Last Updated: 5/9/2022

I’m bringing up this page to keep a running list of ACI bookmarks that are really worth reading. If you are working with ACI these are a must read. My colleagues and I will add to this list over the course of time. So, please visit frequently.

Table of Contents:

1. Security
2. SR-MPLS
3. Troubleshooting & Stuff
4. Multisite/Multipod
5. Upgrades/Downgrades
6. Everything ACI
7. API/Progammability
8. Nexus Dashboard Related
9. Cisco ACI Hybrid Cloud Related
   1. From Unofficial
   2. From Ricardo’s Blog
10. VMM Related
11. Miscellaneous

Security

Everything you want to know about ACI Contracts

Cisco APIC Security Configuration Guide

All about Cisco ESGs, (Endpoint Security Groups) – Great for moving from netcentric to appcentric mode

Understanding Scope Of Prefixes in L3Out External EPG in ACI

Configuring LDAP Authentication with Cisco APIC Controller

Understanding Roles in ACI & MSO and integrating with FreeRadius.

Logging ACL/Contract Permits and Denies with ACI

Operationalizing ACI: Contracts Viewer

ACI Multisite Cloud Sec Encryption

Cisco APIC  TACACS+, Radius LDAP, RSA & SAML configuration Guide

• The AIC SAML SSO feature has been tested with the following IdPs:
  • Active Directory Federation Services
  • Okta Single Sign-On
  • PingFederate

ACI Endpoint Update app 2.1 – Enhancing FTD and ASA policies

Nexus Dashboard – Certificate Install

SR-MPLS

ACI SR-MPLS Handoff for L3 Outs       🦠Proof Of Concept

Cisco ACI SR/MPLS Handoff Architecture White Paper

SR-MPLS Handoff explanation and Packet Walk

SR-MPLS Handoff Configuration

Validated Design for Cisco ACI to SR-MPLS Handoff

Troubleshooting & Stuff

Troubleshooting Cisco Application Centric Infrastructure, Second Edition

Cisco
APIC Troubleshooting Guide

Troubleshooting Unexpected Route Leaking in ACI

Cisco ACI Endpoint learing WhitePaper

Overlap VLAN Pool Lead Intermittent Packet Drop to VPC Endpoints and Spaning-tree Loop.   ⚠️ Each EPG/AEP could associate multiple domains, but each domain must associate with a vlan-pool containing unique vlan-block that is not overlapped with any other vlan-pool. This is to ensure the global consistent vlan-to-vxlan mapping

Multisite/Multipod

Cisco ACI Multi-Site Architecture White Paper        ⚠️Sites should be added in Maintenance Window only, since BGP RID on spines will reset causing disruption

Extending Your datacenter policies into the cloud with Cisco ACI Anywhere

Cisco ACI Multi-Site Configuration Guide, Release 3.1(x)        📗 Pay attention to the new avpair format for MSO from 3.1.x

A basic question about VMM domains, Multipod and Multisite

• Cisco ACI QOS Related Notes for Multisite Fabric:
  • This is covered in good detail in the Multi-Site white paper and also in Part 2 of the:
    • CL Multi-Site session
    • Cisco APIC and QOS
    • Cisco ACI Multi-Site Architecture White Paper

Upgrades/Downgrades

Cloud APIC Install/Upgrades/Downgrades

ACI Upgrade Checklists

ACI -Pre-Upgrade-Validation-Script        🦠Use This !

Moving from MSO 3.1.1 (running on Case) to NDO 3.3.1 or directly to NDO 3.5.x (running on ND)

short Video on migration from MSO 3.1.1 to NDO 3.3.1

Upgrading ACI Fabric and MSO, Please Read This first

ACI / APIC Software Guidance

Upgrading ACI Fabric: The 4.0 Way

APIC Upgrade Tool

ACI Switches: Password Recovery

Wiping an ACI Fabric

Upgrading your ACI Fabric

Upgrading the CIMC for your APICs

Using Standby APIC to move APIC or Replace APIC

Cisco Data Center Network Applications Compatibility Matrix        Shows you what Apic/cApic goes with what ND/NDO/NDI

Everything ACI

APIC Landing Page (all aci docs) including Cloud APIC        🛬 Landing Page

White Papers including Cloud ACI

White Papers Nexus 9K

API/Progammability

Cisco ACI System Messages Reference Guide

Cisco APIC Faults, Events, and System Messages Management Guide

APIC Management Information Model Reference

Intersight niatelemetry

APIC System Faults/Events Message Reference        🗝 Search Fault & Event Code by ID

Cloud APIC & APIC Object Model Documentation

Cisco ACI Policy Model Guide

Cisco APIC REST API Configuration Guide

Cisco Application Centric Infrastructure MIB Quick Reference

This doc has instructions on creating cAPIC Tenant with Azure using REST API

Short Previous Article on ACI Automation

Look in ND Federated Cluster article        Look at this blog for API Calls to ND, Curl to ND, Postman Interceptor to figure out API calls needed

CiscoDevNet/ansible-mso

CiscoDevNet/ansible-nd

Ansible Automation for Nexus Dashboard/Nexus Dashboard Orchestrator

Ansible Collection Index » Collections in the Cisco Namespace » Cisco.Mso

Ansible Galaxy Collection ACI

Ansible Galaxy Collection ND

Ansible Galaxy Collection NDO

Getting Started: Cisco MSO With Ansible

Configuring Cisco ACI with Ansible AWX running in Docker

Terraform ACI Provider

Terraform NDO Provider

Terraform with Cisco Nexus Dashboard Orchestrator for building Hybrid Cloud and end to end services

Deploying cAPIC on Azure With Terraform

Nexus Dashboard Related

ND Deployment Guides, Data Sheets, Release Notes, Compatibilty Guides, Install and Upgrade        💡ND Documentation

ND, NDO, NDI Remote Authentication Configuration        💡AV Pairs Needed and scope results in ND, NDO, NDI. Also, Multi-Factor Authentication

Cisco Nexus Dashboard User Guide        💡 Must Read – Also has information on how to replace failed Master from Standby ND

Cisco Nexus Dashboard Deployment Guide, Release 2.1.x        💡 Look in the Deploying in VMware ESX section for esxi resources needed – App Node v. Data Node. App Node is good enough for running only NDO

Cisco Nexus Dashboard Hardware Setup Guide

Cisco Nexus Dashboard Deployment Guide

Cisco Intersight Overview

ND Sizing Tool        Based on Physical/Virtual/Cloud ND and what apps you will run on ND + size of Fabric, this will calculate the ND size needed

Moving from MSO 3.1.1 (running on Case) to NDO 3.3.1 or directly to NDO 3.5.x (running on ND)

short Video on migration from MSO 3.1.1 to NDO 3.3.1

Cisco Data Center Network Applications Compatibility Matrix        Shows you what Apic/cApic goes with what ND/NDO/NDI

Licensing Guide

ND Ordering Site

NDI Users Guide

NDI Users Guide dcnm

Nexus Dashboard 2.1 – New Features – Federated Clusters

Introduction To Cisco Nexus Dashboard And Installation, Integrating With Radius, Configuring Intersight And Site Onboarding 🗝 Licensing Simplified/Explained

A Guide To: Nexus Dashboard Insights Kafka Exporter to Elasticsearch/Kibana for Data Analysis & Visualization

Jenkins /Ansible for ACI Orchestration and for Automated Configuration Sanity Check / Pre-verification with NAE/ND and Git integration

Cisco Nexus Dashboard Demo – Unlock new value from your hybrid cloud network

Cisco Nexus Dashboard Insights and Splunk Integration

Part 1 – Installing AppDynamics and Integrating with Cisco Nexus Dashboard Insights

Part 2 – Installing AppDynamics APM Agents to report application data to AppD Controller

Part 3 – Monitoring Apps deployed on K8s cluster on ACI Fabric Using AppDynamics/NDI

Nexus Dashboard – Certificate Install

Cisco ACI Hybrid Cloud Related

From CCO

Cloud APIC Documentation

(Azure) – Cisco Cloud APIC for Azure User Guide, Release 5.2(x)I        💡 Lookup what Cloud Service Endpoint types are, — Cloud Native, Cloud Native Managed, Third Party

Cisco Cloud ACI Hybrid Multi-Cloud Deployment Guide        💡 The Definitive Desingn Guide!!!

From Unofficial

(AWS) – Cloud Tenant Only (deploying Application Load Balancer with Service Graph on AWS)       🗝 Also Explains the values of EPG Selectors “equals”, “not equals”, “in”, “not”

(AWS) – Stretched Tenant / EPG between OnPrem ACI Fabric and Cloud Native ACI Fabric with Shared L3Out

(AWS) — When to use Shared Template and When to use Site Only Template

(AWS) – Deploying from Scratch- Physical ACI Fabric With ACI Cloud Fabric

AACI/Cloud Extension Primer: Adding Trusted/Untrusted AWS Accounts and Shared/Managed/Unmanaged Identities for Azure to Cloud ACI Fabric

(Azure) – Adding in Azure Site to ACI Cloud Fabric – Step by Step

(AWS) – A Practical Guide to using AWS Transit Gateway (TGW) with Cloud ACI

(Azure) – ACI 5.0.2 cAPIC Feature Listing and First Time Setup differences

(Azure) – A Practical Guide to using Azure vNET Peering with Cloud ACI        🗝 Debugging CSR Tips here

(Azure) – Simple Service Graph with Azure Application Gateway & vNET Peering

(Azure) – Simple Service Graph with Azure Network Load Balancer & vNET Peering

(Azure) – Multi-Node Service Graph with Horizontal Firewall Scaling using vNET peering and hosting service devices in HUB vNET (overlay-2)

(Azure) – Multi-Node Service Graph with North South Firewall Scaling using vNET peering and hosting service devices in HUB vNET (overlay-2)

Cisco cAPIC / Azure Kubernetes Service Integration with Azure File Share Services for Apps

Cisco cAPIC / Native Azure API Management for serverless Architecture integration

Cloud ACI 5.2: A compelling case for Cisco ACI Hybrid/Multicloud Data Centers

Cloud ACI 5.2: Interconnecting ACI Fabrics Over Cloud Provider’s Backbone at High Speed for both AWS and Azure

Cloud ACI 5.2: Azure Brownfield Integration with ACI Fabric

Cloud ACI 5.2: ACI/Azure Tenant vNET Peering across Azure Acitive Directories

Cloud ACI 5.2: AWS Enhancements in TGW with TGW Connect Attachments

(AWS/Azure) – Cisco Cloud ACI Generic External Connectivity        🗝 Tips on how to put static route on EC2 is here

Cloud ACI 25.0.2: AWS Cloud ACI 25.0.2 AWS Brownfield Integration to Cloud ACI Fabric on AWS (with Proof Of Concept)

Cloud ACI 25.0.2: Connecting ACI/AWS Cloud Fabric to External DC/Branch Site via TGW (with Proof Of Concept)

Upgrading Cloud Routers from CSR1KV to Catalyst 8KV

Deploying cAPIC on Azure With Terraform

ACI Fabric in Google Cloud

From Ricardo’s Blog

Ricardo’s ACI Blogs       📬 Excellent Blogs written by my colleague Ricardo Trentin focused on Cloud ACI

Cisco Cloud ACI Tenancy Design Guide

How to Install Custom SSL Certificates on Cloud ACI managed Application Load Balancer on AWS

Deploying AWS ECS with Fargate on Cloud ACI managed network

Using AWS VPC End Points with Cisco Cloud ACI

Integrating F5 with Azure using Cloud APIC

Network to App Centric Migration on Cloud ACI

Cisco ACI Multi-Site Multi-Cloud Connectivity Scalability and Availability using Multiple Routers

Staging Cloud ACI Configurations on Azure

Naming resources made easy

Inspecting On-Prem Traffic using 3rd Party Firewalls

VMM Related

Openstack with ACI Integration – Part 1 (General Discussions of Openstack with ACI)

Openstack with ACI Integration – Part 2 ( installing with packstack)

Openstack with ACI Integration – Part 3 (installing using Red Hat Director)

Openstack with ACI Integration – Part 4 (using Openstack Integrated ACI)

CPOC Series: ACI MultiPod with Live vMotion from one Pod to another

CPOC Series: VMM integration from ACI to VMware vSphere

CPOC Series: vMotion and vKernel configuration considerations between ACI and vSphere

A basic question about VMM domains, Multipod and Multisite

Part 1 – Cisco ACI 5.2 and Kubernetes 1.21 CNI Integration

Part 2 – Cisco ACI 5.2 and Kubernetes 1.21 CNI Feature Highlights

Miscellaneous

Collection of ACI White Papers (including migration, SRMPLS etc, etc)

Using OpenShift with Cisco Cloud APIC

Red Hat OpenShift Container Platform on AWS Cloud

Cisco ACI APIC and cAPIC monitoring using Prometheus/Grafana

Spanning-tree (STP) and ACI

ACI TEP Pool Discussion        🗝 Tips on how to look at APIC Setup Parameters from ssh

STP and ACI: Intermittent packet loss due to TCNs

Understanding ACI TCAM Utilization & Optimization

ACI with IPv6

Configuring an APIC Banner (GUI Alias)

Configuring Syslog for ACI

ACI Fabric L3Out Guide

Floating L3Out

Meaning of L3Out SVI Scopes: Local Scope and VRF Scope (remember default behavior is local scope)

Understanding Scope Of Prefixes in L3Out External EPG in ACI)

K8s Lens IDE on AWS/ACI EKS infrastructure

Nexus Switch Intersight Device Connector Documentation

Go To Top