Cisco Virtual Application Container Services Installation Guide,
Release 5.1STV1.0
First Published: October 31, 2014
Last Modified: February 11, 2015
Americas Headquarters
Cisco Systems, Inc.
170 West Tasman Drive
San Jose, CA 95134-1706
USA
http://www.cisco.com
Tel: 408 526-4000
800 553-NETS (6387)
Fax: 408 527-0883
THE SPECIFICATIONS AND INFORMATION REGARDING THE PRODUCTS IN THIS MANUAL ARE SUBJECT TO CHANGE WITHOUT NOTICE. ALL STATEMENTS,
INFORMATION, AND RECOMMENDATIONS IN THIS MANUAL ARE BELIEVED TO BE ACCURATE BUT ARE PRESENTED WITHOUT WARRANTY OF ANY KIND,
EXPRESS OR IMPLIED. USERS MUST TAKE FULL RESPONSIBILITY FOR THEIR APPLICATION OF ANY PRODUCTS.
THE SOFTWARE LICENSE AND LIMITED WARRANTY FOR THE ACCOMPANYING PRODUCT ARE SET FORTH IN THE INFORMATION PACKET THAT SHIPPED WITH
THE PRODUCT AND ARE INCORPORATED HEREIN BY THIS REFERENCE. IF YOU ARE UNABLE TO LOCATE THE SOFTWARE LICENSE OR LIMITED WARRANTY,
CONTACT YOUR CISCO REPRESENTATIVE FOR A COPY.
The Cisco implementation of TCP header compression is an adaptation of a program developed by the University of California, Berkeley (UCB) as part of UCB's public domain version
of the UNIX operating system. All rights reserved. Copyright © 1981, Regents of the University of California.
NOTWITHSTANDING ANY OTHER WARRANTY HEREIN, ALL DOCUMENT FILES AND SOFTWARE OF THESE SUPPLIERS ARE PROVIDED “AS IS" WITH ALL FAULTS.
CISCO AND THE ABOVE-NAMED SUPPLIERS DISCLAIM ALL WARRANTIES, EXPRESSED OR IMPLIED, INCLUDING, WITHOUT LIMITATION, THOSE OF
MERCHANTABILITY, FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT OR ARISING FROM A COURSE OF DEALING, USAGE, OR TRADE PRACTICE.
IN NO EVENT SHALL CISCO OR ITS SUPPLIERS BE LIABLE FOR ANY INDIRECT, SPECIAL, CONSEQUENTIAL, OR INCIDENTAL DAMAGES, INCLUDING, WITHOUT
LIMITATION, LOST PROFITS OR LOSS OR DAMAGE TO DATA ARISING OUT OF THE USE OR INABILITY TO USE THIS MANUAL, EVEN IF CISCO OR ITS SUPPLIERS
HAVE BEEN ADVISED OF THE POSSIBILITY OF SUCH DAMAGES.
Any Internet Protocol (IP) addresses and phone numbers used in this document are not intended to be actual addresses and phone numbers. Any examples, command display output, network
topology diagrams, and other figures included in the document are shown for illustrative purposes only. Any use of actual IP addresses or phone numbers in illustrative content is unintentional
and coincidental.
Cisco and the Cisco logo are trademarks or registered trademarks of Cisco and/or its affiliates in the U.S. and other countries. To view a list of Cisco trademarks, go to this URL: http://
www.cisco.com/go/trademarks. Third-party trademarks mentioned are the property of their respective owners. The use of the word partner does not imply a partnership
relationship between Cisco and any other company. (1110R)
© 2014
Cisco Systems, Inc. All rights reserved.
CONTENTS
Preface
Preface v
Audience v
Document Conventions v
Documentation Feedback vii
Obtaining Documentation and Submitting a Service Request vii
CHAPTER 1
Overview 1
About Cisco Virtual Application Container Services 1
Components of Cisco Virtual Application Container Services 2
Benefits of Cisco VACS 2
Wizards in Cisco VACS 3
Cisco VACS Solution in Cisco UCS Director 3
Logging Into the Cisco UCS Director 4
Understanding the Cisco VACS Interface 4
Cisco VACS User Roles 5
About Cisco UCS Director 6
Features and Benefits 6
Physical and Virtual Management Features 8
System Requirements 9
Hardware Requirements for Cisco VACS 9
Information About the Cisco Nexus 1000V Virtual Supervisor Module 9
Related Documentation for the Cisco Virtual Application Container Services 11
CHAPTER 2
Cisco VACS Installation Task Summary 13
Cisco VACS Installation Tasks Summary 13
CHAPTER 3
Cisco VACS License 15
Cisco Virtual Application Container Services Installation Guide, Release 5.1STV1.0
iii
Contents
About Cisco VACS Licenses 15
Guidelines and Limitations for Cisco VACS License 15
Fulfilling the Product Access Key 17
Updating the Cisco UCS Director License 17
Updating the Cisco VACS License 18
Installing the CSR1000V License 19
CHAPTER 4
Installing Cisco VACS Components 21
Cisco VACS Installation Sequence 21
Prerequisites for Installing Cisco Virtual Application Container Services 22
Applying the Cisco VACS Patch to the Cisco UCS Director 22
Uploading a Cisco Virtual Application Container Services Package 23
Verifying the Installation of the Cisco Virtual Application Container Services 23
Creating a Virtual Account 24
Installing Cisco Prime Network Services Controller 24
Installing the Cisco Nexus 1000V 29
Adding Hosts to Nexus 1000V DVS 34
Adding Hosts 36
CHAPTER 5
Troubleshooting Installation Issues 43
Removing a Cisco Virtual Switch Update Manager Installation Manually 43
Removing the Cisco Nexus 1000V VSM Manually 44
Removing a PNSC Installation Manually 44
Removing the Hosts Manually 45
Deleting a Database Entry From UCS Director Database Table 45
Error Messages 46
CHAPTER 6
FAQs 47
FAQs about Cisco VACS Installation 47
Cisco VACS License FAQs 50
Cisco Virtual Application Container Services Installation Guide, Release 5.1STV1.0
iv
Preface
This preface contains the following sections:
• Audience, page v
• Document Conventions, page v
• Documentation Feedback, page vii
• Obtaining Documentation and Submitting a Service Request, page vii
Audience
This publication is for administrators and end users who configure and maintain virtualization environments.
This guide is for administrators and end users with the following experience and knowledge:
• An understanding of virtualization
• An understanding of virtualized network and security services
• An understanding of the corresponding virtualization management software, such as VMware vCenter
and Cisco UCS Director
Document Conventions
Command descriptions use the following conventions:
Convention
Description
bold
Bold text indicates the commands and keywords that you enter literally
as shown.
Italic
Italic text indicates arguments for which the user supplies the values.
[x]
Square brackets enclose an optional element (keyword or argument).
Cisco Virtual Application Container Services Installation Guide, Release 5.1STV1.0
v
Preface
Document Conventions
Convention
Description
[x | y]
Square brackets enclosing keywords or arguments separated by a vertical
bar indicate an optional choice.
{x | y}
Braces enclosing keywords or arguments separated by a vertical bar
indicate a required choice.
[x {y | z}]
Nested set of square brackets or braces indicate optional or required
choices within optional or required elements. Braces and a vertical bar
within square brackets indicate a required choice within an optional
element.
variable
Indicates a variable for which you supply values, in context where italics
cannot be used.
string
A nonquoted set of characters. Do not use quotation marks around the
string or the string will include the quotation marks.
Examples use the following conventions:
Convention
Description
screen font
Terminal sessions and information the switch displays are in screen font.
boldface screen font
Information you must enter is in boldface screen font.
italic screen font
Arguments for which you supply values are in italic screen font.
<>
Nonprinting characters, such as passwords, are in angle brackets.
[]
Default responses to system prompts are in square brackets.
!, #
An exclamation point (!) or a pound sign (#) at the beginning of a line
of code indicates a comment line.
This document uses the following conventions:
Note
Caution
Means reader take note. Notes contain helpful suggestions or references to material not covered in the
manual.
Means reader be careful. In this situation, you might do something that could result in equipment damage
or loss of data.
Cisco Virtual Application Container Services Installation Guide, Release 5.1STV1.0
vi
Preface
Documentation Feedback
Documentation Feedback
To provide technical feedback on this document, or to report an error or omission, please send your comments
to:
• [email protected]
We appreciate your feedback.
Obtaining Documentation and Submitting a Service Request
For information on obtaining documentation, submitting a service request, and gathering additional information,
see the monthly What's New in Cisco Product Documentation, which also lists all new and revised Cisco
technical documentation.
Subscribe to the What's New in Cisco Product Documentation as a Really Simple Syndication (RSS) feed
and set content to be delivered directly to your desktop using a reader application. The RSS feeds are a free
service and Cisco currently supports RSS version 2.0.
Cisco Virtual Application Container Services Installation Guide, Release 5.1STV1.0
vii
Preface
Obtaining Documentation and Submitting a Service Request
Cisco Virtual Application Container Services Installation Guide, Release 5.1STV1.0
viii
CHAPTER
1
Overview
This chapter contains the following sections.
• About Cisco Virtual Application Container Services, page 1
• Cisco VACS Solution in Cisco UCS Director , page 3
• About Cisco UCS Director, page 6
• System Requirements, page 9
• Hardware Requirements for Cisco VACS, page 9
• Information About the Cisco Nexus 1000V Virtual Supervisor Module, page 9
• Related Documentation for the Cisco Virtual Application Container Services, page 11
About Cisco Virtual Application Container Services
Cisco Virtual Application Container Services Cisco VACS is a software solution that automates the coordinated
licensing, installation, and deployment of multiple virtual services in your datacenter to enable an easy and
efficient setup of virtualized applications. Cisco VACS provides a fully customizable extended application
container abstraction to simplify deploying and provisioning the virtual services. Cisco VACS allows you to
define extended application container templates and to instantiate them through automated setup and
provisioning of the underlying virtual components. Cisco UCS Director provides the management interface
to deploy, provision, and monitor the Cisco VACS solution.
Cisco VACS provides you with a choice of ready-to-use application container templates that define the rules
for deploying a collection of virtual machines (VMs) within a private network secured by a firewall. An
application container is a set of virtual services such as virtual switches, routers, firewalls, and other network
devices configured in a consistent manner to deploy different workloads. When you create and instantiate an
application container template, Cisco VACS deploys VMs, and configures networks, the firewall, and virtual
switches, and enables quick provisioning of network and security at the virtual layer.
For information about Cisco UCS Director and its features and benefits, see About Cisco UCS Director, on
page 6.
Cisco Virtual Application Container Services Installation Guide, Release 5.1STV1.0
1
Overview
Components of Cisco Virtual Application Container Services
Components of Cisco Virtual Application Container Services
Cisco VACS enables you to build a secure multi tenant cloud and provides ready-to-use application container
templates by leveraging the features in the following virtual components:
• Cisco Nexus 1000V
• Cisco Cloud Services Router (CSR) 1000V
• Cisco Virtual Security Gateway (VSG)
• Cisco Prime Network Services Controller (PNSC)
The following figure shows how these components fit into the architecture of Cisco VACS.
Figure 1: Cisco VACS Architecture
Benefits of Cisco VACS
Cisco VACS provides the following benefits :
• A simplified and central provisioning solution for virtual network services.
• Ready-to-use regulatory compliant secure containers that can be created and instantiated with a few
mouse clicks.
• Hypervisor-independent architecture that enables you to build and manage a secure, multi-tenant cloud.
• Consistent deployment of virtual and physical resources with no additional costs.
For more information about how to configure application container templates on Cisco VACS, see the Cisco
Virtual Application Containers Configuration Guide.
Cisco Virtual Application Container Services Installation Guide, Release 5.1STV1.0
2
Overview
Wizards in Cisco VACS
Wizards in Cisco VACS
Cisco VACS includes a set of wizards that guide you through the installation of Cisco PNSC and Cisco Nexus
1000V, and adding hosts and templates. Following are the available wizards:
• Add Virtual Application Container Services
This wizard allows you to create an internal container template.
• Install PNSC
This wizard helps you to install the Cisco Prime Network Services Controller (PNSC).
• Install Nexus 1000V
This wizard helps you to install the Cisco Nexus 1000V virtual switch.
• Add Host
This wizard helps you to add hosts to the Cisco Nexus 1000V DVS.
Cisco VACS Solution in Cisco UCS Director
After you install the Cisco UCS Director – Cisco VACS license and apply the Cisco VACS patch to the Cisco
UCS Director, you can view the Cisco VACS solution under the Solutions > VACS Container tab. The
following action buttons are available on the Cisco Virtual Application Container Services tab:
• Add Template - For more information about adding a Cisco Virtual Application Container Services
template, see the Cisco VACS Container Configuration Guide.
• Installing the CSR1000V License
• Uploading a Cisco Virtual Application Container Services Package
• Installing Cisco Prime Network Services Controller
• Installing the Cisco Nexus 1000V
• Adding Hosts
The following management actions are also available:
• Edit Template
• Clone Template
• Delete Template
• Create Container
For more information on the above management actions, see the Cisco Virtual Application Container Services
Configuration Guide
For information on applying the Cisco VACS Patch to the Cisco UCS Director, see the Applying the Cisco
VACS Patch to the Cisco UCS Director, on page 22
.
Cisco Virtual Application Container Services Installation Guide, Release 5.1STV1.0
3
Overview
Logging Into the Cisco UCS Director
Logging Into the Cisco UCS Director
Step 1
Step 2
In the Address field of the browser, enter the IP address of the Cisco UCS Director and press Enter.
The Cisco UCS Director login page appears.
Enter the username and password in the Username and Password fields, and click Login.
The Cisco UCS Director home page appears.
Understanding the Cisco VACS Interface
This section describes the Cisco VACS interface and the features that you can access using Cisco UCS Director.
Figure 2: Cisco VACS Interface
Table 1: Elements of the Cisco VACS User Interface
Number
Description
1
The Menu bar displays tabs that allow you to view the Cisco VACS
solution interface, along with the UCS Director tabs.
Cisco Virtual Application Container Services Installation Guide, Release 5.1STV1.0
4
Overview
Cisco VACS User Roles
2
The VACS Container tab displays the sub menu corresponding to the
Cisco VACS software solution.
3
The Virtual Application Container Services sub menu displays tabs
that allow you to add a template, CRS license, and a host, upload the
VACS package, and install PNSC and Nexus 1000V.
4
The Virtual Application Container Services area displays the available
template details, such as the container template, template description,
and the container type.
5
This sub menu displays buttons that allows you to do the following:
• customize the table
• export reports
• add an advance filter
• search
This sub menu displays buttons that allows you to do the following:
6
• view user information
• log out of the Cisco UCS Director interface
• view the Cisco web page
• view information about the Cisco UCS Director
• view the Cisco UCS Director Online Help
• search for objects
Cisco VACS User Roles
You can use one of the following roles to access and use Cisco VACS:
• Service End User—Enables you to instantiate a Cisco VACS container from the catalog and services
that are related to the container.
• System Administrator—Enables you to have full privileges to manage Cisco VACS in Cisco UCS
Director including adding accounts, defining policies, creating application templates, instantiating
application containers from the templates, and troubleshoot problems.
Attention
Depending on your user role, your view of Cisco VACS solution, and the permissions to access and
perform tasks in Cisco UCS Director might differ. For detailed information about user roles and privileges,
see the Cisco UCS Director Administration Guide and the Cisco UCS Director Self-Service Portal Guide.
Cisco Virtual Application Container Services Installation Guide, Release 5.1STV1.0
5
Overview
About Cisco UCS Director
About Cisco UCS Director
Cisco UCS Director is a 64-bit appliance that uses the Open Virtualization Format (OVF) for VMware vSphere
standard template:
Cisco UCS Director delivers unified, highly secure management for converged infrastructure solutions, that
are based on the Cisco UCS and Cisco Nexus platforms.
Cisco UCS Director extends the unification of computing and network layers through Cisco UCS to provide
you with a comprehensive visibility and management capability. It supports NetApp FlexPod and ExpressPod,
EMC Isilon, EMC VSPEX, EMC VPLEX, and VCE Vblock systems, which are based on the Cisco UCS and
Cisco Nexus platforms.
Cisco UCS Director automates the provisioning of resource pools across physical, virtual, and baremetal
environments. It delivers native, automated monitoring for health, status, and resource utilization. You can
do the following using Cisco UCS Director:
• Create, clone, and deploy service profiles and templates for all servers and applications
• Monitor organizational usage, trends, and capacity across a converged infrastructure on a continuous
basis, such as by viewing heat maps that show virtual machine (VM) utilization across all your data
centers
• Deploy and add capacity to ExpressPod and FlexPod infrastructures in a consistent, repeatable manner
• Manage, monitor, and report on Cisco UCS domains and their components
• Extend virtual service catalogs to include physical infrastructures services
• Manage secure multitenant environments to accommodate virtualized workloads that run with
nonvirtualized workloads
Features and Benefits
The features and benefits of Cisco UCS Director are as follows:
Feature
Central management
Benefit
• Provides a single interface for administrators to monitor, provision, and
manage the system across physical, virtual, and baremetal environments
• Provides unified dashboards, reports, and heat maps, which reduce
troubleshooting and performance bottlenecks
Self-service catalog
Adaptive provisioning
• Allows end users to order and deploy new infrastructure instances
following IT-prescribed policies and governance
• Provides a real-time available capability, internal policies, and application
workload requirements to optimize the availability of your resources
Cisco Virtual Application Container Services Installation Guide, Release 5.1STV1.0
6
Overview
Features and Benefits
Feature
Benefit
Dynamic capacity
management
• Provides continuous monitoring that indicates real-time infrastructure
consumption to improve capacity planning and management
• Identifies underutilized and overutilized resources
Multiple hypervisor support
Computing management
• Supports VMware ESX, ESXi, and Red Hat hypervisors
• Monitors, manages, and provisions physical, virtual, and baremetal
servers, as well as blades
• Allows end users to implement virtual machine life-cycle management
and business continuance through snapshots
• Allows administrators to access server utilization trending analysis
Network management
• Provides policy-based provisioning of physical and virtual switches and
dynamic network topologies
• Allows administrators to configure VLANs, virtual network interface
cards (vNICs), port groups and port profiles, IP and Dynamic Host
Control Protocol (DHCP) allocation, and access control lists (ACLs)
across network devices
Storage management
• Provides policy-based provisioning and management of filers, virtual
filers (vFilers), logical unit numbers (LUNs), and volumes
• Provides unified dashboards that allow administrators comprehensive
visibility into organizational usage, trends, and capacity analysis details.
Cisco CloudGenie
• Provides mobile management from Apple iPad and iPhone and Android
devices
• Supports mobile self-service provisioning, virtual machine management,
and viewing of administrative dashboards
Cisco Virtual Application Container Services Installation Guide, Release 5.1STV1.0
7
Overview
Physical and Virtual Management Features
Physical and Virtual Management Features
Physical Server Management
Virtual Computing Management
• Discover and collect configurations and changes
• Discover, collect, and monitor virtual computing
environments
• Monitor and manage physical servers
• Perform policy-based provisioning and dynamic
resource allocation
• Perform policy-based server provisioning
• Manage blade power
• Manage the host server load and power
• Manage the server life cycle
• Manage the VM life cycle and snapshots
• Perform server use trending and capacity
analysis
• Perform analytics to assess VM capacity,
sprawl, and host utilization
• Perform baremetal provisioning using preboot
execution environment (PXE) boot management
Physical Storage Management
Virtual Storage Management
• Discover, collect, and monitor storage filers
• Discover, collect, and monitor storage of vFilers
and storage pools
• Perform policy-based provisioning of vFilers
• Perform policy-based storage provisioning for
thick and thin clients
• Provision and map volumes
• Create and map Logical Unit Number (LUN)
and iGroup instances
• Create new datastores and map them to virtual
device contexts (VDCs)
• Perform SAN zone management
• Add and resize disks to VMs
• Monitor and manage network-attached storage
(NAS) and SAN-based storage
• Monitor and manage organizational storage use
• Perform virtual storage trend and capacity
analysis
• Implement storage best practices and
recommendation
Physical Network Management
Virtual Network Management
• Discover, collect, and monitor physical network
elements
• Provision VLANs across multiple switches
• Configure Access Control Lists (ACLs) on
network devices
• Configure the storage network
• Implement dynamic network topologies
• Add networks to VMs
• Perform policy-based provisioning with IP and
DHCP allocation
• Configure and connect Virtual Network
Interface Cards ( vNICs) to VLANs and private
VLANs
• Create port groups and port profiles for VMs
• Monitor organizational use of virtual networks
Cisco Virtual Application Container Services Installation Guide, Release 5.1STV1.0
8
Overview
System Requirements
System Requirements
Cisco VACS has the following system requirements:
• Cisco UCS Director Release 5.1
• VMware vSphere 5.1 or later
• Cisco Nexus 1000V Release 5.2(1)SV3(1.1)
• Cisco Prime Network Services Controller 3.2.2.b
• Cisco Virtual Security Gateway Release 5.2(1)VSG2(1.2)
• Cisco Cloud Services Router 1000V Release XE 3.12.0
Hardware Requirements for Cisco VACS
The following are the hardware requirements for installing Cisco VACS.
Components
Memory
Hard Drive in GB
Memory
RAM in GB
CPU
Cisco UCS Director
100
8
4
Cisco Virtual Switch Update
Manager (VSUM)
80
4
2
Cisco Nexus 1000V VSM
3
4
2
(Cisco VACS installs the
Cisco Nexus 1000V in a HA
pair)
Cisco Prime network Services
Controller (PNSC)
220
4
4
Information About the Cisco Nexus 1000V Virtual Supervisor
Module
You can install the VSM in either a standalone or active/standby high-availability (HA) pair. We recommend
that you install two VSMs in an active-standby configuration for high availability.
By default, Cisco VACS installs the VSMs in a high availability pair.
The VSM, along with the VEMs that it controls, performs the following functions for the Cisco Nexus 1000V
system:
• Configuration
Cisco Virtual Application Container Services Installation Guide, Release 5.1STV1.0
9
Overview
Information About the Cisco Nexus 1000V Virtual Supervisor Module
• Management
• Monitoring
• Diagnostics
• Integration with VMware vCenter Server
The VSM uses an external network fabric to communicate with the VEMs. The VSM runs the control plane
protocols and configures the state of each VEM, but it never actually forwards packets. The physical NICs
on the VEM server are the uplinks to the external fabric. VEMs switch traffic between the local virtual Ethernet
ports that are connected to the VM vNICs but do not switch the traffic to other VEMs. Instead, a source VEM
switches packets to the uplinks that the external fabric delivers to the target VEM.
A single Cisco Nexus 1000V instance, including dual-redundant VSMs and managed VEMs, forms a switch
domain. Each Cisco Nexus 1000V domain within a VMware vCenter Server must be distinguished by a unique
integer called the domain identifier.
A single VSM can control up to 254 VEMs.
See the Cisco Nexus 1000V Resource Availability Reference for information about scale limits.
The Cisco Nexus 1000V architecture is shown in this figure.
Figure 3: Cisco Nexus 1000V Architecture
Cisco Virtual Application Container Services Installation Guide, Release 5.1STV1.0
10
Overview
Related Documentation for the Cisco Virtual Application Container Services
Related Documentation for the Cisco Virtual Application
Container Services
This section lists the documents used with the Cisco VACS components and are available on Cisco.com at
the following URL:
Cisco Virtual Application Container Services Documentation
General Information
Cisco Virtual Application Container Services Release Notes
Installation
Cisco Virtual Application Container Services Installation Guide
Configuration
Cisco Virtual Application Container Services Configuration Guide
User Information
Cisco Virtual Application Container Self-Service Portal User Guide
Nexus 1000V Documentation
For the Cisco Nexus 1000V for VMware vSphere Documentation:
Cisco Nexus 1000V for VMware vSphere Documentation
Prime Network Services Controller Documentation
Prime Network Services Controller Documentation
Cloud Services Router 1000V Documentation
Cloud Services Router 1000V Documentation
Virtual Security Gateway Documentation
Cisco Virtual Security Gateway Documentation
UCS Director Documentation
UCS Director Documentation
Cisco Virtual Application Container Services Installation Guide, Release 5.1STV1.0
11
Overview
Related Documentation for the Cisco Virtual Application Container Services
Cisco Virtual Application Container Services Installation Guide, Release 5.1STV1.0
12
CHAPTER
2
Cisco VACS Installation Task Summary
This chapter contains the following section:
• Cisco VACS Installation Tasks Summary, page 13
Cisco VACS Installation Tasks Summary
The following sections describe the summary of tasks required to install Cisco VACS:
Tasks before you begin the installation process
• Gather the workload VM and Container deployment requirements.
• Apply or upgrade the Cisco VACS license keys through the Cisco UCS Director User Interface (UI).
For more information about installing the Cisco VACS license, see Installing the CSR1000V License,
on page 19.
• Setup user accounts and groups in Cisco UCS Director.
For detailed information about setting up accounts, see the Cisco UCS Director Administration Guide.
• Set up virtual accounts in Cisco UCS Director.
For detailed information about setting up accounts, see the Cisco UCS Director Administration Guide.
Tasks when you are installing Cisco VACS
• Install the Cisco VACS binary package through the UCS Director UI.
• Apply the CSR 1000V License Token.
• Apply the Cisco VACS patch.
For information about applying the Cisco VACS patch, see Applying the Cisco VACS Patch to the Cisco
UCS Director, on page 22
• Install PNSC and then install Cisco Nexus 1000V through the UCS Director UI.
For more information about installing these components, see Installing Cisco Prime Network Services
Controller, on page 24 and Installing the Cisco Nexus 1000V , on page 29
Cisco Virtual Application Container Services Installation Guide, Release 5.1STV1.0
13
Cisco VACS Installation Task Summary
Cisco VACS Installation Tasks Summary
• Add hosts and migrate the existing VMs to the Cisco Nexus 1000V through the self-service UI.
Cisco Virtual Application Container Services Installation Guide, Release 5.1STV1.0
14
CHAPTER
3
Cisco VACS License
This chapter contains the following sections:
• About Cisco VACS Licenses, page 15
• Installing the CSR1000V License, page 19
About Cisco VACS Licenses
You must obtain a license to use Cisco Virtual Application Container Services (Cisco VACS) from your Cisco
representative or download it from http://www.cisco.com . You must upload the Cisco VACS license file in
Cisco UCS Director. After the license is installed, registered, and validated by Cisco UCS Director, you must
apply the Cisco VACS patch to view the Cisco VACS menu in the UCS-Director UI.
1 Before you install Cisco UCS Director, generate the license key and claim a certificate (Product Access
Key).
2 Register the Product Access Key (PAK) on the Cisco software license site, as described in Fulfilling the
Product Access Key, on page 17.
3 After you install Cisco UCS Director, update the license in Cisco UCS Director as described in Updating
the License.
4 After the license has been validated, you can upload the Cisco UCS Director-Cisco VACS license.
Tip
If you want to evaluate Cisco UCS Director, you must first obtain an evaluation license by contacting
your Cisco representative.
Guidelines and Limitations for Cisco VACS License
The following are the guidelines and limitations for installing a Cisco VACS License.
All UCS Director licenses should be of either EVAL or Production type.
You can use the following combinations to enable the Cisco VACS functionality:
Cisco Virtual Application Container Services Installation Guide, Release 5.1STV1.0
15
Cisco VACS License
Guidelines and Limitations for Cisco VACS License
• EVAL Base + EVAL UCS Director Server + EVAL Cisco VACS
• Production Base+Production Cisco UCS Director Server + Production Cisco VACS
The following combinations do not support the Cisco VACS functionality :
• EVAL Base + EVAL UCSD Server + Production Cisco VACS
• Production Base + Production UCSD server + EVAL Cisco VACS
You can install only one Cisco VACS EVAL license file. There is no limit to install the Cisco VACS Production
licenses. You can install any number of Cisco VACS Production licenses.
For upgrading Cisco VACS from EVAL to Production, you must first install the Cisco UCS Director Production
licenses (Production Base+Production Server) and then install the Cisco VACS Production licenses.
With a single Cisco VACS license, you can deploy five containers.
Cisco VACS does not automatically upgrade your existing Cisco Nexus 1000V licenses to permanent licenses
after moving from Cisco VACS EVAL licenses to Cisco VACS Production licenses. You must install a new
Cisco Nexus 1000V to ensure that it is installed with permanent licenses.
Cisco VACS does not upgrade CSR 1000V licenses to Maximum throughput ( 1Gig ). After installing Cisco
VACS production licenses and providing a token ID, only new CSR 1000Vs deployed as part of new container
deployment, is licensed to have a throughput of 1 Gig.
PNSC does not need any licenses to work with Cisco VACS.
When you upgrade from Cisco VACS EVAL licenses to the Cisco VACS licenses, note the following points:
1 After installing the UCS Director Production Licenses , Cisco VACS EVAL licenses will be invalid.
2 After installing the UCS Director Production licenses, only the Cisco VACS Production licenses are
accepted.
3 After installing Cisco VACS Production Licenses, existing Cisco Nexus 1000V (installed with EVAL
VACS Licenses) will not get perpetual/permanent Cisco Nexus 1000V licenses. In this case, you have to
deploy a new Cisco Nexus1000V (after installing the Cisco VACS Production licenses ), so that new Cisco
Nexus 1000V will have perpetual licenses.
4 CSR 1000V deployed during the Cisco VACS EVAL licenses will come up with default licenses and a
maximum throughput of 50 Mbps.
5 After installing the Cisco VACS Production licenses, the existing CSR 1000V of deployed containers will
not be automatically licensed with permanent licenses . In this case, you have to manually apply licenses
for CSR 1000V to have permanent licenses.
6 After installing the Cisco VACS Production license and keying CSR Token ID, CSR 1000V which are
part of new Container deployment will be licensed with permanent licenses with a throughput of maximum
1 Gbps.
Cisco Virtual Application Container Services Installation Guide, Release 5.1STV1.0
16
Cisco VACS License
Fulfilling the Product Access Key
Fulfilling the Product Access Key
Before You Begin
You need the PAK number.
Step 1
Step 2
Step 3
Step 4
Step 5
Navigate to the Cisco Software License website.
If you are directed to the Product License Registration page, you can take the training or click Continue to Product
License Registration.
On the Product License Registration page, click Get New Licenses from a PAK or Token.
In the Enter a Single PAK or TOKEN to Fulfill field, enter the PAK number.
Click Fulfill Single PAK/TOKEN.
Step 6
Complete the additional fields in License Information to register your PAK:
Step 7
Name
Description
Organization Name
The organization name.
Site Contact Name
The site contact name.
Street Address
The street address of the organization.
City/Town
The city or town.
State/Province
The state or province.
Zip/Postal Code
The zip code or postal code.
Country
The country name.
Click Issue Key.
The features for your license appear, and an email with the Digital License Agreement and a zipped license file is sent
to the email address you provided.
Updating the Cisco UCS Director License
Tip
If you want to evaluate Cisco UCS Director, you must first obtain an evaluation license by contacting
your Cisco representative.
Cisco Virtual Application Container Services Installation Guide, Release 5.1STV1.0
17
Cisco VACS License
Updating the Cisco VACS License
Before You Begin
If you received a zipped license file by email, extract and save the .lic file to your local machine.
Step 1
Step 2
Step 3
Step 4
Choose Administration > License.
Click the License Keys tab.
Click Update License.
In the Update License dialog box, do one of the following:
• To upload a .lic file, click Browse, navigate to and choose the .lic file, and then click Upload.
• For a license key, check the Enter License Text check box and then copy and paste the license key only into the
License Text field. The license key is typically at the top of the file, after Key ->.
You can also copy and paste the full text of a license file into the License Text field.
Step 5
Click Submit.
The license file is processed, and a message appears confirming the successful update.
Note
A minimum of one UCS Director Base and Server license should be present before you install the Cisco VACS
license. For information on how to obtain and install the Base and Server licenses, see the Cisco UCS Director
Installation and Upgrade on VMware vSphere
Updating the Cisco VACS License
Tip
If you want to evaluate Cisco VACS, you must first obtain an evaluation license from the Cisco Sales
Acceleration Center at [email protected].
Before You Begin
Make sure that the Cisco UCS Director Base and Server licenses are installed before installing the Cisco
VACS license. If you received a zipped license file by email, extract and save the .lic file to your local machine.
Step 1
Step 2
Step 3
Step 4
Choose Administration > License.
Click the License Keys tab.
Click Update License.
In the Update License dialog box, do one of the following:
• To upload a .lic file, click Browse, navigate to and select the .lic file, and then click Upload.
• For a license key, check the Enter License Text check box and then copy and paste the license key only into the
License Text field. The license key is typically at the top of the file, after Key ->.
You can also copy and paste the full text of a license file into the License Text field.
Cisco Virtual Application Container Services Installation Guide, Release 5.1STV1.0
18
Cisco VACS License
Installing the CSR1000V License
Step 5
Click Submit.
The license file is processed, and a message appears confirming the successful update.
Note
After the Cisco UCS Director-Cisco VACS license is validated, you must restart Cisco UCS Director to view
the tasks that you can perform to use Cisco Virtual Application Container Services.
Installing the CSR1000V License
You can view the CSR License button after you install the Cisco UCS Director—Cisco VACS license. You
can obtain the CSR license token from your Cisco representative or from the Cisco Smart Licensing Server.
Before You Begin
• You must have installed the Cisco UCS Director—Cisco VACS license.
• Ensure that you meet the relevant system requirements as listed in the System Requirements, on page
9.
• You must have admin privileges.
Step 1
Step 2
Step 3
In the Solutions > VACS Container > Add CSR License.
In the CSR License dialog box, complete the following fields:
Name
Description
CSR License Token field
The CSR license token that you have obtained.
DNS Server IP field
The DNS server IP address.
CSR License Proxy Server IP field (Optional)
The proxy server IP address. The proxy server IP address
is used by the CSR 1000V management IP address to reach
the Cisco Smart licensing server for obtaining licenses.
This field is required only when the CSR management IP
address is private.
CSR License Proxy Server Port field (Optional)
The port number used for connecting to the proxy server.
This field is required only when the CSR management IP
address is private.
Click Submit.
Note
• If the CSR license token is not present, the container deployment will fail.
• When using Cisco VACS in an Evaluation mode, if the CSR License Token is unavailable, you can add
any random characters as the CSR license Token. When you use such random characters, the CSR 1000V
is not licensed, but the container deployment will not fail.
Cisco Virtual Application Container Services Installation Guide, Release 5.1STV1.0
19
Cisco VACS License
Installing the CSR1000V License
Cisco Virtual Application Container Services Installation Guide, Release 5.1STV1.0
20
CHAPTER
4
Installing Cisco VACS Components
This chapter contains the following sections:
• Cisco VACS Installation Sequence , page 21
• Prerequisites for Installing Cisco Virtual Application Container Services, page 22
• Applying the Cisco VACS Patch to the Cisco UCS Director, page 22
• Uploading a Cisco Virtual Application Container Services Package, page 23
• Verifying the Installation of the Cisco Virtual Application Container Services, page 23
• Creating a Virtual Account, page 24
• Installing Cisco Prime Network Services Controller, page 24
• Installing the Cisco Nexus 1000V , page 29
• Adding Hosts to Nexus 1000V DVS, page 34
• Adding Hosts , page 36
Cisco VACS Installation Sequence
After you install the Cisco UCS Director—Cisco VACS license and apply the Cisco VACS patch to the Cisco
UCS Director, you must install and register the following components before you can create the Cisco VACS
application container templates:
• Upload a Cisco Virtual Application Container Services package using Upload VACS Package button.
For information about uploading the packages see the Uploading a Cisco Virtual Application Container
Services Package, on page 23.
• Install Cisco Prime Network Services Controller (PNSC) using Install PNSC action button.
For information about installing Cisco PNSC, see the Installing Cisco Prime Network Services Controller,
on page 24.
• Install Cisco Nexus 1000V using the Install Nexus 1000V action button. Cisco Nexus 1000V is
automatically registered with Cisco UCS Director when you install the switch.
Cisco Virtual Application Container Services Installation Guide, Release 5.1STV1.0
21
Installing Cisco VACS Components
Prerequisites for Installing Cisco Virtual Application Container Services
For information about installing Cisco Nexus 1000V, see Installing the Cisco Nexus 1000V , on page
29.
• Add Cisco Nexus 1000V Virtual Ethernet Module (VEM) using the Add Host action button.
For information about adding hosts see Adding Hosts , on page 36.
Prerequisites for Installing Cisco Virtual Application Container
Services
The installation of the Cisco Virtual Application Container Services has the following prerequisites:
• You have installed Cisco UCS Director Release 5.1or later.
• The setup meets the system requirements with respect to the memory, disk size, and so on.
• You have administrator privileges to install Cisco VACS and the components.
Applying the Cisco VACS Patch to the Cisco UCS Director
Follow this procedure to apply the Cisco VACS patch to the Cisco UCS Director:
Before You Begin
• Download the Cisco VACS patch from http://www.cisco.com.
• Place the software in the FTP or HTTP server that you plan to use to install the Cisco VACS patch.
• If NFS mount is used for application storage, disable it before you apply a patch. If you do not, the
upgrade will fail.
Note
We recommend that you take a snapshot of the VM before you begin the upgrade. If you do this, you do
not need to back up the existing configuration database through an FTP server.
Step 1
Step 2
Start your current version of Cisco UCS Director (Release 5.1).
In the shelladmin, choose Stop services to stop all services.
Step 3
To verify that all services are stopped, choose Display services status.
Step 4
(Optional) If desired, you can choose Backup database to back up the Cisco UCS Director database.
You do not need to back up the database if you took a snapshot of the VM before you started.
Step 5
To apply the Cisco VACS patch, choose Apply patch.
Step 6
When prompted, enter the location of the Cisco VACS patch.
ftp://username:password@hostname|IP_address/software_location_and_name
Note
In this procedure, we are using the FTP option to install the Cisco VACS
patch.
Cisco Virtual Application Container Services Installation Guide, Release 5.1STV1.0
22
Installing Cisco VACS Components
Uploading a Cisco Virtual Application Container Services Package
Step 7
Step 8
Wait for the download and installation to complete.
When prompted, choose Start services to start services and complete the upgrade process.
Note
After you apply the Cisco VACS patch and complete that installation, choose the Start Services option of
ShellAdmin to start/restart the Cisco UCS Director services and complete the patch process. The patch process
is not complete or successful until the Cisco UCS Director services have started, Cisco UCS Director is available,
the login screen is displayed, and the admin user can log in to Cisco UCS Director.
All Cisco UCS Director services must be started before you attempt to perform other shelladmin procedures,
such as apply additional patches, take a database backup, or restore a database from a backup.
Uploading a Cisco Virtual Application Container Services
Package
Before you install any of the components, you must upload the Cisco VACS package to Cisco UCS Director.
Before You Begin
• Install the Cisco VACS license. See Cisco VACS License, on page 15.
Step 1
Step 2
Step 3
From the Cisco UCS Director menu bar, choose Solutions > VACS Container.
The Cisco VACS management task icons appear.
Click Upload VACS Package.
Click Submit.
Verifying the Installation of the Cisco Virtual Application
Container Services
You can verify the installation of the Cisco Virtual Application Container Services using any of the following
methods:
1 Service Requests—To view the progress of the installation using the service request, click Organization
> Service Requests. In the Service Request tab, you can view the Workflow Status or Logs.
2 Verifying the availability of the OVA files in the Cisco UCS Director—To verify if the OVA files exist
in the Cisco UCS Director, From the Cisco UCS Director menu bar, choose Administration > Integration
> User OVF Management.
The User OVF Management window displays the list of available OVA files.
Cisco Virtual Application Container Services Installation Guide, Release 5.1STV1.0
23
Installing Cisco VACS Components
Creating a Virtual Account
Creating a Virtual Account
Step 1
Step 2
From the Cisco UCS Director menu bar, choose Administration > Virtual Accounts.
The Virtual Accounts task icons appear.
Click Add.
The Add Cloud dialog box appears.
Step 3
Choose VMware from the Cloud Type drop-down list.
The Add Cloud entry form window appears.
Step 4
In the Add Cloud entry form window, complete the following mandatory fields:
1 Cloud Name—Enter the cloud name.
2 Server Address—Enter the vSphere server address.
3 Admin Credentials—Enter the administrator credentials. Use the default pod.
Step 5
Click Add and then click OK.
The new virtual account now displays in the Virtual Accounts table.
Installing Cisco Prime Network Services Controller
After a successful installation of the Cisco Virtual Application Container Services license, Cisco UCS Director
enables you to do a new installation of Cisco Prime Network Services Controller (PNSC). PNSC is the policy
manager for virtual security policies for traffic between the virtual machines in one virtual cloud account.
Before You Begin
• Have the administrator privileges to install Cisco Prime Network Services Controller.
• Ensure that PNSC and any associated Cisco Nexus 1000V switches are not installed on the same virtual
account in Cisco UCS Director. PNSC and the Cisco Nexus 1000V must not be pre-installed on the
virtual accounts on which you plan to install these components using Cisco VACS.
• Know the location information (data center and IP address) of the host on which you are deploying the
PNSC.
• Know the virtual machine resources (management port group and data store) for the PNSC virtual
machine.
• Know the DNS and Network Time Protocol (NTP) server information.
Cisco Virtual Application Container Services Installation Guide, Release 5.1STV1.0
24
Installing Cisco VACS Components
Installing Cisco Prime Network Services Controller
• Ensure that the data store has sufficient storage space. For more information, see Hardware Requirements
for Cisco VACS, on page 9
Step 1
Step 2
From the Cisco UCS Director menu bar, choose Solutions > VACS Container.
The Cisco VACS management task icons appear.
Click Install PNSC.
The Install PNSC wizard appears.
Figure 4: Install PNSC Wizard
Step 3
In the Name and Location Specification screen, complete the following fields.
Name
Description
PNSC OVF Path field
The PNSC OVF path automatically populates in this field
if the VACS package was uploaded earlier. If the VACS
package was not uploaded earlier, then the field displays
a message indicating that you need to navigate to the
Binary Package Upload screen to upload the OVF file.
To upload the Binary Package file, navigate to Solutions
> VACS Container > Upload VACS Package > Submit.
Note
You cannot proceed with the installation if the
OVF path is unavailable.
Virtual Account Information
Cisco Virtual Application Container Services Installation Guide, Release 5.1STV1.0
25
Installing Cisco VACS Components
Installing Cisco Prime Network Services Controller
Name
Description
Virtual Account drop-down list
Choose the virtual account for the PNSC installation.
Note
This virtual account can be a vCenter account or
a datacenter in a vCenter account.
PNSC Specification
PNSC Name field
Enter a unique name for the PNSC instance.
Note
The name can be alphanumeric, dashes, and
underscores and must be between 2 to 32
characters.
Admin Password field
Enter the administrator password.
Note
The admin password validation must meet the
below conditions:
• Contains a minimum of eight characters.
• Contains at least three of the following:
1 Lowercase letters
2 Uppercase letter
3 Digits
4 Special characters
• Does not contain a character that is repeated
more than three times consecutively. For
example, aaabbb.
• Is not the user name or the reverse of the user
name.
• Passes a password dictionary check. The
password must not be based on a standard
dictionary word. PNSC uses the standard
Linux open source PAM module.
• Does not contain the following symbols:
dollar sign ($), question mark (?), equals sign
(=).
• The password must not be blank for a local
user and the admin accounts.
Cisco Virtual Application Container Services Installation Guide, Release 5.1STV1.0
26
Installing Cisco VACS Components
Installing Cisco Prime Network Services Controller
Name
Description
Shared Secret field
Enter the shared secret.
The shared secret is used for authenticating control traffic
between the PNSC and the VSM that is involved in
managing security policies for and switching between a
given set of virtual machines.
Note
The shared secret password must contain the strong
password characteristics such as the following:
• At least eight characters.
• Lowercase letters, uppercase letters, digits,
and special characters.
• Does not include characters such as:
1 Consecutive alphanumeric characters,
such as abcd or 1234.
2 Characters repeated three or more times,
such as aaabbb.
3 A variation of the word Cisco , such as
cisco , ocsic , or one that changes the
capitalization of letters in the word Cisco.
4 The username, or the username in
reverse.
5 A permutation of characters present in
the username or Cisco.
• Characters such as, &, ' " `, ( ), < >, |, \, ;, $,
?, and spaces.
IPv4 Address field
Enter the management IP address that is configured on the
PNSC instance.
Note
The IPv4 address must have the following
characteristics:
• The first octet: can be between 1-224 (no ‘0'
and greater than 224)
• Must have the same subnet with the IPv4
Gateway field.
IPv4 Address Subnet Mask field
Enter the netmask address. For example, 255.255.255.0.
IPv4 Gateway Address field
Enter the default gateway.
Cisco Virtual Application Container Services Installation Guide, Release 5.1STV1.0
27
Installing Cisco VACS Components
Installing Cisco Prime Network Services Controller
Step 4
Step 5
Click Next.
In the Placement and Network Specification screen, complete the following fields.
Name
Description
Networking
DNS IPv4 field
Enter the DNS server IPv4 address.
DNS Hostname field
Enter a unique DNS hostname for the PNSC.
Note
The DNS hostname must contain the following
characteristics:
• Must be at least 2 characters, no more than
24 characters.
• Must contain an alphanumeric and a hyphen.
• Must not start with a digit.
• Must not start or end with a hyphen.
DNS Domain Name field
Enter a DNS domain name.
Note
This name should be a string value from 2 to 256
characters.
NTP IPv4 Server field
Enter the NTP server IPv4 address.
Placement Details Information
Step 6
Step 7
Datacenter drop-down list
Choose the datacenter of the host on which the PNSC
virtual machine must be deployed.
Note
Clusters are not supported in this
release.
Host/Cluster drop-down list
Choose the host from the available hosts in the datacenter.
Management Network drop-down list
Choose the port group to which the PNSC's Management
network should be mapped.
Datastore drop-down list
Choose the datastore.
click Next.
In the Install PNSC Summary screen, verify the details of the installation. If the details are correct, click Submit.
Otherwise, click Back to go back to a previous step and modify the details.
After clicking Submit, a dialog box that appears , displays a service request number that can be used to track the progress
of the workflow, as described in the next step.
Cisco Virtual Application Container Services Installation Guide, Release 5.1STV1.0
28
Installing Cisco VACS Components
Installing the Cisco Nexus 1000V
If the PNSC installation fails, there is an automatic rollback to clean up the installation. If PNSC installation is successful,
but the PNSC registration to the VC, UCS Director fails, then automatic rollback are not done. However, you can re-submit
the failed workflow to register the PNSC again.
To re-submit the workflow, perform the following steps:
1 Correct the cause of the errors.
2 Click the service request ID of the workflow.
3 Choose Resubmit Request.
4 Choose the Register PNSC task.
Step 8
Step 9
View the progress of the installation and deployment of PNSC by choosing the Organization > Service Requests. In
the Service Request tab, you can view the Workflow Status or Logs to determine the status of the installation and
troubleshoot problems.
(Optional) If the PNSC installation fails, you can manually recover the partial or an unsuccessful installation. To manually
recover the installation, see Removing a PNSC Installation Manually, on page 44.
Installing the Cisco Nexus 1000V
After successfully installing PNSC, the Cisco VACS solution enables you to install a Cisco Nexus 1000V
switch. You can install multiple Cisco Nexus 1000V switches, and each of these instances are registered with
PNSC that was installed by the Cisco VACS solution.
Note
1 Cisco Nexus 1000V will be licensed with 1024 licenses of the Stingray Package.
In the EVAL period, the expiry date of Cisco Nexus 1000V will be same as that of the EVAL VACS
license expiry. In case of Cisco Nexus 1000V created after installing the VACS Production licenses,
there will not be any expiry (permanent) for the Cisco Nexus 1000V.
2 In case of upgrading the EVAL Cisco VACS license to the Production Cisco VACS license, an existing
Cisco Nexus 1000V will not be automatically licensed to a permanent licenses.
Before You Begin
• You must be a system administrator with full privileges to perform this task.
• Set aside an IP address, each for the VSM and the Cisco Virtual Switch Update Manager (Cisco VSUM)
which is the Nexus 1000V Installer.
• Set aside virtual machine resources (port groups resource pools, folders, and datastores) for the installer
virtual machine, the primary VSM, and the secondary VSM.
• Each VSM (primary and secondary) must have the following minimum system requirements:
◦2 vCPUs, 2 GHz
◦4 GB memory
Cisco Virtual Application Container Services Installation Guide, Release 5.1STV1.0
29
Installing Cisco VACS Components
Installing the Cisco Nexus 1000V
◦3 GB storage space
• The Cisco VSUM must have the following minimum system requirements:
◦2 vCPUs
◦4 GB memory
◦80 GB storage space
• Reserve a unique numeric domain ID for the Cisco Nexus1000V switch.
• Record the Network Time Protocol (NTP) server information.
Step 1
Step 2
From the Cisco UCS Director menu bar, choose Solutions > VACS Container.
The Cisco VACS management task icons appear.
Click Install Nexus 1000V.
The Install Nexus 1000V wizard appears.
Figure 5: Install Nexus 1000V Wizard
Step 3
In the Name and Location Specification screen, complete the following fields, and then click Next :
Cisco Virtual Application Container Services Installation Guide, Release 5.1STV1.0
30
Installing Cisco VACS Components
Installing the Cisco Nexus 1000V
Name
Description
VSUM OVF Path field
The VSUM OVF path automatically populates in this field
if the VACS package was uploaded earlier. If the VACS
package was not uploaded earlier, then the field displays
a message indicating that you need to navigate to the
Binary Package Upload screen to upload the OVF file.
Note
Virtual Account drop-down list
You cannot proceed with the installation if the
OVF path is unavailable.
Choose the name of the cloud account that you want to
install the VSUM (installer VM) and the Cisco Nexus
1000V VSMs.
After you select the cloud account, the IP address of the
PNSC version that you earlier installed is displayed below
this field. If you have not installed PNSC earlier, then you
get an error message indicating that the PNSC server is not
found and you are not allowed to proceed with the
installation.
Installer Name field
Step 4
Enter a unique name for the Cisco Virtual Switch Update
Manager.
Note
The name of the installer can be an alpha-numeric
value, from 2 to 256 characters long.
In the Placement and Network Specification screen, complete the following tasks, and then click Next:
Name
Description
Placement Details
Datacenter drop-down list
Choose the VMware datacenter to install the Cisco Virtual
Switch Update Manager.
Host IP Address drop-down list
Choose the IPv4 address of the ESX host for placing the
Cisco Virtual Switch Update Manager.
Management Network drop-down list
Choose the port group details for this installer. Ensure that
this port group provides reachability to the IP address that
you will provide for the VSUM VM later in the installation
process.
Datastore drop-down list
Choose the datastore.
Network Properties Information
IPv4 Address field
Enter the IPv4 address of the Cisco Virtual Switch Update
Manager. This IPv4 address must be accessible through
the port group that you previously chose.
Cisco Virtual Application Container Services Installation Guide, Release 5.1STV1.0
31
Installing Cisco VACS Components
Installing the Cisco Nexus 1000V
Step 5
Name
Description
IPv4 Subnet Netmask field
Enter the netmask address. For example, 255.255.255.0.
Default Gateway IPv4 field
Enter the default gateway.
In the VSM Deployment Information screen, complete the following tasks and then click Next:
Name
Description
VSM Deployment Information
Step 6
Deployment Type field
The Cisco Nexus 1000V is deployed in the High
Availability (HA) mode by default.
Firmware Version field
The firmware version of the VSM. The default version is
5.2(1)SV3(1.1).
VSM Datacenter drop-down list
Choose the VSM datacenter for deploying the VSM VMs.
This is also the datacenter in which the Cisco Nexus 1000V
Distributed Virtual Switch will be created.
In the VSM Host Selection screen, complete the following tasks and then click Next:
Name
Description
Primary VSM Host
Primary IP Address drop-down list
Choose the host on which the primary Cisco Nexus 1000V
VSM will be placed.
Note
Clusters are not supported in this
release.
Primary Datastore drop-down list
Choose the datastore to use for the primary VSM.
The list contains the datastores that are on host of the
primary Cisco Nexus 1000V VSM.
Secondary VSM Host
Step 7
Secondary IP Address drop-down list
Choose the host on which the secondary Cisco Nexus
1000V VSM will be placed.
Secondary Datastore drop-down list
Choose the datastore for the secondary VSM.
In the VSM Port Group screen, complete the following tasks and then click Next:
Cisco Virtual Application Container Services Installation Guide, Release 5.1STV1.0
32
Installing Cisco VACS Components
Installing the Cisco Nexus 1000V
Name
Description
Port Group Information
Step 8
Control Interface Portgroup drop-down list
Choose the control interface portgroup of the VSM.
Management Interface Portgroup drop-down list
Choose the management interface portgroup of the VSM.
Packet Interface Portgroup drop-down list
Choose the packet interface portgroup of this VSM.
Note
For more information on the port groups, see the http:/
/www.cisco.com/c/en/us/support/switches/
nexus-1000v-switch-vmware-vsphere/
products-installation-and-configuration-guides-list.html
In the SVS Domain and Server Setup Specification screen, complete the following tasks and then click Next.
Name
Description
SVS Domain Setup
Domain ID field
Enter a unique ID for the SVS domain. The domain ID
must be unique across all of the Cisco Nexus 1000V virtual
switches in your datacenter.
Note
Valid range for the domain ID is between 1 to
1023.
NTP and PNSC Setup
Step 9
NTP Server IP field
The IP address of the NTP server is automatically populated
with the IP address of the NTP that was provided during
the PNSC installation. This is a non-editable field.
PNSC Server IP field
The IP address of the PNSC server is automatically
populated with the IP address of the PNSC server that was
provided during the PNSC installation. This is a
non-editable field.
In the VSM Profile Specification screen, complete the following tasks and then click Next.
Name
Description
VSM Profile
IPv4 Address field
Enter the management IP address that you want to configure
on the VSM.
Subnet Mask field
Enter the netmask address. For example, 255.255.255.0.
Gateway IP Address field
Enter the gateway IPv4 address.
Cisco Virtual Application Container Services Installation Guide, Release 5.1STV1.0
33
Installing Cisco VACS Components
Adding Hosts to Nexus 1000V DVS
Name
Description
Distributed Virtual Switch Name field
Enter a unique name for the switch. The name can be an
alpha-numeric value, from 2 to 32 characters long.
User and Password
Step 10
User Name field
User name is set to admin by default and cannot be
changed.
Password field
Enter the password for associated with the VSM profile.
The password must contain at least 1 uppercase letter, 1
lowercase letter, and 1 numeric digit, and must be value
between 8 to 64 characters long.
In the Install Nexus1000V Summary screen, verify the details of the installation. If the details are correct, click Submit.
Otherwise, click Back to go back to a previous step and modify the details.
After clicking Submit, a dialog box shows a service request number that can be used to track the progress of the Workflow,
as described in the next step.
If the VSUM installation fails, there is an automatic rollback to clean up the installation. If VSUM installation is successful,
but the VSM deployment fails, then only the VSM is automatically rolled back to clean up the VSM installation. If the
VSM are also deployed successfully but the VSM configuration tasks fails, then an automatic rollback does not occur.
You must re-submit the workflow to reconfigure the VSM.
To re-submit the workflow, perform the following steps:
1 Correct the cause of the errors.
2 Click the service request ID of the workflow.
3 Choose Resubmit Request.
4 Choose the Config VSM task.
Step 11
Step 12
View the progress of the installation and deployment of the VSM by clicking on the Organization > Service Requests.
In the Service Request tab, you can view the Workflow Status or Logs to determine the status of the installation and
troubleshoot problems.
(Optional) If the installation of Cisco Virtual Switch Update Manager (VSUM) for Cisco VACS fails, you can manually
remove the partial installation or unsuccessful installation. To manually remove the installation, see the Removing a
Cisco Virtual Switch Update Manager Installation Manually, on page 43.
Adding Hosts to Nexus 1000V DVS
Adding hosts to Nexus 1000V DVS is a complex operation. This section describes the scope of the Add Hosts
wizard and how to translate your intended usage into proper choices.
Adding a host requires the following :
Cisco Virtual Application Container Services Installation Guide, Release 5.1STV1.0
34
Installing Cisco VACS Components
Adding Hosts to Nexus 1000V DVS
• Specifying a Nexus 1000V DVS and the host that is being added to it.
• Using a port profile editor to view the existing port profiles and to create new port profiles in case the
existing ones are inadequate for your purpose. For an overview of the Cisco Nexus1000V port profiles,
see the http://www.cisco.com/c/en/us/td/docs/switches/datacenter/nexus1000/sw/5_2_1_s_v_3_1_1/
port_profile/config/b_Cisco_N1KV_VMware_Port_Profile_Config_521SV311.html
• Selecting one or more physical interfaces of the host to migrate to the virtual switch and attaching the
right port profile to each one.
• Establishing a VM kernel NIC for Cisco Nexus1000V control traffic.
• Creating one or more (upto a maximum of four) VM kernel NICs for VXLAN encapsulation. In VXLAN
terminology, these VM Kernel NICs serve the role of VTEPs, which are the VXLAN Tunnel End Points.
• Optionally migrating some or all of the Nexus 1000V DVS that may already be present on the host.
Once you name the virtual account for the deployment and select the specifications from the corresponding
drop-down lists, the virtual switch and host specifications get created. Port profiles are an abstraction that
stands for a set of port level network attributes. They come in the following two flavors :
1 Physical port profiles
These contain attributes relevant to the physical interfaces. You can set up a physical port profile to carry
multiple VLANs. One of these vlans must be designated as the native VLAN. Traffic on the native VLAN
travels on the wire, without 802.1Q encapsulation. A virtual port profile for the purposes of the 'Add Host'
wizard can carry traffic on just one VLAN. For any virtual interface, irrespective of whether it is the
interface of a VM or a VM Kernel NIC, you can associate a particular virtual port profile only if the VLAN
it specifies, has been included in one of the physical port profiles associated with one of the physical
interfaces. The VLAN associated with any virtual interface on a host must be carried on one of the physical
interfaces of that host. Since the Cisco VACS containers may dynamically create any VLAN in a VLAN
pool or an IP pool, a simple rule to follow is to make sure that all VLANs that feature in any VLAN pool
or static IP pool are included in at least one physical interface on each host.
For example, if you want to create a VLAN pool of VLANs 300 through 400 for container usage. If all
the management interfaces are assigned IP addresses in subnets carried on VLANs 100 through 110, and
that the external interfaces of all containers connect to upstream routers on SVIs on VLANs 120 through
130, then you must create a port profile carrying the VLANs {100-110, 120-130, 300-400} and associate
it with the physical interfaces that you select for migration on any given host. Alternatively, you can create
two port profiles P1 and P2, where P1 carries VLANs 100-130 and P2 carries VLANs 300-400 and associate
P1 with one physical interface and P2 with another. The VLANs on any one interface do not matter, but
the union of the VLAN sets that matter.
Physical port profiles also specify if the interfaces that they attach to form a logical bundle and if they do,
whether it is a bundle of type '5 tuple hash-based static portchannel' or of type 'MAC Pinning'. For an
understanding of what these interface types are, see the http://www.cisco.com/c/en/us/td/docs/switches/
datacenter/nexus1000/sw/5_2_1_s_v_3_1_1/interfaces/config/
b_Cisco_N1KV_VMware_Interface_Config_521SV311/b_Cisco_Nexus_1000V_Interface_Configuration_
Guide_Release_4_2_1_SV_2_2_1_chapter_0110.html
2 Virtual port profiles
These contain attributes suitable for VMs or VM Kernel NICs. Control VM Kernel NICs are logical
interfaces, where each interface resides on each of the host that serve to exchange management and control
traffic with the VSM module of the virtual switch. A control VM Kernel NIC must be assigned an IP
address and the VLAN on which the corresponding subnet is located. The simplest way is to specify
migrating the pre-existing management VM Kernel NIC (usually named vmk0). Alternatively you can
Cisco Virtual Application Container Services Installation Guide, Release 5.1STV1.0
35
Installing Cisco VACS Components
Adding Hosts
create a VM Kernel NIC expressly for this purpose. If you exercise the latter option, make sure that these
specifically created VM Kernel NICs necessarily belong to the same VLAN and have IP addresses in the
same subnet as the management interface of the VSM module. It is not necessary to ensure this when you
are simply choosing to use the management VM Kernel NIC as the control VM Kernel NIC.
You must follow this simple rule for creating VTEP VM Kernel NICs. If the physical interfaces of a host
are not in a MAC pinning mode port channel, a single VTEP NIC suffices. If they are in MAC Pinning
mode, you can create as many VTEP VM Kernel NIcs as the number of physical interfaces being migrated
on that host. Moreover, all VTEP NICs on all hosts in a single virtual switch must be in the same VLAN
and the same subnet.
The Cisco VACS Add Host wizard will try to restrict you to legitimate choices. For instance, it will try to
detect which VLAN is native on each physical interfaces that you want to migrate. It will also try to discover
which VLAN the management VMKernel NIC is on in case you choose to re-use it as the control VM Kernel
NIC. However there are times when these automatic discovery attempts can fail. You must ensure correct
choices for native VLANs of the physical interfaces as well as the VLAN for the control VM Kernel NIC.
Adding Hosts
After a successful installation of the Cisco Virtual Application Container Services license and Cisco Nexus
1000V, you can install Cisco Nexus 1000V Virtual Ethernet Module (VEM) for a VMware ESXserver .
Note
Rollback recovery is not supported for the Add Host operation.
For this release, Cisco VACs allows you to add only one host at a time to the Nexus1000 1000V DVS.
Before You Begin
Before beginning the Cisco Nexus 1000V VEM software installation, you must know or do the following:
• The following are the disk and memory usage for the VEM software on an ESX/ESXi host:
• 6.5 MB of disk space
• Maximum of 4 GB of RAM when all Cisco Nexus 1000V features are activated.
Step 1
Step 2
From the Cisco UCS Director menu bar, choose Solutions > VACS Container.
The Cisco VACS management task icons appear.
Click Add Host.
Cisco Virtual Application Container Services Installation Guide, Release 5.1STV1.0
36
Installing Cisco VACS Components
Adding Hosts
The Add Host wizard appears.
Figure 6: Add Host Wizard
Step 3
Step 4
In the Host Location Specification screen, complete the following tasks and then click Next :
Name
Description
Virtual Account drop-down list
Choose the name of the virtual account.
Datacenter drop-down list
Choose the datacenter where the host is present.
Nexus 1000V Switch drop-down list
Choose a Cisco Nexus 1000V DVS to add the hosts.
Host drop-down list
Choose the host that you want to add.
In the Port Profle Configuration screen, review the port profiles that can be used by the physical interfaces (PNIC) or
the virtual interfaces (VNIC).
Note
Only those port profiles that have Exists?=no can be modified. The port profile with Exists?=yes are those that
are already available on the VSM and cannot be modified.
The Port Profle Configuration screen allows you to create or examine port profiles. These port profiles are applied to
the physical interfaces that you want to add to the virtual switch or to the virtual interfaces of the virtual machines. The
table on the screen displays the previously-created port profiles for examination and also displays some suggested port
Cisco Virtual Application Container Services Installation Guide, Release 5.1STV1.0
37
Installing Cisco VACS Components
Adding Hosts
profiles that are deemed suitable for this particular host. Only the newly suggested port profiles can be modified. Port
profiles that are being newly created can be deleted from the list if necessary.
After you finish managing the set of port profiles, you will be prompted to apply the port profiles to the physical interfaces
of the host or to virtual machines that are already on the host that you want to migrate to the Cisco Nexus 1000V. Any
newly created port profiles in this list that are not assigned to any interface—physical or virtual—will not be persistent
in the switch.
For Ethernet port profiles, only static port channel and virtual port channel host mode (vPC -HM) is supported.
The list of port profiles is displayed. You can modify or delete the suggested port profiles, or add new port profiles. If
you want to add more port profiles, click + and fill in the following details in the Add Entry to Port Profile screen. If
you want to modify an existing port profile, then select the appropriate port profile and click the edit (pencil) icon which
is located next to + and modify the existing fields.
The Port Profile wizard appears.
Step 5
In the Port Profle Configuration screen, review or complete the following fields:
Field
Description
Profile Name field
Enter a unique name for the port profile. The valid range
is from 2 to 32.
Port Profile Specification
Physical Interface checkbox
Check this checkbox to indicate that this port profile is
intended for use with the physical interfaces of the host.
Uncheck the checkbox to indicate that the port profile is
meant for use with one or more virtual interfaces.
By default, this checkbox is unchecked.
Data Capable checkbox
Check this checkbox to indicate that the port profile is data
capable. A data capable port profile is applied to those
physical interfaces that carry all of the container traffic.
This distinguishes such a port profile from one that is only
applied to physical interfaces and is intended for other
traffic classes, such as vMotion traffic, host management
traffic, and storage traffic. You can combine all of the
traffic classes on the same set of physical interfaces, in
which case those interfaces would use the port profiles that
are marked as data capable.
In every host, there must be exactly one physical port
profile in use that is marked data capable.
Cisco Virtual Application Container Services Installation Guide, Release 5.1STV1.0
38
Installing Cisco VACS Components
Adding Hosts
Field
Description
VLANs field
Enter a VLAN list as a comma-separated list of numeric
IDs and numeric ID ranges. For example,
"1,3,5-8,6-9,11,20-30". The valid range is 1 to 3967 and
4048 and 4093.
A port profile with the Physical Interface checkbox
checked, can and usually carry multiple VLANs in a list.
Port profiles for virtual machines only carry a single
VLAN. Attempting to assign a list to a port profile with
the Physical Interface checkbox unchecked results in an
error.
You must include any VLANs that you plan to use for
management IP pools, uplink IP pools and workload VM
VLANs to the list of allowed VLANs for the port profile(s)
assigned to Ethernet interface(s) of the host being added.
Native VLAN field
If you check the Use for physical interfaces checkbox,
you can enter the Native VLAN ID for this port profile.
This field is pre-populated with a value of 1.
Note
Channel Group MacPinning checkbox
The valid range is 1 to 3967 and 4048 and
4093.
Check this checkbox to enable channel group MacPinning.
If unchecked, all of the interfaces to which this port profile
is applied form a static port channel.
Note
By default, the MacPinning is enabled and the
checkbox is checked.
Click Submit. Repeat this entire step for all of the port
profiles that need modification or for adding new port
profiles, both for physical as well as virtual machine port
profiles.
Click Next on the Port Profile Configuration screen after
you have modified or added all of desired the port profiles.
Step 6
In the Physical NIC Migration Configuration screen, you can select the PNIC you want to attach to the Cisco Nexus
1000V switch. If you want to modify the attributes of a PNIC, click on any of the PNICs and complete the following
tasks, and then click Next:
Field
Description
Select PNIC to Migrate
Cisco Virtual Application Container Services Installation Guide, Release 5.1STV1.0
39
Installing Cisco VACS Components
Adding Hosts
Field
Description
Migration checkbox
Check the checkbox to enable the migration of the PNIC
to the Cisco Nexus 1000V.
Note
By default, all the PNICs are set to true for the
migration. You can uncheck the checkbox to not
migrate the PNIC to the Cisco Nexus 1000V
DVS Host field
This display-only field shows the IP address of the host
that you are adding.
Label field
This display-only field shows the interface name.
Port Profile drop-down list
Choose the port profile from the list of port profiles that
are associated to the physical interfaces.
Source vSwitch field
This display-only field shows the virtual switch with which
the interface is currently associated.
Click Submit.
Step 7
In the L3 Control VM Kernel NIC Specification screen, complete the following tasks and then click Next:
Each host in a Cisco Nexus 1000V virtual switch must set up a virtual kernel NIC (vmknic) to carry the control protocol
between the host software and the VSM. In Cisco Nexus 1000V terminology, this vmknic is referred to as the L3 control
vmknic of the host. This screen enables you to set up and configure the L3 control vmknic for the host.
Name
Description
VM Kernel NIC Migration Specification
Name field
This field is pre-populated with the name of the host.
Label field
This field is pre-populated with the name of virtual interface
that is currently used by the host for management traffic,
such as ssh.
Source vSwitch field
This field specifies with which virtual switch this vmknic
is currently associated.
L3 Control VM Kernel NIC Migration Selection
Cisco Virtual Application Container Services Installation Guide, Release 5.1STV1.0
40
Installing Cisco VACS Components
Adding Hosts
Name
Description
Use Management VM kernel NIC for L3 Control
checkbox
Check this checkbox to use the vmknic listed above as the
control vmknic for this host. Otherwise, uncheck the
checkbox . Upon unchecking the checkbox, Cisco VACS
will create a new L3 control vmknic and you must provide
the following additional information:
• VLAN drop-down list—Choose a VLAN to use with
the L3 control vmknic. The list contains only those
VLANS that were added to the physical port profiles
and are mapped to the PNICs in the earlier screens.
• IPv4 Address field—Enter the IPv4 address of the
VM kernel NIC.
• IPv4 Subnet Mask field—Enter the IPv4 address of
the VM kernel NIC.
The checkbox is checked by default.
Step 8
In the VXLAN VTEP Interfaces screen, click + to add entries to the list of VXLAN VTEP interfaces list, and then click
Next:
VXLAN operation requires that each host have one or more Virtual Tunnel End Points (VTEPs). These are represented
as vmknics. If the host has data-capable physical interfaces configured in a static port channel mode, then a single VTEP
suffices. If the host has one or more physical interfaces configured using the Mac Pinning configuration, then the user
can accordingly create as many VTEPs as there are physical interfaces in the MAC pinning configuration. Creating fewer
VTEPs results in underutilization of the physical bandwidth that is available to the host.
Name
Description
Add Entry to VTEP Interfaces
IPv4 Address field
Enter the IPv4 address of the VXLAN VTEP.
IPv4 Subnet Mask field
Enter the subnet mask IPv4 address .
VLAN drop-down list
Choose a VLAN that will receive and transmit all VXLAN
encapsulated frames. The list contains only those VLANS
that were added to the physical port profiles and are mapped
to the PNICs in the earlier screens.
Click Submit.
Cisco Virtual Application Container Services Installation Guide, Release 5.1STV1.0
41
Installing Cisco VACS Components
Adding Hosts
Note
Step 9
You can create a maximum of four VXLAN VTEP interfaces to add to the list of interfaces. After you add the
first interface, you have to enter only the new IPV4 address to create additional interfaces. All other information
is shared between the interfaces.
If you want to change the VLAN or subnet mask of the VTEPs, then you must select the first VTEP that you
added, click the Edit button at the top of the table, and then change the fields. All of the VTEPS in the table
will be changed.
In the VM Migration Configuration screen, select the VM NIC to migrate and click Next. If you want to edit an entry,
click the Pencil icon and complete the following tasks in the Edit VM NICs to Migrate screen:
Field
Description
Select a VM to Migrate
Name field
This display-only field shows the name of virtual machine
that is being migrated.
Migration checkbox
The checkbox is unchecked by default. Check the checkbox
to migrate the virtual machine to the Cisco Nexus 1000V
DVS.
Port Profile drop-down list
Choose the port profile for the virtual machine to migrate.
Only the virtual port profiles that were displayed or created
in the Port Profile Configuration screen are listed in this
drop-down list.
Source vSwitch field
This display-only field shows the virtual switch with which
the virtual machine is currently associated.
Click Next.
If there are only fresh hosts, this list is empty. This list will be populated with VMs only when a host is previously
used and it has VMs that you want to migrate.
In the Add Host Summary Information screen, verify the details of the host added. If the details are correct, click
Submit. Otherwise, click Back to go back to a previous steps and modify the details.
After clicking Submit, a pop-up window appears that shows a service request number that can be used to track the
progress of the Workflow, as described in the next step.
Note
Step 10
Step 11
Step 12
You can view the progress of adding hosts, by clicking on the Organization > Service Requests. In the Service Request
tab, you can view the Workflow Status or Logs to determine the status of the installation and troubleshoot problems.
(Optional) If the host addition fails, you can manually remove the partial or an unsuccessful host addition. To manually
remove the hosts added, see the Removing the Hosts Manually, on page 45.
Cisco Virtual Application Container Services Installation Guide, Release 5.1STV1.0
42
CHAPTER
5
Troubleshooting Installation Issues
This chapter contains the following sections.
• Removing a Cisco Virtual Switch Update Manager Installation Manually, page 43
• Removing the Cisco Nexus 1000V VSM Manually, page 44
• Removing a PNSC Installation Manually, page 44
• Removing the Hosts Manually, page 45
• Deleting a Database Entry From UCS Director Database Table, page 45
• Error Messages, page 46
Removing a Cisco Virtual Switch Update Manager Installation
Manually
Use the following procedure to manually remove Cisco Virtual Switch Update Manager while installing the
Cisco Nexus 1000V for Cisco VACS.
Step 1
Delete the database entry for the respective <vsum-vm-name> from the UCSD (Cisco UCS Director) table
‘STINGRAY_AJAX_DATA’.
Delete the <vsum-vm>. For detailed instructions about deleting a database entry, see Deleting a Database Entry From
UCS Director Database Table, on page 45.
Step 2
Delete the extension - 'com.cisco.n1kv.headless' from the vCenter Server MOB from https://<vcenter-server-ip>/mob
and click Content > Extension Manager.
Click UnregisterExtension and add the Extension key Value = com.cisco.n1kv.headless.
Power off the <vsum-VM> from the vSphere Client and delete it.
Step 3
Step 4
Cisco Virtual Application Container Services Installation Guide, Release 5.1STV1.0
43
Troubleshooting Installation Issues
Removing the Cisco Nexus 1000V VSM Manually
Removing the Cisco Nexus 1000V VSM Manually
Use the following procedure to manually remove a Cisco Nexus 1000V VSM.
Step 1
From the Cisco Nexus 1000V console, execute the following commands:
n1k-dvs-name# configure terminal
n1k-dvs-name(config)#svs connection vCenter
n1k-dvs-name(config-svs-conn)#no vmware dvs
This will remove the DVS from the vCenter Server and any associated port-groups. Do you really want
to proceed(yes/no)? [yes] yes
n1k-dvs-name(config-svs-conn)#no connect
n1k-dvs-name(config-svs-conn)#end
n1k-dvs-name#copy running-config startup-config (optional)
Step 2
Step 3
Power off the primary and secondary VSM VMs from the vSphere Client and delete both the VMs.
Delete the database entry for the respective <Nexus1000V-dvs-name> from the Cisco UCSD table
STINGRAY_AJAX_DATA.
To delete the database entry, see Deleting a Database Entry From UCS Director Database Table, on page 45.
Step 4
Select the entry for the respective <Nexus1000V dvs> from Cisco UCS Director UI from Administration > Physical
Account > Manage Network Elements and click Delete Nework Element.
Removing a PNSC Installation Manually
You can manually remove an unsuccessful or a failed PNSC installation using the following steps.
Step 1
Delete the database entry for the <pnsc-vm-name> you want to delete, from the UCSD table STINGRAY_AJAX_DATA.
To delete the database entry from the UCS Director database table, see Deleting a Database Entry From UCS Director
Database Table, on page 45.
Step 2
From the UCS Director UI, delete the entry for the respective <pnsc-name> from Administration > Physical Account
> Multi Domain Managers.
Select the particular PNSC entry that you want to delete from the table and click Delete.
Power off the PNSC-VM from the vSphere Client and delete the VM.
Step 3
Step 4
Cisco Virtual Application Container Services Installation Guide, Release 5.1STV1.0
44
Troubleshooting Installation Issues
Removing the Hosts Manually
Removing the Hosts Manually
Use the following procedure to manually remove the hosts added to the Cisco Nexus 1000V distributed virtual
switch (DVS).
Step 1
If not already added, add a physical NIC or VMNIC to the vSphere Standard Switch and navigate to vSphere Standard
Switch.
Attention
This step is applicable only if one physical NIC or VMNIC is migrated to the N1KV DVS. If more than a
physical NIC or VMNIC is migrated to the Cisco Nexus 1000V DVS, then skip to Step 3.
Step 2
Step 3
Select the Physical NIC or VMNIC from Properties > Network Adapters > Add.
Migrate the VMNIC back to the vSwitch.
Note
You must select the right VLAN ID that facilitates management connectivity.
Step 4
In the vSphere Distributed Switch, navigate to Manage Virtual Adapters and select the management VMKNICs and
click Migrate. Choose the appropriate vSphere Standard Switch and the port-group that facilitates management
connectivity, and proceed with the migration.
To remove the remaining VMKNICs , navigate to the Manage Virtual Adapters in the vSphere Distributed switch and
select the appropriate virtual adapter and click Remove.
To move all virtual machines from Cisco Nexus 1000V to vSwitch, select the VM and navigate to Edit Settings and
change the network adapter's port group mapping to a port-group on the VMware Standard vSwitch.
To remove the host from the distributed virtual switch, perform the following steps:
a) In the Networking sub menu, select the Nexus 1000V DVS from the left panel.
b) From the Hosts tab on the right panel, select the particular host to be deleted.
c) Right click and select Remove from the vSphere Distributed Switch.
Note
These steps ensure that all the PNICs associated with the DVS are removed and are made available.
Step 5
Step 6
Step 7
Step 8
To remove the VIB from the host, move the host to maintenance mode and SSH to the host and execute the following
command : esxcli software vib remove -n cisco-vem-v170-esx
Deleting a Database Entry From UCS Director Database Table
Step 1
Log on to Cisco UCS Director as root user and enter mysql --user=admin --password=<ucsd db password> <db-name>
to access the UCS Director database .
Example:
e.g.
mysql --user=admin --password=password db_name
Step 2
Enter the following SQL query to delete a database entry from the UCS Director database table:
DELETE FROM <table_name>
WHERE <some_column>=<some_value>;
Cisco Virtual Application Container Services Installation Guide, Release 5.1STV1.0
45
Troubleshooting Installation Issues
Error Messages
e.g.
DELETE FROM STINGRAY_AJAX_DATA
WHERE VMNAME = ’vsum_vm’;
Error Messages
This section describes the errors that may be encountered when working with the Add Host operation in the
Cisco VACS and the corresponding solutions to these errors.
Error Message
Cause/Resolution
vm_kernel_IP_in_use VSUM Error Message : null
Change the VMKNIC IP (L3 or vteps) and submit
the Add-host operation.
virtualNIC_dendency_on_PNIC, VSUM Error
Message : null
There was a VM template using VM network pg on
that vSwitch, when the user tries to migrate the pnic,
mapped to vswitch to dvs, ajax throws an error.
Vlans_not_backed, VSUM Error Message : null
For subsequent hosts, re-using existing (Exists?=yes)
ethernet port profile but the L3 control or vteps VLAN
is different.
VSM_operation error, VSUM Error Message : nul
Some of the configuration commands have failed on
the Nexus 1000V . Log in to Nexus 1000V and check
the accounting log. The show accounting log will
show some commands as 'FAILURE'.
Cisco Virtual Application Container Services Installation Guide, Release 5.1STV1.0
46
CHAPTER
6
FAQs
This chapter contains the following sections.
• FAQs about Cisco VACS Installation , page 47
• Cisco VACS License FAQs, page 50
FAQs about Cisco VACS Installation
• General Installation
General Installation
Q. I have an existing Cisco Nexus 1000V in my datacenter. Do I still need to install Cisco Nexus 1000V for
Cisco VACS?
A. Yes, you have to install Cisco Nexus 1000V for Cisco VACS using the Cisco VACS solution UI in Cisco
UCS Director.
Q. I have an existing Cisco Prime Network Services Controller (PNSC), Cisco Nexus 1000V and Cisco VSUM
in my datacenter. Can I reuse them ?
A. No, you cannot reuse the Cisco VACS components. You have to install the components using the Cisco
VACS solution UI in Cisco UCS Director.
Q. Can I install the Cisco VACS solution on Cisco UCS Director 4.x and earlier versions?
A. No. The Cisco VACS solution requires Cisco UCS Director version 5.1 or later.
Q. Can I migrate the existing Virtual Machines (VM) to the Cisco Nexus 1000V installed by Cisco VACS ?
A. Yes, but you cannot use them as part of a Cisco VACS container. However, you can create a VM template
of an existing VM and use the same in the Cisco VACS containers.
Q. Do I need to follow a specific sequence for installing the Cisco VACS infrastructure components?
Cisco Virtual Application Container Services Installation Guide, Release 5.1STV1.0
47
FAQs
FAQs about Cisco VACS Installation
A. Yes. Install the Cisco VACS sequence in the following order :
1 Add CSR License
2 Upload VACS Package
3 Install PNSC
4 Install Cisco Nexus 1000V
5 Add Host
Q. Are there any recommendations for a PNSC host name/ Admin Password / Shared Secret ?
A. Yes. The recommendations are as follows:
Name
Recommendation
PNSC Host Name
The host name must include minimum two
characters and must follow the RFC 952 standard.
As per this standard, the host name can contain only
the following characters:
• ASCII letters "a" through "z" in a
case-insensitive manner
• Numerics from "0" to "9"
• Hyphen ("-")
Note
Cisco Virtual Application Container Services Installation Guide, Release 5.1STV1.0
48
The host name must not start with a
numeric or with a hyphen and must not end
with a hyphen.
FAQs
FAQs about Cisco VACS Installation
Admin Password
The admin password validation must meet the below
conditions:
• Contains a minimum of eight characters.
• Contains at least three of the following:
1 Lowercase letters
2 Uppercase letter
3 Digits
4 Special characters
• Does not contain a character that is repeated
more than three times consecutively. For
example, aaabbb.
• Is not the user name or the reverse of the user
name.
• Passes a password dictionary check. The
password must not be based on a standard
dictionary word. PNSC uses the standard
Linux open source PAM module.
• Does not contain the following symbols: dollar
sign ($), question mark (?), equals sign (=).
• The password must not be blank for a local
user and the admin accounts.
Cisco Virtual Application Container Services Installation Guide, Release 5.1STV1.0
49
FAQs
Cisco VACS License FAQs
Shared Secret
The shared secret password must contain the strong
password characteristics such as the following:
• At least eight characters.
• Lowercase letters, uppercase letters, digits,
and special characters.
• Does not include characters such as:
1 Consecutive alphanumeric characters, such
as abcd or 1234.
2 Characters repeated three or more times,
such as aaabbb.
3 A variation of the word Cisco , such as
cisco , ocsic , or one that changes the
capitalization of letters in the word Cisco.
4 The username, or the username in reverse.
5 A permutation of characters present in the
username or Cisco.
• Characters such as, &, ' " `, ( ), < >, |, \, ;, $, ?,
and spaces.
Cisco VACS License FAQs
Q. How do I obtain a Cloud Services Router (CSR) 1000V license token?
A. If you already have a Cisco VACS production license, you will be provided with a smart account with
CSR licenses. You should login to this CSR account and generate a smart token, which will be used to
register with Cisco UCS Director.
Q. How many CSR License are provided for a single Cisco VACS license?
A. Each Cisco VACS license is provided with 10 CSR licenses.
Q. Are CSR licenses provided with Cisco VACS evaluation licenses ?
A. No, but CSR comes with default licenses for a 60 days trial period.
Q. Does Cisco VACS automatically license CSR evaluation licenses when Cisco VACS permanent licenses
are installed ?
A. No. You must manually apply the CSR license for the existing containers which have been deployed with
the EVAL license.
Cisco Virtual Application Container Services Installation Guide, Release 5.1STV1.0
50
FAQs
Cisco VACS License FAQs
Q. Can I install Cisco VACS licenses on Cisco Nexus 1000V?
A. No, you cannot install Cisco VACS licenses on Cisco Nexus 1000V. Only Cisco VACS can install the
Cisco Nexus 1000V licenses for Cisco VACS.
Q. How many workload VMs and containers are allowed per Cisco VACS license?
A. There is no limit on how many workload VMs you can add to a Container, but the number of VMs on a
server is limited by the Cisco UCS Director server licenses installed.
Q. How many workload VMs are allowed per container?
A. There is no technical limit on the number of workload VMs permitted per Cisco VACS container.
Q. How do I add additional Cisco VACS licenses to my existing license?
A. You can buy new Cisco VACS licenses from the Cisco Technical Assistance Center (TAC) and install
them in Cisco UCS Director. For detailed information about installing Cisco UCS Director, see Installing
the CSR1000V License, on page 19 and Updating the Cisco UCS Director License, on page 17.
Q. When Cisco VACS Containers are deleted, CSR licenses are not released. What is the process to release
the CSR licenses used by the deletedCisco VACS Containers ?
A. You must login to tCisco VACShe CSR Smart account and release the CSR licenses consumed by the
deleted Cisco VACS Containers.
Q. Can I use evaluation licenses with UCSD Production licenses?
A. No, Cisco VACS evaluation licenses can be used only with Cisco UCS Director evaluation licenses.
Q. Can fenced containers and Cisco VACS co-exist with a Cisco VACS license?
A. Yes, they can.
Cisco Virtual Application Container Services Installation Guide, Release 5.1STV1.0
51
FAQs
Cisco VACS License FAQs
Cisco Virtual Application Container Services Installation Guide, Release 5.1STV1.0
52