Course Description
Description
DCAC9K is a 5-day ILT training program that is designed for systems and field engineers who install and implement the Cisco Nexus 9000 Switches in ACI mode. The course covers the key components and procedures you need to know to understand, configure, manage Cisco Nexus 9000 Switches in ACI mode, and how to connect the ACI Fabric to external networks and services.
To participate in the hands-on labs in this class, you need to bring a laptop computer with the following:
- Windows 7 or 8.1 or 10 is recommended. Mac OSX 10.6 or greater is supported as well.
- Intel Celeron or better processors are preferred.
- 1 GB or more of RAM
- Browser Requirements: Internet Explorer 10 or greater or Mozilla Firefox. (Safari and Mozilla Firefox for Mac OSX)
Note: Our labs currently cannot run on Microsoft Edge (Windows 10) due to it not supporting Extensions/Add-ons or Google Chrome due to Java being removed from the platform itself. - All students are required to have administrator rights to their PCs and cannot be logged in to a domain using any Group Policies that will limit their machine's capabilities.
If you do not have administrator rights to your PC, you at least need permissions to download, install, and run Cisco Any Connect Client and Java. - If you are participating in a WebEx event, it is highly recommended to take this class at a location that has bandwidth speeds at a minimum of 1 Mbps bandwidth speeds.
- All PCs require the latest Java Runtime Environment, which can be downloaded from www.java.com.
Note: Students registering for this course will be receiving their course kit in a digital format. To be able to view your digital kit you will need to bring a laptop PC and/or a compatible iPad or Android tablet. The recommended system requirements and instructions to access the course kit content can be found at the following link:Digital Course Kit Requirements and Instructions
Please be aware that this digital version is designed for online use, not for printing. You can print up to 10 pages only in each guide within a course. Please note that every time you click the Print button in the book, this counts as one page printed, whether or not you click OK in the Print dialog.
If you have any questions or issues with meeting the requirements listed above, please contact us at rlt@skyline-ats.com and provide the class name to which you are attending and we will be more than happy to help.
Objectives
Upon completing this course, the learner will be able to meet these overall objectives:
- Describe the Cisco Nexus 9000 Series Switch ACI
- Describe the ACI fabric
- Describe Cisco Nexus 9000 Series Switch hardware
- Configure the ACI controller (APIC)
- Configure ACI L4L7 service integration
- Integrate the APIC hypervisor
- Understand the programmability and orchestration of the ACI network
- Discuss ACI connectivity to outside networks
- Implement ACI management
- Describe migration options with ACI
Prerequisites
The knowledge and skills that a learner should have before attending this course are as follows:
- This course is designed for systems engineers, technical architects, and product specialists in data center technical sales roles.
- Students should be familiar with Cisco Ethernet switching products.
- Students should understand Cisco data center architecture.
- Students should be familiar with virtualization.
- Good understanding of networking protocols, routing, and switching:
- Recommended CCNA Certification
- Recommended attendance of Cisco IP Routing Class (ROUTE)
- Recommended attendance of Cisco Switching Class (SWITCH)
- During the course of instruction, the learner will be exposed to the configuration of advanced technologies, such as BGP, OSPF and IS-IS. The learner will not be required to have experience with these technologies in order successfully complete the class.
Who Should Attend
This course is for systems engineers, technical architects, and product specialists in data center technical sales roles. Students include those who need to gain experience with understanding, configuring, and designing the data center networking environment with Cisco Nexus 9000 Series Switches.
Outline
Module 1: Cisco ACI Overview
Lesson 1: Describing the Cisco Nexus 9000 Series Switch ACI Solution- Concepts and Principles
- Policy
- Policy and the Network
- Application Logic Through Policy
- Provider and Consumer Relationships
- Automating Infrastructure Through Policy
- Defining and Instantiating Policy
- Advantages of Policy-Driven Data Center Design
- Summary
Lesson 2: Describing the ACI Fabric- Spine/Leaf Single-Site Topology
- ACI Management Networks
- Fabric Initialization and Discovery
- Virtual Extensible LAN
- Integrated Overlay
- Unicast Forwarding
- Multicast Forwarding within the ACI
- Distributed Layer 3 Gateway
- ACI Fabric Gateway
- Flowlet Dynamic Load Balancing
- Summary
Lesson 3: Describing Cisco Nexus 9000 Series Switch Hardware- Cisco Nexus 9000 Series Switches
- Cisco Nexus 9500 Series Chassis
- Cisco Nexus 9500 Series Supervisor Module
- Cisco Nexus 9500 Series System Controllers
- Cisco Nexus 9500 Series Fabric Modules
- Cisco Nexus 9500 Series Line Card Modules
- Cisco Nexus 9500 Series Fans and Power Supplies
- Cisco Nexus 9500 Series Packet Forwarding in the ACI Model
- Cisco Nexus 9300 Series Switches
- Cisco Nexus 9000 Series FEX Support
- 40 Gb and 100 Gb in the Data Center
- Cisco Nexus 9000 Series Optics Support
- Cisco Nexus 9000 Series Performance
- Summary
Lesson 4: Configuring the APIC- Application Policy Infrastructure Controller
- Endpoint Groups
- Application Profiles
- Contracts
- Subjects and Filters
- Taboos
- Contexts
- Bridge Domain
- Tenants
- Inter-Tenant Communication
- Inter-Tenant Contracts
- Summary
Lesson 5: Module Summary
Module 2: Cisco ACI Configuration and OrchestrationLesson 1: Configuring Layer 4 Through Layer 7 Services- Service Insertion and Redirection
- Service Graphs
- Application Profiles Specific to Layer 4 to Layer 7
- Programmability of Layer 4 to Layer 7 Services
- Device Packages
- OpFlex
- Summary
Lesson 2: Configuring APIC Hypervisor Integration- Policy Coordination with VM Managers
- Management Networks
- Configuration Integration with VMware
- Configuration Integration with Microsoft SCVMM
- Cisco ACI Integration with Red Hat Linux
- Summary
Lesson 3: Demonstrating ACI Network Programmability and Orchestration- Need for Programming
- JSON and XML
- Programmability with REST API
- Programmability with ACI Cobra SDK (Python)
- API Inspector
- OpFlex
- OpenStack Orchestration
- OpenDaylight
- Summary
Lesson 4: Module Summary
Module 3: Cisco ACI External Connectivity, Management, and MigrationLesson 1: Configuring ACI Connectivity to Outside Networks- Inside and Outside Network Policies
- Configure Layer 3 Outside Connections
- Layer 2 Outside Connections
- Summary
Lesson 2: Implementing ACI Management- Security Domains
- Repurposing from a Standalone Network to an ACI Network
- Software Management
- Health Scores
- Faults and Events
- Log Retention Policy, Diagnostics, and Forensics Abilities
- Summary
Lesson 3: Describing Migration Options with ACI- Interconnecting an Existing Pod to the Fabric
- Migrating the Cisco Nexus 5000 Series Switch and Fabric Extender to the Cisco Nexus 9300 Series Switch
- Migrating the Cisco Nexus FEX to the Cisco Nexus 9300 Series Switch
- Connecting an Existing Layer 2 vPC to a Border Leaf
- Connecting Existing Layer 3 to Border Leaf
- Summary
Lesson 4: Module Summary
Lab Outline
Hardware Lab 1: Accessing the Remote Lab Environment
- Connect to the Remote Lab Environment
Hardware Lab 2: Initiate ACI Fabric Discovery (Instructor Demo)- Log in to the APIC Controller (Instructor Demo)
- Register the Cisco Nexus 9000 Switches to APIC-1 (Instructor Demo)
- Navigate Through the APIC GUI to Familiarize Yourself with the Fabric
Hardware Lab 3: Configure Basic Network Constructs- Create a Tenant
- Create a Context
- Create a Bridge Domain
Hardware Lab 4: Configure Policy Filters and Contracts- Create Filters
- Create Contracts
Hardware Lab 5: Deploy a Three-Tier Application Profile- Create Application Profile
Hardware Lab 6: Deploy a Service Graph with Application Profile- Import Device Packages (Instructor Demo)
- Create Device Cluster for the ASA
- Create Service Graph
- Create a Bridge Domain for the ASA
- Create Logical Device Context for ASA
Hardware Lab 7: Register a VMM Domain with ACI- Register VMware vCenter to APIC by Creating a vCenter Domain
- Create vCenter Credentials and Server Object
- Verifying APIC Connection to vCenter Server
Hardware Lab 8: Configure VMware ESXi Hosts to Use the APIC DVS- Add ESXi Hosts to APIC DVS
Hardware Lab 9: Associate an EPG to a VMware vCenter Domain- Associate vCenter Domain to App_EPG
- Associate vCenter Domain to DB_EPG
- Associate vCenter Domain to Web_EPG
Hardware Lab 10: Associate a VM to an EPG Port Group- Connect to Your vCenter Server Using the vSphere Client
- Edit Web-Server Settings
- Edit App-Server Settings
- Edit DB-Server Settings
Hardware Lab 11: Configure APIC Using the REST API- Open the Postman Plugin for Google Chrome
- Create an Application Profile Using the REST API
Hardware Lab 12: Exporting Contracts Between Tenants- Create a Filter
- Export a Contract
- Create a Host Subnet and Add a Contract to EPG in the First Tenant
- Confirm the Exported Contract, Create a Host Subnet in the Second Tenant, and Add a Consumed Contract Interface
Hardware Lab 13: Configure APIC Using the ACI Cobra SDK (Python)- Configure the Communication Policy
- Review a Python Script
- Use a Python Script to Create a Tenant
Hardware Lab 14: Configure APIC to Communicate to an External Layer 3 Network- Configure MP-BGP Route Reflectors (Instructor Demo)
- Configure External L3 Network
- Create Application Profile to Propagate Internal Public Routes
- Associate an L3 Outside Connection to a Bridge Domain
- Verify That the Leaf Is Learning OSPF Routes
- Configure Contract between the External EPG and Internal EPG
Hardware Lab 15: Configure APIC to Communicate to an External Layer 2 Network- Create an External Bridged Network
- Configure an Attachable Entity Profile to Selectively Allow VLAN Traffic
Hardware Lab 16: Configure APIC for Bare Metal to Bare Metal Communications- Configure APIC Fabric for Bare Metal Communications
- Configure Tenant for Bare Metal Communications
- Verify Bare Metal Communications
Hardware Lab 17: Monitor and Troubleshoot ACI- View Faults Using the APIC GUI
- View Events Using the APIC GUI
- Using the API Inspector
- Using the Managed Object Browser (Visore)
- Configuring Syslog Monitoring
Hardware Lab 18: Configure APIC RBAC for Local and Remote Users- Create a Security Domain and Map to Your Tenant
- Configure Local Users and Roles for your Tenant Security Domain
- Create a RADIUS Security Domain and Map to your Tenant
- Create a AAA Login Domain for RADIUS Authentication
- Test RADIUS Authentication and Authorization