About Cisco Nexus Fabric Manager

This chapter contains the following sections:

Overview

The Cisco Nexus Fabric Manager is a system designed to highly simplify and optimize the full lifecycle management of a switch fabric based on the Cisco Nexus 9000 Series switches. The Cisco Nexus Fabric Manager provides point-and-click methods for performing fabric management tasks such as adding, removing, and configuring network components. The configurable network components include switchpools, switches, switch interfaces, foreign devices (such as hosts), virtual routing and forwarding topologies (VRFs), port channels and broadcast domains.

The Cisco Nexus Fabric Manager user interface leverages an intuitive Navigation menu to easily move between the main functions of the system. The main system functions include switchpools, profiles, faults, racks, VRFs, images, upgrades, and authentication.

The Cisco Nexus Fabric Manager also introduces Auto Fabric Provisioning (AFP), which enables the Cisco Nexus Fabric Manager to manage switches that have not yet received any configuration. Through AFP, you can specify the initial switch configuration using the desired management IP address, username, password, and Cisco NX-OS software release. Your initial configuration is automatically applied to the device before being imported into the switchpool.

For installation information, see the Cisco Nexus Fabric Manager Quick Start Guide. Once the Cisco Nexus Fabric Manager is up and running, you can begin adding and configuring user accounts and network components.

Supported Platforms

The Cisco Nexus Fabric Manager supports the following hardware:

Table 1 Cisco Nexus 9500 Platform Switches

Model

Product ID

Nexus 9500

  • N9K-C9504

  • N9K-C9508

  • N9K-C9516

Table 2 Cisco Nexus 9500 Line Cards

Model

Product ID

Nexus 9500 100 GE Modules

  • N9K-X9408PC-CFP2

  • N9K-X9432C-S

  • N9K-X9732C-EX

Nexus 9500 40GE Modules

  • N9K-X9636PQ

  • N9K-X9536PQ

  • N9K-X9432PQ

Nexus 9500 10GE Modules

  • N9K-X9564PX

  • N9K-X9464PX

  • N9K-X9564TX

Table 3 Cisco Nexus 9300 Series Switches

Model

Product ID

Nexus 9300 10GBaseT Switches

  • N9K-C9372TX

  • N9K-C9396TX

  • N9K-C93120TX

  • N9K-C93128TX

  • N9K-C93108TC-EX

Nexus 9300 10/25GE Fiber Switches

  • N9K-C9372PX

  • N9K-C9372PX-E

  • N9K-C9396PX

  • N9K-C93180YC-EX

Nexus 9300 40GE Switches

  • N9K-C9332PQ

  • N9K-C9336PQ

Table 4 Cisco Nexus 9200 Series Switches

Model

Product ID

Cisco Nexus 9200 Modules

  • N9K-C92160YC-X

  • N9K-C9272Q

  • N9K-92304QC

  • N9K-C9236C

Table 5 Cisco Nexus 2000 Series Fabric Extenders

Model

Product ID

Cisco Nexus 2348TQ 10GE

N2K-C2348TQ-10GE

Cisco Nexus 2348TQ-E 10GE

N2K-C2348TQ-E

Cisco Nexus 2348UPQ 10GE

N2K-C2348UPQ

Cisco Nexus 2332TQ 10GE

N2K-C2332TQ-10GT

Cisco Nexus 2248PQ 10GE

N2K-C2248PQ

Cisco Nexus 2248TP GE

N2K-C2248TP

Cisco Nexus 2248TP-E

N2K-C2248TP-E

Cisco Nexus 2232PP 10GE

N2K-C2232PP

Cisco Nexus 2232TM 10GE

N2K-C2232TM

Cisco Nexus 2224TP GE

N2K-C2224TP


Note


In Cisco Nexus Fabric Manager 1.2(x) releases, the maximum number of supported fabric extenders is four per leaf switch.


Supported Software

The Cisco Nexus Fabric Manager supports the following software:

  • Cisco NX-OS 7.0(3)I2(2e)


    Note


    NX-OS patch required.


  • Cisco NX-OS 7.0(3)I2(3) (NXOS patch required)

  • Cisco NX-OS 7.0(3)I2(4)

  • Cisco NX-OS 7.0(3)I2(5)

  • Cisco NX-OS 7.0(3)I3(1)

  • Cisco NX-OS 7.0(3)I4(1)

  • Cisco NX-OS 7.0(3)I4(2)

  • Cisco NX-OS 7.0(3)I4(3)

  • Cisco NX-OS 7.0(3)I4(4)

  • Cisco NX-OS 7.0(3)I4(5)

  • Cisco NX-OS 7.0(3)I4(6)

  • Cisco NX-OS 7.0(3)I5(2)

  • Cisco NX-OS 7.0(3)I6(1)

Supported and Unsupported Topologies

Supported Fabric Topologies

  • 2-tier leaf spine architecture
  • Border leaf switches

    Note


    May require a CLI configuration to enable required external routing functionality.
  • Host-facing and border vPCs are supported and require a physical link between leaf switch pairs to facilitate a vPC peer link.

    Note


    Leveraging connectivity from leaf-to-spine-to-leaf for a vPC peer link is not currently supported, as this is a current NX-OS restriction.

Unsupported Fabric Topologies

  • Border spine switches
  • Multi-homed Nexus 2000 (FEX) configurations, as this is a current NX-OS restriction.
  • The use of VLAN 1 is not supported as either part of the Cisco Nexus Fabric Manager's managed configuration or as a manual addition to the CLI configuration of any switch. VLAN 1 must remain unused.

Supported Browsers

The Cisco Nexus Fabric Manager supports the browsers listed in the table below.

Table 6 Supported Browsers

Browser

Version

Google Chrome

Latest regular release

Mozilla Firefox

Latest regular release

Accessing the Cisco Nexus Fabric Manager

After installation, the Cisco Nexus Fabric Manager login window is accessed by entering the Cisco Nexus Fabric Manager IP address in a web browser. When the login window appears, enter your username and password credentials.


Note


  • There is no default password. The admin password must be specified during installation. For installation information, see the Cisco Nexus Fabric Manager Quick Start Guide.

  • The Cisco Nexus Fabric Manager encrypts switch passwords.


First-Time Login

The Cisco Nexus Fabric Manager first-time login credentials are entered by an admin. For the first-time login, enter the default admin username with the password that was specified during the installation.

After logging in successfully, see User Management to change the password and add user accounts.

Resetting the Cisco Nexus Fabric Manager System Root Password

This section explains how to reset the system password for the Cisco Nexus Fabric Manager Release 1.2(1) and earlier and Release 1.2(2) and later.

Resetting the System Password in Release 1.2(2) and Later

This section explains how to reset the system password for Cisco Nexus Fabric Manager Release 1.2(2) and later releases.


    Step 1   Open the vSphere client and log in to the Cisco Nexus Fabric Manager appliance host (root).
    Step 2   From the vSphere client, right-click on the Cisco Nexus Fabric Manager virtual machine and choose Open Console.
    Step 3   From the vSphere client, right-click on the Cisco Nexus Fabric Manager virtual machine and choose Power > Restart Guest. When prompted, click Yes to confirm the reboot.
    Step 4   From to the console window, click the black field (the prompt becomes a dot) and begin pressing the Down Arrow key repeatedly as the Cisco Nexus Fabric Manager VM begins to start up (during the VMware window). The GNU GRUB window will appear.
    Step 5   Use the Up Arrow and Down Arrow keys to highlight the Cisco NFM Version <Version Number>—Password Recovery option.
    Step 6   When prompted, enter a new password. When prompted, re-enter the password to confirm. The system will boot normally.

    What to Do Next

    After the Cisco Nexus Fabric Manager starts, verify the password change by logging in to root on the console and entering the new password.

    Resetting the System Password in Release 1.2(1) and Earlier

    This section explains how to reset the system password for Cisco Nexus Fabric Manager Release 1.2(1) and earlier releases.


      Step 1   Open the vSphere client and log in to the Cisco Nexus Fabric Manager appliance host.
      Step 2   From the vSphere client, click the + symbol to open the VM menu.
      Step 3   From the vSphere client, right-click on the Cisco Nexus Fabric Manager virtual machine and choose Open Console.
      Step 4   From the vSphere client, right-click on the Cisco Nexus Fabric Manager virtual machine and choose Power > Restart Guest. When prompted, click Yes to confirm the reboot.
      Step 5   From to the console window, click in the black field (the prompt becomes a dot) and begin pressing the Down Arrow key repeatedly as the Cisco Nexus Fabric Manager VM begins to start up (VMware screen).
      Step 6   When the GNU GRUB window appears, press the e key.
      Step 7   Use the Up Arrow and Down Arrow keys to highlight the option that begins with the word Kernel then press the Enter key. Your cursor is placed at the end of a line with editable text.
      Step 8   Replace the last two words in the line with the word debug and press the Enter key.
      Step 9   From the GNU GRUB window, press the b key to boot. You are taken to a new window with a prompt.
      Step 10   At the prompt, enter the following commands:
      # mkdir /mnt/gentoo ; mount /dev/sda2 /mnt/gentoo
      # /mnt/gentoo/rootfs/usr/local/bin/RecoverRootPassword.sh
      
      Step 11   When prompted, enter the new password. After entering the password, you are prompted to re-enter the password for confirmation.
      Note   

      The Cisco Nexus Fabric Manager will reboot


      What to Do Next

      After the Cisco Nexus Fabric Manager starts, verify the password change by logging in to root on the console and entering the new password.

      About the GUI

      The Cisco Nexus Fabric Manager is divided into groups of related function windows that enable you to access and manage different network components. You move between the function windows using the Navigation menu icon. Some function windows also have a Settings drop-down menu icon. The Settings drop-down menu contains options that pertain only to the components of the window you have open. The components, such as switches, foreign devices, broadcast domains, interfaces, profiles, and user accounts, are displayed in the function windows as tiles. Each function window that displays tiles also contains an Actions bar, which is used to filter your tiles. This section describes the menu and tile icons and provides an overview for filtering your component tiles.

      Understanding the Icons

      This section provides a brief overview of the commonly used icons in the Cisco Nexus Fabric Manager interface.

      Table 7 Icons
      Icon Description

      The comment icon enables you to add comments about an object or fault and is found in the details view of the switches, interfaces, foreign devices, port channels, broadcast domains, faults, interface profiles, and switch profiles.

      Components, such as switches, interfaces, and profiles, are created and edited in popup dialogs. The edit dialogs display the information icon for component properties that have been edited since the component was created. Click the information icon to display the name of the user who made the most recent change and the date and time the change was made.

      The Navigation drop-down menu, which is located in the top left corner of each window, enables you to navigate between the Cisco Nexus Fabric Manager function windows. Each function window presents specific options for accessing and managing different network components.

      The function windows are organized in the Navigation menu as listed below.

      • The Switchpool windows:

        • Home—Enables you to view, add, remove, configure, and edit switch settings, interface settings, discovered foreign devices (neighbors), and broadcast domains.

        • Profiles—Enables you to add, remove, and edit configuration profiles applied to interfaces and switches.

        • Racks—Provides the ability to view, add, and delete racks containing switches and/or foreign devices.

        • VRFs—Provides the ability to view, add, and remove VRFs within the managed fabric.

      • The Management windows:

        • Faults—Presents a summary and detailed description of any faults within the managed fabric, including possible remedial actions.

        • Images—Displays the image catalog in a summary table and enables uploading of additional NX-OS images.

        • Upgrades—Lists defined upgrade objects consisting of a chosen image for the upgrade, a chosen set of switches to upgrade, and the upgrade strategy.

      • Subnets—Provides the ability to view, add, and delete management IP subnets where switches within these subnets can be managed by the Cisco Nexus Fabric Manager.

      • The Administration windows:

        • Authentication—Enables you to create, edit, and view all created user accounts within the system, including administrators, and to specify LDAP settings for creating remote user accounts.

        • System—Enables you to download and upload backup files and to download tech support files.

      The Settings drop-down menu appears on the right side of the Actions bar in the Home, Profiles, Racks, VRFs, Faults, Images, Upgrades, Subnets, and Authentication > Users windows. Click the Settings icon to display a menu of options that pertain only to the window you have open. For example, if you are in the Profiles window, clicking the Settings drop-down icon will display options to create or delete profiles. If you are in the VRFs window, you will see options to create or delete VRFs.

      Tiles represent components such as switches, foreign devices, interfaces, and user accounts. When a tile is chosen by clicking in its open white space, configurable options become accessible in a panel that displays on the right side of the window. All tile-display windows also contain an Actions bar, which enables you to filter your tiles using options from a drop-down menu and by entering an expression as a substring (the asterisk as a wildcard is supported).

      Each tile also has a check box located at the bottom right corner. The check box enables you to apply options to multiple tiles at a time. For example, to delete a group of tiles in the SWITCHES tab of the Home window, click the check box in the tiles you want to delete then choose the Delete selected option from the Settings drop-down list.

      Clicking the filter icon applies the text-based filter expression to the currently viewed group of object tiles.

      Filtering Your Component Icons

      All of the function windows with tiles or topology nodes contain an Actions bar, which enables you to filter and sort your tiles and the foreign device topology nodes. The Actions bar filter options differ depending on the window you are accessing. This section provides a general overview of the various filter options that are available.

      Table 8 Filter Options

      Filter Option

      Description

      Instructions

      Filter expression

      The Filter expression field enables you to filter your tiles by object name when you enter text in the field as a substring.

      1. Enter an expression in the Filter expression field.

      2. Click Apply filter.

      Sort by

      The Sort by drop-down list provides options for sorting the tiles by type.

      Click the Sort by drop-down list and choose an option. The options available differ between the categories of tiles. For example, broadcast domains have an option to sort by VLAN ID and foreign devices have an option to sort by platform ID.

      Physical view

      The Physical view drop-down option enables you to filter the topology by broadcast domain.

      1. Click the Physical view drop-down list.

      2. Choose a component in the list.

      3. (Optional) Check or uncheck the Not in check box to highlight foreign devices that are not in the chosen broadcast domain.

      Show neighbors

      The Show neighbors check-box option enables you to view or hide foreign devices in the topology view.

      Check/uncheck the Show neighbors check box to view/hide foreign devices.

      Third filter drop-down list from the left.

      This drop-down list enables you to filter your interface tiles from a set of interface class options.

      Click the third drop-down list from the left and choose from the following:

      • Physical

        • Standalone

        • Port channel member

      • Logical port channel

      • Gateway

      • Unknown

      • Select all

      • Deselect all

      Filter by routed mode

      The Filter by routed mode drop-down list enables you to filter your interface tiles based on the specified router mode (Layer 2 or Layer 3).

      Click the Filter by routed mode drop-down list and choose from the following:

      • Switched (L2)

      • Routed (L3)

      • Select all

      • Deselect all

      Filter by role

      The Filter by role drop-down list enables you to filter your interface tiles based on the assigned role.

      Click the Filter by role drop-down list and choose from the following list of option:
      • Border

      • Host facing

      • Switch facing

      • vPC peer link

      • Unknown

      Filter by type

      The Filter by type drop-down list provides options for sorting the foreign device tiles by the type of device the tiles represent.

      Click the Sort by drop-down list and choose from the following:

      • Host

      • Hypervisor

      • Networking

      • Switch

      • Unknown

      Extra CLI Commands

      The following explains how the extra CLI commands configuration within switch objects and profiles are implemented in the Cisco Nexus Fabric Manager. The following steps outline when CLI configuration that is entered via the Extra CLI commands field is installed in a newly imported switch:

      1. AFP bootstrapping of switches (if switches are imported via AFP).

      2. Switches are imported into the switch pool in monitored state.

      3. Switches are moved into managed state.

        1. Extra CLI commands are pushed to the switches.

        2. A Cisco Nexus Fabric Manager generated configuration for the underlay and overlay are pushed to the switches.


      Note


      In Cisco Nexus Fabric Manager Release 1.3(1), new CLI command fields within switch objects, called Pre-provisioning and Post-provisioning CLI, are introduced in section /fill in section here/. They are prefix and suffix configuration that are appended to the staging configuration as part of the AFP bootstrapping of switches in step 1"


      For switches that are already imported and in managed mode, the following outlines how changes to the Extra CLI commands section are pushed to the switch:

      • Saving a change to the Extra CLI commands section in a switch modal.

      • Saving a change in a switch profile modal.

      • When a switch becomes reachable after being unreachable.

      • When transitioning a switch from monitored to managed.


      Note


      Switch features that are managed through the Cisco Nexus Fabric Manager, must not be altered via the configuration entered through the Extra CLI commands field.

      The following is a list of features that the Cisco Nexus Fabric Manager manages and cannot be configured through the Extra CLI commands field:

      • Building port channels

      • Building broadcast domains

      • Building VRFs

      • Switch software management

      • Underlay configuration (routing, EVPN, etc)

      • NX-OS feature management for those features specifically enabled by the Cisco Nexus Fabric Manager.

      • Interface configuration (VLAN, speed, state, beacon, link discovery protocols CDP/LLDP, IP address, BFD, LACP)


      How do you know when the configuration has been applied?

      • Go to the switch object Details window, scroll to the CLI COMMANDS section and verify a configuration change was recently pushed. To verify that specific commands were accepted by the switch, bring up the switch CLI and verify the running configuration.

      No command syntax validation is done by the Cisco Nexus Fabric Manager. When erroneous extra CLI commands are applied, a switch object fault is generated in response to the switch generated errors.

      The Cisco Nexus Fabric Manager does not trigger a reboot when extra CLI commands are applied. If you have a command that requires a reboot, the reboot must to be done manually.


      Note


      When removing commands from the Extra CLI Command section or disabling the section, CLI commands added by the feature are not removed from the switches themselves. These commands can either be removed at the switch CLI or by entering the required CLI commands to remove configuration (eg. prefix commands with no) and save these to the Extra CLI Commands section. Keep in mind the simple no prefix might not remove all added CLI configuration. Refer to the NX-OS configuration guides for the required syntax.


      • Which user triggers it?

        • The logs will show the user defined in the Cisco Nexus Fabric Manager switch object as the "owner" of the extra CLI commands changes.