Cisco Intelligent Automation for Cloud Installation Guide Release 4.1.1 Published: December 12, 2014 Cisco Systems, Inc. www.cisco.com Cisco has more than 200 offices worldwide. Addresses, phone numbers, and fax numbers are listed on the Cisco website at www.cisco.com/go/offices.
THE SPECIFICATIONS AND INFORMATION REGARDING THE PRODUCTS IN THIS MANUAL ARE SUBJECT TO CHANGE WITHOUT NOTICE. ALL STATEMENTS, INFORMATION, AND RECOMMENDATIONS IN THIS MANUAL ARE BELIEVED TO BE ACCURATE BUT ARE PRESENTED WITHOUT WARRANTY OF ANY KIND, EXPRESS OR IMPLIED. USERS MUST TAKE FULL RESPONSIBILITY FOR THEIR APPLICATION OF ANY PRODUCTS.
CONTENTS CHAPTER 1 Ensuring Required Prerequisites Are Ready-to-Go Cisco IAC Components 1-1 Checking Required Prerequisites 1-2 Setting Up Your Networks 1-3 Preparing Storage Management 1-3 Preparing Cisco UCS 1-3 Setting Up Cisco UCS Manager 1-3 Setting Up Cisco UCS Manager Pools Preparing VMware Software 1-4 CHAPTER 2 1-1 Installing and Configuring Optional Software 1-4 2-1 Understanding Cisco Prime Network Services Controller Understanding Cisco UCS Director 2-1 2-2 Understanding Cisco UCS
Installing the Cisco IAC Automation Packs 3-3 Installing the Intelligent Automation for Compute Pack 3-3 Installing the Intelligent Automation for Cloud Starter Pack 3-5 Installing the Intelligent Automation for Cloud Extension Samples (Optional) Installing the Intelligent Automation for Cloud Pack 3-6 Completing the Process 3-6 CHAPTER 4 Installing Cisco IAC Components for a Fresh Installation 3-5 4-1 Installing Prime Service Catalog Content 4-1 Importing and Deploying Portal Packages 4-1 Importing I
Setting the Custom Styles Directory 7-1 Configuring Agent Properties 7-2 Creating Service Accounts for Both REX Agent and nsAPI Users 7-2 Setting Username and Password for ‘REX Set REX Agent Properties’ 7-4 Starting the REX Set REX Agent Properties Agent 7-4 Setting REX Agent Configuration 7-5 Starting All REX Agents 7-6 Configuring a DB Agent 7-7 Starting a DB Agent 7-8 Configuring the nsAPI Agent 7-8 Starting the nsAPI Agent 7-9 Setting Up Cloud Administration 7-9 Adding a Cloud Administrator Organizati
Creating the Service Resource Container (Optional) 7-22 Configuring Resources for Network Services (Optional) 7-22 Adding a Public Subnet to Network POD (Optional) 7-22 Completing the Setup CHAPTER A 7-23 Upgrading From Cisco IAC 4.1 to 4.1.1 A-1 Upgrading from Cisco IAC 4.1 to IAC 4.1.1 with Cisco Prime Service Catalog 10.
Cisco Process Orchestrator Setup Checklist REX Adapter Installation Checklist C-1 C-2 Directory Integration Setup Checklist (If Applicable) Service Catalog Deployment Checklist C-2 Portal and Portlet Deployment Checklist Cloud Administration Setup Checklist C-2 C-3 C-3 Directory Integration Setup Checklist (If Applicable) C-3 Cisco Intelligent Automation for Cloud Prerequisites C-4 Email Notification Template Modification Checklist Organizations and Users Setup Checklist APPENDIX D C-4 C-5
POD Settings D-10 Community VDC Settings D-11 Standards Settings (Optional) D-11 Lease Term Standards D-11 Operating Systems Standards D-12 Server Size Standards D-12 VDC Size Standards D-13 APPENDIX E Required Privileges for vCenter Service Account Privilege List APPENDIX F E-1 E-1 Upgrading Cisco Prime Service Catalog and Installing the REX Adapter Upgrading Cisco Prime Service Catalog F-1 Installing the Latest Prime Service Catalog Patch Installing (or Reinstalling) the REX Adapter APPENDIX
CH A P T E R 1 Ensuring Required Prerequisites Are Ready-to-Go Successful installation of Cisco IAC 4.1.1 requires that certain hardware and software prerequisites be in place before you start the install process. Cisco IAC Components The major functional components for deployment of Cisco Intelligent Automation for Cloud 4.1.
Chapter 1 Ensuring Required Prerequisites Are Ready-to-Go Checking Required Prerequisites Checking Required Prerequisites Required prerequisite components for Windows installations include but are not limited to: Note • Microsoft IIS • Microsoft .NET framework Be sure to enable Microsoft IIS before installing .NET framework. This will automatically register ASP.NET with Microsoft IIS.
Chapter 1 Ensuring Required Prerequisites Are Ready-to-Go Checking Required Prerequisites Setting Up Your Networks First, choose a network type to determine how this network can be used: • User networks are used for deploying virtual machines. • Management networks are used for management access to cloud servers. • Infrastructure networks are used for management interfaces of Hypervisor hosts and other infrastructure devices.
Chapter 1 Ensuring Required Prerequisites Are Ready-to-Go Checking Required Prerequisites Setting Up Cisco UCS Manager Pools Cisco UCS Manager utilizes different types of pools to control assignment of unique identifiers (such as UUIDs, MACs and WWNs) to blade servers. These pools must be created and assigned to Service Profiles. You need to create the following pools: • Universal Unique Identifier (UUID) Suffix Pool—Used to uniquely identify each blade server.
Chapter 1 Ensuring Required Prerequisites Are Ready-to-Go Checking Required Prerequisites Tip For supported software versions, see theCisco Intelligent Automation for Cloud 4.1.1 Compatibility & Requirements Matrix located here: http://www.cisco.com/c/en/us/support/cloud-systems-management/intelligent-automation-cloud/tsd-pr oducts-support-series-home.html. Prepare your VMware environment for virtual provisioning using the following checklist: • Install VMware vCenter.
Chapter 1 Ensuring Required Prerequisites Are Ready-to-Go Checking Required Prerequisites Cisco Intelligent Automation for Cloud Installation Guide 1-6 OL-29971-02
CH A P T E R 2 Installing and Configuring Optional Software This chapter covers optional software that can be used with Cisco IAC 4.1.1. Note that this chapter provides only product names. For version numbers, see the Cisco Intelligent Automation for Cloud Product Compatibility Matrix.
Chapter 2 Installing and Configuring Optional Software Understanding Cisco UCS Director Understanding Cisco UCS Director Cisco UCS Director (formerly Cisco Cloupia) delivers unified management for industry-leading converged infrastructure solutions based on Cisco Unified Computing System (UCS) and Cisco Nexus technologies. UCS Director is a higher-level manager over multiple UCS Managers. For instructions on installing and configuring Cisco UCS Director, see Cisco UCS Director documentation on Cisco.com.
Chapter 2 Installing and Configuring Optional Software Understanding Cisco UCS Manager • Compute (Nova) • Identity (Keystone) • Image (Glance) • Networking (Neutron) • Prime Performance Manager (Ceiliometer) also recommended • Dashboard (Horizon) OpenStack Configuration Notes 1.
Chapter 2 Installing and Configuring Optional Software Configuring Puppet Labs for Cisco IAC Integration Timesaver You can find a list of the recommended ports here: http://docs.openstack.org/trunk/config-reference/content/firewalls-default-ports.html Configuring Puppet Labs for Cisco IAC Integration Puppet Labs software must be licensed and in place for use with Cisco Intelligent Automation for Cloud 4.1.1. Puppet Enterprise 3.0.1 or higher is recommended.
Chapter 2 Installing and Configuring Optional Software Configuring Puppet Labs for Cisco IAC Integration Note With Cisco IAC 4.1.1, you can add multiple puppet applications to a single node (VM). Puppet is configured via an SSH/PSExec connection to the new node. A well-known root/Administrator (or equivalent) user and password is required for cases where no password is specified in the order. All nodes requiring configuration management should have the same root/Administrator user/password.
Chapter 2 Installing and Configuring Optional Software Configuring Puppet Labs for Cisco IAC Integration Working With Class Parameter Overrides The IAC integration with Puppet allows class parameter value overrides to be configured and exposed to users ordering servers. This is done through special JSON files that reside in the same location as your profile module’s puppet code (under manifests).
Chapter 2 Installing and Configuring Optional Software Configuring Chef for Cisco IAC Integration Proxies for Puppet To set up your proxies for Puppet, follow the steps below. Step 1 Navigate to Setup > System Settings > Connections. Step 2 Select Connect Cloud Infrastructure if you are setting up the intitial connection, or select Update Cloud Infrastructure if you want to go back into your setup and add or change the proxy settings.
Chapter 2 Installing and Configuring Optional Software Configuring Chef for Cisco IAC Integration • Update Chef Infrastructure Item • Activate Chef Resource Due to Chef recently changing its naming convention for the chef agent installers, we have implemented our own naming conventions for Cisco IAC 4.1.1 for the local repository. This is the template for those files: chef-{version}-{distro}-{arch}.rpm chef-{version}-{distro}-{arch}.deb chef-windows-{version}.msi For example: chef-11.12.
Chapter 2 Installing and Configuring Optional Software Configuring Chef for Cisco IAC Integration Note The hosts/controller these VM/instances run on should also be synced to the same time source; such as VMware Hosts, Openstack Controller/Compute Node.
Chapter 2 Installing and Configuring Optional Software Configuring Chef for Cisco IAC Integration "display_name": "Customer Name", "description": "The customer name", "help_text": "Please select a valid customer.", "options": ”Opscode,Cisco Systems,ACME Bread", "data_type": "string", "validation": "", "value": "Opscode", "required": "yes", "expression": "node.normal[:customer][:name]" }, "customer.greeting": { "display_name": "Customer Greeting", "description": "Greeting to display to customer.
Chapter 2 Installing and Configuring Optional Software Configuring Chef for Cisco IAC Integration Step 1 Navigate to Setup > System Settings > Connections. Step 2 Select Connect Cloud Infrastructure if you are setting up the initial connection, or select Update Cloud Infrastructure if you want to go back into your setup and add or change the proxy settings.
Chapter 2 Installing and Configuring Optional Software Configuring Chef for Cisco IAC Integration Cisco Intelligent Automation for Cloud Installation Guide 2-12 OL-29971-02
CH A P T E R 3 Installing Cisco IAC PO Automation Packs In this chapter, you will find instructions for installing the following automation packs: Note • Intelligent Automation for Cloud Extension Samples.tap (optional but recommended) • Intelligent Automation for Cloud Starter.tap • Intelligent Automation for Cloud.tap • Intelligent Automation for Compute.tap You first need to install Cisco Process Orchestrator 3.1.
Chapter 3 Installing Cisco IAC PO Automation Packs Installing the Core and Common Automation Packs Note You will next see the Choose Automation Pack screen, the use of which is explained in “Installing the Core and Common Automation Packs”. Installing the Core and Common Automation Packs The Choose Automation Packs dialog box displays. This dialog box shows you a list all available automation packs and other services required for Cisco IAC 4.1.1.
Chapter 3 Installing Cisco IAC PO Automation Packs Installing the Cisco IAC Automation Packs Note Step 7 Scroll down and you will see the Automation summary reports grooming settings area. The default deletion period is thirty days, but you can set this to whatever you want, from 1 to 9999. Or, choose the Delete automation summary reports older than check box to remove the check and all reports will be saved indefinitely.
Chapter 3 Installing Cisco IAC PO Automation Packs Installing the Cisco IAC Automation Packs Step 2 On the Default Incidents Assignee Setup panel, specify the default user which to assign cloud-related incidents. This is a CPTA (Cloud Provider Technical Administrator) account, or would be within an Active Directory group that was created for all of CPTAs in this Cloud. • Step 3 Click Next. On the Cisco Process Orchestrator Web Service panel, specify the following data.
Chapter 3 Installing Cisco IAC PO Automation Packs Installing the Cisco IAC Automation Packs Step 7 You will then be returned to the General Information panel to install the next Automation Pack. Installing the Intelligent Automation for Cloud Starter Pack Step 1 On the General Information panel, review the information about the automation pack. Note that the Name field now displays “Intelligent Automation for Cloud Starter.” • Step 2 Click Next.
Chapter 3 Installing Cisco IAC PO Automation Packs Installing the Cisco IAC Automation Packs Step 6 Enter the destination for the extracted data, and choose the data to extract (or un-choose, really, as all of the data has been preselected for you). Step 7 Click Next to continue. Step 8 Once again, the Review Prerequisites panel displays briefly and you will see the prerequisites being processed.
CH A P T E R 4 Installing Cisco IAC Components for a Fresh Installation Note Be sure to create a backup of both the Cisco Process Orchestrator database and the Cisco Prime Service Catalog database before you install Cisco IAC 4.1.1. Note This chapter and the chapters that follow apply to new Cisco Intelligent Automation for Cloud 4.1.1 installations only. If you are upgrading from Cisco IAC 4.1, refer to Chapter A, “Upgrading From Cisco IAC 4.1 to 4.1.1”.
Chapter 4 Installing Cisco IAC Components for a Fresh Installation Installing Prime Service Catalog Content Step 2 In the first (left-most) panel, expand Server Manager - Roles - Web Server (IIS) - Internet Information Services (IIS) Manager. Step 3 In the second (middle) panel, expand hostname - Sites - Default Web Site. Step 4 Click Default Web Site. Step 5 In the third (middle) panel, click Request Filtering.
Chapter 4 Installing Cisco IAC Components for a Fresh Installation Installing Prime Service Catalog Content Importing and Deploying Portal Pages Deploy the Cisco IAC portal page content by importing it from the PortalPages.xml portal page file, located in the IACPortlets folder. Step 1 Choose Portal Designer from the module drop-down list to open Portal Designer. Step 2 In Portal Designer, click the Portal Pages tab.
Chapter 4 Installing Cisco IAC Components for a Fresh Installation Installing Prime Service Catalog Content Step 8 Repeat Step 4 through Step 7 again to import SC_Services_4-1-1.xml. Step 9 Repeat Step 4 through Step 7 again to import SC_Common_4-1-1_Overwrite.xml. Deploying the Catalogs Step 1 In the Deployment Packages pane, choose Action > Deploy Multiple Packages from the drop-down list. Step 2 On the Choose Packages dialog box, choose the check boxes for SC_Common_4-1-1_NEW_INSTALL _ONLY.
Chapter 4 Installing Cisco IAC Components for a Fresh Installation Installing Prime Service Catalog Content The patch files are deployed like the other package files, and they should be imported/deployed after the main packages. The order is: • SC_Common_Patch_4-1-1.xml • SC_Services_Patch_4-1-1.xml Step 1 If necessary, choose Catalog Deployer from the module drop-down list within Prime Service Catalog. Step 2 In the Deployment Packages pane, and choose Action > Import from the drop-down list.
Chapter 4 Installing Cisco IAC Components for a Fresh Installation Installing Prime Service Catalog Content Cisco Intelligent Automation for Cloud Installation Guide 4-6 OL-29971-02
CH A P T E R 5 Optional Tasks Setting Up Active Directory Integration (If Applicable) This section provides examples of setting up optional directory integration in Microsoft Active Directory. Because there are many scenarios for directory integration configuration based on the directory product and settings, it is likely that your environment will vary from what is presented here. However, the required sequence of configuring directory integration would be the same.
Chapter 5 Optional Tasks Configuring an LDAP Server Configuring an LDAP Server The first step is to add a data source and test the connection in Cisco Prime Service Catalog. The instructions in this section are how one would connect to the LDAP server in the example scenario. Step 1 Choose Service Portal from the module drop-down list, then click the System Settings from the Setup tab.
Chapter 5 Optional Tasks Configuring Authentication • Enter the password for the user specified as the BindDN. Step 7 Click Update. Step 8 Check the check box next to the newly added datasource and click Test Connection. The Test Status column displays OK if the connection is successful. Configuring Authentication Configuring authentication requires completing two tasks: configuring mappings and configuring events.
Chapter 5 Optional Tasks Configure Events Table 5-1 Person Data and Mapped Attributes (continued) Person Data Mapped Attribute Password sAMAccountName There is no mapping attribute for passwords in Active Directory. Instead, you can map it to another attribute (in this example, sAMAAccountName). You can also map your own expression. For information, see the documentation that shipped with the Active Directory software.
Chapter 5 Optional Tasks Creating a Security Group for Each User Role on the LDAP Server Step 6 Click Add step. Step 7 In the Step 2 row, choose Import Person from the Operation drop-down list. Step 8 From the Mapping drop-down list, choose the mapping name you specified when you defined mappings in the previous process. Step 9 From the Datasource drop-down list, choose the datasource name that you specified in Step 4 of Configuring an LDAP Server, page 5-2.
Chapter 5 Optional Tasks Adding the nsAPI User to the Cloud Administration Group For instructions on creating security groups on your directory server, see the documentation that came with your directory server software. Note Cisco Intelligent Automation for Cloud 4.1.1 supports an individual’s membership to just a single organizational unit or membership, not multiple organizations.
Chapter 5 Optional Tasks Enabling Directory Integration Enabling Directory Integration Before you enable directory integration, be sure you have all user groups configured for use with Cisco IAC. If you do not have all user groups configured before you enable directory integration, you will not be able to log back in to Prime Service Catalog. Step 1 Choose Administration from the module drop-down list, then click Personalize Your Site.
Chapter 5 Optional Tasks Administrative On-boarding of User Accounts Cisco Intelligent Automation for Cloud Installation Guide 5-8 OL-29971-02
CH A P T E R 6 Using the Cisco IAC Virtual Appliance in Management Mode Timesaver If you do not intend to use Advanced Network Services (VSA 1.0), then connecting a Cisco IAC Management Appliance is not required. Installing the Virtual Appliance in Management Mode Install the Cisco IAC 4.1.1 Virtual Appliance via a configuration and install wizard accessed via the vSphere Client window. To deploy the Cisco IAC 4.1.
Chapter 6 Using the Cisco IAC Virtual Appliance in Management Mode Installing the Virtual Appliance in Management Mode • Thick Provision Lazy Zeroed • Thick Provision Eager Zeroed • Thin Provisioning Step 12 Click Next. Step 13 If the Network Mapping window appears, choose a destination network from the list. Choose a network name has DHCP services available. Step 14 In the Properties window, enter the following information: • Linux Hostname: Enter a new hostname for this virtual machine.
Chapter 6 Using the Cisco IAC Virtual Appliance in Management Mode Installing the Virtual Appliance in Management Mode • Process Orchestrator Fully Qualified Domain Name: Enter the Cisco Process Orchestrator’s fully qualified domain name, or IP address. The management Appliance must communicate with a process orchestrator in order to perform network discovery. • Process Orchestrator Authentication Type: Choose the authentication type required to communicate with the Process Orchestrator.
Chapter 6 Using the Cisco IAC Virtual Appliance in Management Mode Installing the Virtual Appliance in Management Mode Cisco Intelligent Automation for Cloud Installation Guide 6-4 OL-29971-02
CH A P T E R 7 Configuring Cisco IAC With the Wizard The Cisco Intelligent Automation for Cloud 4.1.1 Configuration Wizard guides you through the steps for setting up and configuring the cloud administration and infrastructure. Accessing the Configuration Wizard You start the Configuration Wizard to begin the configuration process. Tip To see field descriptions in the wizard as needed, click the question mark icon. Step 1 Open a browser and launch Cisco Prime Service Catalog.
Chapter 7 Configuring Cisco IAC With the Wizard Configuring Agent Properties Step 1 Click the Set Custom Styles Directory link on the Welcome tab for the Cisco IAC 4.1.1 Config Wizard. Step 2 Click Custom Styles in the right menu. Step 3 Click Add to open the Custom Style Properties window. Step 4 In the Name field, enter Cisco Intelligent Automation for Cloud 4.1.1. Step 5 Check the Make this Style the default for the entire site check box. Step 6 In the Style Directory field, click Browse.
Chapter 7 Configuring Cisco IAC With the Wizard Configuring Agent Properties • Note Step 4 In the current release, only US English is supported; any language selection you make will be ignored If you are using the Cisco IAC Virtual Appliance, some or all of this information may have been entered for you. • Browse to choose an Organizational Unit. Click Search, click the Site Administration radio button, then click Add. • Optional.
Chapter 7 Configuring Cisco IAC With the Wizard Configuring Agent Properties Step 3 • Enter nsAPI as the Login. • Enter, then confirm password for the nsAPI user account you created earlier. Click Create to close the form. You will be returned to the Organization Designer. Setting the Calendar for the nsAPI User Step 1 In Organization Designer, click to access, or ensure that you are on, the People tab.
Chapter 7 Configuring Cisco IAC With the Wizard Configuring Agent Properties Tip If you do not see “REX Set REX Agent Properties” in the list, scroll down or use the pagination at the bottom to navigate to the other pages. Or, sort by agent name by clicking the Name column heading. Step 2 Click the red icons next to REX Set REX Agent Properties. Step 3 Click the Start Chosen button up at the top right corner of the page.
Chapter 7 Configuring Cisco IAC With the Wizard Configuring Agent Properties Starting All REX Agents You will next start all REX agents; that is, all agents with REX in the name. The current list includes the following eleven REX agents: 1. REX Add Organization Unit 2. REX Add Organization Unit (Tenant) 3. REX Add Person 4. REX Create Queue 5. REX Deactivate OU 6. REX Delete Queue 7. REX Modify Organization Unit 8. REX Set DB Agent Properties 9. REX Set HTTP Agent Properties 10.
Chapter 7 Configuring Cisco IAC With the Wizard Configuring Agent Properties Configuring a DB Agent This step configures the credentials to connect to the database. Step 1 From the Wizard, choose Configure DB Agent. Step 2 From the Set Agent Configuration form, complete the following: • Set Agent Type to DB (should already be set, but be sure to check). • Enter a username and password. • Reenter the password to confirm.
Chapter 7 Configuring Cisco IAC With the Wizard Configuring Agent Properties Starting a DB Agent Follow these steps to enter credentials for connecting to the database. Step 1 From the Wizard, choose Start DB Agent. Step 2 Navigate to the page with the agent. Step 3 On the Control Agents Tab of the Service Links portal, choose Insert Default Parameters. Step 4 Click Start Chosen, and then click Yes to confirm.
Chapter 7 Configuring Cisco IAC With the Wizard Setting Up Cloud Administration Starting the nsAPI Agent Step 1 From the Wizard, choose Start NSAPI Agent. Step 2 On the Control Agents Tab of the Service Links portal, choose Retrieve OU ID on Name. Step 3 Navigate to the page (it may be a few pages in). Step 4 Click Start Chosen. Step 5 Click Yes to confirm. Step 6 Click Close.
Chapter 7 Configuring Cisco IAC With the Wizard Setting Up Cloud Administration Adding Cloud Administrators Step 1 From the Wizard, choose Add Cloud Administrator(s). Step 2 On the Add Cloud Administrator form, choose Create New User from the drop-down to display the fields for creating a new user as a Cloud Administrator. Step 3 Provide the following information: • Enter the first and last name of the new Cloud Provider Technical Administrator.
Chapter 7 Configuring Cisco IAC With the Wizard Setting Up Cloud Administration Step 5 Click Close when the status says Completed. Adding Site Administrator Role to nsAPI User If you are using a directory service, see the information in the following section, Adding Cloud Administrators, page 7-10. Step 1 From the Wizard, Step 2, click Add Site Administrator role to nsAPI user. Step 2 Choose the nsAPI user. Step 3 Choose Roles on the right of the screen.
Chapter 7 Configuring Cisco IAC With the Wizard Setting Up Cloud Administration • Choose the Process Orchestrator Authentication Scheme. • Enter the Process Orchestrator Administrator Password. Step 3 Click Submit Order. Step 4 Click on the number in the Requisition Number field to display the details. Tip This task of setting the Process Orchestrator values cannot complete until all agents are started, which includes Process Orchestrator. Without the agents running the process can not complete.
Chapter 7 Configuring Cisco IAC With the Wizard Connecting to the Cloud Infrastructure Connecting to the Cloud Infrastructure On the STEP 3 panel of the Configuration Wizard, you define the connection information for the platform elements that will be used in Cisco IAC. This information will be used by Cisco Process Orchestrator to integrate with the various components involved in the cloud provisioning processes.
Chapter 7 Configuring Cisco IAC With the Wizard Discovering Cloud Infrastructure (Optional) Connecting Cloud Infrastructure You can connect to any infrastructure of your choosing, including VMware, UCS Director, Amazon EC2, OpenStack, Chef, Puppet, the Management Appliance, and PNSC, among others. Note You have to add at least one Cloud Platform Element before you can proceed to Step 4 of the Wizard.
Chapter 7 Configuring Cisco IAC With the Wizard Managing PODs Note This process can take anywhere from 10 minutes up to an hour. Timesaver Save for your first Prime NSC, you do not need to pre-provision the virtual devices. Cisco IAC will provision all these devices for you when the first Tenant Organization is onboarded that has elected for Advanced Network Services. If you are not planning on using Advanced Network Services (VSA 1.0), you may skip Step (Tab) 4 and move on to Step (Tab) 5 directly.
Chapter 7 Configuring Cisco IAC With the Wizard Managing PODs Registering Network PODs Tip This step is optional. However, it is mandatory if you are using Advanced Network Services. The Network POD is also required for OpenStack as well as Advanced Network Services. Cisco IAC 4.1.1 provides the ability to dynamically provision tenant networks within VDCs.
Chapter 7 Configuring Cisco IAC With the Wizard Setting System-Wide Services and Provisioning Note Devices which you have discovered and then register are those devices which you want dynamically created VLANS (by Cisco IAC) to be propagated to. Therefore, register a device if you want Cisco IAC to configure the VLAN on it and choose them when creating the network POD.
Chapter 7 Configuring Cisco IAC With the Wizard Setting System-Wide Services and Provisioning Setting System-Wide Service Options When a service is disabled, ALL users, including the CTPA, are disallowed from ordering the given service. Although users can see the link to a disabled service, a “disabled” message displays, and “Submit” buttons are hidden on the service forms. Tip You can re-enable a disabled service at any time.
Chapter 7 Configuring Cisco IAC With the Wizard Creating Resources for Network Services Step 3 Click Submit Order. Step 4 Click on the number in the Requisition Number field to display the details. Step 5 Click Close when the status says Completed. Configuring the E-Mail Notification Templates Cisco IAC includes a set of default (delivered as part of Prime Service Catalog) e-mail notification templates that you customize for an organization.
Chapter 7 Configuring Cisco IAC With the Wizard Creating Resources for Network Services • When you have completed all of the tasks in Step 7, click Next. • If you do not wish to add networks or create a Community VDC, click Skip. Registering a Datastore Datastores that are discovered automatically during Connect Cloud Infrastructure must be registered before they can be used in the Community VDC community and organization virtual data centers.
Chapter 7 Configuring Cisco IAC With the Wizard Creating Resources for Network Services • Subnet Address Specification: Enter the network for this subnet in CIDR notation. For example, 192.168.20.0/24. Enter only an IPv4 type of IP address. Note: Only networks from /23 through /29 are supported. • Community Network: Choose the network access scope for user networks. A community network is available to users in Community VDCs.
Chapter 7 Configuring Cisco IAC With the Wizard Creating Resources for Network Services Creating an Internet Transit Network (Optional) This is for use in Advanced Network Services to provide Internet Transit Network Connectivity to Organizations. Connectivity from Tenant Org CSRs to the Datacenter/Provider Edge ASRs. Note The steps for this procedure are the same as outlined in the Creating a Service Network, page 7-20.
Chapter 7 Configuring Cisco IAC With the Wizard Completing the Setup Completing the Setup Now that you have completed all of the required steps in the Configuration Wizard, your cloud environment is ready for ordering. The final phase, is to set or check certain permissions as follows. Note Most of these permissions will already be set, but problems may arise with the Cisco Intelligent Automation for Cloud 4.1.1 installation if these permissions are not set properly.
Chapter 7 Configuring Cisco IAC With the Wizard Completing the Setup Cisco Intelligent Automation for Cloud Installation Guide 7-24 OL-29971-02
A P P E N D I X A Upgrading From Cisco IAC 4.1 to 4.1.1 Upgrading from Cisco IAC 4.1 to IAC 4.1.1 with Cisco Prime Service Catalog 10.1 The following steps present a simplified and high level view of how to upgrade from Cisco Intelligent Automation for Cloud 4.1 to Cisco IAC 4.1.1. along with Cisco Prime Service Catalog. For more detailed information, see the Cisco Prime Service Catalog 10.1 Installation Guide for more information: http://www.cisco.
Appendix A Upgrading From Cisco IAC 4.1 to 4.1.1 Upgrading from Cisco IAC 4.1 to IAC 4.1.1 with Cisco Prime Service Catalog 10.1 Note Step 6 The unlimited strength policy files are "local_policy.jar" and "US_export_policy.jar", which can be downloaded from the following link: http://www.oracle.com/technetwork/java/javase/downloads/jce-7-download-432124.html Upgrade Prime Service Catalog to 10.1 from cisco.com. Apply all available 10.1 patches as well.
Appendix A Upgrading From Cisco IAC 4.1 to 4.1.1 Upgrading Process Orchestrator – Database Port [1521]: – Database Name [ServiceCatalog]: – Username [CPSCUSER]: CPSCUser – Password: – Testing database connection: Success! – Adapter Deployment Descriptor File: c:\rex\REXAdapter.xml – Install REX Step 9 Start Prime Service Catalog. Upgrading Process Orchestrator You need to upgrade Cisco Process Orchestrator, as well.
Appendix A Upgrading From Cisco IAC 4.1 to 4.1.1 Updating Agents Updating Agents Tip You need to upgrade agents only when upgrading manually. For new installations of Cisco Intelligent Automation for Cloud 4.1.1, this task is handled using Setup > Configuration Wizard (Day 0). Step 1 Log into Prime Service Catalog as site administrator. Step 2 Stop all agents. Step 3 Choose Service Link > Choose Control Agents. Step 4 Choose the agent called “REX Set REX Agent Properties.
Appendix A Upgrading From Cisco IAC 4.1 to 4.1.1 Upgrading and Sub-Interface Support Upgrading and Sub-Interface Support When upgrading to Cisco IAC 4.1.1 from Cisco IAC 4.x with Cloud Services Router (CSR) 3.13 3.13.1S(ED), followed by an upgrade to Cisco Prime Network Services Controller (PNSC) 3.4(x), we only allow sub-interfaces for newly created organizations, preserving the physical interface configuration of existing organizations. Tip Sub-Interface support on CSR in Cisco IAC 4.1.
Appendix A Upgrading From Cisco IAC 4.1 to 4.1.1 Upgrading and Sub-Interface Support Existing Organizations, Before Upgrade • New networks added to existing Virtual Data Centers (VDCs) as well as new VDCs will use physical interface creation. (Only if upgrading from 4.0 patch 4.) • Decommissioning of existing VDCs works as expected and is not affected by the upgrade.
Appendix A Upgrading From Cisco IAC 4.1 to 4.1.1 Post-Upgrade Tasks Post-Upgrade Tasks Tip After the upgrade process has finished, be sure to notify all Cisco IAC users to refresh their browser cache. They will continue to see the old version of Cisco IAC until they do so. Adding Permissions The following permission needs to be added to roles OTA, TTA and VSO using the Organization Designer after upgrade: “Read all Instance Data and Service Item Instance Data-OpenStack Projects.
Appendix A Upgrading From Cisco IAC 4.1 to 4.1.
A P P E N D I X B Solution Prerequisites Checklists Default Ports and Protocols Table B-1 Requirements—Default Ports and Protocols Application Default Port Protocol Description Cisco Prime Service Catalog 8080 TCP Client web browser connections to the Cisco Prime Service Catalog ServiceCatalog; Process Orchestrator communications to the Cisco Prime Service Catalog request center inbound web service 6080 TCP Process Orchestrator communications to the Cisco Prime Service Catalog service link inb
Appendix B Solution Prerequisites Checklists Storage Management Requirements Storage Management Requirements Table B-3 Requirements—Storage Management Requirement Create storage and configure as datastores Cisco UCS Manager Provisioning Requirements Table B-4 Requirement—Installing and Configuring UCS Manager Requirement UCS Manager is installed and configured before installing Cisco IAC Table B-5 Requirements—Creating UCS Manager Pools Requirement UUID suffix pool MAC address pool WWNN pool WWPN
Appendix B Solution Prerequisites Checklists VMware Software Requirements VMware Software Requirements Table B-7 Requirements—VMware Software Installation Requirement vCenter object names do not contain forward slashes vSphere PowersCLI 5 or later is installed on the Process Orchestrator server VMware Enterprise licensing is applied VMware vSphere Distributed Resource Scheduler (DRS) is enabled VM templates have been created with VMware tools installed to support operating system customizations Directo
Appendix B Solution Prerequisites Checklists Create a Community VDC Create a Community VDC Table B-11 Requirements—Community VDC Creation Requirement vCenter platform element is registered POD is created Register Datastores Create networks Order VM From Template Table B-12 Requirements—Order VM from Template Requirement VM templates created and discovered Virtual Data Center or Community VDC is created Register Virtual Machine templates Order a VM and Install an Operating System Table B-13 Require
A P P E N D I X C Solution Deployment Checklists Cloud Infrastructure Setup Checklist Table C-1 Cloud Infrastructure Setup Checklist Task Define the VMware vCenter Server platform element Define the Cisco UCS Manager platform element Set provisioning settings Add infrastructure network Add community network Create one or more PODs Set up the Community VDC Cisco Process Orchestrator Setup Checklist Table C-2 Process Orchestrator Setup Checklist Task Import the Core Automation Pack Import the Common Ac
Appendix C Solution Deployment Checklists REX Adapter Installation Checklist REX Adapter Installation Checklist Table C-3 REX Adapter Installation Checklist Task Install the REX Adapter Directory Integration Setup Checklist (If Applicable) Note These tasks are required only if external authentication is enabled for your environment. Otherwise, skip to the next checklist.
Appendix C Solution Deployment Checklists Portal and Portlet Deployment Checklist Portal and Portlet Deployment Checklist Table C-6 Portal Deployment and Configuration Checklist Task Copy portlets folder and extract files Configure Cisco Prime Service Catalog stylesheets Import and deploy portal pages Add portlet access to My Workspace Cloud Administration Setup Checklist Table C-7 Cloud Administration Setup Checklist Task Configure and enable approvals Set up REX and nsAPI user account Set username
Appendix C Solution Deployment Checklists Cisco Intelligent Automation for Cloud Prerequisites Table C-8 Directory Integration Setup Checklist Task Set up directory structure on the LDAP server, with Groups and Users folders. Create the nsAPI user account on the LDAP server. Create the lookup user account with “Read MemberOf” lookup permissions. Configure the LDAP server in Cisco Prime Service Catalog. Configure authentication: • Configure mappings. • Configure events.
Appendix C Solution Deployment Checklists Organizations and Users Setup Checklist Table C-10 e-mail Notification Templates Checklist (continued) Email Template Lease Expiration - Second Warning My Services Departmental Reviews My Services Financial and Departmental Authorizations My Services Service Group Reviews Notification System Error in Service Request Order VM from Template Completion Notification Process Escalation Remove Role Completion Notification Service Canceled Notification Service Complete
Appendix C Solution Deployment Checklists Organizations and Users Setup Checklist Cisco Intelligent Automation for Cloud Installation Guide C-6 OL-29971-02
A P P E N D I X D Solution Deployment Worksheets for Cisco Intelligent Automation for Cloud Hardware Specifications Table D-1 Hardware Specifications for Platform Elements Platform Element Component Process Orchestrator Server CPU Client Server Memory Disk space Cisco Prime Service Catalog Prime Service CatalogDatabase UCS CPU — Memory — Disk space — CPU — Memory — Disk space — CPU — Memory — Blades — Database Connection Settings Table D-2 Minimum Software Requirements Comp
Appendix D Solution Deployment Worksheets for Cisco Intelligent Automation for Cloud Database Connection Settings Table D-2 Minimum Software Requirements Component Server Version Application Software Process Orchestrator Prime Service Catalog LDAP Server Process Orchestrator Prime Service Catalog Note Web server LDAP server requirements apply only if your environment has been enabled for external authentication.
Appendix D Solution Deployment Worksheets for Cisco Intelligent Automation for Cloud Process Orchestrator Web Service Target Settings Table D-3 Database Connection Settings Component Server Version Datamart credentials Database or Windows authentication? Username Password Domain Cisco Prime Service Catalog credentials Database or Windows authentication? Username Password Domain Process Orchestrator Web Service Target Settings Process Orchestrator web service settings are configured when the Cisco
Appendix D Solution Deployment Worksheets for Cisco Intelligent Automation for Cloud Cisco Prime Service Catalog Request Center and Service Link User Account Credentials Table D-5 Process Orchestrator-Prime Service Catalog Integration API Connection User Account Credentials Requirement Setting Username Password Cisco Prime Service Catalog Request Center and Service Link User Account Credentials Table D-6 Cisco Prime Service Catalog Request Center and Service Link User Account Credentials Requirement
Appendix D Solution Deployment Worksheets for Cisco Intelligent Automation for Cloud Directory Integration Settings (If Applicable) Directory Integration Settings (If Applicable) LDAP Server Configurations Table D-9 Directory Integration—LDAP Server Settings Requirement Setting Datasource name Datasource description (optional) Protocol Server product and version BindDN Host User BaseDN Port number Password Configure Authentication Configure Mapping Table D-10 Directory Integration—Mapping Configurat
Appendix D Solution Deployment Worksheets for Cisco Intelligent Automation for Cloud Cloud Administrator and Organization Settings Configure Events Table D-11 Directory Integration—Event Configurations Requirement Setting EUABindDN Mappings Settings Table D-12 Directory Integration—Mappings Settings Requirement Setting First name Last name Login ID Person identification E-mail address Home organization unit Password Role list Events Settings Table D-13 Directory Integration—Events Settings Re
Appendix D Solution Deployment Worksheets for Cisco Intelligent Automation for Cloud Agent Properties Settings Table D-14 Cloud Administrator and Organization Settings (continued) Requirement Setting REX adapter user credentials Username Password Current role assigned Current organization assigned Cloud Administrator—Organization Organization name Cloud Administrator—User credentials Username Password Current role assigned Current organization assigned Agent Properties Settings REX Set REX Agent
Appendix D Solution Deployment Worksheets for Cisco Intelligent Automation for Cloud E-mail Addresses for Queue Notifications Table D-17 HTTP Agent Settings (continued) Requirement Setting Authentication Scheme (NTLMv2, NTLM or Basic) Process Orchestrator username Process Orchestrator password Process Orchestrator domain Prime Service Catalog hostname Prime Service Catalog Service Link URL E-mail Addresses for Queue Notifications Table D-18 E-mail Addresses for Queue Notifications Queue E-mail Ad
Appendix D Solution Deployment Worksheets for Cisco Intelligent Automation for Cloud Provisioning Settings Cisco UCS Manager Connection Settings Table D-20 Cisco UCS Manager Connection Settings Platform Element Requirement Cisco UCS Manager Host name Setting Port Secure connection protocol? (T/F) Ignore certificate error? (T/F) Time zone Username Password Provisioning Settings Table D-21 Provisioning Settings Requirement Setting Cisco SP time zone Default virtual server clone timeout Cloud dup
Appendix D Solution Deployment Worksheets for Cisco Intelligent Automation for Cloud Network Settings Table D-22 System-wide Service Options (continued) Name Setting Multiple Security Zones Enhanced VM Security High Availability Load balancing Services Application Configuration Management Service Assurance Names Network Settings Table D-23 Network Settings Requirement Setting Network name Subnet address specification (IP address/ routing prefix) Community network Public network Ne
Appendix D Solution Deployment Worksheets for Cisco Intelligent Automation for Cloud Community VDC Settings Table D-24 Community VDC Settings (continued) Requirement Setting VMware vCenter Instance VMware Datacenter Cisco UCS Manager Instance Community VDC Settings Table D-25 Community VDC Settings Requirement Setting POD VMware vCenter Datacenter Standards Settings (Optional) If you have opted not to modify any standards settings for these service options, check the following check box: No st
Appendix D Solution Deployment Worksheets for Cisco Intelligent Automation for Cloud Standards Settings (Optional) Table D-26 Lease Term Settings (continued) Template Requirement Settings New lease duration Lease term (for example, 6 months) Runtime (seconds) Storage (seconds) Warning 1 (seconds) New lease duration Lease term (for example, 6 months) Runtime (seconds) Storage (seconds) Warning 1 (seconds) Operating Systems Standards No operating systems standards have been added or modified.
Appendix D Solution Deployment Worksheets for Cisco Intelligent Automation for Cloud Standards Settings (Optional) Table D-28 Server Size Standards Settings (continued) Size Label Component Large CPUs Setting Memory (GB) Storage (GB) New server size standard (optional) Size label CPUs Memory (GB) Storage (GB) New server size standard (optional) Size label CPUs Memory (GB) Storage (GB) New server size standard (optional) Size label CPUs Memory (GB) Storage (GB) VDC Size Standards No VDC size
Appendix D Solution Deployment Worksheets for Cisco Intelligent Automation for Cloud Standards Settings (Optional) Table D-29 VDC Size Standards Settings (continued) Size Label Component Medium Maximum virtual servers Setting Maximum vCPU Maximum memory (GB) Maximum total storage (GB) Maximum physical servers CPU limit (MHz) Resource pool CPU reservation (MHz) Resource pool memory reservation (GB) Number of snapshots VDC Large Maximum virtual servers Maximum vCPU Maximum memory (GB) Maximum total
Appendix D Solution Deployment Worksheets for Cisco Intelligent Automation for Cloud Standards Settings (Optional) Table D-29 VDC Size Standards Settings (continued) Size Label Component Setting New VDC size standard (optional) Maximum virtual servers Maximum vCPU Maximum memory (GB) Maximum total storage (GB) Maximum physical servers CPU limit (MHz) Resource pool CPU reservation (MHz) Resource pool memory reservation (GB) Number of snapshots VDC New VDC size standard (optional) Maximum virtual se
Appendix D Solution Deployment Worksheets for Cisco Intelligent Automation for Cloud Standards Settings (Optional) Cisco Intelligent Automation for Cloud Installation Guide D-16 OL-29914-02
A P P E N D I X E Required Privileges for vCenter Service Account This appendix serves as reference for ensuring the service account used for Cisco IAC to connect and manage vCenter Server objects has the required, specific security privileges. To enable these permissions: Step 1 Connect vSphere Client to vCenter Server. Step 2 Click Home, then click Roles. Step 3 To create a new user role, right-click on a blank area and choose Add. Step 4 Enter a name (for example, “IAC Service Account”).
Appendix E Required Privileges for vCenter Service Account Privilege List Privilege AutoDeploy/RuleSet Datacenter/Create datacenter Datacenter/IP pool configuration Datacenter/Move datacenter Datacenter/Remove datacenter Datacenter/Rename datacenter Datastore/Allocate space Datastore/Browse datastore Datastore/Configure datastore Datastore/Low level file operations Enumerate Datastores vSphere Role Privileges Alarms/Acknowledge alarm Alarms/Create alarm PO VM Activities PO Activities Used in 4.
Appendix E Required Privileges for vCenter Service Account Privilege List Privilege Add Host Port Group Update Host Port Group Create Folder vSphere Role Privileges PO VM Activities PO Activities Used in 4.
Appendix E Required Privileges for vCenter Service Account Privilege List Cisco Intelligent Automation for Cloud Installation Guide E-4 OL-29971-01
A P P E N D I X F Upgrading Cisco Prime Service Catalog and Installing the REX Adapter If you are upgrading to Cisco Intelligent Automation for Cloud 4.1.1 from any version of Cisco IAC 4.x version prior to Cisco IAC 4.0.0.4 (specifically, 4.0.0.1, 4.0.0.2, or 4.0.0.3), you will need to upgrade Prime Service Catalog to the latest compatible version and install the REX adapter.
Appendix F Upgrading Cisco Prime Service Catalog and Installing the REX Adapter Installing (or Reinstalling) the REX Adapter Installing (or Reinstalling) the REX Adapter Note Before starting the process, we highly recommended that you stop both Cisco Prime Service Catalog and Cisco Prime Service Link services. Step 1 Copy Prime Service Catalog/IACAdapters-[release].zip from the Cisco IAC 4.1.1 download into a temporary directory on the Prime Service Catalog server.
Appendix F Upgrading Cisco Prime Service Catalog and Installing the REX Adapter Installing (or Reinstalling) the REX Adapter Table 6-1 Sample Runs Database Sample Run SQL Server c:\adk>adapter_dbinstaller.cmd found bin\java.exe Please enter the database connection information.
Appendix F Upgrading Cisco Prime Service Catalog and Installing the REX Adapter Installing (or Reinstalling) the REX Adapter Cisco Intelligent Automation for Cloud Installation Guide F-4 OL-29971-02
A P P E N D I X G Upgrading Cisco PPM to the Full License The Trial (demo) edition of Prime Performance Manager (PPM) ships with Cisco IAC 3.0.2 Management Appliance. In order to leverage the benefits of the Full (licensed edition) of PPM (1.5.1), you will need to uninstall the demo version and then install the licensed version. How to do so (with an option to save your data, if required) is explained in this section.
Appendix G Table 7-2 Upgrading Cisco PPM to the Full License Recommended Hardware Configurations (continued) CPU non-NEBs Compliant Systems CPU Type Cisco UCS C200M2 4-core (UCS C200M2) Xeon E5620 Cisco UCS B200M3 4-core (UCS B200M3) Xeon E5-2609v2 2.5 GHz Oracle Netra X3-2 or equivalent 8-core (Oracle X3-2) Table 7-3 NEBs Compliant Systems 2.4 GHz Xeon E5-2658 2.
Appendix G Upgrading Cisco PPM to the Full License /opt/CSCOppm-gw/bin/ppm backup Step 3 Validate that the backup file(s) were created. Note The default location of the files is /opt. Examples of files created: Step 4 • ppm15-Unit-hostname.tar • ppm15-Gateway-hostname-backup.tar Uninstall Prime Performance Manager 1.5.1 evaluation. • To uninstall a previous build without any questions: /opt/CSCOppm-gw/bin/ppm uninstall -n Step 5 Install 1.5.
Appendix G Upgrading Cisco PPM to the Full License Upgrading Without the Need to Save Data If you do not need to save your data created with the trial/demo version during the evaluation period, follow the steps below to upgrade to the fully licensed version of Prime Performance Manager. Step 1 Download Prime Performance Manager (PPM) 1.5 FCS version and the 1.5.1 update from Cisco.com. Caution Step 2 You need to back up /opt/CSCOppm-gw/etc/amqpConfig.xml before starting.
