Icon
Upgrading the ACI software
Icon
VMM troubleshooting
Icon
Routing verifications
Icon
Troubleshooting external connectivity
Icon
Multicast troubleshooting
Icon
QoS troubleshooting
10
An End-to-End Example Using the NX-OS CLI
Icon
An End-to-End Example Using the NX-OS CLI
Icon
Introduction
Icon
Setting up in-band and out-of-band access to the nodes
Icon
Creating the security domain
Icon
Creating the VLAN domain
Icon
Creating the VMWare domain
Icon
Creating the tenant
Icon
Creating the VRF
Icon
Creating the bridge domains
Icon
Creating the applications and EPGs
Icon
Creating the contract
Icon
Creating an L4-L7 device
Icon
Creating service templates
Icon
Setting up the client VMs

Introduction

Given that there will be more than one person administering the ACI fabric, it makes sense that each have their own user account. This is a necessity for certifications such as PCI-DSS, and also just makes sense from an auditing perspective.

In this chapter, we will look at how we can connect to third-party authentication sources, such as RADIUS, TACACS+, and LDAP, and how we can limit the users down by a per-tenant or per-function basis.

AAA and multiple tenant support

ACI has been built with security in mind. Adding local users and connecting to external authentication services (such as RADIUS, TACACS+, and LDAP) is all very straightforward. Security is a constant theme throughout ACI--just look at contracts for an example. 

Because of this focus on security, we can perform actions such as limiting the abilities of a user on a per-tenant basis and being very granular about the aspects of the fabric that they can and cannot read from or write to. The abilities of a user can be...

Unlock full access

Continue reading for free

A Packt free trial gives you instant online access to our library of over 7000 practical eBooks and videos, constantly updated with the latest in tech
Start a 7-day FREE trial
End of Section 4
Next Section

Create a Note

Modal Close icon
You need to login to use this feature.
notes
bookmark search playlist font-size

Change the font size

margin-width

Change margin width

day-mode

Change background colour

Close icon Search
Country selected
Close icon Your notes and bookmarks

Delete Bookmark

Modal Close icon
Are you sure you want to delete it?
Cancel
Yes, Delete

Delete Note

Modal Close icon
Are you sure you want to delete it?
Cancel
Yes, Delete

Edit Note

Modal Close icon
Write a note (max 255 characters)
Cancel
Update Note

Confirmation

Modal Close icon
claim successful
Order Page Read Now

Buy this book with your credits?

Modal Close icon
Are you sure you want to buy this book with one of your credits?
Close
YES, BUY