Selecting a Layer 4 to Layer 7 Device to Render a Graph

About Device Selection Policies

A device can be selected based on a contract name, a graph name, or the function node name inside the graph. After you create a device, you can create a device context, which provides a selection criteria policy for a device.

A device selection policy (also known as a device context) specifies the policy for selecting a device for a service graph template. This allows an administrator to have multiple device and then be able to use them for different service graph templates. For example, an administrator can have a device that has high-performance ADC appliances and another device that has lower-performance ADC appliances. Using two different device selection policies, one for the high-performance ADC device and the other for the low-performance ADC device, the administrator can select the high-performance ADC device for the applications that require higher performance and select the low-performance ADC devices for the applications that require lower performance.

Creating a Device Selection Policy Using the GUI

If you did not use the Apply L4-L7 Service Graph Template To EPGs wizard to apply the service graph template, you might need to configure a device selection policy (also known as a logical device context). The device selection policy instructs Cisco Application Centric Infrastructure (ACI) about which firewall or load balancer device to use to render a graph.

If you used the Apply L4-L7 Service Graph Template To EPGs wizard to apply the service graph template, then a device selection policy was configured automatically and you do not need to configure one manually.


Note

When using the NX-OS-style CLI, the device selection policy is configured automatically; there are no equivalent NX-OS-style CLI commands.

    Step 1   On the menu bar, choose Tenants > All Tenants.
    Step 2   In the Work pane, double click the tenant's name.
    Step 3   In the Navigation pane, choose Tenant tenant_name > L4-L7 Services > Devices Selection Policies.
    Step 4   In the Work pane, choose Actions > Create Logical Device Context.
    Step 5   In the Create Logical Device Context dialog box, fill in the fields as required, except as specified below:
    1. In the Service Type drop-down list, choose the contract for the device selection policy. If you do not want to use the contract name as part of the criteria for using a device, choose any.
    2. In the Graph Name drop-down list, choose the graph for the device selection policy. If you do not want to use the graph name as part of the criteria for using a device, choose any.
    3. In the Node Name drop-down list, choose the node for the device selection policy. If you do not want to use the node name as part of the criteria for using a device, choose any.
    Step 6   In the Cluster Interface Contexts section, click + to add a cluster interface context.

    • Connector Name—The name of the connector in the service graph template.

    • Logical Interface—The logical interface to use for the connector that is specified in the logical interface context.

    • Bridge Domain—The bridge domain that is specified in the logical interface context.

    • Subnets—The subnet to configure on the logical interfaces when the service graph template is instantiated.

    Step 7   Click Submit.

    Configuring a Device Selection Policy Using REST APIs

    You can use the REST APIs to configure a device selection policy.

    Creating a Device Selection Policy Using the REST APIs

    The following REST API creates a device selection policy: 

    <polUni>
    <fvTenant dn="uni/tn-acme" name="acme">
        <vnsLDevCtx ctrctNameOrLbl="webCtrct" graphNameOrLbl="G1" nodeNameOrLbl="Node1">
            <vnsRsLDevCtxToLDev tDn="uni/tn-acme/lDevVip-ADCCluster1"/>
            
             <!-- The connector name C4, C5, etc.. should match the 
                  Function connector name used in the service graph template -->

             <vnsLIfCtx connNameOrLbl=“C4">
                <vnsRsLIfCtxToLIf tDn="uni/tn-acme/lDevVip-ADCCluster1/LIf-ext"/>
            </vnsLIfCtx>
            <vnsLIfCtx connNameOrLbl=“C5">
                <vnsRsLIfCtxToLIf tDn="uni/tn-acme/lDevVip-ADCCluster1/LIf-int"/>
            </vnsLIfCtx>
        </vnsLDevCtx>
    </fvTenant>
</polUni>

    Adding a Logical Interface in a Device Using the REST APIs

    The following REST API adds a logical interface in a device: 
    <polUni>
    <fvTenant dn="uni/tn-acme" name="acme">
        <vnsLDevVip name="ADCCluster1">

            <!-- The LIF name defined here (such as e.g., ext, or int) should match the 
                 vnsRsLIfCtxToLIf ‘tDn' defined in LifCtx  -->

            <vnsLIf name=“ext">

                <vnsRsMetaIf tDn="uni/infra/mDev-Acme-ADC-1.0/mIfLbl-outside"/>
                <vnsRsCIfAtt tDn="uni/tn-acme/lDevVip-ADCCluster1/cDev-ADC1/cIf-ext"/>
            </vnsLIf>
            <vnsLIf name=“int">
                <vnsRsMetaIf tDn="uni/infra/mDev-Acme-ADC-1.0/mIfLbl-inside"/>
                <vnsRsCIfAtt tDn="uni/tn-acme/lDevVip-ADCCluster1/cDev-ADC1/cIf-int"/>
            </vnsLIf>
        </vnsLDevVip>
    </fvTenant>
</polUni>