Product Documentation

Configuring a NetScaler ADC in Hybrid Mode by using a Cisco APIC and NetScaler MAS

Perform the following tasks to configure a NetScaler ADC in Hybrid Mode by using Cisco APIC and NetScaler MAS:

  1. Add NetScaler instances in your fabric to NetScaler MAS. For instructions, see Adding an Instance to NetScaler MAS.

  2. Use NetScaler MAS to create a StyleBook for the application. For instructions, see Creating a StyleBook for the Application Using NetScaler MAS.

  3. Import the NetScaler hybrid mode device package into Cisco APIC. For instructions, see Importing the NetScaler Hybrid Mode Device Package into Cisco APIC.

  4. Add NetScaler MAS as a device manager in the Cisco APIC. For instructions, see Adding NetScaler MAS as a Device Manager in Cisco APIC.

  5. Use Cisco APIC to add a NetScaler device in Cisco ACI. For instructions, see Adding the NetScaler as a Device in Cisco ACI.

  6. Create and deploy a service graph template. For instructions, see Creating and Deploying a Service Graph.

  7. Configure L4-L7 parameters by using StyleBook in NetScaler MAS. For instructions, see Configure L4-L7 parameter using StyleBook from NetScaler MAS.

  8. Attach or detach endpoint events from the Cisco APIC. For more information, see Attaching or Detach endpoint events from APIC.

Creating a StyleBook for the Application by Using NetScaler MAS

A StyleBook is a configuration template that you can use to create and manage NetScaler configurations for any application. You can create a StyleBook for configuring a specific NetScaler feature, such as load balancing, SSL offload, or content switching. You can design a StyleBook to create configurations for an enterprise application deployment such as Microsoft Exchange or Lync. For more information, see StyleBooks.

You can create your own StyleBook for your application or modify and use the APIC-HTTP-LB StyleBook shipped with NetScaler MAS.

To create your own StyleBook for your application in NetScaler MAS, see How to Create Your Own StyleBooks.

While creating the StyleBook, make sure that you follow the the APIC ’s service graph model in the StyleBook. In other words, the APIC’s service graph for any application follows consumer and provider model connected through an ADC function . Consumer and provider are represented as an End-Point Group (EPG) and have a 1:1 relationship. The same model must be followed in StyleBook as well, where the provider EPG must be represented as a servicegroup and each end point as a member of the service group. The ADC function node must be represented by a virtual server (for example, a load balancing virtual server), and there must be a 1:1 relationship between virtual server and servicegroup.

This essentially captures the essence of the service graph and allows you to handle the attach or detach event from the APIC, where an attach event binds the end point to the corresponding servicegroup and a detach event unbinds it. You must make sure that the service graph and StyleBook are in parity for seamless automation from network L2-L3 to ADC-feature L4-l7 configurations.

Importing the NetScaler Hybrid Mode Device Package into the Cisco APIC

The Hybrid Mode device package is a lightweight package compared to a fully managed mode. Only L2-L3 network parameters are available through the Device Model. The Device Model has only one generic ADC function defined in it, and four function profiles based on the NetScaler deployment in the fabric (for example, one-arm and two-arm and the same with RHI ). The Hybrid Mode Device package name is Citrix-NetSCalerMAS-1.0.  Download the Hybrid Mode device package from the Citrix Download Site and import the device package to the APIC.

Note

The hybrid mode device package can co-exist with a fully managed mode device package.

To import the hybrid mode device package to the APIC by using the APIC GUI:

  1. On the menu bar, click the L4-L7 Services tab and select the Packages panel.

  2. In the Navigation pane, right-click on L4-L7 Device Types and select Import Device Package.

  3. In the Import Device Package dialog box, click Browse to select the downloaded NetScaler hybrid mode device package.

  4. Click Submit.
    After successfully importing the device package to the APIC, in the Navigation pane, you can view the details of the device package by clicking Citrix-NetSCalerMAS-1.0.

    localized image

    Important

    After you import the device package, make sure that there are no faults in the APIC. You can view the faults by clicking the Faults tab in the Device Types window.

Adding NetScaler MAS as a Device Manager in the Cisco APIC

NetScaler MAS acts as a centralized device manager for NetScaler deployed on Cisco ACI. You need to add NetScaler MAS as a device manager in the Cisco APIC.

To add NetScaler MAS as a device manager in the APIC using the APIC GUI:

  1. On the menu bar, go to Tenants > All Tenants.

  2. In the Work pane, double-click the tenant’s name.

  3. In the Navigation pane, select tenant_name > L4-L7 Services.

  4. Right-click on Device Managers and click Create Device Manager.

    localized image

  5. In the Create Device Manager dialog box, do the following:

    1. In the Device Manager Name field, enter a name for the NetScaler MAS deployment that you want register as a device manager.

    2. In the Management EPG drop-down list, select the management EPG.

    3. In the Device Manager Type drop-down list, select Citrix-DevMgr-1.0.

    4. In the Management field, click + and add the IP address and port details of the NetScaler MAS deployment.

    5. In the Username field, enter the user name to access NetScaler MAS.

    6. In the Password and Confirm Password fields, enter the password to access NetScaler MAS.

    7. Click SUBMIT.

      localized image

    Once the NetScaler MAS is successfully registered as a device manager in the APIC, the device manager is added and is displayed in the Navigation pane.  To view the registered device manager, in the Navigation pane, go to tenant_name > L4-L7 Services > Device Manager.

    localized image

    Note

    Make sure that there are no connectivity issues between the Cisco APIC and NetScaler MAS and that you provide the same credentials that you use to access the NetScaler MAS. Also make sure that the account has admin privileges.

    Important

    After you import the device package, make sure that there are no faults in the APIC. You can view the faults by clicking the Faults tab in the Device Types window.

    You can also register NetScaler MAS as a device manager by using APIs. Following is a sample XML payload that shows how you can use APIs to add NetScaler MAS as a device manager.

    <polUni>
        <fvTenant name="coke">
            <vnsDevMgr name="MAS1">
                <vnsRsDevMgrToMDevMgr tDn="uni/infra/mDevMgr-Citrix-DevMgr-1.0" />
                <vnsCMgmts name="devMgmt" host="10.102.102.81" port="80"/>
                <vnsCCred name="username" value="nsroot"/>
                <vnsCCredSecret name="password" value="*****("/>
            </vnsDevMgr>
        </fvTenant>
    </polUni>
    

Adding NetScaler as a Device in Cisco ACI by Using the APIC

You need to add a NetScaler ADC as an L4-L7 device to the APIC for the network automation.  The APIC performs network stitching between Leaf  and the NetScaler device, based on the deployed service graph. You need to configure the basic settings of the device configuration, such as configuration management IP addresses, device manager, and credentials.

To register the NetScaler as a device in the APIC by using the APIC GUI:

  1. On the menu bar, go to Tenants > All Tenants.

  2. In the Work pane, double-click the tenant’s name.

  3. In the Navigation pane, select tenant_name > L4-L7 Services > L4-L7 Devices.

  4. In the Work pane, select Actions > Create L4-L7 Devices.

  5. In the Create L4-L7 Devices dialog box, in the General section, do the following:

    1. Select the Managed check box.

    2. In the Name field, enter a name for the device.

    3. In the Service Type drop-down list, select ADC.

    4. In the Device Type field, select Physical.

      Note: Make sure that for VMware ESX, you select Virtual and associate the respective Virtual Machine Manager (VMM) domain.

    5. In the Physical Domain drop-down list, select the physical domain.

    6. In the Mode field, select Single Node or HA Cluster, depending on your requirement.

    7. In the Device Package drop-down list, select Citrix-NetScalerMAS-1.0.

    8. In the Model drop-down list, select the device model. For example, NetScaler-MPX, or NetScaler-VPX.

  6. In the Connectivity section, select Out-Of-Band or In-Band in the APIC to Device Management Connectivity field, depending on how NetScaler is configured in the fabric.

  7. In the Credentials section, specify the user name and password for access to the device.

  8. In the Device 1 and Device 2 section, respectively, complete the management related configuration.

  9. In the Cluster section, complete the management related configuration for the cluster. Make sure that in the Device Manager drop-down list, you select the device manager you created in Adding NetScaler MAS as a Device Manager in Cisco APIC.

    localized image

  10. Click NEXT. The Device Configuration page appears. The hybrid mode device package does not provide device and cluster specific configuration details such as high-availability, enable/disable features and modes, configuration for NTP, SNMP, SNMP Alarms, and so on. These configurations must be done by using NetScaler MAS.

  11. Click FINISH. When you have successfully registered the device in the APIC, the device is added and is displayed in the Navigation pane.  To view the registered device, in the Navigation pane, go to tenant_name > L4-L7 Services > L4-L7 Devices > device_name.

    Important

    After you register the device, make sure that there are no faults in the APIC. You can view the faults by clicking the Faults tab in the Work pane.

    localized image

    You can also register a NetScaler device by using APIs. The following is a sample XML payload for adding L4-L7 Device:

    <polUni>
        <fvTenant name="coke">
            <vnsLDevVip name="ADCCluster1" funcType="GoTo" svcType="ADC">
                <vnsRsMDevAtt tDn="uni/infra/mDev-Citrix-NetScalerMAS-1.0" />
                <vnsRsALDevToPhysDomP tDn="uni/phys-phys"/>
                <vnsCMgmt name="devMgmt" host="10.102.102.67" port="80"/>
                <vnsCCred name="username" value="nsroot"/>
                <vnsCCredSecret name="password" value="****"/>
                <vnsRsALDevToDevMgr tnVnsDevMgrName="MAS1"/>
                <vnsCDev name="ADC1" devCtxLbl="C1">
                    <vnsCIf name="1_1">
                        <vnsRsCIfPathAtt tDn="topology/pod-1/paths-101/pathep-[eth1/33]"/>
                    </vnsCIf>
                    <vnsCIf name="1_2">
                        <vnsRsCIfPathAtt tDn="topology/pod-1/paths-101/pathep-[eth1/35]"/>
                    </vnsCIf>
                    <vnsCMgmt name="devMgmt" host="10.102.102.65" port="80"/>
                    <vnsCCred name="username" value="nsroot"/>
                    <vnsCCredSecret name="password" value="****"/>
                </vnsCDev>
                <vnsCDev name="ADC2" devCtxLbl="C1">
                    <vnsCIf name="1_1">
                        <vnsRsCIfPathAtt tDn="topology/pod-1/paths-101/pathep-[eth1/34]"/>
                    </vnsCIf>
                    <vnsCIf name="1_2">
                        <vnsRsCIfPathAtt tDn="topology/pod-1/paths-101/pathep-[eth1/36]"/>
                    </vnsCIf>
                    <vnsCMgmt name="devMgmt" host="10.102.102.66" port="80"/>
                    <vnsCCred name="username" value="nsroot"/>
                    <vnsCCredSecret name="password" value="****"/>
                </vnsCDev>
                <vnsLIf name="outside">
                    <vnsRsMetaIf tDn="uni/infra/mDev-Citrix-NetScalerMAS-1.0/mIfLbl-outside"/>
                    <vnsRsCIfAtt tDn="uni/tn-coke/lDevVip-ADCCluster1/cDev-ADC1/cIf-1_1"/>
                    <vnsRsCIfAtt tDn="uni/tn-coke/lDevVip-ADCCluster1/cDev-ADC2/cIf-1_1"/>
                </vnsLIf>
                <vnsLIf name="inside">
                    <vnsRsMetaIf tDn="uni/infra/mDev-Citrix-NetScalerMAS-1.0/mIfLbl-inside"/>
                    <vnsRsCIfAtt tDn="uni/tn-coke/lDevVip-ADCCluster1/cDev-ADC1/cIf-1_2"/>
                    <vnsRsCIfAtt tDn="uni/tn-coke/lDevVip-ADCCluster1/cDev-ADC2/cIf-1_2"/>
                </vnsLIf>
            </vnsLDevVip>
        </fvTenant>
    </polUni>
    

Creating and Deploying a Service Graph

You have to use Cisco APIC service graph templates in APIC to create and deploy the NetScaler ADCs. Make sure that you use the ADC function profile while creating and deploying a service graph.

After the graph is configured in the APIC, the APIC automates the device configuration on the basis of the function definitions, device connectivity to the fabric, and the entities configured as part of the graph deployment. The APIC also automates the network configuration, such as VLAN allocation and its binding, as part of the service graph creation, and the configuration is removed once you delete the graph from the APIC.

A service graph is represented as two or more tiers of an application, with the appropriate service function inserted between them. A service graph is inserted between the source and destination EPGs by a contract.

To create a service graph by using the APIC GUI:

  1. On the menu bar, go to Tenants > All Tenants.

  2. In the Work pane, double-click the tenant’s name.

  3. In the Navigation pane, select tenant_name > L4-L7 Services > L4-L7 Service Graph Templates.

  4. In the Work pane, select Actions > Create a L4-L7 Service Graph Template.

  5. In the Create a L4-L7 Service Graph Template dialog box, in the Device Clusters section, select a device cluster and do the following:

    1. In the Graph Name field, enter the name of the service graph template.

    2. In the Graph Type field, select Create A New One.

    3. From the Device Cluster section, drag the device and drop it between the consumer end-point group and provider end-point group to create a service node.

      localized image

    4. In the <L4-L7device_name information> section, do the following:

      1. In the ADC field, select One-Arm or Two-Arm, depending on how the NetScaler ADC is deployed in the fabric.

      2. In the Profile drop-down list, select the function profile provided in the device package.

        localized image

    5. Click SUBMIT.

  6. In the Navigation pane, click the service graph template. The screen presents a graphic topology of the service graph template.

    Note

    The Cisco APIC supports the notion of connectors, and these connectors are visible in the ADCCluster node. The connectors define the network traffic direction and the device script that dynamically binds the allocated VLAN to a virtual IP (VIP) or subnet IP (SNIP) address, depending on whether the connection is external or internal. VLANs are also bound to specific interfaces used for inbound and outbound traffic.

    localized image

Applying the Service Graph Template to Endpoint Groups

After you have created the service graph template, you need to apply the created service graph template by using the APIC GUI.

To apply the service graph template:

  1. On the menu bar, go to Tenants > All Tenants.

  2. In the Work pane, double click the tenant’s name.

  3. In the Navigation pane, choose tenant_name > L4-L7 Services > L4-L7 Service Graph Templates.

  4. Right-click on the template_name and click Apply L4-L7 Service Graph Template.

    localized image

  5. In the Apply L4-L7 Service Graph Template To EPGs dialog box, in the EPG Information section, complete the following fields:

    1. In the Consumer EPG/External Network drop-down list, select the consumer endpoint group.

    2. In the Provider EPG/External Network drop-down list, select the provided endpoint group.

    3. In the Contract Information section, complete the appropriate fields. The contract information is specific to the Cisco APIC and is configured as part of the security policies associated with the EPGs.

      localized image

    4. Click Next.

    5. In the Graph Template drop-down list, select the service graph template that you created.

    6. In the Connector section, do the following:

      1. In the Type field, select General.

      2. In the BD drop-down list, select the bridge domain. Connector details are part of the bridge domain that is part of the Cisco APIC infrastructure model.

      3. In the Cluster Interface drop-down list, select the appropriate cluster interface for the selected bridge domain. The Cisco APIC uses the selected bridge domains for data path traffic between the NetScaler device and the fabric as required by the selected service graph template.

        localized image

    7. Click Next.

      On the Parameters screen, on the Required Parameters tab, enter the L2-L3 specific details, such as the IP address that is mandated by the profile. The other key parameter is the StyleBook name. It can be the built-in StyleBook APIC-HTTP-LB provided in NetScaler MAS, or you can provide the name of the SytleBook that you created in Creating a StyleBook for the Application Using NetScaler MAS.

      Note

      The StyleBook name links the Service Graph details with the L4-L7 configuration created with NetScaler MAS for a given application.

      localized image

      The Cisco APIC GUI allows you to filter the parameters on the basis of features (for example, load balancing). You can view and set all the mandatory parameters on the Required Parameters tab, and you can view and set all the other parameters related to the feature on the All Parameters tab.

      localized image

      Note

      By default, a built-in one-arm profile requires you to provide SNIP details such as IP address and netmask. You can view other networking parameters by clicking All Parameters and expanding the Configure Network tree in the Cisco APIC GUI. This lists all the network parameters supported by NetScaler. You can instantiate any entity and provide values for the listed attributes from the Cisco APIC GUI.

  6. Click Finish.

    Important

    After you apply the service graph template, make sure that there are no faults in the deployed graph. You can view the faults by clicking the Faults tab in the Work pane.

    localized image

    As part of the Service Graph deployment, the Hybrid Mode Device package pushes the configuration details from the Cisco APIC to the NetScaler MAS. The NetScaler MAS internally processes these configurations to the respective NetScaler ADC and returns the response to the APIC. A successful graph deployment will have no fault, and the NetScaler ADC is successfully networked with the fabric for the corresponding graph.

    The APIC supports different ways to configure and deploy graphs by using APIs, and graph deployment includes various dependencies on some APIC-specific constructs, such as Tenant, contract, VLAN and namespace.

    The following sample approach illustrates one of the ways to make use of the APIC’s APIs to create and deploy L4-L7 graphs, with the assumption that APIC specific artifacts are already configured in the APIC.

    Important

    Make sure that you use these XML payloads as a reference and make appropriate changes to the XML before you use them in your environment.

Following is an example of creating and deploying the service graph by using APIs:

  1. Create AppProfile

  2. Create service graph details

  3. Attach the service graph to a contract

Following is a sample XML payload for creating an AppProfile. The AppProfile contains EPGs, and the provider EPG contains the NetScaler specific entities, attributes, and their  values.  In the following sample XML payload, NetScaler-specific network entities such as the NSIP are created with a set of attributes and StyleBook name.

    <polUni>
        <fvTenant name="coke">
            <!-- Application Profile -->
            <fvAp dn="uni/tn-coke/ap-sap" name="sap">
                <!-- EPG 1  -->
                <fvAEPg dn="uni/tn-coke/ap-sap/epg-web" name="web">
                    <fvRsBd tnFvBDName="BD_web" />
                    <!-- --------- CONFIG PAYLOAD ---------------- -->
                    <vnsFolderInst ctrctNameOrLbl="Ctrct1" graphNameOrLbl="Graph1" nodeNameOrLbl="ADC" key="Network" name="Network">
                        <vnsFolderInst ctrctNameOrLbl="Ctrct1" graphNameOrLbl="Graph1" nodeNameOrLbl="ADC" key="nsip" name="snip1">
                            <vnsParamInst key="ipaddress" name="ip1" value="110.110.110.2"/>
                            <vnsParamInst key="netmask" name="netmask1" value="255.255.255.0"/>
                            <vnsParamInst key="type" name="tye" value="SNIP"/>
                            <vnsParamInst key="dynamicrouting" name="dynamicrouting" value="DISABLED"/>
                            <vnsParamInst key="hostroute" name="hostroute" value="DISABLED"/>
                        </vnsFolderInst>
                        <vnsFolderInst ctrctNameOrLbl="Ctrct1" graphNameOrLbl="Graph1" nodeNameOrLbl="ADC" key="nsip" name="snip2">
                            <vnsParamInst key="ipaddress" name="ip2" value="220.220.220.2"/>
                            <vnsParamInst key="netmask" name="netmask2" value="255.255.255.0"/>
                            <vnsParamInst key="type" name="tye" value="SNIP"/>
                            <vnsParamInst key="dynamicrouting" name="dynamicrouting" value="DISABLED"/>
                            <vnsParamInst key="hostroute" name="hostroute" value="DISABLED"/>
                        </vnsFolderInst>
                    </vnsFolderInst>
                    <vnsFolderInst ctrctNameOrLbl="Ctrct1" graphNameOrLbl="Graph1" nodeNameOrLbl="ADC" key="Stylebook" name="stylebook_1">
                        <vnsParamInst name="stylebookName" key="name" value="APIC-HTTP-LB"/>
                    </vnsFolderInst>
                    <vnsFolderInst ctrctNameOrLbl="Ctrct1" graphNameOrLbl="Graph1" nodeNameOrLbl="ADC" key="internal_network" name="internal_network">
                        <vnsCfgRelInst name="internal_network_key" key="internal_network_key" targetName="Network/snip1"/>
                    </vnsFolderInst>
                    <vnsFolderInst ctrctNameOrLbl="Ctrct1" graphNameOrLbl="Graph1" nodeNameOrLbl="ADC" key="external_network" name="external_network">
                        <vnsCfgRelInst name="external_network_key" key="external_network_key" targetName="Network/snip2"/>
                    </vnsFolderInst>
                    <vnsFolderInst ctrctNameOrLbl="Ctrct1" graphNameOrLbl="Graph1" nodeNameOrLbl="ADC" key="mFCngStylebook" name="mFCngStylebook_1">
                        <vnsCfgRelInst name="Stylebook_key" key="Stylebook_key" targetName="stylebook_1"/>
                    </vnsFolderInst>
                    <!-- ------- END CONFIG PAYLOAD -------------- -->
                    <fvSubnet ip="110.110.110.110/24" scope="shared"/>
                    <fvRsProv tnVzBrCPName="Ctrct1"></fvRsProv>
                    <fvRsDomAtt tDn="uni/phys-sepg" />
                    <fvRsPathAtt tDn="topology/pod-1/paths-101/pathep-[eth1/38]" encap="vlan-3703" instrImedcy="immediate"/>
                </fvAEPg>
                <!-- EPG 2 -->
                <fvAEPg dn="uni/tn-coke/ap-sap/epg-app"  name="app">
                    <fvRsCons tnVzBrCPName="Ctrct1"/>
                    <fvRsBd tnFvBDName="BD_app" />
                    <fvSubnet ip="220.220.220.220/24" scope="shared"/>
                    <fvRsPathAtt tDn="topology/pod-1/paths-101/pathep-[eth1/37]" encap="vlan-3704" instrImedcy="immediate"/>
                    <fvRsDomAtt tDn="uni/phys-sepg" />
                </fvAEPg>
            </fvAp>
        </fvTenant>
    </polUni>

Following is a sample XML payload for creating service graph details:

    <polUni>
        <fvTenant name="coke">
            <vnsAbsGraph name = "Graph1">
                <vnsAbsTermNodeProv name = "Input1">
                    <vnsAbsTermConn name = "C1"></vnsAbsTermConn>
                </vnsAbsTermNodeProv>
                <vnsAbsNode name="ADC" funcType="GoTo">
                    <vnsAbsFuncConn name = "outside" attNotify="true">
                        <vnsRsMConnAtt tDn="uni/infra/mDev-Citrix-NetScalerMAS-1.0/mFunc-ADCFunction/mConn-external" />
                    </vnsAbsFuncConn>
                    <vnsAbsFuncConn name = "inside" attNotify="true">
                        <vnsRsMConnAtt tDn="uni/infra/mDev-Citrix-NetScalerMAS-1.0/mFunc-ADCFunction/mConn-internal" />
                    </vnsAbsFuncConn>
                    <vnsRsNodeToMFunc tDn="uni/infra/mDev-Citrix-NetScalerMAS-1.0/mFunc-ADCFunction"/>
                    <vnsRsDefaultScopeToTerm tDn="uni/tn-coke/AbsGraph-Graph1/AbsTermNodeProv-Input1/outtmnl"/>
                    <vnsRsNodeToAbsFuncProf tDn="uni/infra/mDev-Citrix-NetScalerMAS-1.0/absFuncProfContr/absFuncProfGrp-ADCOneArmServiceProfileGroup/absFuncProf-A
    DCOneArmFunctionProfile"/>
                    <vnsRsNodeToLDev tDn="uni/tn-coke/lDevVip-ADCCluster1"/>
                </vnsAbsNode>
                <vnsAbsTermNodeCon name = "Output1">
                    <vnsAbsTermConn name = "C6"></vnsAbsTermConn>
                </vnsAbsTermNodeCon>
                <vnsAbsConnection name = "CON1">
                    <vnsRsAbsConnectionConns tDn="uni/tn-coke/AbsGraph-Graph1/AbsTermNodeCon-Output1/AbsTConn" />
                    <vnsRsAbsConnectionConns tDn="uni/tn-coke/AbsGraph-Graph1/AbsNode-ADC/AbsFConn-outside" />
                </vnsAbsConnection>
                <vnsAbsConnection name = "CON2">
                    <vnsRsAbsConnectionConns tDn="uni/tn-coke/AbsGraph-Graph1/AbsNode-ADC/AbsFConn-inside" />
                    <vnsRsAbsConnectionConns tDn="uni/tn-coke/AbsGraph-Graph1/AbsTermNodeProv-Input1/AbsTConn" />
                </vnsAbsConnection>
            </vnsAbsGraph>
        </fvTenant>
    </polUni>

Following is a sample XML payload for attaching the service graph to a contract:

    <polUni>
        <fvTenant name="coke">
            <vzBrCP name="Ctrct1">
                <vzSubj name="http">
                    <vzRsSubjGraphAtt tnVnsAbsGraphName="Graph1"/>
                </vzSubj>
            </vzBrCP>
        </fvTenant>
    </polUni>

Configuring L4-L7 Parameters from NetScaler MAS by using StyleBook

In NetScaler MAS, you can view the deployed service graph details on the Orchestration tab, under Cisco ACI. The tabular view shows the service graph details such as graph name, tenant name, context, StyleBook name, and network configuration status.

localized image

Note

If the graph is deleted from the Cisco APIC, the corresponding configuration is removed from the device, including the L4-L7 configuration.

Additionally, the tabular view allows you to sort on any column displayed in the table and filter the data by using the Search option. You can also customize the column details by selecting or unselecting the column names from the drop-down column list:

localized image

Also, you can click the Search button and use the search options to filter the data. You can select any column from the drop-down box and enter a corresponding value to filter the data displayed in the table.

Note

The Search functionality is case-sensitive, and you must provide the exact search criteria.

localized image

To deploy L4-L7 configuration by using StyleBook in NetScaler MAS:

  1. Click the StyleBook name that appears as a URL in the tabular view.

    localized image

  2. In the Configuration window, double-click StyleBook.

    localized image

  3. In the Deploy Configuration window, do the following:

    1. In the Application Name field, enter the name for the ADC feature configuration that corresponds to the application’s service graph in the APIC.

    2. In the Service (ports) Settings section, click +.

      localized image

    3. In the Settings for EPG & endpoints (ports) defined in the service graph window, enter values for the parameter populated from the StyleBook and click Create.

      localized image

    4. Click Create.

      localized image

    The L4-L7 configuration specified in the StyleBook is deployed, in NetScaler MAS. You can view the StyleBoook configuration from the Application tab, by navigating to Application > Configuration.

    localized image

Attaching or Detaching Endpoint Events from the APIC

The hybrid-mode solution implicitly handles attach or detach endpoint events from the Cisco APIC. When the Cisco APIC triggers an attach endpoint event, the servicegroup_servicegroupmember_binding is automatically triggered by the StyleBook in NetScaler MAS, and the endpoint is unbound during the detach endpoint event.

Additionally, if you have not deployed the L4-L7 configuration in NetScaler MAS before the attach or detach endpoint event gets triggered in Cisco the APIC, the solution will retain the attach IP addresses in the database. These IP addresses are bound to the corresponding service group after the service group is created through StyleBook.