You can add Cisco ACI (Application Centric Infrestructure) as a data source in VMware Aria Operations for Networks. This feature is available only for the enterprise license users.

Prerequisites

  • You must verify the following information:

    • The data source and its version is supported in VMware Aria Operations for Networks. For more information, see Supported Products and Versions.
    • The data source follows VMware Ports and Protocols supported in VMware Aria Operations for Networks. For more information, see VMware Ports and Protocols.
  • To connect to the APIC controller REST API over HTTPS, you must have access to all the tenants and have the read-only privilege.
  • For SNMP, you must have the read-only permission.
  • To authenticate Cisco ACI, you must have a local user role with the following privileges:
    • Security Domain: all
    • Role: admin
    • Access: read
    For details on how to create a local user in Cisco ACI, see the Access, Authentication, and Accounting section in the Cisco APIC Security Configuration Guide.

Procedure

  1. From the left navigation pane, go to Settings > Accounts and Data Sources.
  2. Click Add Source.
  3. Under Others, select Cisco ACI.
  4. In the Add a new Cisco ACI Account or Source page, provide the following details:
    Option Action
    Collector VM Select a collector VM from the drop-down menu.
    IP Address/FQDN Provide the IP address of an APIC controller in the cluster.
    Note: You do not have to add the individual switches in the ACI fabric.
    Username Enter the user name.
    Note:
    • If the user is a domain user, then you must add apic: before the user name. For example, if the user name is user1 and if the user belongs to the domain domain1 then specify the user name as apic:domain1\\user1. The domain name is case-sensitive.
    • If you want to use a local user account when default authentication method is set to TACACS, then you must add apic#fallback\\ before the user name. For example, if the local user name is user2, then specify the user name as apic#fallback\\user2.
    Password Enter the password.
  5. Click Validate.
  6. To enable a richer data collection, click Use SNMP (recommended for richer data collection) check box, and do the following:
    1. From the SNMP Version drop-down menu, select an SNMP version. Depending on which version of SNMP you have selected, do the following:
      Option Action
      2c In the Community String text box, enter a community string.
      3
      1. Enter Username, Context Name.
      2. From the Authentication Type drop-down, select an authentication type and enter the Authentication Password.
      3. From the Privacy Type drop-down, select a privacy type and enter the Privacy Password.
  7. Define the polling interval for the configuration data collection. You can set the polling interval from 10 minutes to 7 days.
    • Preset - Select the interval time from the predefined time set.
    • Custom Interval - Set a value and select Minutes, Hours, and Days.
    • Fixed Schedule - Select the days and set the time to schedule the interval.
  8. (Optional) In the Nickname text box, enter a nickname.
  9. (Optional) In the Tags (Optional) key-value pair text box, enter a key and a value.
    Key-value pair could be any text. For example, you can use Layer Access as key-value pair where layer is the key and access is the value.
    1. To apply the tag in all the associated entities, click the Apply above tag operations to all associated entities check box. For more details about the associated entities, see Working with Local Tags.
      If you clear the Apply above tag operations to all associated entities check box, the assigned tag is removed from all the associated entities.
  10. (Optional) In the Notes text box, add a note if necessary.
  11. Click Submit.

Results

Cisco ACI is added as a data source in VMware Aria Operations for Networks.
Note:

VMware Aria Operations for Networks supports the following features of Cisco ACI:

  • Neighbor discovery (CDP and LLDP)
  • Endpoint group (EPG)
  • L3Out EPG
  • EPG gateway
  • Bridge domain
  • VRF
  • IPv4 routing
  • Contract (in network assurance and verification)

The following features are not supported:

  • Fabric extender (FEX)
  • IPv6
  • Layer 3 EVPN
  • Multi-pod
  • Multi-site