ACE context configuration

13 02 2007

Contexts are used to partition the ACE module into multiple “virtual modules”. This enables its use in a Datacentre (for example) where customers can manage their own load-balancing configuration without affecting the configuration of other customers.

Obviously you don’t want to give complete access to a customer – there are some parameters that you don’t want them to change at all, such as IP addressing on the interfaces etc. So within a customer’s context, they get only a subset of the available commands.

Out of the box, there is only an “admin” context, but up to five user contexts can be configured. If you want to increase this, you have to buy a licence. And if you don’t want or need contexts, you can just put all your configuration into the default admin one to keep things simple.

When you log in as admin, you will be put into the admin context, and the prompt will display something along the lines of:

Let’s make a new context. First we have to configure a “resource class” to limit what resources the context(s) we create are able to use. In this case it is up to 10%. After that we create the context, allocate a VLAN to it and associate it with the resource class you created:

host1/Admin# conf t
host1/Admin(config)# resource-class CLASS1
host1/Admin(config-resource)# limit resource all minimum 10 max equal-to-min
host1/Admin(config-resource)# context CUST1
host1/Admin(config-context)# allocate-interface vlan 99
host1/Admin(config-context)# member CLASS1
host1/Admin(config-context)# exit

As the admin user, you are free to change into any context you wish by using the command “changeto <context-name>”. You will then see that the prompt changes to indicate which context you are in. Another useful command is “show context” to list all the available contexts.

There is a further concept called domains, which are subordinate to contexts. You can create users and associate them with domains, but I’m not sure how that works just at the moment – when we did this our customer didn’t need to implement the multiple login part.

If you want to read further, the ACE documentation is a bit difficult to find on Cisco’s website. It is basically listed under “Configuration Guides” for the Catalyst 6500, rather than in the Content Networking section as you might expect. Alternatively, view the virtualisation config guide by clicking here.




Leave a Reply

Fill in your details below or click an icon to log in: Logo

You are commenting using your account. Log Out /  Change )

Google+ photo

You are commenting using your Google+ account. Log Out /  Change )

Twitter picture

You are commenting using your Twitter account. Log Out /  Change )

Facebook photo

You are commenting using your Facebook account. Log Out /  Change )


Connecting to %s

%d bloggers like this: