Deploy Hardware

Wiring

For Acme Corp, it’s proposed that SAE designates two interconnected domains: services and shared-services. The services domain would contain the VNFs and networking of service chains. The services domain is dynamic and capable of scaling out as required.

The shared services domain contains all the services that SAE consumes–NSO, ESC, Firepower Configuration Center (FMC-2500) etc. The shared services domain mainly static and can host SAE-independent platforms.

Hardware Components

Table 1. Hardware Specifications
Device Note

2 x (n) CSP Devices

  • For SAE to work, you need a minimum of two CSP devices for redundancy.

  • However, you can scale the devices (in pairs) as required.

2 x (n) N9K 93180YC-FX leaves

  • For every two spines in your design, you would require four leaf switches for redundancy.

  • You can always scale the leaf switches as required in multiples of four.

CSP devices support SR-IOV high throughput virtual switching. CSP provides REST APIs and a ConfD interface for managing and creating VNFs and NSO modelled service chains and zones.

Nexus 9000 switches provide the networking fabric for interconnecting VNFs and the physical devices. N9K-C93180YC-FX pairs support Virtual Port Channel (vPC). A vPC can provide Layer 2 multipathing, which allows you to create redundancy by increasing bandwidth, enabling multiple parallel paths between nodes and load-balancing traffic where alternative paths exist.

Recommended Wiring Topology


Note

This section details the wiring topology that Cisco recommends.

Spine-Leaf Topology

Switching Basics

  • Each leaf must be connected to each spine.

  • No spines must be connected to each other.

  • No leaves must be connected to each other, except for the vPC pairs.


Note

If you don’t order spines, only the leaves would be connected through vPC pairing.

CSP Devices

Connect the CSP devices as per the topology specified below.

Connecting CSP Devices and Switches

  • Connect each CSP device to both the Nexus 9000 switches using two 10G ports in port-channel configuration. Each CSP device has four XL710 interfaces, which enable port channeling. Two of these ports must be connected to leaf 1 and two to leaf 2.

    The figure above shows the formation of two separate port channels. However, you can also form a single aggregate port channel using all four ports on the CSP device.

  • Connect the two X520 interfaces to the switches in a non port-channel configuration.

  • Connect all CSP devices to a separate management L3 network.

This same wiring must be repeated for any new CSP pairs you add to your SAE cluster.

Configure Hardware

Enter the consoles of each of the devices that is part of your SAE site, and complete the day-1 configuration.

Configure CSP Devices

See the following guides for more information on configuring the management IPs, OVS port-channels, and SR-IOV on your CSP devices.

Configure Nexus 9000 Switches

See the following configuration guide for more information on configuring the management IP addresses, port-channels, vPC, VEPA, and EVPN.

Install and Configure Software

Install NSO and SAE Core Function Pack

SAE supports NSO version 4.7.1.


Note

If you already have NSO installed, uninstall it and do a fresh installation of NSO 4.7.1.

Supported Operating Systems for NSO

  • Ubuntu

    • v17.10 – Artful

    • v16.04.4 LTS – Xenial

    • v18.04 LTS – Bionic

    • v14.04.5 LTS – Trusty

  • CentOS v7.4


Note

To install SAE core function pack. see SAE Core Function Pack Installation Guide.

Install and Configure ESC

SAE supports ESC 4.3.0.121 + patch. To install ESC, see Cisco Elastic Services Controller 4.3 Install and Upgrade Guide.