DCAC9K v1.1 - Configuring Cisco Nexus 9000 Series Switches in ACI Mode

Networking/Server/Operating Systems
Schedules
Optional
  LearnITAnytime Online Subscription (1 Year Subscription - $195.00)
  IT Online Library (1 Year Subscription - $1595.00)
  Private Mentoring 3 Hours ($225)
Quantity
If quantity is more than 1, Please add all Attendees' Names /Voucher #/ Learning Credit below separated with a comma. If not specified, we will contact you prior to the class start date. Special Instructions

Description

***We have replaced this course with DCACIF v2.0***

DCAC9K is a 5-day ILT training program that is designed for systems and field engineers who install and implement the Cisco Nexus 9000 Switches in ACI mode. The course covers the key components and procedures you need to know to understand, configure, manage Cisco Nexus 9000 Switches in ACI mode, and how to connect the ACI Fabric to external networks and services.

To participate in the hands-on labs in this class, you need to bring a laptop computer with the following:

  • We recommend using at least a Pentium 4 or better and 1 GB of RAM or more.
  • We recommend running Windows XP Professional SP3 or greater (Vista & Windows 7/8).
    Mac & Linux machines are also supported.
  • Browser Requirements: Internet Explorer 10 or greater or Mozilla Firefox. (Safari and Mozilla Firefox for Mac OSX)
  • All students are required to have administrator rights to their PCs and cannot be logged in to a domain using any Group Policies that will limit their machine's capabilities.
  • If you do not have administrator rights to your PC, you at least need permissions to download, install, and run Cisco Any Connect Client.
  • If you are participating in a WebEx event, it is highly recommended to take this class at a location that has bandwidth speeds at a minimum of 1 Mbps bandwidth speeds.

Note: Students registering for this course will be receiving their course kit in a digital format. To be able to view your digital kit you will need to bring a laptop PC and/or a compatible iPad or Android tablet. The recommended system requirements and instructions to access the course kit content can be found at the following link: Digital Course Kit Requirements and Instructions

Please be aware that this digital version is designed for online use, not for printing. You can print up to 10 pages only in each guide within a course. Please note that every time you click the Print button in the book, this counts as one page printed, whether or not you click OK in the Print dialog.

If you have any questions or issues with meeting the requirements listed above, please contact us at rlt@skyline-ats.com and provide the class name to which you are attending and we will be more than happy to help.

Objectives

Upon completing this course, the learner will be able to meet these overall objectives:

  • Describe the Cisco Nexus 9000 Series Switch ACI
  • Describe the ACI fabric
  • Describe Cisco Nexus 9000 Series Switch hardware
  • Configure the ACI controller (APIC)
  • Configure ACI L4L7 service integration
  • Integrate the APIC hypervisor
  • Understand the programmability and orchestration of the ACI network
  • Discuss ACI connectivity to outside networks
  • Implement ACI management
  • Describe migration options with ACI

Prerequisites

The knowledge and skills that a learner should have before attending this course are as follows:

  • This course is designed for systems engineers, technical architects, and product specialists in data center technical sales roles.
  • Students should be familiar with Cisco Ethernet switching products.
  • Students should understand Cisco data center architecture.
  • Students should be familiar with virtualization.
  • Good understanding of networking protocols, routing, and switching:
    • Recommended CCNA Certification
    • Recommended attendance of Cisco IP Routing Class (ROUTE)
    • Recommended attendance of Cisco Switching Class (SWITCH)
  • During the course of instruction, the learner will be exposed to the configuration of advanced technologies, such as BGP, OSPF and IS-IS. The learner will not be required to have experience with these technologies in order successfully complete the class.

Who Should Attend

This course is for systems engineers, technical architects, and product specialists in data center technical sales roles. Students include those who need to gain experience with understanding, configuring, and designing the data center networking environment with Cisco Nexus 9000 Series Switches.

Outline

Module 1: Cisco ACI Overview

    Lesson 1: Describing the Cisco Nexus 9000 Series Switch ACI Solution
    • Concepts and Principles
    • Policy
    • Policy and the Network
    • Application Logic Through Policy
    • Provider and Consumer Relationships
    • Automating Infrastructure Through Policy
    • Defining and Instantiating Policy
    • Advantages of Policy-Driven Data Center Design
    • Summary


    Lesson 2: Describing the ACI Fabric

    • Spine/Leaf Single-Site Topology
    • ACI Management Networks
    • Fabric Initialization and Discovery
    • Virtual Extensible LAN
    • Integrated Overlay
    • Unicast Forwarding
    • Multicast Forwarding within the ACI
    • Distributed Layer 3 Gateway
    • ACI Fabric Gateway
    • Flowlet Dynamic Load Balancing
    • Summary


    Lesson 3: Describing Cisco Nexus 9000 Series Switch Hardware

    • Cisco Nexus 9000 Series Switches
    • Cisco Nexus 9500 Series Chassis
    • Cisco Nexus 9500 Series Supervisor Module
    • Cisco Nexus 9500 Series System Controllers
    • Cisco Nexus 9500 Series Fabric Modules
    • Cisco Nexus 9500 Series Line Card Modules
    • Cisco Nexus 9500 Series Fans and Power Supplies
    • Cisco Nexus 9500 Series Packet Forwarding in the ACI Model
    • Cisco Nexus 9300 Series Switches
    • Cisco Nexus 9000 Series FEX Support
    • 40 Gb and 100 Gb in the Data Center
    • Cisco Nexus 9000 Series Optics Support
    • Cisco Nexus 9000 Series Performance
    • Summary


    Lesson 4: Configuring the APIC

    • Application Policy Infrastructure Controller
    • Endpoint Groups
    • Application Profiles
    • Contracts
    • Subjects and Filters
    • Taboos
    • Contexts
    • Bridge Domain
    • Tenants
    • Inter-Tenant Communication
    • Inter-Tenant Contracts
    • Summary


    Lesson 5: Module Summary

Module 2: Cisco ACI Configuration and Orchestration

    Lesson 1: Configuring Layer 4 Through Layer 7 Services
    • Service Insertion and Redirection
    • Service Graphs
    • Application Profiles Specific to Layer 4 to Layer 7
    • Programmability of Layer 4 to Layer 7 Services
    • Device Packages
    • OpFlex
    • Summary


    Lesson 2: Configuring APIC Hypervisor Integration

    • Policy Coordination with VM Managers
    • Management Networks
    • Configuration Integration with VMware
    • Configuration Integration with Microsoft SCVMM
    • Cisco ACI Integration with Red Hat Linux
    • Summary


    Lesson 3: Demonstrating ACI Network Programmability and Orchestration

    • Need for Programming
    • JSON and XML
    • Programmability with REST API
    • Programmability with ACI Cobra SDK (Python)
    • API Inspector
    • OpFlex
    • OpenStack Orchestration
    • OpenDaylight
    • Summary


    Lesson 4: Module Summary

Module 3: Cisco ACI External Connectivity, Management, and Migration

    Lesson 1: Configuring ACI Connectivity to Outside Networks
    • Inside and Outside Network Policies
    • Configure Layer 3 Outside Connections
    • Layer 2 Outside Connections
    • Summary


    Lesson 2: Implementing ACI Management

    • Security Domains
    • Repurposing from a Standalone Network to an ACI Network
    • Software Management
    • Health Scores
    • Faults and Events
    • Log Retention Policy, Diagnostics, and Forensics Abilities
    • Summary


    Lesson 3: Describing Migration Options with ACI

    • Interconnecting an Existing Pod to the Fabric
    • Migrating the Cisco Nexus 5000 Series Switch and Fabric Extender to the Cisco Nexus 9300 Series Switch
    • Migrating the Cisco Nexus FEX to the Cisco Nexus 9300 Series Switch
    • Connecting an Existing Layer 2 vPC to a Border Leaf
    • Connecting Existing Layer 3 to Border Leaf
    • Summary


    Lesson 4: Module Summary

Lab Outline

Hardware Lab 1: Accessing the Remote Lab Environment

  • Connect to the Remote Lab Environment

Hardware Lab 2: Initiate ACI Fabric Discovery (Instructor Demo)

  • Log in to the APIC Controller (Instructor Demo)
  • Register the Cisco Nexus 9000 Switches to APIC-1 (Instructor Demo)
  • Navigate Through the APIC GUI to Familiarize Yourself with the Fabric

Hardware Lab 3: Configure Basic Network Constructs

  • Create a Tenant
  • Create a Context
  • Create a Bridge Domain

Hardware Lab 4: Configure Policy Filters and Contracts

  • Create Filters
  • Create Contracts

Hardware Lab 5: Deploy a Three-Tier Application Profile

  • Create Application Profile

Hardware Lab 6: Deploy a Service Graph with Application Profile

  • Import Device Packages (Instructor Demo)
  • Create Device Cluster for the ASA
  • Create Service Graph
  • Create a Bridge Domain for the ASA
  • Create Logical Device Context for ASA

Hardware Lab 7: Register a VMM Domain with ACI

  • Register VMware vCenter to APIC by Creating a vCenter Domain
  • Create vCenter Credentials and Server Object
  • Verifying APIC Connection to vCenter Server

Hardware Lab 8: Configure VMware ESXi Hosts to Use the APIC DVS

  • Add ESXi Hosts to APIC DVS

Hardware Lab 9: Associate an EPG to a VMware vCenter Domain

  • Associate vCenter Domain to App_EPG
  • Associate vCenter Domain to DB_EPG
  • Associate vCenter Domain to Web_EPG

Hardware Lab 10: Associate a VM to an EPG Port Group

  • Connect to Your vCenter Server Using the vSphere Client
  • Edit Web-Server Settings
  • Edit App-Server Settings
  • Edit DB-Server Settings

Hardware Lab 11: Configure APIC Using the REST API

  • Open the Postman Plugin for Google Chrome
  • Create an Application Profile Using the REST API

Hardware Lab 12: Exporting Contracts Between Tenants

  • Create a Filter
  • Export a Contract
  • Create a Host Subnet and Add a Contract to EPG in the First Tenant
  • Confirm the Exported Contract, Create a Host Subnet in the Second Tenant, and Add a Consumed Contract Interface

Hardware Lab 13: Configure APIC Using the ACI Cobra SDK (Python)

  • Configure the Communication Policy
  • Review a Python Script
  • Use a Python Script to Create a Tenant

Hardware Lab 14: Configure APIC to Communicate to an External Layer 3 Network

  • Configure MP-BGP Route Reflectors (Instructor Demo)
  • Configure External L3 Network
  • Create Application Profile to Propagate Internal Public Routes
  • Associate an L3 Outside Connection to a Bridge Domain
  • Verify That the Leaf Is Learning OSPF Routes
  • Configure Contract between the External EPG and Internal EPG

Hardware Lab 15: Configure APIC to Communicate to an External Layer 2 Network

  • Create an External Bridged Network
  • Configure an Attachable Entity Profile to Selectively Allow VLAN Traffic

Hardware Lab 16: Configure APIC for Bare Metal to Bare Metal Communications

  • Configure APIC Fabric for Bare Metal Communications
  • Configure Tenant for Bare Metal Communications
  • Verify Bare Metal Communications

Hardware Lab 17: Monitor and Troubleshoot ACI

  • View Faults Using the APIC GUI
  • View Events Using the APIC GUI
  • Using the API Inspector
  • Using the Managed Object Browser (Visore)
  • Configuring Syslog Monitoring

Hardware Lab 18: Configure APIC RBAC for Local and Remote Users

  • Create a Security Domain and Map to Your Tenant
  • Configure Local Users and Roles for your Tenant Security Domain
  • Create a RADIUS Security Domain and Map to your Tenant
  • Create a AAA Login Domain for RADIUS Authentication
  • Test RADIUS Authentication and Authorization