cancel
Showing results for 
Search instead for 
Did you mean: 
cancel
7584
Views
5
Helpful
31
Replies

ACI APIC setup

ksherwood
Level 1
Level 1

Hi all,

quick question:

When you configure the APICs one by one, and once you have configured two of them, are you supposed to see the second one in the GUI topology view once you have browsed and logged into the first ?

Note: There is no Spine or Leaf connected yet as the APICs are only connected together on the same management network.

Thanks in advance.

31 Replies 31

Robert Burns
Cisco Employee
Cisco Employee

No, the APICs will only discover each other via the Infra subnet (Infra VLAN).  This requires them to be connected to the same fabric.  The Management network is not used for APIC clustering.  Once you setup and discover your switches, they will join the cluster.

Robert

How do you reset the APIC using the console port if you want to start the initial setup again ?

More so, how do you login to Apic 2 and 3 as they didn't prompt for a password ???

Depending on the release of ACI Software, there are multiple ways to reset the APIC Controllers back to factory defaults:

Older releases:

eraseconfig setup

acidiag reboot

Newer releases:

acidiag touch clean

acidiag touch setup

acidiag reboot

To login into an APIC that is having issues with the cluster and is not sync'd to APIC1, you can use "rescue-user" username to login.  The password for rescue-user is the LAST KNOWN "admin" password.  If the APICs never sync'd with APIC1 then there would be no password.

You should then issue the above commands and start over.   As a best practice, I would suggest resetting all 3 APICs then "Power" down APIC2 & APIC3.  Do NOT configure them yet.  Configure APIC1 as you would normally do and discover the ENTIRE fabric first.  Then Power up APIC2 and configure.  Once it has joined the fabric and is fully fit move on to APIC3.

Note:  If you already discovered any of the switches during the first attempt, they too will need to be reset to factory defaults using either:

Older releases:

setupsetup-clean-config.sh

reload

Newer releases:

acidiag touch clean

reload

Excellent, thanks Robert. When you say login though, I did my initial setup via the console port (no fabric devices connected yet), then noticed once configured you lose that access. So how would you run these commands, can you SSH ?

If so, is there a command that just changes the TEP address range ?

I do have GUI access via the management port, pity you can't do this here.

Once the setup is completed you use SSH or the CIMC KVM or Serial over LAN.  Make sure to configure CIMC with an IP address.

There is a warning after you complete the configuration the that the ONLY way to change TEP address range is to go thru the setup script again which involves wiping the configuration.

Cheers!

T.

Tomas,

I seem to be having a similar issue. 

I have APIC1 online and the fabric connected.  However, I attempted to bring APIC2 online but it failed.  I found where my domains did not match so I reset APIC2 using the acidiag commands.  I am currently 2 hours from these devices and have been attempting to connect via the KVM thru the CIMC GUI with no luck. (KVM unable to Launch)  I also have console access but after APIC2 boots and gets to the setup menu the console stops returning anything. 

I am planning on going onsite tomorrow to connect physically but would like to see if there is a way to complete the initial setup of APIC2 remotely. 

For full disclosure I also have an APIC3 which I configured after configuring APIC2.  Would it be causing any issues since I did not let APIC2 come online fully prior to APIC3?

Daniel

You can perform the following which will help you reconfigure the your APIC2.  This method can be used when you are having issues with KVM launching.

  • HTTP(s) to the CIMC GUI
  • Select the ADMIN Tab and then COMMUNICATION SERVICES.  "Enable SSH"
  • Once SSH is enabled you can enable SOL (Serial Over Lan) for console access. SSH to the CIMC IP address.
  • Configure SOL

C220-cimc# scope sol
C220-cimc /sol # set enabled yes
C220-cimc /sol *# set baud-rate 115200
C220-cimc /sol *# commit
C220-cimc /sol # show

  • Connect to APIC using the "connect host" command

C220-cimc# connect host

  • Hit\Press ENTER

The APIC Console should appear and you should be able to configure APIC2 remotely now.

T.

 

 

Thanks Tomas, on the out of band management why is that so difficult ? For example, you can't seem to set up a profile that enables you to manually set each devices IP address. You can set a range but then the IP addresses get set to random devices and then the Spines seem to get excluded ???

I was using the reference to "out of band management using the GUI"

Ken,

I don't seem to have the same issues.  I have configured the nodes via an IP address range and the leafs & spines all get addresses. I just need to make sure there is enough address' in the pool to be assigned.

Also, I use "Static Management Node Address" for each node.  And simply assign an address per node.  I save the .xml so that if I need to add another address or rebuild the fabric, I can use postman to post the configuration if needed.

T.

I tried the static approach too but the Spines don't seem to want to play ball.

Also, when adding static OoB addressing do you really need to touch the ip address pool ?

I've tested the Leaf mgmt port which works ok

Surely I don't have to complete the whole OoB management procedure and set up a contract for the Spine Mgmt access to work ?

The Leaf & Spine nodes use the same OOB Contract.  Once the Contract is defined and the Ext Management Network Instance Profile is configured, access to the OOB interfaces on the LEAF & SPINES should work.

  • Are there any faults that report any software programming errors for the nodeIds of spines?
  • Does the output of "ifconfig -a eth6" on the spine show the configured OOB management address? Are the TX or RX values incrementing?
  • Link up?  "ip link | grep eth6"
  • Correct Default GW?  "ip route show | grep eth6"

just checking basics..

T.

So I completed the oob contract stuff and still the same.

Previous to that I could get to my Leaves but not my Spines and now it is the same.

I'll get on the console and issue those commands

I have two Spines and both are the same.

Tomas, I connected via console and had to issue these commands to get the management port working:

ifconfig eth0 10.X.X.X
ifconfig eth0 netmask 255.255.255.0
route add default gw 10.X.X.1 eth0

But this isn't permanent, so what and where is the file to hard code this info ?

Getting Started

Find answers to your questions by entering keywords or phrases in the Search bar above. New here? Use these resources to familiarize yourself with the community:

Save 25% on Day-2 Operations Add-On License