APIC v10 Buildout - ibmArtifacts/APIC_v10_Buildout GitHub Wiki
NOTE: Please use the Network Assignment Template to establish all APIC subsystem endpoints before starting this section.
The purpose of the follow details are to simplify the instructions to build out the apiconnect-up-v10.yml file and ISO files for APIC v10 installation.
More details to each command may be found in their perspective documentations:
Configuring the Management subsystem
Configuring the Analytics subsystem
Configuring the Developer Portal subsystem
Prerequisites:
- If on Windows, ensure cygwin/openssl, putty/puttygen, and cdrtools are installed:
- cygwin/openssl will be used to created a hashed password
- putty/puttygen will be used to create ssh key pairs to secure and log into the vms.
- cdrtools will be used to create the isos files.
- Create a hashed password to be used later in the default-password section:
openssl passwd -1 input_default_password
- Create the ssh key pair to be assigned to the ssh-keyfiles section and input the file location. Here's how to create ssh key pairs using puttyGen
apicup init myProject
cd myProject
Update the inputs from the commands below for your environment and run the commands inside the myProject directory.
apicup subsys create mgmt management
apicup subsys set mgmt deployment-profile=[n1xc4.m16 or n3xc4.16]
apicup subsys set mgmt license-use=[nonproduction or production]
apicup subsys set mgmt search-domain=input_search_domain
apicup subsys set mgmt dns-servers=input_dns
apicup subsys set mgmt platform-api=platform_url
apicup subsys set mgmt consumer-api=consumer_url
apicup subsys set mgmt cloud-admin-ui=input_cm_url
apicup subsys set mgmt api-manager-ui=input_apim_url
apicup subsys set mgmt hub input_hub_url
apicup subsys set mgmt turnstile input_turnstile_url
apicup subsys set mgmt ssh-keyfiles="input_public_key_directory"
apicup subsys set mgmt default-password="input_default_password"
apicup hosts create mgmt input_vm_hostname input_hd_password
apicup iface create mgmt input_vm_hostname eth0 input_vm_ip/input_subnet input_default_gateway
apicup subsys get mgmt --validate
A successful validation of all the inputs should look like the following:
After validating everything is successful, create all the artifacts (ISO will be created within the mgmtplan-out directory) with the following command:
set PATH="c:\Program Files (x86)\cdrtools";%PATH%
apicup subsys install mgmt --out mgmtplan-out
apicup subsys create analyt analytics
apicup subsys set analyt deployment-profile=[n1xc4.m16 or n3xc4.16]
apicup subsys set analyt license-use=[nonproduction or production]
apicup subsys set analyt analytics-client=input_analytics_client_url
apicup subsys set analyt analytics-ingestion=input_analytics_ingestion_url
apicup subsys set analyt search-domain=input_search_domain
apicup subsys set analyt dns-servers=input_dns
apicup subsys set analyt ssh-keyfiles="input_public_key_directory"
apicup subsys set analyt default-password="input_default_password"
apicup hosts create analyt input_vm_hostname input_hd_password
apicup iface create analyt input_vm_hostname eth0 input_vm_ip/input_subnet input_default_gateway
apicup subsys get analyt --validate
A successful validation of all the inputs should look like the following:
After validating everything is successful, create all the artifacts (ISO will be created within the mgmtplan-out directory) with the following command:
set PATH="c:\Program Files (x86)\cdrtools";%PATH%
apicup subsys install analyt --out analytplan-out
apicup subsys create port portal
apicup subsys set port deployment-profile=[n1xc4.m16 or n3xc4.16]
apicup subsys set port license-use=[nonproduction or production]
apicup subsys set port portal-admin=input_portal_admin_url
apicup subsys set port portal-www=input_portal_www_url
apicup subsys set port search-domain=input_search_domain
apicup subsys set port dns-servers=input_dns
apicup subsys set port ssh-keyfiles="input_public_key_directory"
apicup hosts create port input_vm_hostname input_hd_password
apicup iface create port input_vm_hostname eth0 input_vm_ip/input_subnet input_default_gateway
apicup subsys get port --validate
After validating everything is successful, create all the artifacts (ISO will be created within the mgmtplan-out directory) with the following command:
set PATH="c:\Program Files (x86)\cdrtools";%PATH%
apicup subsys install port --out portplan-out
This section will showcase deploying the APIC OVAs and adding the ISOs to the cdrom of each APIC subsystem.
-
Log into vCenter/vSphere and navigate to the VMs and Templates section.
-
Click Action and select "Deploy OVA Template".
-
Click on the "Local file" radio button and selec tthe OVA file (note: you may have a zip, and within the zip will contain the .ova file).
-
Name the Virtual machine name, and click Next.
-
In the Select a name and folder, create a folder for yourself and select that for the next steps.
-
In the Select a computer resource, select the resource which APIC should use with your ESX layer.
-
Click Next to review the details from the template.
-
Click Next again to select configuration and select the t-shirt size required for your environment.
-
Click Next to select the storage. The recommended storage is Thick provisioning despite the diagram.
-
Click Next to select the VM network for APIC networking zone.
-
Click Next and change the customize template if needed. The Management subsystem requires at least 200 GB of disk space.
-
Once completed, review the "Ready to complete" section and click finish to deploy the VM.
-
While waiting for the VM to uplaod and deploy, upload the the mgmtplan-out ISO created from the instructions in the previous section of this document into the vSphere storage.
-
Once uploaded, use the ISO in the cdrom by going back to the VMs and Templates section.
-
Locate the management OVA that has been uploaded and deployed. Drop down the Actions and click on the Edit Settings...
-
In the CD/DVD section, open, and drop down the properties to select Datastore ISO File, and click Browse... to select the ISO file that was just uploaded to the datastore. Enable the "Connect At Power On". Click Ok to commit the settings and Power On the VM.
Follow the same directions for the analytics and portal OVAs.
Once each subsystem has completed deploying and have been powered on, you can log into them to check the status.
-
Open putty and set the private key of your management server as shown in the diagram below. This is the SSH key pair created in the prerequisites section. Then log in with user: apicadm. Then the system will prompt you to enter the password used in the apicup subsys set mgmt default-password.
-
Once logged in validate that all the services are up and running for the management with
sudo apic status
similar to what is shown in the diagram below.
-
Log into the Cloud Manager (CM) UI at https://your-cloud-admin-ui-url/admin with the initial credentials admin / 7iron-hide. You'll be asked to input an email and change the password after logging in.
-
Once the email and password is changed, you will be redirected to the main CM home page.
-
Ensure you add the SMTP so you could start adding users and creating provider organizations. Navigate to the Resources > Notifications section and Create a SMTP connection.
-
Once the SMTP is completed, assign the smtp object to be used in the notification section of the settings. Navigate to Settings > Notifications and add the SMTP to the Email Server section.
-
Similarly to validating the management subsystem, open putty, set the SSH private key, and log into the analytics server with apicadm.
-
Then run the
sudo apic status
and if you get something like the following, the subsystem has been installed successfully.
To use the analytics subsystem, it must be onboarded to the APIC CM topology, which will be documented later.
-
Similarly to validating the management subsystem, open putty, set the SSH private key, and log into the portal server with apicadm.
-
Once logged in, issue the
sudo apic status
command to validate you have something like the following.