DevNet Sandboxes are an amazing resource, I really encourage you to check them out if you haven’t!
What is shown above is a “Reserved” Sandbox for ACI in which there are a few things in the Topology:
- ACI_Simulator – This is the APIC, 1 Spine Switch, and 2 Leaf Switches in a single pod / Simulator
- CentOS and Windows DevBox – These are “Jump Boxes” to RDP into that have tools to connect to devices
- VLAN Segment – This shows event logging for the lab devices on the network segment (shows issues)
Once you log into developer.cisco.com and reserve / launch a sandbox, you will get an email with the VPN information to connect via Cisco Anyconnect, then you select RDP on a JumpBox and away you go!
I connected to the Windows DevBox, and was able to pull up the APIC Web Gui as shown here:
There are step by step instructions on how to complete different steps in the SandBox Lab, or what I like to do is navigate through new systems to get a feel for how intuitive they are, as seen here I was able to jump immediately to the Lab Topology (top pic) within APIC Configuration to verify there is 1 Pod / 1 Controllers (APIC) / 1 Spines / 2 Leaves by clicking the “Fabric” tab and then selecting “Topology”.
To the right of “Inventory” is “Fabric Policies” which you might guess is where we can set our Policies on the APIC, which will then define the Policies that will be applied to our Leaf Switches (I believe):
I’ve found that exploring too outside of the lab scope can sometimes break the lab and tank your reservation as the Sandbox needs to be reset, so I checked the documentation for the step by step actions I will want to take to configure the ACI Lab appropriately:
Being able to lab with a Cisco tutorial to lean on is such a great resource, can’t recommend enough!
Really if you have never tried any SandBox through Cisco, I myself picked something that just sounded interesting that I never studied or worked on before, and tried to walk through the tutorial to accomplish the goal and it was fun just to check out some new technologies – So go use this awesome free resource 🙂
Now that I’ve gotten that use DevNet Sandbox demo / lecture out, back to labbing ACI!
Setting up a New Tenant in APIC
Skipping forward a bit I setup my Tenant “Loopedback” / my Tenant VRF “LoopedbackVRF” / Once created the web GUI brought me to the new tenant page where I dragged the “Bridge” icon over my VRF Icon and setup “LoopedbackBridge” connection and added a Subnet Gateway for the Bridged Network:
To put the order of operation performed here into step by step:
- Clicked “Tenants” Tab -> Clicked “Add Tenant”
- Filled in “Loopedback” as the new Tenant, created VRF within Add Tenant config
- After clicking “Submit” it brings me to the dashboard in the screenshot above for the new Tenant
- The LoopedbackVRF was already by itself in the window pane, dragged “Bridge Domain” onto it
- Filled in the “Bridge Domain” dialogue box and added an IP Gateway (made it different subnet)
- Clicked submit and if the new subnet should indeed be a new subnet range, we should be good!
^^This sets up a new Tenant to have the new subnet now bridged into the ACI Fabric I believe.
Setting up an Application Profile in APIC
To put this in order step by step here as well:
- Still in the “Tenants” tab clicked on “Application Profiles” in side bar, page was blank, clicked tools icon
- Prompted to create “Loopy” Application Profile, once created this acts a logical container for an EPG (Endpoint Group)
- Clicked on “Loopy” AP in left side bar, clicked on button to create new EPG, associated it with the “LoopedbackBridged” domain and saved, shows linked to “Loopy” AP as shown in screenshot
- Can now see LoopyEPG logically contained within the Loopy AP in the left hand sidebar
The finaly step here is to create a “Contract” to attach to the EGP (Endpoint Group) to apply some kind of filtering, which I did accomplish within this lab, though I am not entirely sure how to test this but it appears that it is active and working:
It shows that it is active, though I am not entirely sure how to test it per the documentation, and unfortunately that is where the ACI setup guide stops in terms of providing step by step directions.
I did jump in the CLI and the Linux machine, however I am going to book mark this here for now!
I will keep ACI Sandbox labbing contained within this post, I would like to get on developer.cisco.com/networkautomation and developer.cisco.com/codeexchange to run some actual API Calls and put together some scripts as a next step now that I have a basic understanding of configuring ACI from the very user friendly Web GUI.
I might play around with some other sandboxes or technologies too, its been a long while since I’ve set up an ASA from scratch so I’ve been considering that a good use of time, though my mind is pulling towards sticking with the DevNet side of things.
So much to learn, so little time! Will update at some point with some actual “Programmability” configs for this ACI Sandbox in the near future though!
Until next time!!!