Buy or Renew
Buy or Renew
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
cancel
Start a conversation
1017
Views
10
Helpful
2
Replies

Kubernetes integration with ACI

Go to solution
brlehigh
Level 1
Level 1

‎08-29-2022 02:03 PM - edited ‎08-29-2022 02:04 PM

Greetings all,
I have a prod ACI fabric running 4.2(7s) in network-centric. Connected to this fabric is a VMware cluster consisting of around a dozen physical ESXi hosts. We're doing VMM integration, so there aren't any static path bindings for these servers.
I have been asked to setup a Kubernetes integration with Calico. The Kubernetes cluster is running on the VMware cluster.
I'm reading through Cisco Application Centric Infrastructure Calico Design White Paper and having a heck of a time wrapping my head around the L3Out piece, since I thought they needed to be mapped to a physical interface. This makes sense if the K8s cluster were running on bare metal, but since it's running on an existing VM environment, how do we provision the L3Out? 
The white-paper states that floating SVIs are available in v5.0 and higher, however, I do see a Floating SVI option in the L3Out wizard in my v4.2 environment. This looks like the best option but I'd like to confirm before proceeding. If this is the correct route, do I need to add node information for every leaf switch in my fabric that has an ESXi host attached?
Screen Shot 2022-08-29 at 1.50.26 PM.png
If there are better resources available that explain the integration process, I would greatly appreciate them.

Thanks,

-Brian

Labels:
0 Helpful
1 Accepted Solution

Accepted Solutions

Go to solution
jacalzad
Cisco Employee
Cisco Employee

‎08-29-2022 07:23 PM

Hi Brian,

The white-paper states that floating SVIs are available in v5.0 and higher, however, I do see a Floating SVI option in the L3Out wizard in my v4.2 environment.

The floating L3Out was available since 4.2.1 where it supported VMM domains. On 5.2 they added support for physical domains.

If this is the correct route, do I need to add node information for every leaf switch in my fabric that has an ESXi host attached?

You should only need to create an anchor node (or nodes) with a primary IP and floating IP when using a VMM domain. Once the virtual router moves to another leaf (non-anchor node), ACI will deploy the floating IP there to maintain connectivity.

The following link can help clarify:

https://www.cisco.com/c/en/us/td/docs/switches/datacenter/aci/apic/sw/kb/Cisco-ACI-Floating-L3Out.html

HTH,

Jaime

View solution in original post

2 Replies 2

Go to solution
aleccham
Cisco Employee
Cisco Employee

‎08-29-2022 02:32 PM

You are going down the correct path since your K8 nodes are VMs then Floating L3 out is the correct configuration. This is done so that if your K8 nodes move between vPC pairs then your L3 connectivity will still remain. 

 

Do I need to add node information for every leaf switch in my fabric that has an ESXi host attached?

yes

Go to solution
jacalzad
Cisco Employee
Cisco Employee

‎08-29-2022 07:23 PM

Hi Brian,

The white-paper states that floating SVIs are available in v5.0 and higher, however, I do see a Floating SVI option in the L3Out wizard in my v4.2 environment.

The floating L3Out was available since 4.2.1 where it supported VMM domains. On 5.2 they added support for physical domains.

If this is the correct route, do I need to add node information for every leaf switch in my fabric that has an ESXi host attached?

You should only need to create an anchor node (or nodes) with a primary IP and floating IP when using a VMM domain. Once the virtual router moves to another leaf (non-anchor node), ACI will deploy the floating IP there to maintain connectivity.

The following link can help clarify:

https://www.cisco.com/c/en/us/td/docs/switches/datacenter/aci/apic/sw/kb/Cisco-ACI-Floating-L3Out.html

HTH,

Jaime

Customers Also Viewed These Support Documents

Review Cisco Networking for a $25 gift card

Save 25% on Day-2 Operations Add-On License