11-14-2023 08:39 PM - edited 11-15-2023 03:54 PM
Initial Cisco APIC Setup
When the Cisco Application Policy Infrastructure Controller (Cisco APIC) is launched for the first time, the Cisco APIC console presents a series of initial setup options.
Beginning with Cisco APIC release 6.0(2), the initial cluster set up and bootstrapping procedure has been simplified with the addition of GUI screen(s) for cluster bring up.
The GUI supports both the scenarios. A major advantage of using the APIC Cluster Bringup GUI is that, you do not need to enter the parameters for every APIC in a cluster. One APIC can relay the information to the other APICs of the cluster.
The procedure for new fabric staging and configuration is pretty straight-forward - you set up IPv4 address for APIC1 oobmgmt interface, connect to GUI and follow the wizard, it will ask you for info about fabric topology and config. There are several ways to interact with APIC:
Once your server comes up you connect to console or use CIMC IP, use below guide to connect to APIC console
https://unofficialaciguide.com/2018/02/16/using-serial-over-lan-sol-on-the-cimc-to-access-the-apic-instead-of-kvm-console/
You should see the invitation for initial setup - here you can configure oobmgmt IPv4 address to use API/GUI or feed the JSON line with the payload containing cluster and controllers configuration.
Press any key to continue...
Starting Setup Utility
APIC Version: 6.0(2h)
Welcome to APIC Setup Utility
Press Enter Or Input JSON string to bootstrap your APIC node.
If you hit enter - APIC asks you to configure IP address for oobmgmt interface and ADMIN password:
admin user configuration ...
Enter the password for admin [None]:
Reenter the password for admin [None]:
Out-of-band management configuration ...
Enter the IP Address [192.168.10.1/24]: x.x.x.x/25
Enter the IP Address of default gateway [192.168.10.254]: x.x.x.1
Would you like to edit the configuration? (y/n) [n]:
System pre-configured successfully.
Use: https://x.x.x.x to complete the bootstrapping
Open a browser and go the APIC GUI
You have to enter the password; if you left the password empty - you have to enter "None" as password.
The wizard is simple - asking you for the topology and values to use.
On the next section you would need to define your APIC controllers, wizard assumes that it runs on APIC1 and assigns ID1 to local appliance. The wizard requires all APIC controllers CIMC password to be entered and validated, once you create all entries you can proceed to Summary page and submit the configuration.
If the validation does not succeed at this stage, we need to verify the following
no SSH access for APIC at this point, and SCP is also unavailable.
[+] Make sure there is reachability between CIMC and APIC
[+] use browser inspector tools to examine the requests generated by APIC.
In the above example, browser inspector tool confirmed we generate the API verify then it timed out “”504 Gateway time-out”
/api/workflows/v1/controller/verify
it means reachability issues, capturing at the GW will be action plan
check MTS, enable jumbo frames at management network, usually CIMC has jumbo MTU enabled at mgmt interface which might cause the below retransimission to happen
1417 2023-11-14 05:23:20.102940181 x.x.x.x ? x.x.x.x TCP 120 [TCP Dup ACK 1406#1] 49328 ? 22 [ACK] Seq=602 Ack=739 Win=64128 Len=0
1418 2023-11-14 05:23:20.102945186 x.x.x.x ? x.x.x.x TCP 124 [TCP Dup ACK 1406#2] 49328 ? 22 [ACK] Seq=602 Ack=739 Win=64128 Len=0
1420 2023-11-14 05:23:20.311576656 x.x.x.x ? x.x.x.x TCP 1570 [TCP Retransmission] 22 ? 49328 [ACK] Seq=739 Ack=602 Win=43080 Len=1456
1421 2023-11-14 05:23:20.746485416 x.x.x.x? x.x.x.x TCP 1570 [TCP Retransmission] 22 ? 49328 [ACK] Seq=739 Ack=602 Win=43080 Len=1456
1429 2023-11-14 05:23:21.586555376 x.x.x.x ? x.x.x.x TCP 1570 [TCP Retransmission] 22 ? 49328 [ACK] Seq=739 Ack=602 Win=43080 Len=1456
1446 2023-11-14 05:23:23.266549466 x.x.x.x? x.x.x.x TCP 1570 [TCP Retransmission] 22 ? 49328 [ACK] Seq=739 Ack=602 Win=43080 Len=1456
1517 2023-11-14 05:23:26.626502870 x.x.x.x ? x.x.x.x TCP 1570 [TCP Retransmission] 22 ? 49328 [ACK] Seq=739 Ack=602 Win=43080 Len=1456
34 1680 2023-11-14 05:23:33.346473067 x.x.x.x ? x.x.x.x TCP 1570 [TCP Retransmission] 22 ? 49328 [ACK] Seq=739 Ack=602 Win=43080 Len=1456
35 1806 2023-11-14 05:23:46.786481719 x.x.x.x ? x.x.x.x TCP 1570 [TCP Retransmission] 22 ? 49328 [ACK] Seq=739 Ack=602 Win=43080 Len=1456
.
The solution involved changing the MTU at the gateway. Reviewing the logs, it was observed that there were TCP retransmissions occurring, potentially due to the mismatch in MTU settings.
To address this issue, the recommendation is to check MTS, enable jumbo frames at the management network, and verify the MTU settings at CIMC's management interface. It's noted that having jumbo MTU enabled at the CIMC management interface could lead to retransmission issues as seen in the logs.
11-15-2023 03:30 PM
Hi @mabushei ,
Great post. It would be much more readable if you edit it and make your images full width, as explained in this tip:
When posting on the forum, add your pictures inline - i.e. PASTE your picture right where you want it. If it is a screenshot, you'll probably then want to click on the image and make the image large - like this.
This means you pictures are actually SEEN (a) in the email that gets sent to subscribers and (b) anyone who looks at this post in the future. Adding pictures as attachments... puts your submission into the TL;DR category.
08-01-2024 09:31 AM
How does one commission a new APIC in a different pod than pod 1? the Pod options is greyed out.
08-02-2024 01:02 AM
What is the number of new APIC in Pod-2?
Remember APICs are always deployed in Odd numbers e.g. 3, 5, 7, and 9. If your new APIC is Even in number then it cannot join APIC cluster. You can just do APIC's initial setup and keep it in Standby state.
08-02-2024 10:01 AM
This is node 3 of a 3 node cluster. I'm moving it from pod 1 to pod 2. ACI v6.x does away with the CLI-based bootstrap script, so you don't tell the new apic about its base information as you did in ACI < v5.3. This now happens in the commissioning process (see ~pg 8: ACI APIC Replacment with Auto Upgrade starting 6.0(2) (cisco.com))
either that or you have to build a bootstrap json string, also summarized in above doc
08-02-2024 04:59 PM
it should be same process, after discovering POD2 and register the spines and leafs, APIC will be discovered again and you should be able to register it back
08-08-2024 09:07 AM
it's not the same as it used to be. there is no setup script when you start an APIC fresh. All you have the option to set up is the OOB management IP. This changed as of version 6.x
08-11-2024 03:10 PM
I agree that the initial setup process is different. In the 6.0X versions, we only needed to set up the IP address and admin password. However, once POD2 is discovered and all nodes are registered:
08-05-2024 12:14 AM - edited 08-05-2024 12:23 AM
You need to change Pod ID (from 1 to 2) in APIC-3's Initial setup.
Discover and save your favorite ideas. Come back to expert answers, step-by-step guides, recent topics, and more.
New here? Get started with these tips. How to use Community New member guide