12-07-2018 04:58 AM - edited 03-01-2019 05:43 AM
We just completed migrating our DC to ACI using network centric design. Each traditional vlan is now a BD/EPG. All our servers are VM's running on ESXI. I need to take 50 servers that are spread across 8 different BD/EPG's and put them in a new EPG. Now I know I can do something like this with the VMWARE integration and Useg but we are not ready for that . We are months away from trying that and I have immediate requirement to segment these 50 servers. Can I manually do this without the Vcenter Integration? What would be the steps I need to consider? I don't want to re ip but I'm willing to put these into a new port group if that's necessary.
Thank you.
12-10-2018 09:06 AM
It is not clear what is "take 50 servers that are spread across 8 different BD/EPG's and put them in a new EPG" ?
Is that you need to have 50 servers in one BD isolated in the groups ?
12-12-2018 10:56 PM
Hi,
First make sure you have EX/FX leaf(s). Integration with vCenter using vDS is very simple, you are an hour away from integration not months :)
You could do uSEG on bare-metal domain https://www.cisco.com/c/en/us/td/docs/switches/datacenter/aci/apic/sw/3-x/virtualization/b_ACI_Virtualization_Guide_3_2_2/b_ACI_Virtualization_Guide_3_2_2_chapter_0100.html#concept_4196B1CABA8F487698069EC02FCE0071 based on IP/MAC "attribute" and manually create private vlans on vcenter... You want to put servers from different subnets into one bridge-domain? This won't work. Sollution would be to make 8 yEPGs (one for each BD) and then using permit any contract between these yEPGs.
12-13-2018 04:57 AM
What I was thinking of doing is create a new-BD and link my 8 existing EPG's to the new-BD. Under this new-BD I would have the 8 existing subnets defined. I also would create a new-EPG under this new-BD. This new-EPG would have the vm's I need to move out of the 8 existing epg's. In Vcenter my admins would create a new port group for new-EPG and they would assign the new port group to the VM's that need to move into new-EPG. Has anyone done this?
12-13-2018 05:45 AM
You can just create additional EPGs attached to the existing BDs and put you endpoints you want to segregate in those EPGs. They will use the same IPs (same BD) but you can apply different contracts.
Discover and save your favorite ideas. Come back to expert answers, step-by-step guides, recent topics, and more.
New here? Get started with these tips. How to use Community New member guide