APIC – The Application Policy Infrastructure Controller

The APIC is the core component for ACI. All configuration will be issued and maintained from this system.

After the login the dashboard is being presented – will give you an overview on system health and some statistics.

In our simulator we’ve got only one APIC, in production setups there have to be at least three nodes. That’s why you will see constantly in your simulator a warning in your notification field.

Three nodes to avoid the risk of cluster fragmentation (sometimes called „split brain“).

Briefly explained – if there are only two nodes acting as APIC, and they will lose connectivity – there is no way to decide for the now isolated APIC, if the other node is down or just not reachable. Worst case scenario for this failure – both nodes are guessing, the other one is down, and that way the configuration will differ.

To avoid this situation the solution is to provide a n+1 requirement. Means – only if a node is part of a majority, than this node will continue to run. So – if e.g. apic1 and apic2 are having connectivity, but apic3 hasn’t, apic3 will cease operation.

After login you’ll find many tabs and sub-tabs. We’ll just go briefly through them.

At the top right there are four icons, the second from the right expands to:

Nice – Change My SSH Keys – here you are able to store the public key from your jump server (if you are using one).

After deploying – the passwordless ssh-key based access is working. Automatically on all nodes.

iMac:~ andreasfassl$ ssh -l admin
Application Policy Infrastructure Controller
Last login: 2020-06-18T14:08:12.000+00:00 UTC
Connection to closed.
iMac:~ andreasfassl$ ssh -l admin