Deploying the Cisco APIC-EM
- Information about the Cisco APIC-EM Deployment
- Pre-Deployment Checklists
- Verifying the Cisco ISO Image
- Installing the Cisco ISO Image
- Cisco APIC-EM Configuration Wizard Parameters
- Configuring Cisco APIC-EM as a Single Host Using the Wizard
- Configuring Cisco APIC-EM as a Multi-Host Cluster Using the Wizard
- Powering Down and Powering Up the Cisco APIC-EM
- Uninstalling the Cisco APIC-EM
Information about the Cisco APIC-EM Deployment
You can deploy the Cisco APIC-EM on either a server (bare-metal hardware) or within a virtual machine in a VMware vSphere environment. You can also deploy the Cisco APIC-EM as either a single host or in a multi-host environment.
![]() Note | We recommend that you deploy the Cisco APIC-EM in a multi-host environment for enhanced scalability and redundancy. |
Pre-Deployment Checklists
Single Host Checklists
Review the following checklists before beginning your single-host Cisco APIC-EM deployment.
![]() Note | A host is defined as physical server or virtual machine with instances of a Grapevine root and clients running. The Grapevine root is located in the host OS and the clients are located within Linux containers. The clients run the services within the Linux containers. You can set up either a single host deployment or multi-host deployment (2 or 3 hosts) for your network. For high availability and scale, your multi-host deployment must contain three hosts. All inbound traffic to the controller in a single host deployment is through the host IP address that you configure using the configuration wizard. All inbound traffic to the controller in a multi-host deployment is through a Virtual IP that you configure using the configuration wizard. |
Networking Requirements
This Cisco APIC-EM deployment requires that the network adapters (NICs) on the host (physical or virtual) are connected to the following networks:
-
Internet (network access required for Make A Wish requests and telemetry collection)
-
Network with NTP server(s)
-
Network with devices that are to be managed by the Cisco APIC-EM
![]() Note | The Cisco APIC-EM should never be directly connected to the Internet. It should not be deployed outside of a NAT configured or protected datacenter environment. |
IP Address Requirements
Ensure that you have available at least one IP address for the network adapter (NIC) on the host.
The IP address is used as follows:
![]() Note | If your host has 2 NICs, then you might want to have two IP addresses available and configure one IP address for each NIC. |
Multi-Host Checklists
Review the following checklist before beginning your multi-host Cisco APIC-EM deployment.
-
You must satisfy the requirements for the single host deployment as described in the previous section for each host.
Note
For a multi-host configuration, 32 GB of RAM is required for each host in contrast to 64 GB of RAM requirement for a single host configuration.
-
Additionally, you must establish a network connection between each of the hosts using either a switch or a router. Each host must be routable with the other two hosts.
-
You must configure a virtual IP (VIP).
You configure one or more NICs on each host using the configuration wizard. Each NIC that you configure must point to a non-routable network (if all your networks are routable, then you only need one NIC). A VIP is required per non-routable network. For example, if you configure 2 NICs on all 3 hosts in a multi-host cluster and each NIC points to a separate, non-routable network, then you need to configure 2 VIPs. The VIP provides an interface redundancy feature for your multi-host deployment. With a VIP, the IP address can float between the hosts.
When deploying the controller in a multi-host configuration:
-
You provide a VIP address when configuring the controller using the wizard.
-
On startup, the controller will bring up the VIP on one of the hosts.
-
All inbound requests into controller from the external network are made via this VIP (instead of the host IP address), and the requests are routed to the services running on different hosts via the reverse-proxy service.
-
If the host on which has the VIP fails, then Grapevine will bring up the VIP on one of the remaining two hosts.
-
The VIP must reside in the same subnet as the three hosts.
-
Multi-Host Deployment Virtual IP
A multi-host deployment has three physical IP addresses and one virtual IP that floats across the IP addresses by design in order to provide high availability. This capability to float also means that any SSH client that wants to connect to the virtual IP address will see different host-identity public SSH keys each time the virtual IP moves its residence from one host to another host. Most SSH clients will complain that the new host is not trusted, since an entry already exists (as you might have accepted the key earlier for the older host which owned that virtual IP address before). To prevent this inconvenience, you may want to add the host keys of all the three hosts to your known hosts list as described below.
For example on a Linux or Apple Mac OS client machine, run the ssh-keyscan command on each of the three host physical IP addresses as follows:
$ ssh-keyscan -t rsa 209.165.200.30 # 209.165.200.30 SSH-2.0-OpenSSH_6.6.1p1 Ubuntu-2ubuntu2.3 209.165.200.30 ssh-rsa AAAAB3NzaC1yc2EAAAADAQABAAABAQDA1B6/1JpKPFOmG3S82eE8OKZkGYmRd SYnuCHfDiY5Pptt3BmaPgC6OlER4wwDL8VP2Rx2kxj3diIzFpUOyDqTbFxIRKVzlwtHHZdhO6G93MyLLGsWq XSMWs4xVcqpembKeCrdjakPaPAXqiAeKW9oimdv.....
$ ssh-keyscan -t rsa 209.165.200.31 # 209.165.200.31 SSH-2.0-OpenSSH_6.6.1p1 Ubuntu-2ubuntu2.3 209.165.200.31 ssh-rsa AAAAB3NzaC1yc2EAAAADAQABAAABAQDF57F90z2His86tEj4s75pTc7h0nfzF 2c3QweHCNN2ov474HJJcPrnWTw4DAoPpPCU6zWvR0QLxunURDb+pMeZrIIyd49xn9+OBSmBpzrnety7UB2uP XzL1RvVxayw8mkXkj779LhFh9vkXR4DtX7XLjg.....
$ ssh-keyscan -t rsa 209.165.200.32 # 209.165.200.32 SSH-2.0-OpenSSH_6.6.1p1 Ubuntu-2ubuntu2.3 209.165.200.32 ssh-rsa AAAAB3NzaC1yc2EAAAADAQABAAABAQC9kwzodGzGkh/UFXVa9fptGe+sa3CBR 6SNerXxpCmfT9AOXH8xuk3/CBX+DDUQgGJVmqw6maCYKOy0RtAhGxdsNdPL6ETTKzxYB5uzw3KhcDJ6D6ob6 jdzkR6yRuXVFi2OE+u1Aqs7J8GO66FfdavU8.....
Next, change the IP address in the SSH key line of each output to the virtual IP address of the following and append all three key lines to the ~/.ssh/known_hosts file and save it.
Assuming that 209.165.200.33 is the virtual IP address in the above multi-host example, you would add three lines in the ~/.ssh/known_hosts file of your client machine as follows:
209.165.200.33 ssh-rsa AAAAB3NzaC1yc2EAAAADAQABAAABAQDA1B6/1JpKPFOmG3S82eE8OKZkGYmRdSYnuCHfDiY5Pptt3BmaPgC6OlER4 wwDL8VP2Rx2kxj3diIzFpUOyDqTbFxIRKVzlwtHHZdhO6G93MyLLGsWqXSMWs4xVcqpembKeCrdjakPaPAXqiAeKW9 oimdvPbrQPua7Zg9oblDxaBPn0Fqj00YDjKqTkp/IkZHEfHbDM996GLEbWlOvoHeCCqeZ1nWgFIqzAF+ty8+X5Z/fh hmGe+w2tQlMfrs9pcZDaEEmq/w1W+uRohxLKs+OHnHYAbMzC6O+5fLEr2BwaZf8W016eo1WpPsxUVK6StbXBOQZrcH0 bPsUbIjKJkzafpft9Dp73pSd/vwaoB3DrvNec/PiEJYk+R.....
After the above change, the client will have no trouble performing uninterrupted SSH into the virtual IP address of the hosts even with the IP address floating.
Verifying the Cisco ISO Image
Prior to deploying the Cisco APIC-EM, you can verify that the ISO image that you downloaded is a genuine Cisco image.
![]() Note | If you are deploying the Cisco APIC-EM from an ISO image that you downloaded, then perform this procedure. This procedure is not required, if deploying the controller with the Cisco APIC-EM Controller Appliance (Cisco APIC-EM ISO image pre-installed and tested). |
You must have received notification of the location of the Cisco APIC-EM ISO image or contacted Cisco support for the location of the Cisco APIC-EM ISO image.
What to Do Next
After you verify that the ISO image is genuine and from Cisco, install the Cisco ISO image.
Installing the Cisco ISO Image
Perform the steps in the following procedure to install the Cisco ISO image on the host (server or virtual machine).
![]() Note | If you are deploying the Cisco APIC-EM from an ISO image that you downloaded, then perform this procedure. This procedure is not required, if deploying the controller with the Cisco APIC-EM Controller Appliance (Cisco APIC-EM ISO image pre-installed and tested). |
You must review the system requirements before beginning this procedure.
You must review the Cisco APIC-EM pre-deployment checklist before beginning this procedure.
You must have downloaded and verified the Cisco ISO image by performing the tasks in the previous procedure.
For installing the Cisco APIC-EM ISO image into a virtual machine using VMware, you must create an empty virtual machine that you will attach the Cisco APIC-EM ISO image to and then boot up. When creating this virtual machine, do not accept the VMware default settings but configure the settings as per the system requirements previously listed in this guide.
![]() Note | See the VMware documentation for information about creating and configuring new virtual machines. |
|
Boot up the host (server or virtual machine) and run the wizard to configure the Cisco APIC-EM.
Cisco APIC-EM Configuration Wizard Parameters
When the Cisco APIC-EM software configuration begins, an interactive configuration wizard prompts you to enter required parameters to configure the controller.
![]() Note | Ensure that the DNS and NTP servers are reachable before you run the configuration wizard and whenever a Cisco APIC-EM host reboots in the deployment. |
Configuration Wizard Prompt |
Description |
Example |
||
---|---|---|---|---|
Host IP address |
Must be a valid IPv4 address for the host. This IP address is used for the network adapter (eth0) on the host and connects to the external network or networks. For multiple network adapters, have several IP addresses available. |
10.0.0.12 |
||
(Optional) Virtual IP address |
Must be a valid IPv4 address. This virtual IP address is used for the network adapter (eth0) on the host. You should only configure a virtual IP address, if you are setting up a multi-host deployment. |
10.12.13.14 |
||
Netmask IP address |
Must be a valid IPv4 netmask. |
255.255.255.0 |
||
Default Gateway IP address |
Must be a valid IPv4 address for the default gateway. |
10.12.13.1 |
||
Primary server |
Must be a valid IPv4 address for the primary server. |
10.15.20.25
|
||
Primary NTP server |
Must be a valid IPv4 address or hostname of a Network Time Protocol (NTP) server. |
10.12.13.10 Enter either a single IP address for a single NTP primary server, or multiple IP addresses separated by spaces for several NTP servers. We recommend that you configure three NTP servers for your deployment. |
||
Add/Edit another NTP server |
Must be a valid NTP domain. |
10.12.13.11 Allows you to configure multiple NTP servers.
|
||
HTTPS proxy server |
Must be a valid IPv4 address for the HTTPS proxy with port number. |
https://209.165.200.11:3128 |
||
Admin Username |
Identifies the administrative username used for GUI access to the Cisco APIC-EM controller. We recommend that the username be three to eight characters in length and be composed of valid alphanumeric characters (A–Z, a–z, or 0–9). |
admin2780 |
||
Admin Password |
Identifies the administrative password that is used for GUI access to the Cisco APIC-EM controller. You must create this password because there is no default. The password meet the following requirements: |
MyIseYPass2 |
||
Linux Username |
Identifies the Linux (Grapevine) username used for CLI access to the Grapevine root and clients. |
The default is 'grapevine' and cannot be changed. |
||
Linux Password |
Identifies the Linux (Grapevine) password that is used for CLI access to the Grapevine roots and clients. You must create this password because there is no default. The password meet the following requirements: |
MyGVPass01 |
Configuring Cisco APIC-EM as a Single Host Using the Wizard
Perform the steps in the following procedure to configure Cisco APIC-EM as a single host using the wizard.
You must have either received the Cisco APIC-EM Controller Appliance with the Cisco APIC-EM pre-installed or you must have downloaded, verified, and installed the Cisco ISO image onto a server or virtual machine as described in the previous procedures.
Step 1 | Boot up the host. | ||||||||||||||||||||
Step 2 | Review the
APIC-EM
License Agreement screen that appears and choose either
<view
license agreement> to review the license agreement or
accept>> to accept the license agreement and
proceed.
After accepting the license agreement, you are then prompted to select a configuration option. | ||||||||||||||||||||
Step 3 | Review the
Welcome to the APIC-EM Configuration Wizard! screen
and choose the
Create
a new APIC-EM cluster option to begin.
You are then prompted to enter values for the NETWORK ADAPTER #1 (eth0). | ||||||||||||||||||||
Step 4 | Enter
configuration values for the
NETWORK ADAPTER #1 (eth0) on the host.
The configuration wizard discovers and prompts you to confirm values for the network adapter or adapters on your host. For example, if your host has three network adapters you are prompted to confirm configuration values for network adapter #1 (eth0), network adapter #2 (eth1), and network adapter #3 (eth2) respectively.
On Cisco UCS servers, the NIC labeled with number 1 would be the physical NIC. The NIC labeled with the number 2 would be eth1.
Once satisfied with the controller network adapter settings, enter next>> to proceed. After entering next>>, the configuration wizard proceeds to validate the values you entered. After validation and if your host has two network adapters, you are prompted to enter values for NETWORK ADAPTER #2 (eth1). If your host has three network adapters, you are prompted to enter values for NETWORK ADAPTER #2 (eth1) and NETWORK ADAPTER #3 (eth2). If you do not have any additional network adapters or if you do not have more than one non-routable network, then proceed directly to the next step. | ||||||||||||||||||||
Step 5 | If the
controller is being deployed in your network behind a proxy server and the
controller's access to the Internet is through this proxy server, then enter
configuration values for the
HTTPS
PROXY.
After configuring the HTTPS PROXY, enter next>> to proceed. After entering next>>, you are then prompted to enter values for CLOUD CONNECTIVITY. | ||||||||||||||||||||
Step 6 | Enter
configuration values for
CLOUD
CONNECTIVITY.
Once satisfied with the cloud connectivity settings, enter next>> to proceed. After entering next>>, the configuration wizard proceeds to validate the values entered. After validation, you are then prompted to enter values for the LINUX USER SETTINGS. | ||||||||||||||||||||
Step 7 | Enter
configuration values for the
LINUX
USER SETTINGS.
After configuring the Linux password, enter next>> to proceed. After entering next>>, you are then prompted to enter values for the APIC-EM ADMIN USER SETTINGS. | ||||||||||||||||||||
Step 8 | Enter
configuration values for the
APIC-EM ADMIN USER SETTINGS.
After configuring the administrator password, enter next>> to proceed. After entering next>>, you are then prompted to enter values for either the NTP SERVER SETTINGS. | ||||||||||||||||||||
Step 9 | Enter
configuration values for
NTP
SERVER SETTINGS.
After configuring the NTP server(s), enter next>> to proceed. After entering next>>, you are then prompted to enter values for the CONTROLLER CLEAN-UP. | ||||||||||||||||||||
Step 10 | Enter
configuration values for CONTROLLER CLEAN-UP.
For an initial configuration, enter no for both options. After configuring the controller clean-up, enter next>> to proceed. After entering next>>, you are then prompted to enter values to finish the configuration and begin the configuration wizard installation. | ||||||||||||||||||||
Step 11 | A final
message appears stating that the wizard is now ready to proceed with applying
the configuration.
The following options are available:
Enter proceed>> to complete the installation. After entering proceed>>, the configuration wizard applies the configuration values that you entered above.
At the end of the configuration process, a CONFIGURATION SUCCEEDED! message appears. | ||||||||||||||||||||
Step 12 | Open your
browser and enter the host IP address to access the
Cisco APIC-EM
GUI.
You can use the displayed IP address of the Cisco APIC-EM GUI at the end of the configuration process. | ||||||||||||||||||||
Step 13 | After
entering the IP address in the browser, a message stating that "Your connection
is not private" appears.
Ignore the message and click the Advanced link. | ||||||||||||||||||||
Step 14 | After
clicking the
Advanced link, a message stating that the site’s
security certificate is not trusted appears.
Ignore the message and click the link.
| ||||||||||||||||||||
Step 15 | In the Login window, enter the administrator username and password that you configured above and click the Log In button. |
What to Do Next
For a multi-host deployment, perform the following procedure to configure another host and join it with this host to create a cluster.
For a single-host deployment, begin to use the Cisco APIC-EM to manage and configure your network.
![]() Note | You can send feedback about the Cisco APIC-EM by clicking the Feedback icon ("I wish this page would....") at the lower right of each window in the GUI. Clicking on this icon opens a comments field. Use this field to make a comment on the current window or to make a request to the Cisco APIC-EM development team. |
Configuring Cisco APIC-EM as a Multi-Host Cluster Using the Wizard
Perform the steps in this procedure to configure Cisco APIC-EM on your host and to join it to another, pre-existing host to create a cluster. Configuring the Cisco APIC-EM on multiple hosts to create a cluster is best practice for both high availability and scale.
![]() Caution |
|
You must have either received a Cisco APIC-EM Controller Appliance with the Cisco APIC-EM pre-installed or you must have downloaded, verified, and installed the Cisco ISO image onto a second server or virtual machine.
You must have already configured Cisco APIC-EM on the first host (server or virtual machine) in your planned multi-host cluster following the steps in the previous procedure. This procedure must be run on the second host that you are joining to the cluster. When joining the new host to the cluster, you must specify an existing host in the cluster to connect to.
![]() Note | The Cisco APIC-EM multi-host configuration supports the following two workflows:
|
Step 1 | Boot up the host. | ||||||||||
Step 2 | Review the
APIC-EM License Agreement screen that appears and
choose either
<view license agreement> to review the license
agreement or
accept>> to accept the license agreement and
proceed with the deployment.
After accepting the license agreement, you are then prompted to select a configuration option. | ||||||||||
Step 3 | Review the
Welcome to the APIC-EM Configuration Wizard! screen
and choose one of the two displayed options to begin.
For the multi-host deployment, click the Add this host to an existing APIC-EM cluster option. | ||||||||||
Step 4 | Enter
configuration values for the
NETWORK ADAPTER #1 (eth0) on the host.
The configuration wizard discovers and prompts you to confirm values for the network adapter or adapters on your host. For example, if your host has two network adapters you are prompted to confirm configuration values for network adapter #1 (eth0) and network adapter #2 (eth1).
Later in this procedure, the following information will be discovered and copied from the cluster to the configuration file of this host: Once satisfied with the controller network adapter settings, enter next>> to proceed. After entering next>>, the configuration wizard proceeds to validate the values you entered. After validation, you are then prompted to enter values for the APIC-EM CLUSTER SETTINGS. | ||||||||||
Step 5 | Enter
configuration values for the
APIC-EM CLUSTER SETTINGS.
After configuring the administrator cluster settings, enter next>> to proceed. After entering next>>, the configuration wizard then proceeds to prepare the host to join the cluster. You will receive a message to please wait, while the remote cluster is being queried and data is retrieved. | ||||||||||
Step 6 | Enter
configuration values for the
Virtual IP.
Once satisfied with the virtual IP address settings, enter next>> to proceed. After entering next>>, the configuration wizard proceeds to validate the values you entered. | ||||||||||
Step 7 | (Optional)
Enter additional configuration values for the
Virtual IP.
The configuration wizard proceeds to continue its discovery of any pre-existing configuration values on the hosts in the cluster. Depending upon what the configuration wizard discovers, you may be prompted to enter additional configuration values. For example:
Once satisfied with the virtual IP address settings, enter next>> to proceed. After entering next>>, the configuration wizard proceeds to validate the values you entered. | ||||||||||
Step 8 | A final
message appears stating that the wizard is now ready to proceed to join the
host to the cluster.
The following options are available:
Enter proceed>> to proceed. After entering proceed>>, the configuration wizard applies the configuration values that you entered above.
At the end of the configuration process, a successful configuration message appears. | ||||||||||
Step 9 | Open your
browser and enter an IP address to access the
Cisco APIC-EM
GUI.
You can use the first displayed IP address of the Cisco APIC-EM GUI at the end of the configuration process.
| ||||||||||
Step 10 | After
entering the IP address in the browser, a message stating that "Your connection
is not private" appears.
Ignore the message and click the Advanced link. | ||||||||||
Step 11 | After
clicking the
Advanced link, a message stating that the site’s
security certificate is not trusted appears.
Ignore the message and click the link.
| ||||||||||
Step 12 | In the Login window, enter the administrator username and password that you configured above and click the Log In button. |
What to Do Next
Proceed to follow the same procedure described here to join the third and final host to the multi-host cluster.
![]() Note | You can send feedback about the Cisco APIC-EM by clicking the Feedback icon ("I wish this page would....") at the lower right of each window in the GUI. Clicking on this icon opens a comments field. Use this field to make a comment on the current window or to make a request to the Cisco APIC-EM development team. |
Changing the Settings in a Multi-Host Cluster Using the Wizard
Perform the steps in this procedure to change the Cisco APIC-EM external network settings, NTP server address, and/or password for the Linux grapevine user in a multi-host cluster. The external network settings that can be changed include:
![]() Note | In order to change the external network settings, NTP server address, and/or the Linux grapevine user password in a multi-host deployment, you need to first break up the multi-host cluster. As a result, controller downtime occurs. For this reason, we recommend that you perform this procedure during a maintenance time period. For information about changing settings for a single host configuration, see Updating the Configuration Using the Wizard |
You must have successfully configured the Cisco APIC-EM as a multi-host cluster using the configuration wizard, as described in the previous procedures.
Step 1 | Using a Secure
Shell (SSH) client, log into one of the hosts in your cluster.
Log in using the IP address that you specified using the configuration wizard.
| ||
Step 2 | When prompted, enter your Linux username ('grapevine') and password for SSH access. | ||
Step 3 | Enter the
following command to access the configuration wizard.
$ config_wizard | ||
Step 4 | Review the Welcome to the APIC-EM Configuration Wizard! screen and choose the option to remove the host from the cluster: | ||
Step 5 | A message
appears with the following options:
At the end of this process, this host is removed from the cluster. | ||
Step 6 | Repeat the above
steps (steps 1-5) on a second host in the cluster.
| ||
Step 7 | Using a Secure
Shell (SSH) client, log into that final host in your cluster and run the
configuration wizard.
$ config_wizard After logging into the host, begin the configuration process. | ||
Step 8 | Make any
necessary changes to the configuration values for the external network
settings, NTP server address, and/or password for the Linux grapevine user
using the wizard.
After making your configuration change(s), continue through the configuration process to the final message. | ||
Step 9 | At the end of
the configuration process, a final message appears stating that the wizard is
now ready to proceed with applying the configuration.
The following options are available:
Enter proceed>> to complete the installation. After entering proceed>>, the configuration wizard applies the configuration values that you entered above.
At the end of the configuration process, a CONFIGURATION SUCCEEDED! message appears. | ||
Step 10 | Log into the
other hosts in your multi-host cluster and use the configuration wizard to
recreate the cluster.
Refer to the previous procedure, Configuring Cisco APIC-EM as a Multi-Host Cluster Using the Wizard for information about this process. |
Removing a Single Host from a Multi-Host Cluster Using the Configuration Wizard
Perform the steps in the following procedure to remove one of the hosts running Cisco APIC-EM from a multi-host cluster. You use the Cisco APIC-EM configuration wizard to perform this procedure.
![]() Note | The configuration wizard option to remove a host only appears if the host on which you are running the configuration wizard is part of a multi-host cluster. If the host is not part of a multi-host cluster, then the option to remove a host does not display. When performing this procedure, controller downtime occurs. For this reason, we recommend that you perform this procedure during a maintenance time period. |
You should have deployed Cisco APIC-EM on a multi-host cluster following the procedure described in this guide.
You must perform this procedure on the single host that is to be removed from the multi-host cluster.
Step 1 | Using a Secure
Shell (SSH) client, log into the host (appliance, server, or virtual machine)
with the IP address that you specified using the configuration wizard.
| ||
Step 2 | When prompted, enter your Linux username ('grapevine') and password for SSH access. | ||
Step 3 | Enter the
following command to access the configuration wizard.
$ config_wizard | ||
Step 4 | Review the Welcome to the APIC-EM Configuration Wizard! screen and choose the option to remove the host from the cluster: | ||
Step 5 | A message
appears with the following options:
At the end of this process, you must then either run the configuration wizard again to configure the host as a new Cisco APIC-EM or join the Cisco APIC-EM to a cluster. |
What to Do Next
If you wish to use this host again as either a stand-alone controller or operating within a cluster, then you must run the configuration wizard again and re-install the Cisco APIC-EM. Do not attempt to use this host again as either a standalone host or within a cluster without re-installing the Cisco APIC-EM.
Removing a Faulted Host from a Multi-Host Cluster Using the Configuration Wizard
Perform the steps in the following procedure to remove a faulted or inoperative host (running Cisco APIC-EM) from a multi-host cluster. You use the Cisco APIC-EM configuration wizard to perform this procedure. A host becomes faulted when it can no longer participate in the cluster due to hardware or software issues.
After following this procedure on a three host cluster (moving from three hosts to two hosts), you will lose high-availability protection against loss of a host. After following this procedure for a two host cluster, then the cluster will become inoperable until that second host is brought back up and added to the cluster.
![]() Note | The fact that the host becomes "faulted" results in replacement instances of the services on the faulted host being grown on the remaining hosts in the cluster. During the time period when the replacement instances are being grown and depending on the types of services being grown, certain Cisco APIC-EM functionality may not be available. |
You have deployed Cisco APIC-EM on a multi-host cluster following the procedure described earlier in this guide.
You must perform this procedure on an active host in the multi-host cluster. You cannot perform this procedure on the faulted host that is to be removed from the multi-host cluster. A faulted host is displayed as red in the Hosts view in the Grapevine developer console.
![]() Note | You should always first attempt to bring the faulted host back online. After determining that the faulted host can no longer participate in the cluster, then try to remove the faulted host using the Remove this host from its APIC-EM cluster configuration wizard option. You should only follow this procedure and the Remove a faulted host from this APIC-EM cluster configuration wizard option, if that other option is tried first and is unsuccessful in removing the host. |
Step 1 | Using a Secure
Shell (SSH) client, log into the host (appliance, server, or virtual machine)
with the IP address that you specified using the configuration wizard.
| ||
Step 2 | When prompted, enter your Linux username ('grapevine') and password for SSH access. | ||
Step 3 | Enter the
following command to access the configuration wizard.
$ config_wizard | ||
Step 4 | Review the Welcome to the APIC-EM Configuration Wizard! screen and choose the option to forcibly remove the faulted host from the cluster: | ||
Step 5 | A message
appears with the following options:
At the end of this process, you must then either run the configuration wizard again to configure the host as a new Cisco APIC-EM or join the Cisco APIC-EM to a cluster. |
What to Do Next
If you wish to use this host again as either a stand-alone controller or operating within a cluster, then you must run the configuration wizard again and re-install the Cisco APIC-EM. Do not attempt to use this host again as either a standalone host or within a cluster without re-installing the Cisco APIC-EM.
Powering Down and Powering Up the Cisco APIC-EM
Under certain circumstances such as troubleshooting, you might want to power down and then power up the Cisco APIC-EM. This procedure describes how to gracefully power down and then power up the Cisco APIC-EM.
You should have deployed the Cisco APIC-EM following the procedures in this guide.
Step 1 | Using a Secure
Shell (SSH) client, log into the host (appliance, server, or virtual machine)
with the IP address that you specified using the configuration wizard.
| ||
Step 2 | When prompted, enter your Linux username ('grapevine') and password for SSH access. | ||
Step 3 | Enter the grape host display command to review the command output and determine the host_id of the host that you want to power off. | ||
Step 4 | Enter the grape host evacuate command to harvest
(gracefully shut down) the services on the host.
Use the host_id for this command that you determined in the previous step. $ grape host evacuate host_id This command harvests all services running on the specified host (host_id) using the grape host evacuate command. In a multi-host cluster, the services on the specified host are harvested and transferred to the other two hosts in the cluster. | ||
Step 5 | Power down the
host, by entering the following command:
$ sudo shutdown -h now
| ||
Step 6 | Review the
command output as the host shuts down.
| ||
Step 7 | Power up the Grapevine root process by turning the host back on. | ||
Step 8 | Using a Secure
Shell (SSH) client, log back into the host with the IP address that you
specified using the configuration wizard.
| ||
Step 9 | When prompted, enter your Linux username ('grapevine') and password for SSH access. | ||
Step 10 | Enable
Grapevine, by entering the following command on the Grapevine root:
$ grape host enable host_id The host ID to enter for this command must be the same as the host ID used in the grape host evacuate command in step 4. Wait a few minutes for the Cisco APIC-EM services to start up again. |
What to Do Next
Log back into the controller's GUI and begin working with the Cisco APIC-EM to manage and monitor the devices within your network.
Uninstalling the Cisco APIC-EM
The following procedure describes how to uninstall the Cisco APIC-EM.
![]() Note | If you plan to reinstall the Cisco APIC-EM after uninstalling it, then you must follow the procedure described below to avoid any possible problems. You should have also contacted Cisco support for the link to download the latest Cisco APIC-EM ISO image. Be aware that this procedure shuts down both the Cisco APIC-EM and the host (physical or virtual) on which it resides. At the end of this procedure and if you are reinstalling the Cisco APIC-EM, then you will need to access the host and restart it. |
Step 1 | Using a Secure
Shell (SSH) client, log into the host (appliance, server, or virtual machine)
with the IP address that you specified using the configuration wizard.
| ||
Step 2 | Enter the Linux username ('grapevine') and password when prompted. | ||
Step 3 | Enter the
reset_grapevine factory command at the prompt.
$ reset_grapevine factory | ||
Step 4 | Enter your Linux
grapevine password a second time to start the reset process.
$ sudo password for grapevine ********* After entering this command a warning appears that the reset_grapevine factory command will shut down the controller. You are then prompted to confirm your intent to run the reset_grapevine factory command. | ||
Step 5 | Enter
Yes to confirm that you want to run the
reset_grapevine factory command.
The controller then performs the following tasks: |