Where is the ACI software repository located?

Excellent question.  I did some digging via SCP and finally found it.

But don’t get to excited you can’t copy files directly into it.

The repository is located in the following path:
/.aci/viewfs/admin/firmware/firmware-repository

There is a good write up on how to upgrade your software using the command line.

1. the current version of the firmware.

Were the firmware uploaded via the APIC GUI? If this is true, the issue is related to defect CSCux40954. Please use ‘scp’ in APIC to copy the firmware into the controllers. Attached is the instructions: http://www.cisco.com/c/en/us/td/docs/switches/datacenter/aci/apic/sw/1-x/getting-started/b_APIC_Getting_Started_Guide/b_APIC_Getting_Started_Guide_chapter_011.html#concept_734A579133814A85813C9C5232BBE44C

Little Gotcha with APICs within ACI

This applies to versions of APIC controller software up to 1.1(4e)

Turns out the there is a bug that occurs when you connect an APIC to multiple leaves.  And yes that is stupid because you’re supposed to connect them to different leaves.  This bug manifests itself when integrating the VMM with the fabric.

Just be sure that you create an APIC policy in the policy groups. Fabric>Access Policies>Interface Policies>Policy Group

It’s a simple policy mine is:
LLP=default
CDP= Disabled
MCP=Enabled
LLDP=Enabled
L2 Interface Policy= default
AEP=default

Then bind the policy to the leaves that the APIC’s are connected to.  Fabric>Access Policies>Interface Policies>Profiles>Leaf###.  The click the plus sign (+) and add in your newly created APIC Policy group for the interfaces that the APIC is connected to.

How to get code onto the APIC when the GUI upload fails

The following process worked when the GUI upload via http or scp failed for the 3.8GB APIC ISO file.

If SCP fails (or stalls), what you can do is use a program like Filezilla to connect to the APIC as admin and upload the image directly.

Once the image is in the admin’s home directory, you need to issue the command “firmware add <image_name>”. This adds the file to the firmware repository and should be seen in the GUI as well.

Can’t log into your APIC?

I ran into a split fabric issue setting up my test lab and got the following error trying to log into my 2nd APIC:

REST Endpoint user authorization datastore is not initialized – Check Fabric Membership Status of this fabric node

I was able to get logged into the APIC with the follow username and a blank password:

rescue-user

NOTE: as in the past physical access to a Cisco device equal total ownership.

Basically when installing the fabric for the 1st time you should only power on 1 APIC and discover the entire fabric, then add the other APICs 1 at a time.

APIC Cluster Size

While configuring my new ACI starter kit lab.  (Yes I know lucky me !!!)  I got the following error which was both weird and interesting.

 

I believe that the number 2 is between 1 and 9.

But why???

Well you need 3 APICs to actually shard the database.

http://www.cisco.com/c/en/us/solutions/collateral/data-center-virtualization/unified-fabric/white-paper-c11-730021.html

Around figure 12.