Hi board,
so I'm reviewing the ESXi host discovery process in ACI VMM integration.
When using the VMM domain resolution immediacy option "immediate", I was under the impression that LLDP (or CDP packets) from the ESXi host are enough, that the EPG is deployed on the specific port.
However when checking the documentation in a Cisco Live session (BRKACI-2645), the process involves the vCenter connection as well (slide 26+). So the LLDP adjacency to ACI is reported from the ESXi host to vCenter and vCenter (somehow?!) informs the APIC about this adjacency.
So I tested some scenarios here by blocking the vCenter to APIC connection and when using the immediate domain resolution, the EPGs are deployed on the leaf switches. To enforce the new policy push towards the leaf ports. I changed the AEP association and even rebooted the leaf switches.
I even disabled LLDP on the leaf access ports and everything still worked like a charm!
The only way I was able to break things (EPG was not deployed towards ESXi):
- Disabled LLDP in the vDS itself (in vCenter)
- EPG VMM domain resolution immediacy option "On Demand" (which is expected from my point of view if vCenter is not available)
So what's the truth here?
Also I am interested how vCenter informs the APIC about "events". It would not be fast enough if APIC polls in regular intervals (in fact, ACI does this every 24 hours only).
Is there some kind of subscription of events between ACI and vCenter? Is this some webhooking or SOAP magic? If yes, how to find these subscriptions in vCenter?