Cisco ACI

Starting from TKU April 2022 discovery of both physical topology (infrastructure) and logical components of the Cisco ACI solution is supported.

Compatibility

Cisco ACI discovery feature is only supported starting from BMC Discovery 20.02 (12.0).

Prerequisites

• Two types of credentials must be configured in order to pattern work properly:
  • SNMP credentials for all nodes in ACI Fabric – APICs, leaves, and spines.
  • Cisco APIC REST API credentials for APIC nodes. 
    More info about configuring Cisco APIC REST API credentials can be found here.
• All ACI nodes must first be discovered using SNMP.  Once it is done, the Cisco_ACI pattern is able to trigger and build physical topology and discover logical components.

How it works

Pattern Cisco_ACI.Cisco_ACI triggers on Cisco APIC controller Network Device node, then runs REST calls against /api/node/class/topSystem class in APIC API to get info about ACI nodes (APICs, leaves, and spines).

Using this info pattern do the following:

• Creates two types of clusters:
  • APIC Cluster with all the APICs
  • Pod Cluster(s) with all the leaf and spine switches in one ACI Pod.
• Creates management relationship(s) between APIC Cluster and Pod Cluster(s).
• Adds ACI-related attributes to the Network Device nodes in ACI Fabric (APICs, leaves, and spines):
  • ACI Fabric Name
  • ACI Pod Id
  • ACI Node Role
  • ACI Node Id
  • ACI Node State
  • ACI Tep Pool
  • ACI Distinguished Name (DN)

• The pattern adds IP addresses to the ACI devices (APICs, leaves, and spines).

In order to discover logical components pattern runs the following REST calls:

• /api/node/class/fvAEPg.json?query-target=self&rsp-subtree=children&rsp-subtree-class=fvRsBd - to get ACI Endpoint Groups information (EPGs).

• /api/node/class/fvRtCtx.json?query-target=self - to get ACI Bridge Domains information.

• /api/node/class/fvCEp.json?query-target=self&rsp-subtree=full - to get ACI Client Endpoints information.

• /api/node/class/pcAggrIf.json?query-target=self - to get aggregated interfaces information.

As the results of the queries above, the following ACI logical components are created.

• ACI Fabric. Modeled as Collection node with Management link to the APIC Cluster, and Collection links to the Pod Cluster(s) and ACI EPGs.
• ACI EPG. Modeled as Collection node with Collection link to the ACI Fabric and ACI Endpoints.
• ACI Endpoint. Modeled as Detail node with Collection link to the ACI EPG and Detail links to the network interface on the leaf switch and Host/NetworkDevice/StorageSystem/SNMPManagedDevice this ACI Endpoint represents.

The second pattern in the Cisco_ACI module, Cisco_ACI.Link_ACI_Endpoint, is triggered by detail of type "ACI Endpoint" and attempts to link them it a host, network device, SNMP managed device, or printer.
However, if the detail represents a storage device or management controller, the links are created to the managed nodes, such as the storage system or host.

Below are some example of the data in Discovery.

APIC cluster

Pod Cluster

ACI Fabric (Collection node)

ACI EPG (Collection node)

Host with link to Endpoint Detail

Network Interface of the ACI leaf switch with link to Endpoint detail

Endpoint Detail

CMDB mapping

Network device nodes are mapped into BMC_ComputerSystem class.

APIC and Pod Clusters are mapped to BMC_Cluster class.

Management relationships between clusters are mapped as BMC_Dependency.

Relationships between ACI leaf switch NetworkDevice and the Host/SNMPManagedDevice/NetworkDevice/Printer/StorageSystem connected to ACI Fabric via ACI Endpoint Detail are synced using NetworkInterface_Detail_Linkage module, mapped as BMC_Dependency.

For more information about the CDM mapping please visit this page: https://docs.bmc.com/docs/discovery/113/default-cdm-mapping-788111913.html.

Known limitations

Cisco ACI multi-site setup is not supported at the moment.