Versions Compared

Old Version 2

changes.mady.by.user Martin Halstead

Saved on

compared with

New Version 3

changes.mady.by.user Martin Halstead

Saved on

Key

  • This line was added.
  • This line was removed.
  • Formatting was changed.

...

Starting from the top, Cisco's 'Policy Universe' can be mapped to a Redfish 'Fabric'. The Redfish Fabric describes a per vendor Ethernet Fabric and its physical and logical makeup. In this instance, the unique UUID for the Redfish Fabric can be applied on a per ACI instance basis. There is no equivalent 'Tenant' schema in Redfish to ACI, rather a single Tenant can be defined for ACI that describes an 'APIC Infrastructure Tenant' all ACI Application Profiles, Bridge Domains and VRFs then belong to that Tenant. When Redfish based pools of addressing are applied to an entire Fabric in order to set up each fabric's control plane overlay and underlay, they can be applied at this level. ACI 'Application Profiles' can be mapped to a Redfish Zone with ZoneType='ZoneOfZones' each 'Application Profile' will then consist of one or more 'Endpoint Groups' - this exactly maps to the relationships between Redfish Zones with ZoneType='ZoneOfZones' consisting of one or more  Zones with ZoneType='ZoneOfEndpoints'. There are a number of definitions Cisco have for Endpoint Groups but for the purposes of this mapping exercise, we can think of an ACI Endpoint Group consisting of a traditional VLAN and subnet with each Endpoint being a host address on that subnet. 

The following steps can be used to set up host-to-host communications across a Fabric:

  1. Set up a VLAN domain and assign a range of VLANs to it. The VLAN range used will come from the AddressPool linked to the Zone with ZoneType='Default' and apply to all switch ports facing end hosts across the Fabric
  2. Specify leaf switches and interfaces that the VLAN domain apply to. The switches and Port list will come from the Port 'ConnectedPort' link(s) assigned by a northbound client as part of setting up the Fabric

Note that inter EPG communication policy dictating QoS and access control will be any-to-any in the first instance. This is due to a lack of support in Redfish for ACI 'Contracts'. There is a mechanism in Redfish called 'connections' that can be used for this purpose, but will require a new 'ConnectionsPolicy' schema to operate effectively. This will be worked on as part of an upcoming DMTF release.