Cisco APIC Layer 4 to Layer 7 Services Deployment Guide, Release 3.2(1) PDF
Preview Cisco APIC Layer 4 to Layer 7 Services Deployment Guide, Release 3.2(1)
Cisco APIC Layer 4 to Layer 7 Services Deployment Guide, Release 3.x and earlier FirstPublished:2018-05-22 AmericasHeadquarters CiscoSystems,Inc. 170WestTasmanDrive SanJose,CA95134-1706 USA http://www.cisco.com Tel:408526-4000 800553-NETS(6387) Fax:408527-0883 ©2018–2022CiscoSystems,Inc.Allrightsreserved. Trademarks THESPECIFICATIONSANDINFORMATIONREGARDINGTHEPRODUCTSREFERENCEDINTHIS DOCUMENTATIONARESUBJECTTOCHANGEWITHOUTNOTICE.EXCEPTASMAYOTHERWISE BEAGREEDBYCISCOINWRITING,ALLSTATEMENTS,INFORMATION,AND RECOMMENDATIONSINTHISDOCUMENTATIONAREPRESENTEDWITHOUTWARRANTYOF ANYKIND,EXPRESSORIMPLIED. TheCiscoEndUserLicenseAgreementandanysupplementallicensetermsgovernyouruseofanyCisco software,includingthisproductdocumentation,andarelocatedat: http://www.cisco.com/go/softwareterms.Ciscoproductwarrantyinformationisavailableat http://www.cisco.com/go/warranty.USFederalCommunicationsCommissionNoticesarefoundhere http://www.cisco.com/c/en/us/products/us-fcc-notice.html. INNOEVENTSHALLCISCOORITSSUPPLIERSBELIABLEFORANYINDIRECT,SPECIAL, CONSEQUENTIAL,ORINCIDENTALDAMAGES,INCLUDING,WITHOUTLIMITATION,LOST PROFITSORLOSSORDAMAGETODATAARISINGOUTOFTHEUSEORINABILITYTOUSE THISMANUAL,EVENIFCISCOORITSSUPPLIERSHAVEBEENADVISEDOFTHEPOSSIBILITY OFSUCHDAMAGES. Anyproductsandfeaturesdescribedhereinasindevelopmentoravailableatafuturedateremaininvarying stagesofdevelopmentandwillbeofferedonawhen-andif-availablebasis.Anysuchproductorfeature roadmapsaresubjecttochangeatthesolediscretionofCiscoandCiscowillhavenoliabilityfordelayinthe deliveryorfailuretodeliveranyproductsorfeatureroadmapitemsthatmaybesetforthinthisdocument. AnyInternetProtocol(IP)addressesandphonenumbersusedinthisdocumentarenotintendedtobeactual addressesandphonenumbers.Anyexamples,commanddisplayoutput,networktopologydiagrams,and otherfiguresincludedinthedocumentareshownforillustrativepurposesonly.AnyuseofactualIPaddresses orphonenumbersinillustrativecontentisunintentionalandcoincidental. Thedocumentationsetforthisproductstrivestousebias-freelanguage.Forthepurposesofthisdocumentation set,bias-freeisdefinedaslanguagethatdoesnotimplydiscriminationbasedonage,disability,gender,racial identity,ethnicidentity,sexualorientation,socioeconomicstatus,andintersectionality.Exceptionsmaybe presentinthedocumentationduetolanguagethatishardcodedintheuserinterfacesoftheproductsoftware, languageusedbasedonRFPdocumentation,orlanguagethatisusedbyareferencedthird-partyproduct. CiscoandtheCiscologoaretrademarksorregisteredtrademarksofCiscoand/oritsaffiliatesintheU.S.and othercountries.ToviewalistofCiscotrademarks,gotothisURL:www.cisco.comgotrademarks.Third-party trademarksmentionedarethepropertyoftheirrespectiveowners.Theuseofthewordpartnerdoesnotimply apartnershiprelationshipbetweenCiscoandanyothercompany.(1721R) CiscoAPICLayer4toLayer7ServicesDeploymentGuide,Release3.xandearlier iii Trademarks Trademarks CiscoAPICLayer4toLayer7ServicesDeploymentGuide,Release3.xandearlier iv CONTEN TS PREFACE Trademarks iii CHAPTER 1 NewandChangedInformation 1 NewandChangedInformation 1 CHAPTER 2 Overview 3 AboutDeployingApplication-CentricInfrastructureLayer4toLayer7Services 3 AboutLayer4toLayer7ServiceDevices 4 AboutServiceGraphTemplates 4 ConfiguringLayer4toLayer7ServicesUsingtheGUI 5 CHAPTER 3 ImportingaDevicePackage 7 AboutDevicePackages 7 InstallingaDevicePackageUsingtheRESTAPI 9 ImportingaDevicePackageUsingtheGUI 10 CHAPTER 4 DefiningaLogicalDevice 11 AboutDeviceClusters 11 AboutManagedDeviceClusters 12 AboutUnmanagedDeviceClusters 12 AboutConcreteDevices 12 AboutTrunking 13 ConfiguringaLayer4toLayer7ServicesDeviceUsingtheGUI 13 CreatingaLayer4toLayer7DeviceUsingtheNX-OS-StyleCLI 16 EnablingTrunkingonaLayer4toLayer7VirtualASAdeviceUsingtheGUI 20 EnablingTrunkingonaLayer4toLayer7VirtualASAdeviceUsingtheRESTAPIs 20 CiscoAPICLayer4toLayer7ServicesDeploymentGuide,Release3.xandearlier v Contents ModifyingaDeviceUsingtheGUI 21 UsinganImportedDevicewiththeRESTAPIs 21 ImportingaDeviceFromAnotherTenantUsingtheNX-OS-StyleCLI 22 VerifyingtheImportofaDeviceUsingtheGUI 22 CHAPTER 5 ConfiguringConnectivitytoDevices 25 AboutIn-BandManagementforDevices 25 ConfiguringIn-BandManagementforDevicesUsingtheGUI 26 TroubleshootingIn-BandManagementforDevicesUsingtheGUI 27 CHAPTER 6 SelectingaLayer4toLayer7DevicetoRenderaGraph 29 AboutDeviceSelectionPolicies 29 CreatingaDeviceSelectionPolicyUsingtheGUI 29 ConfiguringaDeviceSelectionPolicyUsingRESTAPIs 32 CreatingaDeviceSelectionPolicyUsingtheRESTAPI 32 AddingaLogicalInterfaceinaDeviceUsingtheRESTAPIs 33 CHAPTER 7 ConfiguringaServiceGraph 35 AboutServiceGraphs 35 AboutFunctionNodes 37 AboutFunctionNodeConnectors 37 AboutServiceGraphConnections 38 AboutTerminalNodes 38 GuidelinesandLimitationsforConfiguringServiceGraph 38 AboutServiceGraphTemplateConfigurationParameters 38 ConfiguringaServiceGraphTemplateUsingtheGUI 38 ConfiguringaServiceGraphTemplateUsingtheRESTAPIs 40 ApplyingaServiceGraphTemplatetoEndpointGroupsUsingtheGUI 41 AssociatingaServiceGraphTemplatewithaContractUsingtheNX-OS-StyleCLI 42 CreatingaFunctionProfileUsingtheGUI 46 UsinganExistingFunctionProfiletoCreateaNewFunctionProfileUsingtheGUI 47 CHAPTER 8 ConfiguringRoutePeering 49 AboutRoutePeering 49 CiscoAPICLayer4toLayer7ServicesDeploymentGuide,Release3.xandearlier vi Contents OpenShortestPathFirstPolicies 50 BorderGatewayProtocolPolicies 54 SelectinganL3extOutPolicyforaCluster 57 RoutePeeringEnd-to-EndFlow 58 CiscoApplicationCentricInfrastructureFabricServingAsaTransitRoutingDomain 60 ConfiguringRoutePeeringUsingtheGUI 61 CreatingaStaticVLANPoolUsingtheGUI 61 CreatinganExternalRoutedDomainUsingtheGUI 62 CreatinganExternalRoutedNetworkUsingtheGUI 62 CreatingaRouterConfigurationUsingtheGUI 64 CreatingaServiceGraphAssociationUsingtheGUI 64 ConfiguringRoutePeeringUsingtheNX-OS-StyleCLI 65 TroubleshootingRoutePeering 67 VerifyingtheLeafSwitchRoutePeeringFunctionalityUsingtheCLI 68 CHAPTER 9 ConfiguringPolicy-BasedRedirect 71 AboutPolicy-BasedRedirect 71 GuidelinesandLimitationsforConfiguringPolicy-BasedRedirect 73 ConfiguringPolicy-BasedRedirectUsingtheGUI 79 ConfiguringPolicy-BasedRedirectUsingtheNX-OS-StyleCLI 80 VerifyingaPolicy-BasedRedirectConfigurationUsingtheNX-OS-StyleCLI 83 AboutMulti-NodePolicy-BasedRedirect 85 AboutSymmetricPolicy-BasedRedirect 85 PolicyBasedRedirectandHashingAlgorithms 86 Policy-BasedRedirectResilientHashing 86 EnablingResilientHashinginL4-L7Policy-BasedRedirect 88 PBRSupportforServiceNodesinConsumerandProviderBridgeDomains 88 Policy-BasedRedirectandTrackingServiceNodes 88 Policy-BasedRedirectandThresholdSettingsforTrackingServiceNodes 89 GuidelinesandLimitationsforPolicy-BasedRedirectTrackingWithServiceNodes 89 ConfiguringPBRandTrackingServiceNodesUsingtheGUI 90 ConfiguringaRedirectHealthGroupUsingtheGUI 91 ConfiguringPBRtoSupportTrackingServiceNodesUsingtheRESTAPI 91 AboutLocation-AwarePolicyBasedRedirect 92 CiscoAPICLayer4toLayer7ServicesDeploymentGuide,Release3.xandearlier vii Contents GuidelinesforLocation-AwarePBR 92 ConfiguringLocation-AwarePBRUsingtheGUI 93 ConfiguringLocation-AwarePBRUsingtheRESTAPI 94 Policy-BasedRedirectandServiceGraphstoRedirectAllEPG-to-EPGTrafficWithintheSameVRF Instance 94 GuidelinesandLimitationsforConfiguringaPolicy-BasedRedirectPolicywithaServiceGraphto RedirectAllEPG-to-EPGTrafficWithintheSameVRFInstance 97 ConfiguringaPolicy-BasedRedirectPolicywithaServiceGraphtoRedirectAllEPG-to-EPGTraffic WithintheSameVRFInstance 97 CHAPTER 10 ConfiguringDirectServerReturn 101 AboutDirectServerReturn 101 Layer2DirectServerReturn 102 AboutDeployingLayer2DirectServerReturnwithCiscoApplicationCentricInfrastructure 103 GuidelinesandLimitationsforConfiguringDirectServerReturn 104 SupportedDirectServerReturnConfiguration 105 ExampleXMLPOSTofDirectServerReturnforStaticServiceDeployment 105 DirectServerReturnforStaticServiceDeployment 106 DirectServerReturnforStaticServiceDeploymentLogicalModel 106 DirectServerReturnforServiceGraphInsertion 106 DirectServerReturnSharedLayer4toLayer7ServiceConfiguration 107 ConfiguringtheCitrixServerLoadBalancerforDirectServerReturn 107 ConfiguringaLinuxServerforDirectServerReturn 107 CHAPTER 11 ConfiguringtheDeviceandChassisManager 109 AboutDeviceManagersandChassisManagers 109 DeviceManagerandChassisManagerBehavior 112 CreatingDevicesUsingtheGUI 113 CreatingaChassisUsingtheGUI 113 ExampleXMLforDeviceManagersandChassisManagers 114 ExampleXMLforCreatingtheMDevMgrObject 114 ExampleXMLforAssociatinganLDevVipObjectWithaDevMgrObject 114 ExampleXMLforCreatingtheMChassisObject 115 ExampleXMLforCreatingtheChassisObject 115 CiscoAPICLayer4toLayer7ServicesDeploymentGuide,Release3.xandearlier viii Contents ExampleXMLforAssociatinganCDevObjectWithaChassisObject 115 DeviceandChassisCallouts 116 ExampledeviceValidateCalloutforaDevice 116 ExampledeviceAuditCalloutforaDevice 116 ExampleclusterAuditCalloutforaDevice 116 ExampleserviceAuditCalloutforaDevice 117 ExampledeviceValidateCalloutforaChassis 118 ExampledeviceAuditCalloutforaChassis 118 ExampleclusterAuditCalloutforaChassis 118 ExampleserviceAuditCalloutforaChassis 119 CHAPTER 12 ConfiguringUnmanagedMode 121 AbouttheUnmanagedMode 121 AboutManagedandUnmanagedLogicalDevices 121 AboutManagedandUnmanagedFunctionNodes 122 AboutLayer4toLayer7ServicesEndpointGroups 123 UsingStaticEncapsulationforaGraphConnector 123 CreatingaPhysicalDeviceUsingtheNX-OS-StyleCLI 123 CreatingaHighAvailablityClusterUsingtheNX-OS-StyleCLI 125 CreatingaVirtualDeviceUsingtheNX-OS-StyleCLI 126 ExampleXMLfortheUnmanagedMode 127 ExampleXMLofCreatinganUnmanagedLDevVipObject 127 ExampleXMLofCreatinganUnmanagedAbsNodeObject 127 ExampleXMLofAssociatingaLayer4toLayer7ServiceEndpointGroupwithaConnector 128 ExampleXMLofUsingStaticEncapsulationwithaLayer4toLayer7ServiceEndpointGroup 128 UnmanagedModeBehavior 129 CHAPTER 13 ConfiguringCopyServices 131 AboutCopyServices 131 CopyServicesLimitations 132 ConfiguringCopyServicesUsingtheGUI 132 CreatingaCopyDeviceUsingtheGUI 133 ConfiguringCopyServicesUsingtheNX-OS-StyleCLI 134 ConfiguringCopyServicesUsingtheRESTAPI 136 CiscoAPICLayer4toLayer7ServicesDeploymentGuide,Release3.xandearlier ix Contents CHAPTER 14 ConfiguringLayer4toLayer7ResourcePools 139 AboutLayer4toLayer7ResourcePools 139 AboutExternalandPublicIPAddressPools 139 AboutExternalLayer3RoutedDomainsandtheAssociatedVLANPools 140 AboutExternalRoutedNetworks 140 SupportedManagedModeLayer4toLayer7Devices 140 AboutCloudOrchestratorModeFunctionProfiles 141 CreatinganIPAddressPoolforLayer4toLayer7ResourcePoolsUsingtheGUI 141 CreatingaDynamicVLANPoolforLayer4toLayer7ResourcePoolsUsingtheGUI 142 CreatinganExternalRoutedDomainforLayer4toLayer7ResourcePoolsUsingtheGUI 142 PreparingLayer4toLayer7DevicesforUseinLayer4toLayer7ResourcePools 143 ValidatingtheAPICConfigurationofaLayer4toLayer7DeviceforUseinaLayer4toLayer7 ResourcePool 143 ConfiguringtheDeviceManagementNetworkandRoutes 144 CreatingaLayer4toLayer7ResourcePool 144 CreatingaLayer4toLayer7ResourcePoolUsingtheGUI 144 CreatingaLayer4toLayer7ResourcePoolUsingtheNX-OS-StyleCLI 145 ConfiguringaLayer4toLayer7ResourcePoolUsingtheGUI 146 ConfiguringLayer4toLayer7DevicesinaResourcePool 146 AddingLayer4toLayer7DevicestoaLayer4toLayer7ResoucePool 146 RemovingLayer4toLayer7DevicesfromaLayer4toLayer7ResourcePool 147 ConfiguringExternalIPAddressPoolsinaResourcePool 147 AddinganExternalIPAddressPooltoaLayer4toLayer7ResourcePool 147 RemovinganExternalIPAddressPoolfromaLayer4toLayer7ResourcePool 148 ConfiguringPublicIPAddressPoolsinaResourcePool 148 AddingPublicIPAddressPoolstoaLayer4toLayer7ResourcePool 148 RemovingPublicIPAddressPoolsfromaLayer4toLayer7ResourcePool 149 UpdatinganExternalRoutedDomainforaLayer4toLayer7ResourcePool 149 UpdatingExternalRoutedNetworksforaLayer4toLayer7ResourcePool 150 ConfiguringCloudOrchestratorModeFunctionProfilesinaResourcePool 150 AddingaCloudOrchestratorModeFunctionProfiletoaLayer4toLayer7ResourcePool 150 RemovingaCloudOrchestratorModeFunctionProfilefromaLayer4toLayer7Resource Pool 151 CiscoAPICLayer4toLayer7ServicesDeploymentGuide,Release3.xandearlier x
Description:The list of books you might like
