About Global Configuration

You can use the SAE UI to configure some part of the infrastructure such as authentication groups and resource pools.

View Authentication Groups and Resource Pools

Procedure


Step 1

Click Configuration at the top-right corner of the homepage.

Step 2

Click the Global tab.

Step 3

Depending on your requirement, click one of the following tabs: IP Address Pool, ID Pool, or Authentication, Settings, Devices, Config Parameters.

Your resource pools or authentication groups are displayed in card format by default, where each card represents a resource pool or an authentication group.

Note 

For Settings, Devices and Config Parameters, there is no option to toggle between card view and list view. If you click either Settings or Devices or Config Parameters, the default view is displayed.

Step 4

Click List View to view your resource pools or authentication groups in a list format.


Create IP Address Pools

IP Address Pool: SAE core function pack assigns IP addresses to virtual links between services from this pool.

Create the following distinct resource pools.

  • Data IP Pool: SAE core function pack assigns IP addresses to virtual links in service chain.

  • Management IP Pool: SAE core function pack assigns IP addresses to management interface of the service from this pool.

Procedure


Step 1

Click Configuration at the top-right corner of the homepage.

Step 2

Choose Global > IP Address Pool.

Step 3

Click Add.

Alternatively, on the card view click to copy an existing IP address pool and edit and save it with a new name.

Step 4

Provide the requested information.

  1. Name: Enter a name for your IP pool.

  2. Alarm: Choose Enabled or Disabled from the drop-down list.

    When you select Enabled, NSO triggers an alarm when the IP address pool falls below the capacity threshold you set.

  3. Low Capacity Threshold (%): Enter a value for the low capacity threshold. Low Threshold percentage is the capacity threshold you set for IP address pools.

  4. Tag: Choose the resource pool tag ASN, VLAN, VNID, MGMT or DATA from the dropdown.

    The created pool will get associated with the selected tag value and this tag value is helpful in deploying endpoint-gateway-vnf, service-chain and stitching services.

  5. Subnet: Click + next to Subnet and enter an IP address and Mask. Note: Subnet allows you to choose the pool of available IPs but it is not used for networking as a subnet mask.

  6. Exclude: Click + next to Exclude and enter an IP address and Mask to exclude.

  7. Range: Click + next to Range and enter a number From and To for the range.

Step 5

(Optional) Click Validate to verify your inputs.

Step 6

Click Save to save the IP address pool.

To edit an existing IP address pool, select the pool in the card view and update the information. Note: The name of the IP address pool cannot be edited however, you can edit the IP address pool if no service is deployed.

Click to delete an existing IP address pool.


What to do next

Repeat this procedure to create all the IP address pools that you need for your SAE deployment.

Click Back to go back to the previous page.

Create ID Pools

ID pools are used to define pools of VLANs, BGP AS numbers, and VNIDs for spine-leaf topologies.

Procedure


Step 1

Click Configuration at the top-right corner of the homepage.

Step 2

Choose Global > ID Pool.

Step 3

Click Add.

Alternatively, click to copy an existing ID pool in card view and edit and save it with a new name.

Step 4

Provide the requested information.

  1. Name: Enter a name for your ID pool.

  2. Start Range: Enter a number for the start of your ID pool range.

  3. End Range: Enter a number for the end of your ID pool range.

  4. Alarm: Choose Enabled or Disabled from the drop-down list.

    When you select Enabled, NSO triggers an alarm when the ID pool fall below the low threshold capacity you set.

  5. Low Capacity Threshold: Enter a low threshold capacity percentage. If you select Enabled in the previous step, NSO triggers and alarm when the ID pool falls below the threshold you set here. By default, it is set to 10 for 10%.

  6. Tag: Choose the resource pool tag ASN, VLAN, VNID, MGMT or DATA from the dropdown list.

    The created pool will get associated with the selected tag value and this tag value is helpful in deploying endpoint-gateway-vnf, service-chain and stitching services.

  7. Excludes: Click + next to Exclude. The Exclude details window opens. Enter start and end numbers for the range to be excluded for the ID pool.

Step 5

(Optional) Click Validate to verify your inputs without pushing configuration into NSO database.

Step 6

Click Save to save the ID pool.

To edit an existing ID pool, select the pool in the card view and update the information. Note: The name of the ID pool cannot be edited however, you can edit the ID pool if no service is deployed.

Click to delete an existing ID pool.

Click Back to go back to the previous page.


Add Authentication Information

The authentication information that you add enables NSO to access your devices and services. Add authentication for every device and service that is managed by NSO: CSP devices, Nexus 9000 switches, VNFs, and ESC. Define access authentication parameters such as: username, password (used by NSO to SSH), and secondary password (used by NSO to access configuration mode).

Procedure


Step 1

Click Configuration at the top-right corner of the homepage.

Step 2

Choose Global > Authentication.

All your existing authentication groups display. To edit any of the existing authentication information, click the authentication group in the card view and update your username, password, or secondary password. Note that the name of the authentication group cannot be edited.
Step 3

Click Add.

Step 4

Provide the requested information.

  1. Name: Enter a name for the auth group.

  2. Tag: Choose the type of authgroup tag from the dropdown.

  3. Username: Enter a username for the auth group.

  4. Password: Enter a password for the auth group.

  5. Confirm Password: Enter the same password to confirm password the auth group.

  6. Secondary Password: Enter a secondary password for executing privilege command as some device may require it to execute. Note: It is called as CISCO parlance <enable password>.

  7. Secondary Confirm Password: Enter a secondary password to confirm the execution of the privilege command.

Step 5

(Optional) Click Validate to verify your inputs.

Step 6

Click Save to save the authentication details.

Click to delete an existing set of authentication details.


What to do next

Repeat this procedure to add authentication details for all the devices and services that you plan to use for your SAE deployment.

Click Back to go back to the previous page.

Add SAE Settings

This section allows you to add settings like timeout, network capability and ACI interface type.

Procedure


Step 1

Click Configuration at the top-right corner of the homepage.

Step 2

Choose Global > Settings > SAE Settings.

Step 3

Provide the requested information.

  1. Time Out: Enter a timeout value. The permitted range is 1320 to 65535.

  2. Network Capability: Enter the network capability in the following format:

    • NIC _TYPE: Click + next to Network Capability and enter NIC physical hardware component for the network connection.

    • NW_Type: Click + next to Network Capability and enter the network type for the SAE.

  3. ACI Interface Types: Click the + sign next to ACI Interface Type and enter the ACI Interface Type.

Step 4

(Optional) Click Validate to verify your inputs.

Step 5

Click Save.


What to do next

Repeat this procedure to create all the SAE Settings that you need for your SAE deployment.

Add Devices Global Settings

This section allows you to add device global settings for read, write, and connect for new connections.

Procedure


Step 1

Click Configuration at the top-right corner of the homepage.

Step 2

Choose Global > Settings > Devices Global Settings.

Step 3

Provide the requested information.

  1. Read Time Out: Enter a read timeout value for reading the data. The permitted range is 1320 to 65535.

  2. Write Time Out: Enter a write timeout value for writing the data. The permitted range is 1320 to 65535.

  3. Connect Time Out: Enter a connect timeout value for a new connection. The permitted range is 1320 to 65535.

Step 4

(Optional) Click Validate to verify your inputs.

Step 5

Click Save.


Add a Device

The devices screen shows you your device inventory. You can add new devices from this area.

Follow these steps to directly add devices using the GUI.

Procedure


Step 1

Click Configuration at the top-right corner of the homepage.

Step 2

Choose Global > Devices.

Step 3

Click Add.

Step 4

Provide the requested information.

  1. Skip SSH: Select this check-box if you want the device to skip the step to fetch SSH keys.

  2. Name: Enter a name for your device.

  3. Address: Enter the IP address of your device.

  4. Port: Enter the port number to be used to connect to the device.

  5. AuthGroup: Choose the appropriate auth group from the drop-down list.

  6. Type: Select netconf, generic, or CLI from the drop-down list.

  7. Trace: By default cisco-apicdc-gen-3-9 trace is selected.

    All the interactions between the device and NSO are logged in the trace log. Choose the following options from the dropdown.

    • Pretty: The trace log will print in Pretty-print data structure.

    • Raw: The trace log will print in unformatted structure.

    • False: The trace log will not be generated.

    Note you can edit the existing trace log after the device is created in the table list view.

Step 5

Click Save to add the device.

A pop-up screen shows the progress of the new device you added in terms of device creation and connection.

Click the Select Columns dropdown list and select the checkbox to add the columns in the device table list view.

Select the Filter Row checkbox and enter the value in the respective column to filter the device table.

Enter the device name in Search Device to search the device.

Click the Export button to export all the devices in bulk.

You can edit an existing IP Address and Authgroup in table list view column to update the information.

Click in Delete column to delete an existing device.

By default, the device table displays 10 rows per page. Click on the Rows per page dropdown to change the pagination. You can add maximum 40 rows per page.


Add APIC Device

The devices screen shows you your device inventory. You can add new APIC devices from this area.

Follow these steps to directly add APIC devices using the GUI.

Procedure


Step 1

Click Configuration at the top-right corner of the homepage.

Step 2

Choose Global > Devices.

Step 3

Click Add.

Step 4

Provide the requested information.

  1. APIC Device: Select this checkbox if you want the add APIC device

  2. Skip SSH: Select this check-box if you want the device to skip the step to fetch SSH keys.

  3. Name: Enter a name for your device.

  4. Address: Enter the IP address of your device.

  5. Port: Enter the port number to be used to connect to the device.

  6. AuthGroup: Choose the appropriate auth group from the drop-down list.

  7. Type: By default, generic type is selected.

  8. Trace: By default, cisco-apicdc-gen-3-9 trace is selected.

    All the interactions between the device and NSO are logged in the trace log. Choose the following options from the dropdown.

    • Pretty: The trace log will print in Pretty-print data structure.

    • Raw: The trace log will print in unformatted structure.

    • False: The trace log will not be generated.

    Note you can edit the trace log after the device is created in the table.

  9. Connect TimeOut: Enter a connect timeout number in seconds for a new connection. The permitted range is 1320 to 65535.

  10. Read TimeOut: Enter a read timeout number in seconds for reading the data.

  11. Write TimeOut: Enter a write timeout number in seconds for writing the data.

  12. Out Of Sync Commit Behaviour: Choose Reject or Accept option from the drop-down list.

Step 5

Provide the requested information for NED Settings.

  1. Log Verbose: Choose true or false from the drop-down list.

  2. Config Path: Enter the configuration path to save the APIC configuration files.

  3. Local Host: Choose true or false from the drop-down list.

  4. Host: Enter the host number.

  5. User Name: Enter the user name for the NED Settings.

  6. User Password: Enter the user name for the NED Settings.

  7. Disable Check Sync: Choose true or false from the drop-down list.

  8. Ignore Passwords: Choose true or false from the drop-down list.

  9. Enable-L3ExtOut-CFG-Split: Choose true or false from the drop-down list.

  10. Alternative Hosts: Click + next to Alternative Hosts and enter the IP Address.

    You can add maximum 10 IP addresses.

Step 6

Click Save to add the APIC device.

Click the Select Columns dropdown list and select the checkbox to add the columns in the device table list view.

Select the Filter Row checkbox and enter the value in the respective column to filter the device table.

Enter the device name in Search Device to search the device.

Click the Export button to export all the devices in bulk.

You can edit an existing IP Address and Authgroup in table list view column to update the information.

To edit an existing APIC device, in Edit column, click the pencil icon and update the information. Note that the APIC device name cannot be edited.

Click in Delete column to delete an existing APIC device.

By default, the device table displays 10 rows per page. Click on the Rows per page dropdown to change the pagination. You can add maximum 40 rows per page.


Add Config Parameters

This section allows you to add SAE Config Parameters for global settings.

Procedure


Step 1

Click Configuration at the top-right corner of the homepage.

Step 2

Choose Global > Config Parameters.

Step 3

Click Add.

Step 4

Provide the requested information.

  1. Name: Click + next to SAE Config Parameters and enter the name for the global configuration parameter.

  2. Value: Enter the global parameter value for SAE Configuration.

Step 5

(Optional) Click Validate to verify your inputs.

Step 6

Click Save to save the Configuration Parameter.


Import and Export Global Configuration

This topic describes the following:
  • How to import IP address pools, ID pools and Authentication individually or in bulk.

  • How to export devices in bulk.

To be able to import files, the file should be in XML or JSON format. Similarly, the files are also exported in XML or JSON format.

Procedure


Step 1

Click Configuration at the top-right corner of the homepage.

Step 2

Click the Global tab.

Step 3

Depending on your requirement, click one of the tabs: IP Address Pool, ID Pool, Devices or Config Parameters.

Action

Result

Click IP Address Pool

Your IP address pools are displayed in card view.

Import IP Address Pools in Bulk

  • Click the Import button to import XML or JSON files containing configuration for single or multiple IP address pools.

Export IP Address Pools in Bulk

  • Click the Export button to export your existing IP address pools in bulk in XML or JSON format.

Export Individual IP Address Pools

  • Click the on the card of the IP address pool to export in JSON and XML format.

Click ID Pool

Your ID Pools are displayed in card view.

Import ID Pools in Bulk

  • Click the Import button to import XML or JSON files containing configuration for single or multiple ID pools.

Export ID Pools in Bulk

  • Click the on the card of the IP address pool to export in JSON and XML format.

Export Individual ID Pools

  • Click the Download Icon on the card of the ID pools you want to export in JSON format.

Click Devices

Your existing authentication groups are displayed in card view.

Export Devices in Bulk

  • Click the Export button to export all your existing devices in XML or JSON format.

Export Individual Devices

  • Click the on the card of the IP address pool to export in JSON and XML format.

Click Config Parameters

Your existing config parameters groups are displayed.

Import Config Parameter in Bulk

  • Click the Import button to import XML or JSON files containing configuration for single or multiple Config Parameter.

Export Devices in Bulk

  • Click the Export button to export all your existing config parameters. in XML or JSON format.