How to integrate UCS blade and vCenter first time with ACI Fabric

eahmed007 · ‎05-15-2017

Dear All,

I am going to implement ACI fabric and will integrate Firewall , Load balancer and UCS Server with VMWare .

Can you tell me how can I integrate VCenter first time as VCenter will be of one the VM .Should i create ip address manually in VCenter and create vSwitch in VMware .

I am bit confuse to connect UCS balde System with VCenter in ACI Fabric.

I am looking forward to your assistance and what would be best practice to connect UCS Blade Server with VCenter first time .

Your valuable comments and guideline is highly appreciated .

With regards

Erfan

Jason Williams · ‎05-15-2017

Hi Erfan,

If you're doing ACI VMM integration with vCenter then below is a high level overview.

Pre-req:

- vCenter with existing Data Center and vDS license

- ACI with out of band management connectivity (APIC OOB must be able to reach vCenter)

- Connectivity between ACI leaf(s) and ESXi hosts (UCS)

- Determine if LLDP or CDP is used between blade and fabric interconnect

High level procedure:

- Create VMM domain in ACI - This domain declares the vCenter that your APICs will integrate with. Once the VMM domain has been created, then the APIC will communicate with vCenter and deploy a vDS. When deploying the vDS you should configure 'vswitch policies' which declares the NIC teaming hashing (active vs mac pinning), CDP/LLDP on vDS, etc. The VMM domain will also have a range of VLANs which will later be deployed as port groups on the vDS and EPGs on ACI.

- Create access policies on ACI between leaf(s) and ESXi hosts (fabric interconnects) - This includes VLANs which will be allowed on interfaces, CDP/LLDP, etc

- Configure VLANs on fabric interconnect - The VLANs in the VMM domain VLAN range must be allowed on fabric interconnects. Add the VLANs to the FI <> UCS Blade links. Also add the VLANs to the leaf <> FI link.

- Deploy EPGs - Associate the VMM domain to each EPG which will contain endpoints on ESXi hosts. This VMM <> EPG association will dynamically deploy a port group on the vDS (VLAN). This will also push the dynamically assigned VLAN onto the leaf interfaces (which go to the FI's)

Key notes (very important)

CDP / LLDP - Understand the role of discovery protocols (CDP/LLDP) and use only one protocol in VMM integration from end to end. The discovery protocol used should be consistent from leaf to FI and from FI to blade.

NIC Teaming - Under the v-switch policies on the VMM domain you have the option to use LACP active or mac pinning. In VMware this translates into NIC teaming modes routed based IP hash and routed based originating virtual port. For any blade switch/server (UCS B-series included), you must using mac pinning (routed based virtual port). If you use active/active teaming, then traffic will actively hashing up both fabric interconnects. From upstream switch perspective (ACI leaf), you will see endpoint (mac/IP) flaps happen because the endpoint constantly moves between link to FI-A and link to FI-B.

I would suggest reading through the virtualization guide for starters.

http://www.cisco.com/c/en/us/td/docs/switches/datacenter/aci/apic/sw/1-x/virtualization/b_ACI_Virtualization_Guide_2_0_1x/b_ACI_Virtualization_Guide_2_0_1x_chapter_011.html

Thanks

Jason

eahmed007 · ‎07-29-2017

Hi Jason ,

Thanks for your previous suggestion and assistance .

Please can you tell me how can I connect Vcenter which is residing one of VM in UCS blade system .

I going to connect each and every components (spine, Leaf, APIC controller ) with OOB Management Switch and put different IP block a part from TEP address .

However , I am little bit confuse to connect Vcenter as it does not have management port separately .

So please assist me how can I connect ACI with Vcenter which is VM in UCS blade using Fabric Interconnect for management purpose only .

What would be the initial appose to connect Vcenter using OOB management using Fabric interconnect with static tagging.

I am looking forward to your valuable comments .

With regards

Erfan