Đang tải... (xem toàn văn)
Tài liệu về hệ thống Cisco APIC EM, quản lý hệ thống mạng The Cisco Application Policy Infrastructure Controller Enterprise Module (APICEM) is our softwaredefined networking (SDN) controller for enterprise networks (in the campus or branch and the WAN). It delivers an elastic platform for policybased automation that simplifies and abstracts the network. It can enable transformation of business intent to network control. The platform is built to host multiple, easytouse SDN applications that use open, northbound representational state transfer (REST) APIs and drive core network automation solutions. The platform also supports a number of southbound protocols that enable it to communicate with the breadth of network devices customers already have in place, and extend SDN benefits to both Greenfield and Brownfield environments, immediately from the start. The goal of the APICEM platform is to power nextgeneration SDN applications that will dramatically lower operational expenditures and increase network agility to align with business needs.
Cisco APIC-EM – Go to Deployment Playbook dCloud: The Cisco Demo Cloud Last Updated: 15-APRIL-2017 Created in partnership with Aricent’s “Cisco DNA Acceleration Team” About This Solution The Cisco Application Policy Infrastructure Controller - Enterprise Module (APIC-EM) is our software-defined networking (SDN) controller for enterprise networks (in the campus or branch and the WAN) It delivers an elastic platform for policy-based automation that simplifies and abstracts the network It can enable transformation of business intent to network control The platform is built to host multiple, easy-to-use SDN applications that use open, northbound representational state transfer (REST) APIs and drive core network automation solutions The platform also supports a number of southbound protocols that enable it to communicate with the breadth of network devices customers already have in place, and extend SDN benefits to both Greenfield and Brownfield environments, immediately from the start The goal of the APIC-EM platform is to power next-generation SDN applications that will dramatically lower operational expenditures and increase network agility to align with business needs The APIC-EM platform supports both wired and wireless enterprise networks across the WAN, and access and wireless infrastructures It offers superior investment protection, and works with both existing and new infrastructure The APIC-EM platform delivers many significant benefits For example, it: • Creates an intelligent, open, programmable network with open APIs • Can help customers save time, resources, and costs through advanced automation services • Can transform business-intent policies into dynamic network configuration • Provides a single point for network-wide automation and control About This Playbook This Playbook is aimed at Cisco Channel Partners and serves as a go to deployment guide when deploying the Cisco APIC-EM It attempts to cover several real-life use cases in addition to the standard deployment designs The playbook also covers standard and custom configurations of all the in-built Applications and Services within the APIC-EM Finally, the playbook will also encompass how to comprehend and utilize the North-Bound API interface of the APIC-EM controller The following points summarize what you will take away from the guide: • What are Software Defined Networks (SDN) and how does the Cisco APIC-EM play a role in SDN • Deploying the Cisco APIC-EM in Single Host Mode and in a Cluster • Discovering network devices and adding them to the controller’s Device Inventory • Using the four in-built Applications: PnP, IWAN, Easy QoS and Network Path Visualization • Customized use cases showcasing multiple dimensions of the in-built applications • Learning how to integrate the Cisco Identity Service Engine and the Cisco Prime Infrastructure with the APIC-EM controller © 2017 Cisco and/or its affiliates All rights reserved This document is Cisco Public Information Page of 504 • Learning in detail about the Northbound Application Interfaces of the APIC-EM controller and how to leverage it in order to create automation scripts using Python dCloud: The Cisco Demo Cloud After reviewing this guide, you will meet the following objectives: • Understand how to Deploy the Cisco APIC-EM controller in Single Mode setup as well as a Cluster • Understand how the APIC-EM controller Discovers and Tags Network Devices • Understand how to use the in-built four applications with the APIC-EM controller • Learn how to utilize the in-built applications in different real life use cases • Understand how to integrate the Cisco ISE and the Cisco PI with the APIC-EM controller • Comprehend the API structure of the APIC-EM controller and learn how to leverage it using automation scripts based in Python Guide Profile and Contact Link Guide Profile – How to use the Playbook This guide/playbook is classified into five modules Each module will serve a purpose in assisting Cisco Partners with the different aspects of the Cisco APIC-EM controller • Module-1 SDN and APIC-EM Introduction: In this module, the guide will attempt to expand upon the user’s current understanding of Software Defined Networks and how the Cisco APIC-EM fills the role of a central SDN controller in Cisco Enterprise-Networking • Module-2 APIC-EM Design and Deployment: The guide will explain the different ways to deploy the APIC-EM controller in your environment followed by step-by-step instruction of setting up an APIC-EM cluster The module will also guide the user through discovering network devices deployed in an environment using the APIC-EM controller and show-casing them in a Topology diagram • Module-3 APIC-EM Apps: The third module will take the user through the four in-built applications within the controller From explaining their use to a step-by-step instruction (with screenshots) on how to execute their functions This will include the Plug-and-Play App, the IWAN App, the Easy QoS App and the Network Path Visualization App • Module-4 APIC-EM Use-Cases: Since the aim of the guide is to help partners explore a plethora of practical applications using the APIC-EM controller, Module will systematically display the configuration of several practical use-cases For this purpose, the guide will also defer from the base topology In addition to the use cases, this module will explain how to integrate the Cisco Identity Services Engine and the Cisco Prime Infrastructure with the APIC-EM controller • Module-5 APIC-EM Northbound APIs: The Cisco APIC-EM controller hosts a huge collection of northbound APIs, which allow users and network administrators to push configuration remotely The APIs can also be leveraged to achieve automation tasks using an automation script The module will explain the controller’s Northbound API structure and how to write basic automation scripts in Python to leverage the API structure © 2016 Cisco and/or its affiliates All rights reserved This document is Cisco Public Information Page of 504 The guide will follow a standard topology when showcasing most configuration examples However, the guide also aims to cover a variety of practical applications of the controller’s features As a result, the topology will change from time to time and the user will be updated with these changes at the start of the exercise dCloud: The Cisco Demo Cloud Contact Links As of the writing of this document, the current relevant documentation could be found on the Cisco Website at the following links: • Cisco APIC-EM Installation and Deployment: http://www.cisco.com/c/en/us/td/docs/cloud-systems-management/application-policyinfrastructure-controller-enterprise-module/1-3-x/deploy-guide/b_apic_em_deploy_guide_v_1-3-x.html • Cisco APIC-EM Configuration Guide: http://www.cisco.com/c/en/us/td/docs/cloud-systems-management/application-policyinfrastructure-controller-enterprise-module/1-3-x/config-guide/b_apic-em_config_guide_v_1-3-x.html • Cisco APIC-EM on DevNet: https://developer.cisco.com/site/apic-em/ • Solution Guide for Network Plug and Play: http://www.cisco.com/c/en/us/td/docs/solutions/Enterprise/Plug-andPlay/solution/guide/pnp-soln-guide.html • Cisco IWAN Application on APIC-EM: http://www.cisco.com/c/en/us/td/docs/solutions/Enterprise/Intelligent_WAN/software/1-32/userguide/iwan-ug-1-3-2.html • Cisco Prime Infrastructure: http://www.cisco.com/c/en/us/td/docs/net_mgmt/prime/infrastructure/3-1/user/guide/ This guide was constructed using the following software and hardware in the configuration examples: • Cisco 2911 - This is a Cisco ISR-G2 model running version 15.6 in the demo topology being used in the guide • Cisco 3750 - This is a Cisco switch through which all devices at the HQ site will be connected • Cisco CSR – This is the Cisco Cloud Services Router running on an ESXi host • Cisco Wireless Access Point – A Cisco AP is connected to the switch at the HQ site in the demo topology and is controlled by a Cisco Wireless LAN Controller The model is a AIR-LAP1142N • Cisco Wireless LAN Controller – A Cisco Wireless LAN Controller is used to control the Cisco AP connected in the demo topology It will be integrated into the Cisco APIC-EM controller The model is a Cisco 2500 series WLC • Cisco APIC-EM – The version of the Cisco APIC-EM controller running in the demo topology is 1.3.3.126 There are instances of the controller installed An upgrade of the APIC-EM controller has been showcased (upgraded to 1.4.0.1959) • Microsoft Active Directory/DNS/DHCP - A Microsoft Windows server has been configured to act as the AD, DNS and the DHCP server • Windows Wired Client – A windows PC connected through the Cisco switch at the HQ site in the demo topology • Windows Wireless Client – A windows PC connected to the network at HQ in the demo topology through the Cisco Wireless Access Point © 2016 Cisco and/or its affiliates All rights reserved This document is Cisco Public Information Page of 504 Table of Contents About This Solution dCloud: The Cisco Demo Cloud About This Playbook Guide Profile and Contact Link Guide Profile – How to use the Playbook Contact Links Requirements Recommended Prerequisite Knowledge Disclaimer Topology Module Software Defined Networks and the Cisco APIC-EM A Definition of Software Defined Networks Why is SDN needed – Limitations of Static Networking Cisco’s Perspective on SDN 11 Module Cisco APIC-EM Design and Deployment 12 Installing APIC-EM: Bare-Metal and Hypervisor 13 System Requirements for Installing APIC-EM – Bare Metal Server and Virtual Machine .14 APIC-EM Deployment options .15 APIC-EM Single Host Deployment 17 APIC-EM HOME Page Exploration 47 Network Discovery Using the Discovery App .50 Understanding the discovery results .57 The Device and Host Inventory – Device Inventory .62 Device Tagging .71 The Device and Host Inventory – Host Inventory 80 Topology Visualization using the Topology App 81 Module APIC-EM Apps 99 PNP APP – Plug N Play 101 Adding a device to APIC-EM via PnP 110 Provisioning an Unclaimed Device .124 EasyQoS App 146 EasyQoS – Applying a static QoS policy .149 The IWAN Application 160 IWAN Design Models 162 In this Guide 165 Hub Site provisioning configuration 167 Branch site provisioning configuration 186 The Path Trace Application 196 Module APIC-EM Use-Cases 215 EasyQoS Use Cases 217 Adding custom applications and advanced policy configuration 219 Dynamic EasyQoS configuration 252 © 2016 Cisco and/or its affiliates All rights reserved This document is Cisco Public Information Page of 504 ISE and PI – Integration with APIC-EM 287 APIC-EM External User Authentication with Cisco Identity Service Engine: .287 Cisco Prime Infrastructure integration with APIC-EM 311 dCloud: The Cisco Demo Cloud IWAN Use Case 319 Added Components in IWAN Use Case 319 Performance Router Policy with TRANSIT HUB Configured 319 Simulating an example scenario 320 Configuring the Transit HUB Site 322 Provisioning BRANCH2 Site 336 Plug and Play Application Use Cases 346 Using variables and templates in the PnP App 347 Bulk Import option available in APIC-EM .361 Module APIC-EM API Integrations 369 Understanding North/South Bound APIs .370 APIC-EM API using Swagger 377 API Topology 377 APIC-EM API using Postman 393 Automation with APIC-EM API using Python .403 Appendix A Initial Setup of an APIC-EM Appliance 451 Installing the Cisco APIC-EM Series Appliance .451 Appendix B Adding an APIC-EM host to a cluster 459 Appendix C Upgrading APIC-EM through the GUI 464 Verify the Upgrade 468 Appendix D - Installation of the IWAN App on APIC-EM 471 Appendix E – Scripts for Module 479 Appendix F – The Settings Menu (Backup and Restore) in APIC-EM 485 Appendix G – The Command Runner App 495 Requirements The table below outlines the requirements for this preconfigured demonstration Table Requirements Required Reason ● Laptop ● To review the guide Recommended Prerequisite Knowledge • Good hands on understanding of the Cisco Enterprise Networks including Routing and Switching Protocols • A basic understanding of WAN and QoS © 2016 Cisco and/or its affiliates All rights reserved This document is Cisco Public Information Page of 504 • Elementary concepts of APIs and Python would be preferred but not required Disclaimer dCloud: The Cisco Demo Cloud This current iteration of the playbook is to demonstrate one way to deploy the Cisco APIC-EM and configure it various features The objective behind this playbook is so that Cisco System Engineers, Field Engineers and Partners can reference the real-life use cases documented in this guide However, the reader must perform compatibility and customer network reviews before implementing the topics covered in this guide Also, please ensure that you consult all current official Cisco documentation before proceeding with a design or installation This playbook is primarily intended to be a learning tool, and may not necessarily follow best practice recommendations at all times, in order to convey specific information This guide is not intended to be a deployment guide It is intended for learning purposes only © 2016 Cisco and/or its affiliates All rights reserved This document is Cisco Public Information Page of 504 Topology Figure Demo Base Topology dCloud: The Cisco Demo Cloud © 2016 Cisco and/or its affiliates All rights reserved This document is Cisco Public Information Page of 504 Table Preconfigured Information Device Name HQ-SW.demo.local IP Address Telnet/SSH Username 10.10.201.254 admin Telnet/SSH Password cisco SNMP String public HQ-MC.demo.local 10.10.201.5 admin cisco public HQ-BR-MPLS.demo.local 10.10.201.1 admin cisco public HQ-BR-INET.demo.local 10.10.201.2 admin cisco public BRNCH-SRDL.demo.local 10.10.202.1 admin cisco public Wireless LAN Controller 10.10.201.111 wlc_admin Cisco@123 public APIC-EM-AP 10.10.201.101(DHCP) NA NA NA Wired Host 10.10.201.100(DHCP) NA NA NA Wireless Host 10.10.201.102(DHCP) NA NA NA Table dCloud: The Cisco Demo Cloud APIC-EM Cluster Information Server Name APIC1.demo.local IP Address 10.10.10.101 APIC2.demo.local 10.10.10.102 APIC3.demo.local 10.10.10.103 Cluster Virtual IP 10.10.10.100 Figure displays the base topology, which will be used for the configuration demonstrations in the guide The APIC-EM Cluster is built on two ESXi 5.1 Hosts: Table ESXi Host Information Server Name ESXi-1 ESXi-2 IP Address 192.168.1.11 192.168.1.61 © 2016 Cisco and/or its affiliates All rights reserved This document is Cisco Public Information Page of 504 Module Software Defined Networks and the Cisco APIC-EM In this module, the guide will look to explain the need of Software Defined Networks, their advantages and their virtues The segment will then talk about how the Cisco APIC-EM controller expands and enhances these virtues in Cisco Enterprise dCloud: The Cisco Demo Cloud Networking, both at the access and the WAN level A Definition of Software Defined Networks According to the Open Networking Foundation (ONF), software defined networking (SDN) is a network architecture that decouples the control and data planes, moving the control plane (network intelligence and policy making) to an application called a controller SDN is currently being rolled out in a variety of networking devices and software, delivering substantial benefits to both enterprises and carriers, including: • Centralized management and control of networking devices from multiple vendors; • Improved automation and management by using common APIs to abstract the underlying networking details from the orchestration and provisioning systems and applications; • Rapid innovation through the ability to deliver new network capabilities and services without the need to configure individual devices or wait for vendor releases; • Programmability by operators, enterprises, independent software vendors, and users (not just equipment manufacturers) using common programming environments, which gives all parties new opportunities to drive revenue and differentiation; • Increased network reliability and security as a result of centralized and automated management of network devices, uniform policy enforcement, and fewer configuration errors; • More granular network control with the ability to apply comprehensive and wide-ranging policies at the session, user, device, and application levels; and • Better end-user experience as applications exploit centralized network state information to seamlessly adapt network behavior to user needs SDN is a dynamic and flexible network architecture that protects existing investments while future-proofing the network With SDN, today’s static network can evolve into an extensible service delivery platform capable of responding rapidly to changing business, end-user, and market needs Why is SDN needed – Limitations of Static Networking Meeting current market requirements is virtually impossible with traditional network architectures Faced with flat or reduced budgets, enterprise IT departments are trying to squeeze the most from their networks using device-level management tools and manual processes Carriers face similar challenges as demand for mobility and bandwidth explodes; profits are being eroded by escalating capital equipment costs and flat or declining revenue Existing network architectures were not designed to meet the requirements of today’s users, enterprises, and carriers; rather network designers are constrained by the limitations of current networks, which include: © 2016 Cisco and/or its affiliates All rights reserved This document is Cisco Public Information Page of 504 Complexity that leads to stasis: Networking technology to date has consisted largely of discrete sets of protocols designed to connect hosts reliably over arbitrary distances, link speeds, and topologies To meet business and technical needs over lastCloud dCloud: The Ciscothe Demo few decades, the industry has evolved networking protocols to deliver higher performance and reliability, broader connectivity, and more stringent security Protocols tend to be defined in isolation, however, with each solving a specific problem and without the benefit of any fundamental abstractions This has resulted in one of the primary limitations of today’s networks: complexity For example, to add or move any device, IT must touch multiple switches, routers, firewalls, Web authentication portals, etc and update ACLs, VLANs, quality of services (QoS), and other protocol-based mechanisms using device-level management tools In addition, network topology, vendor switch model, and software version all must be taken into account Due to this complexity, today’s networks are relatively static as IT seeks to minimize the risk of service disruption The static nature of networks is in stark contrast to the dynamic nature of today’s server environment, where server virtualization has greatly increased the number of hosts requiring network connectivity and fundamentally altered assumptions about the physical location of hosts Prior to virtualization, applications resided on a single server and primarily exchanged traffic with select clients Today, applications are distributed across multiple virtual machines (VMs), which exchange traffic flows with each other VMs migrate to optimize and rebalance server workloads, causing the physical end points of existing flows to change (sometimes rapidly) over time VM migration challenges many aspects of traditional networking, from addressing schemes and namespaces to the basic notion of a segmented, routing-based design In addition to adopting virtualization technologies, many enterprises today operate an IP converged network for voice, data, and video traffic While existing networks can provide differentiated QoS levels for different applications, the provisioning of those resources is highly manual IT must configure each vendor’s equipment separately, and adjust parameters such as network bandwidth and QoS on a per-session, per-application basis Because of its static nature, the network cannot dynamically adapt to changing traffic, application, and user demands Inconsistent policies: To implement a network-wide policy, IT may have to configure thousands of devices and mechanisms For example, every time a new virtual machine is brought up, it can take hours, in some cases days, for IT to reconfigure ACLs across the entire network The complexity of today’s networks makes it very difficult for IT to apply a consistent set of access, security, QoS, and other policies to increasingly mobile users, which leaves the enterprise vulnerable to security breaches, noncompliance with regulations, and other negative consequences Inability to scale: As demands on the data center rapidly grow, so too must the network grow However, the network becomes vastly more complex with the addition of hundreds or thousands of network devices that must be configured and managed IT has also relied on link oversubscription to scale the network, based on predictable traffic patterns; however, in today’s virtualized data centers, traffic patterns are incredibly dynamic and therefore unpredictable Mega-operators, such as Google, Yahoo!, and Facebook, face even more daunting scalability challenges These service providers employ largescale parallel processing algorithms and associated datasets across their entire computing pool As the scope of end-user applications increases (for example, crawling and indexing the entire world wide web to instantly return search results to users), the number of computing elements explodes and data-set exchanges among compute nodes can reach petabytes These companies need so-called hyperscale networks that can provide high-performance, low-cost connectivity among hundreds of thousands—potentially millions—of physical servers Such scaling cannot be done with manual configuration © 2016 Cisco and/or its affiliates All rights reserved This document is Cisco Public Information Page 10 of 504 SNMPv3: This option lets you configure the SNMP version settings dCloud: The Cisco Demo Cloud SNMP PROPERTIES: Lets you setup Retries and Timeout for SNMP DEVICE CONTROLABILITY: APIC-EM can automate configuration of SNMP and IPDT on devices Select options below to auto configure these features during device discovery © 2016 Cisco and/or its affiliates All rights reserved This document is Cisco Public Information Page 490 of 504 POLLING INTERVAL: Let’s you set the polling interval for device discovery dCloud: The Cisco Demo Cloud CONTROLLER SETTINGS The controller settings will let you upgrade the controller, backup and restore and set the logging levels UPDATE: Use the options in Update Settings to configure the frequency and method of updating your controller Enter your Cisco username and password and not the network device username and password © 2016 Cisco and/or its affiliates All rights reserved This document is Cisco Public Information Page 491 of 504 BACKUP & RESTORE: Back up data, or restore the controller to a previous state Backing up will save a copy of all the data we have about devices, users and the current state of the controller If at any point you need to revert to a previous time, you can restore the database to a previous backup dCloud: The Cisco Demo Cloud © 2016 Cisco and/or its affiliates All rights reserved This document is Cisco Public Information Page 492 of 504 CHANGING LOGGING LEVEL: The Cisco APIC Enterprise Module allows the user to update the logging level of an application dCloud: The Cisco Demo Cloud AUTH TIMEOUT: Configure the Session Timeout and Idle Timeout for Authorized user access PASSWORD POLOICY: Configure the restrictions on Authorization Attempts for users attempting to valiate credentials Set the number of invalid attempts a user can make before the temporary account lock occurs The account lock time reflects how long that user will be required to wait before being able to attempt authorization again Setting invalid attempts to zero will disable the temporary account locking completely PRIME INFRASTRUCTURE SETTINGS: You can enter and save your Cisco Prime Infrastructure (PI) credentials to the Cisco APIC-EM using the controller's UI These PI credentials are used by the IWAN application to establish an authenticated connection between the controller and PI server, after a request initiated by the controller The IWAN application uses the authenticated © 2016 Cisco and/or its affiliates All rights reserved This document is Cisco Public Information Page 493 of 504 connection to perform its centralized network management and enforcement duties with PI data Enter your IP address of the PI server, your PI username, and PI password in the fields below dCloud: The Cisco Demo Cloud PROXY CONFIGURATION: Use this form to configure your controllers proxy access Username and Password are optional © 2016 Cisco and/or its affiliates All rights reserved This document is Cisco Public Information Page 494 of 504 Appendix G – The Command Runner App Cisco has added the New Command Runner APP under network visibility apps (Discovery,Inventory, Host) features and functions It Allows you to send CLI commands to selected devices Currently, show and other read-only commands are permitted dCloud: The Cisco Demo Cloud The command runner application is not installed on Cisco APIC-EM by default To use the command running application, you need to download the image from Cisco.com, install it, and enable the Command Runner application For information, see the Cisco Application Policy Infrastructure Controller Enterprise Module Administrator Guide You must have either administrator (ROLE_ADMIN) or policy administrator (ROLE_POLICY_ADMIN) permissions and the appropriate RBAC scope to perform this procedure You can run show commands and other read-only commands on selected devices and display the output in Cisco APIC-EM To determine the allowed command keywords, from the global toolbar, click API > Network Poller > network-device-poller > /network-device-poller/cli/legit-reads > Try it out! From the GUI, you can run a maximum of commands per device, with a maximum of 20 devices per request When a device is part of another request that has not completed yet, no other commands are executed on it Access points are not supported If you choose access points, they are omitted from executing commands Commands are only run on the other selected devices In this exercise we will install the command runner app and will run a few show command to test the functionality Since we are already on the latest APIC-EM version, we will now directly download the command runner app Go to Cisco.com and download the command runner app Figure 165 Download the command runner app to management PC Launch APIC-EM, go to “APP Management” under settings to add the command runner app © 2016 Cisco and/or its affiliates All rights reserved This document is Cisco Public Information Page 495 of 504 Figure 166 Add the new app using the “App management” settings dCloud: The Cisco Demo Cloud Extract the app file on the management PC Figure 167 Extract the command runner app from the zip folder © 2016 Cisco and/or its affiliates All rights reserved This document is Cisco Public Information Page 496 of 504 Rename the extracted app file extension to “.application” Figure 168 Rename the app file name with correct extension “.application” dCloud: The Cisco Demo Cloud © 2016 Cisco and/or its affiliates All rights reserved This document is Cisco Public Information Page 497 of 504 Drag and drop the app image on the App Management screen on APIC-EM GUI Figure 169 Drag and drop the file to APIC-EM for the installation to being dCloud: The Cisco Demo Cloud Notice the application is being installed Figure 170 The app is being installed now © 2016 Cisco and/or its affiliates All rights reserved This document is Cisco Public Information Page 498 of 504 Once the app is installed, we will enable it by clicking the “Enable” button Figure 171 Activate the app by click the “enable” button next to it dCloud: The Cisco Demo Cloud The App has been installed and enabled successfully Figure 172 The Command runner app has been enabled successfully © 2016 Cisco and/or its affiliates All rights reserved This document is Cisco Public Information Page 499 of 504 Since the App has been installed successfully, we will now test it by running a few commands Go to device inventory, and select devices to run the commands on dCloud: The Cisco Demo Cloud Figure 173 Go to device inventory and select the device/devices to run the commands 10 Now click on the “Command Runner” button from the menu on the top Figure 174 Once the devices are selected, click on the “Command Runner” button © 2016 Cisco and/or its affiliates All rights reserved This document is Cisco Public Information Page 500 of 504 11 In the pop-up box, enter the commands you wish to run and click on the ADD button The commands will be added to all the devices we selected previously dCloud: The Cisco Demo Cloud Figure 175 Enter the commands in the pop-up window and click “Add” © 2016 Cisco and/or its affiliates All rights reserved This document is Cisco Public Information Page 501 of 504 12 Once all the commands are added, click on the “Run” button, from the bottom right corner of the screen We could remove any commands we not wish to run on, by simply clicking the “x” dCloud: The Cisco Demo Cloud Please note that removing a command from one device, removes it for all the devices Figure 176 Click on the “run” to execute the commands we added in last step © 2016 Cisco and/or its affiliates All rights reserved This document is Cisco Public Information Page 502 of 504 13 Note the confirmation message “command execution completed” Now click on any of the commands to get the output for the same Figure 177 After the successful completion of command execution, click on any of the commands to see the output dCloud: The Cisco Demo Cloud Figure 178 Notice all commands were executed successfully on all devices, clicking the commands listed under a specific device shows the corresponding output in the “CLI Output” window © 2016 Cisco and/or its affiliates All rights reserved This document is Cisco Public Information Page 503 of 504 Figure 179 Notice that any sensitive information, like SNMP configuration is masked automatically by the app dCloud: The Cisco Demo Cloud © 2016 Cisco and/or its affiliates All rights reserved This document is Cisco Public Information Page 504 of 504 ... HQ-BR-INET.demo.local 10 .10 .2 01. 2 admin cisco public BRNCH-SRDL.demo.local 10 .10 .202 .1 admin cisco public Wireless LAN Controller 10 .10 .2 01. 111 wlc_admin Cisco @12 3 public APIC- EM- AP 10 .10 .2 01. 1 01( DHCP)... Host 10 .10 .2 01. 100(DHCP) NA NA NA Wireless Host 10 .10 .2 01. 102(DHCP) NA NA NA Table dCloud: The Cisco Demo Cloud APIC- EM Cluster Information Server Name APIC1 .demo.local IP Address 10 .10 .10 .10 1 APIC2 .demo.local... 10 .10 .10 .10 1 APIC2 .demo.local 10 .10 .10 .10 2 APIC3 .demo.local 10 .10 .10 .10 3 Cluster Virtual IP 10 .10 .10 .10 0 Figure displays the base topology, which will be used for the configuration demonstrations in