Buy or Renew
Buy or Renew
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
cancel
Start a conversation
1637
Views
20
Helpful
6
Replies

APIC Failover IP Connectivity question

Go to solution
AlexNastas74909
Level 1
Level 1

‎04-07-2020 02:35 AM

Hello community.

I'm very new to Cisco ACI so sorry if my question will sound stupid, but maybe you can point me into the right direction. 

If I have a 3-APIC cluster, my understanding is that each of them will have a separate management address. 

Now, if I have a 3rd party app that interacts with my ACI fabric via REST API and uses one of those management IPs. 

What happens if that APIC fails ? Is there any way that management IP could get taken over by another APIC that will become active ? So that my 3rd party app would continue to function ? If that's not the right approach, then which one is ?

 

I have looked everywhere to try and find a clear document explaining how clustering works from the MGMT IP Connectivity standpoint, but haven't found anything. 

 

Thanks in advance

Alex

 

0 Helpful
1 Accepted Solution

Accepted Solutions

Go to solution
Sergiu.Daniluk
VIP Alumni
VIP Alumni
In response to AlexNastas74909

‎04-07-2020 05:45 AM

Hi,

Yes, you are correct. There is no shared VIP for APIC management. You will have to handle the communication with APICs on the application side.  From this perspective, the best way to handle the communication, is to always send the requests to only one APIC. How you achieve that (DNS, natively in the application, load-balancing etc) or to which APIC your app will send the requests, it is all in your hands. In the end, is not important with which APIC your app communicates, since the cluster is constantly synchronizing the configuration database (through the use of sharding).

One thing which you might want to know is if 2 out of 3 APICs are experiencing an issue, the 3rd APIC will go into minority state which is a read-only state, and you will not be able to make any changes to it, neither GUI nor CLI.

Hope that helps.

Regards,

Sergiu

 

View solution in original post

0 Helpful
6 Replies 6

Go to solution
tuanquangnguyen
Level 1
Level 1

‎04-07-2020 03:34 AM

You could try sending queries to all APIC in the cluster.
In Python (or in any programming languages, really), multiple sequential try-catch blocks should do the trick. If the application is neither managed by Cisco nor you (hence, 3rd party), maybe the documentation would describe how to connect to the APIC cluster. Else, better raise that to the vendor who created the application.

Go to solution
AlexNastas74909
Level 1
Level 1
In response to tuanquangnguyen

‎04-07-2020 05:08 AM

I'm the vendor of the application.
And I would am asking because I would like to know how to handle this case.
0 Helpful

Go to solution
Sergiu.Daniluk
VIP Alumni
VIP Alumni

‎04-07-2020 03:37 AM - edited ‎04-07-2020 03:41 AM

Hi Alex,

 

What you can do is use DNS failover, where you register all 3 APIC IP addresses for a single name/DNS record.

In your application you will be using the name instead of the IP. This way, regardless which APIC will be used, the application works.

 

Regards,

Sergiu

Go to solution
AlexNastas74909
Level 1
Level 1

‎04-07-2020 05:11 AM

Thanks for the replies. 

So my question really was more if my understanding is correct and Cisco does not handle this. 

This means that it needs to be handled on the application side. 

And also was wondering what is the good practice here, how the other developers implement this. 

 

Thanks

Alex

0 Helpful

Go to solution
Sergiu.Daniluk
VIP Alumni
VIP Alumni
In response to AlexNastas74909

‎04-07-2020 05:45 AM

Hi,

Yes, you are correct. There is no shared VIP for APIC management. You will have to handle the communication with APICs on the application side.  From this perspective, the best way to handle the communication, is to always send the requests to only one APIC. How you achieve that (DNS, natively in the application, load-balancing etc) or to which APIC your app will send the requests, it is all in your hands. In the end, is not important with which APIC your app communicates, since the cluster is constantly synchronizing the configuration database (through the use of sharding).

One thing which you might want to know is if 2 out of 3 APICs are experiencing an issue, the 3rd APIC will go into minority state which is a read-only state, and you will not be able to make any changes to it, neither GUI nor CLI.

Hope that helps.

Regards,

Sergiu

 

0 Helpful

Go to solution
AlexNastas74909
Level 1
Level 1
In response to Sergiu.Daniluk

‎04-07-2020 06:59 AM

Thanks Sergiu,
This is the answer I was looking for !

Regards
Alex
0 Helpful
Customers Also Viewed These Support Documents

Review Cisco Networking for a $25 gift card

Save 25% on Day-2 Operations Add-On License