p002 example 0 - nihole/PSEFABRIC GitHub Wiki

Brief descrition

This example shows how to create and delete

• structure
• addresses
• address-sets
• services
• service-sets
• applications
• application-sets
• policies (access between networks)

Order of actions

• We will use the CONFD interface as PSEFABRIC interface. Configuration will be uploaded to PSEFABRIC.

• Then PSEFABRIC Layers 1 - 5 transform this to the configuration files for the real equipment (Cisco ACI, PA Panorama). These files are saved in the folder $PSEFABRC/PSEF_CONF/EQ_CONF.

• We will upload these configs to ACI and Panorama using

  • Copy & Paste for PA
  • Postman application for Cisco ACI

Prerequisites

• Installation procedure has to be done
• Cisco ACI APIC for configuration
  • I use Cisco dCloud lab Cisco Datacenter Automation with Ansible v1
  • It should be pre-configured in accordance with our design: tenants, VRFs, applications, EPGs
• Panorama virtual/hardware appliances for PA configuration
  • It should be pre-configured in accordance with our design: device-groups

Zero configuration

Ensure that you are in p002 project (Projects )

echo $PROJECT

It is assumed that this test starts with a zero configuration. So, let's start by cleaning some of the possible previous configurations.

cd $PSEFABRIC
sh psef_clean.sh

Run the CONFD

cd $CONFD_DIR/myprojects/psefabric
sudo make all start

Don't close this window.

• create one more terminal session

• in the new window execute the command

cd $CONFD_DIR/myprojects/psefabric
sudo make cli

All configuration of PSEFABRIC will be performed in this window.

• Create one more terminal session

At this point, we have 3 terminal sessions.

Now we may start our configurations.

Configuration

Configuration for the Example 0 is located in the file $PROJECTS/p002/DOCS/EXAMPLES/EXAMPLE_0/AD/term_download.conf

You may also refer to p002 example 0

This is configuration represents the creation of the objects described in the tables

See also diagram

PSEFABRIC configuration

We will divide the task of configuration creation into four stages:

• Create structure, addresses, address-sets, services, service-sets, application, application-sets
  • PSEFABRIC (CONFD) configuration
  • copy & paste the created configuration to Panorama via cli
  • implement the created configuration to ACI with postman POST (not needed in this case)
• Create policies
  • PSEFABRIC (CONFD) configuration
  • copy & paste the created configuration to Panorama via cli
  • implement the created configuration to ACI with postman POST
• Delete policies
  • PSEFABRIC (CONFD) configuration
  • copy & paste the created configuration to Panorama via cli
  • implement the created configuration to ACI with postman POST
• Delete structure, addresses, address-sets, services, service-sets, application, application-sets
  • PSEFABRIC (CONFD) configuration
  • copy & paste the created configuration to Panorama via cli
  • implement the created configuration to ACI with postman POST (not needed in this case)