| Task Name | ACI / UCSD integration example |
| Description | |
| Prerequisites |
|
| Category | Workflow |
| Components | vSphere 5.x |
| User Inputs |
Instructions for Regular Workflow Use:
- Download the attached .ZIP file below to your computer. *Remember the location of the saved file on your computer.
- Unzip the file on your computer. Should end up with a .WFD file.
- Log in to UCS Director as a user that has "system-admin" privileges.
- Navigate to "Policies-->Orchestration" and click on "Import".
- Click "Browse" and navigate to the location on your computer where the .WFD file resides. Choose the .WFD file and click "Open".
- Click "Upload" and then "OK" once the file upload is completed. Then click "Next".
- Click the "Select" button next to "Import Workflows". Click the "Check All" button to check all checkboxes and then the "Select" button.
- Click "Submit".
- A new folder should appear in "Policies-->Orchestration" that contains the imported workflow. You will now need to update the included tasks with information about the specific environment.
Many Thanks go out to Wee Kuenn Leow who built this.
This is the workflow was build to showcase ACI / UCSD integration for Tenant 3 Tier Network creation (WWW/APP/DB EPGs) + UCSD vDC creation (WWW/APP/DB).
Thank to your custom_Task, we can now map the ACI EPG to UCSD vDC.
We also make use of the content contribution from Matt Day and Orf to help us “Passing variables from PowerShell to UCS Director”.
Below is a brief description of our use case.
Hope this is something for those out there that does not have the physical storage to meet UCSD tenant on-boarding requirement to still use UCSD to complete ACI + UCSD integration use case.
Workflow:
- 2015-06-23-SEVT2015SG-ACI-3Tier-Ver2-test3.wfdx
Summary:
- create APIC Tenant with WWW/APP/DB EPG
- Assign IP Address to BD, Outside OSPF from network pool
- Standardized use of IP Subnet Pool for APIC
- Custom task for Add Domain to EPG to handle VARIABLE mismatch of dv-Switch Variable in APIC and UCSD
- Custom PowerShell script to create IP-Address-Range from IP-Subnet
- create WWW/APP/DB vDC matching to APIC EPG Name
- User Self Service to “Create APIC 3 Tier Network n Create UCSD vDC (WWW/APP/DB)
- User Self Service to Order VM into the different vDC created by the Workflow
Version History:
- 2015-05-12 matday ogelbric (code contribution Passing variables from PowerShell)
- 2015-06-05 Abhilash Pujari(code contribution Add Domain to EPG for custom task)
- 2015-06-01 Kwai Seng (Workflow Initial build + OSPF Layer 3 scripts)
- 2015-06-23 Kuenn (Modified to include vDC creation for user self service)
Workflow Ilustations:
The run of the workflow:
Standardized EGP Naming with “ActiveDirectory OU GroupName” with the TierName
APIC EPGs Mapped directly into UCSD vDC construct
User Self Service to Order VM in the respective vDC (aka EPG in ACI construct)
Ordering from the catalog:
Request for “Windows 2012R2 VM Catalog”
Demo NSLOOKUP failed as ACI Contract does not ACCESS RULE defined
TURN on NSLOOKUP with commonServices_ClientAccess Contract on both “External Routed Network” and “WWW EGP”
BEFORE Contract definition (where NSLOOK FAILED)
AFTER adding Contract (NSLOOK PASSED)
Slight ISSUE on APIC GUI: Dangling CONTRACT to “External Router Network” connection.
Included the subnet calculator to convert “UCSD IP Subnet from IP Subnet Pool” used for ACI to “ip Address Range from IP Pool” used by UCSD Network Policy.
Attached is the powershell script need to be placed in the “Powershell Agent”
The Powershell script:
function toBinary ($dottedDecimal){
$dottedDecimal.split(".") | %{$binary=$binary + $([convert]::toString($_,2).padleft(8,"0"))}
return $binary
}
function toDottedDecimal ($binary){
do {$dottedDecimal += "." + [string]$([convert]::toInt32($binary.substring($i,8),2)); $i+=8 } while ($i -le 24)
return $dottedDecimal.substring(1)
}
#read args and convert to binary
if($args.count -ne 2){ "`nUsage: .\subnetCalc.ps1 <ipaddress> <subnetmask>`n"; Exit }
$ipBinary = toBinary $args[0]
$smBinary = toBinary $args[1]
#how many bits are the network ID
$netBits=$smBinary.indexOf("0")
#validate the subnet mask
if(($smBinary.length -ne 32) -or ($smBinary.substring($netBits).contains("1") -eq $true)) {
Write-Warning "Subnet Mask is invalid!"
Exit
}
#validate that the IP address
if(($ipBinary.length -ne 32) -or ($ipBinary.substring($netBits) -eq "00000000") -or ($ipBinary.substring($netBits) -eq "11111111")) {
Write-Warning "IP Address is invalid!"
Exit
}
#identify subnet boundaries
$networkID = toDottedDecimal $($ipBinary.substring(0,$netBits).padright(32,"0"))
$firstAddress = toDottedDecimal $($ipBinary.substring(0,$netBits).padright(31,"0") + "1")
$lastAddress = toDottedDecimal $($ipBinary.substring(0,$netBits).padright(31,"1") + "0")
$broadCast = toDottedDecimal $($ipBinary.substring(0,$netBits).padright(32,"1"))
$AddressRange = "$firstAddress-$lastAddress"
#write output
#"`nNetwork_ID`t$networkID/$netBits"
#"First_Address`t$firstAddress"
#"Last_Address`t$lastAddress"
#"Broadcast`t$broadCast`n"
$ucsd = @{};
$ucsd.Network_ID = $networkID;
$ucsd.First_Address = $firstAddress;
$ucsd.Last_Address = $lastAddress;
$ucsd.Broadcast = $broadCast;
$ucsd.Address_Range = $AddressRange;
$ucsd.netBits = $netBits;
return $ucsd;
The workflows:
