GroupBasedPolicy/InstallCiscoACI
Installing and Running GBP with Cisco APIC
The following are a set of instructions for installing and working with the Cisco APIC:
Devstack Installation
1. Follow the instructions here: https://github.com/group-policy/gbp-devstack/tree/juno until step 6.
2. cd devstack
3. Configure the local.conf file.
- Replace the "resource_mapping" driver with the "apic" driver as follows:
[group_policy] policy_drivers=implicit_policy,apic
- Set the appropriate L3 plugin as follows in the default section:
service_plugins =group_policy,servicechain,apic_gbp_l3
- Replace enable_service q-agt with disable_service q-agt
- Set HOST_IP
- Set Q_PLUGIN_EXTRA_CONF_PATH. This should point to the path where the ml2_conf_cisco.ini file resides. Note it should NOT start with a /.
4. Configure ml2_conf_cisco.ini at the path you chose. For complete instructions on available options see this document. An example file would look like this:
[DEFAULT] # Unique Name for identifying the Openstack Cluster apic_system_id=gbp3 [ml2_cisco_apic] # Host Name for the APIC Controller apic_hosts=172.31.100.1 # Username for the APIC Controller apic_username=admin # Password for the APIC Controller apic_password=cisco123 # How to map names to APIC: use_uuid or use_name apic_name_mapping=use_name # Switch to hypervisor port mapping [apic_switch:101] ubuntu-gbp=1/5
5. pip install apicapi
6. pip install python-opflex-agent
7. ./stack.sh
8. Ensure your uplink to ACI fabric is up and a port is created on OVS.
sudo ovs-vsctl add-port br-em1 eth1
8. source openrc demo demo
9. Use the "gbp" CLI binary ("gbp --help" will give you the commands)