Cisco Intelligent Automation for Cloud
Administrator Guide
Release 4.0
Published: January 25, 2014
Cisco Systems, Inc.
www.cisco.com
Cisco has more than 200 offices worldwide.
Addresses, phone numbers, and fax numbers
are listed on the Cisco website at
www.cisco.com/go/offices.
Text Part Number: OL-29973-01
THE SPECIFICATIONS AND INFORMATION REGARDING THE PRODUCTS IN THIS MANUAL ARE SUBJECT TO CHANGE WITHOUT NOTICE. ALL
STATEMENTS, INFORMATION, AND RECOMMENDATIONS IN THIS MANUAL ARE BELIEVED TO BE ACCURATE BUT ARE PRESENTED WITHOUT
WARRANTY OF ANY KIND, EXPRESS OR IMPLIED. USERS MUST TAKE FULL RESPONSIBILITY FOR THEIR APPLICATION OF ANY PRODUCTS.
THE SOFTWARE LICENSE AND LIMITED WARRANTY FOR THE ACCOMPANYING PRODUCT ARE SET FORTH IN THE INFORMATION PACKET THAT
SHIPPED WITH THE PRODUCT AND ARE INCORPORATED HEREIN BY THIS REFERENCE. IF YOU ARE UNABLE TO LOCATE THE SOFTWARE LICENSE
OR LIMITED WARRANTY, CONTACT YOUR CISCO REPRESENTATIVE FOR A COPY.
The Cisco implementation of TCP header compression is an adaptation of a program developed by the University of California, Berkeley (UCB) as part of UCB’s public
domain version of the UNIX operating system. All rights reserved. Copyright © 1981, Regents of the University of California.
NOTWITHSTANDING ANY OTHER WARRANTY HEREIN, ALL DOCUMENT FILES AND SOFTWARE OF THESE SUPPLIERS ARE PROVIDED “AS IS” WITH
ALL FAULTS. CISCO AND THE ABOVE-NAMED SUPPLIERS DISCLAIM ALL WARRANTIES, EXPRESSED OR IMPLIED, INCLUDING, WITHOUT
LIMITATION, THOSE OF MERCHANTABILITY, FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT OR ARISING FROM A COURSE OF
DEALING, USAGE, OR TRADE PRACTICE.
IN NO EVENT SHALL CISCO OR ITS SUPPLIERS BE LIABLE FOR ANY INDIRECT, SPECIAL, CONSEQUENTIAL, OR INCIDENTAL DAMAGES, INCLUDING,
WITHOUT LIMITATION, LOST PROFITS OR LOSS OR DAMAGE TO DATA ARISING OUT OF THE USE OR INABILITY TO USE THIS MANUAL, EVEN IF CISCO
OR ITS SUPPLIERS HAVE BEEN ADVISED OF THE POSSIBILITY OF SUCH DAMAGES.
Cisco and the Cisco logo are trademarks or registered trademarks of Cisco and/or its affiliates in the U.S. and other countries. To view a list of Cisco trademarks, go to this
URL: www.cisco.com/go/trademarks. Third-party trademarks mentioned are the property of their respective owners. The use of the word partner does not imply a partnership
relationship between Cisco and any other company. (1110R)
Any Internet Protocol (IP) addresses and phone numbers used in this document are not intended to be actual addresses and phone numbers. Any examples, command display
output, network topology diagrams, and other figures included in the document are shown for illustrative purposes only. Any use of actual IP addresses or phone numbers in
illustrative content is unintentional and coincidental.
Cisco Intelligent Automation for Cloud 4.0 Administrator Guide
© 2014 Cisco Systems, Inc. All rights reserved.
CONTENTS
Preface
vii
Audience
vii
Related Documentation
vii
Obtaining Documentation and Submitting a Service Request
CHAPTER
1
User Roles and Capabilities
Overview of User Roles
vii
1-1
1-1
User Roles 1-3
Cloud Provider Technical Administrator 1-3
Cloud Provider Business Administrator 1-4
Tenant Technical Administrator 1-4
Tenant Business Administrator 1-5
Organization Technical Administrator 1-5
Virtual and Physical Server Owner 1-6
Virtual Server Owner 1-6
Solutions Team 1-7
Form Extender 1-7
Capabilities by User Role
1-8
Support for Multiple Cloud Platforms
CHAPTER
2
1-10
Setting Up REX and nsAPI User Accounts 2-1
Setting Up A REX User Account 2-1
Configuring Agent Properties 2-2
Setting Username and Password for REX Set REX Agent Properties
Starting the REX Set Agent Properties Agent 2-3
Setting REX Agent Configuration 2-3
Starting All REX Agents 2-4
Setting DB, HTTP, NSAPI Agents Configuration 2-4
2-2
Setting Up An nsAPI User Account 2-5
Assigning the Cloud Technical Administrator Role to an nsAPI User 2-5
Manually Adding the Site Administrator Role to an nsAPI User 2-6
Starting All Other Agents
2-6
Cisco Intelligent Automation for Cloud Administrator Guide
OL-29973-01
i
Contents
CHAPTER
3
Managing Tenants
3-1
Onboarding a Tenant
3-1
Offboarding a Tenant
3-3
Modifying a Tenant
3-3
Viewing Tenant Information 3-4
Understanding Multi-Tenancy Views in VMware and UCS Manager
VMware vCenter 3-4
UCS Manager 3-5
CHAPTER
4
Managing Organizations and Users
3-4
4-1
Understanding Organizations 4-1
Organizations 4-2
Service Teams 4-2
Working with Organizations 4-2
Creating the Cloud Provider Technical Administrator Organization
4-3
Adding Cloud Provider Technical Administrators 4-3
Adding Cloud Administrators in the Directory Service 4-3
Adding a Cloud Administrator From a New User 4-3
Adding a Cloud Administrator From an Existing User 4-4
Removing an Organization
4-4
Creating and Managing Users 4-5
Modifying User Properties 4-5
Adding or Modifying User Details 4-6
Changing a User’s Status to Active or Inactive 4-6
Adding an Existing User as a Cloud Provider Technical Administrator 4-7
Creating a New User to Add as a Cloud Provider Technical Administrator 4-8
Removing a Cloud Provider Technical Administrator 4-9
Adding or Removing an Organization Technical Administrator 4-9
Adding an Existing User as an Organization Technical Administrator 4-9
Creating a New User to Add as an Organization Technical Administrator 4-10
Removing an Organizational Technical Administrator 4-11
Managing Organizations and Users With Directory Integration
4-11
Managing User Roles 4-12
Adding or Removing a Server Owner 4-12
Adding an Existing User as a Server Owner 4-12
Creating a New User to Add as a Server Owner 4-13
Removing a Server Owner 4-14
Assigning a User to a Server Owner Role 4-14
Cisco Intelligent Automation for Cloud Administrator Guide
ii
OL-29973-01
Contents
Reassigning a Server Owner to Another Server Owner Role 4-15
Reassigning an Organization Technical Administrator as a Server Owner 4-15
Reassigning a Server Owner as a Organization Technical Administrator 4-16
Changing the nsAPI User Account Username and Password 4-16
Changing the nsAPI User Credentials in Prime Service Catalog
Updating nsAPI agents 4-16
CHAPTER
5
Provisioning and Managing Networks
Network Types
4-16
5-1
5-1
Adding an Existing Network
Removing a Network
5-2
5-3
Managing Network IP Capacity 5-4
Viewing the List of a Specific Network
Managing IP Address Exclusions
5-4
5-4
Adding a Public Subnet to a Network POD
5-5
Adding a Network to a Community VDC 5-6
Provisioning a New Network for a Virtual Data Center
5-6
Defining a Network Using Existing Port Groups 5-6
Viewing the List of All Networks 5-6
Viewing the List For a Specific Network 5-7
Obtaining Approvals for Adding a Network to a VDC 5-7
Deleting a Network from the Cloud System 5-7
Removing a Network from a Virtual Data Center 5-8
Auto-Provisioning a Network Using New Port Profiles 5-8
A Note About Prerequisites 5-8
CHAPTER
6
Setting Up the Infrastructure
6-1
Connecting the Cloud Platform Elements 6-1
Defining the Connection Information for VMware vCenter 6-2
Defining the VMware vCenter Server Platform Element 6-2
Defining the Cisco UCS Manager Platform Element 6-3
Defining the Cisco Server Provisioner Platform Element 6-4
Setting Provisioning Settings
6-5
Setting System-Wide Service Options
Remediating Platform Element Errors
Registering a Datastore
6-8
6-8
Setting Up a Community VDC
Creating an Organization
6-6
6-9
6-10
Cisco Intelligent Automation for Cloud Administrator Guide
OL-29973-01
iii
Contents
Creating a New User to Add as an Organization Technical Administrator
Adding a Server Owner
6-11
Assigning Mail Addresses for Queue Notifications
CHAPTER
7
Managing Standards
6-12
7-1
Viewing Standards Settings
7-1
Adding, Modifying, or Deleting a Lease Term Standard
Adding a New Lease Term Standard 7-2
Modifying a Lease Term Standard 7-3
Deleting a Lease Term Standard 7-4
7-1
Adding, Modifying, or Deleting an Operating System Standard
Adding an Operating System Standard 7-5
Modifying an Operating System Standard 7-5
Deleting an Operating System Standard 7-5
Adding, Modifying, or Deleting a Server Size Standard
Adding a Server Size Standard 7-6
Modifying a Server Size Standard 7-7
Deleting a Server Size Standard 7-7
Adding, Modifying, or Deleting a VDC Size Standard
Adding a VDC Size Standard 7-9
Modifying a VDC Size Standard 7-9
Deleting a VDC Size Standard 7-10
Planning VDC Package Sizing
CHAPTER
8
Financial Management
6-10
7-4
7-6
7-7
7-10
8-1
Financial Management Features
8-1
Pricing Models 8-2
Billable Items 8-2
Default Pricing 8-2
Pricing for Physical and Virtual Servers Based on Server Templates
Pricing for Virtual Servers Based on Server Size 8-3
Additional Resources 8-3
Pricing for Physical Servers 8-4
Pricing for Virtual Data Centers 8-4
Pricing for Network Services 8-4
Pricing for Floating and Virtual IP Addresses 8-5
Financial Management by Persona 8-5
Operations Performed by Cloud Provider Business Administrators
8-3
8-5
Cisco Intelligent Automation for Cloud Administrator Guide
iv
OL-29973-01
Contents
Setting Prices on Cloud Services
Setting Price Rates
APPENDIX
A
Glossary of Terms
8-5
8-6
A-1
INDEX
Cisco Intelligent Automation for Cloud Administrator Guide
OL-29973-01
v
Contents
Cisco Intelligent Automation for Cloud Administrator Guide
vi
OL-29973-01
Preface
This guide describes how to administer Cisco Intelligent Automation for Cloud.
Audience
This guide is for administrators who are responsible for setting up, maintaining, and configuring
Intelligent Automation for Cloud. The tasks in this guide are typically performed by administrators only.
Related Documentation
See the Cisco Intelligent Automation for Cloud Documentation Overview for a list of all Intelligent
Automation for Cloud guides.
Note
We sometimes update the documentation after original publication. Therefore, you should also review
the documentation on Cisco.com for any updates.
Obtaining Documentation and Submitting a Service Request
For information on obtaining documentation, submitting a service request, and gathering additional
information, see What’s New in Cisco Product Documentation at:
http://www.cisco.com/en/US/docs/general/whatsnew/whatsnew.html.
Subscribe to What’s New in Cisco Product Documentation, which lists all new and revised Cisco
technical documentation, as an RSS feed and deliver content directly to your desktop using a reader
application. The RSS feeds are a free service.
Cisco Intelligent Automation for Cloud Administrator Guide
OL-29973-01
vii
Cisco Intelligent Automation for Cloud Administrator Guide
viii
OL-29973-01
CH A P T E R
1
User Roles and Capabilities
Cisco Intelligent Automation for Cloud 4.0 (Cisco IAC) is a self-service provisioning and orchestration
software solution for cloud computing and data center automation. Cisco IAC users access services and
tasks using Prime Service Catalog, a browser-based interface that provides links to services and status,
such as ordering servers, viewing requisitions, monitoring system resources.
Overview of User Roles
Cisco IAC 4.0 features seven pre-defined user roles that determine what individuals can access and
perform. There are several roles aligned with each business area. These roles are listed in Table 1-1
below and are illustrated in Figure 1-1 on page 1-3. All roles are also explained in further detail in this
chapter. You will find the Capabilities by User Role table (Table 1-2 on page 1-8).
Table 1-1
User Role Acronyms Defined
ADMINISTRATORS
•
CPBA–Cloud Provider Business Administrator
•
CPTA–Cloud Provider Technical Administrator
USERS
•
SPU–Service Portal User
•
Organization Technical Administrator
•
TBA–Tenant Business Administrator
•
TTA–Tenant Technical Administrator
•
VSO–Virtual Server Owner
•
V/PSO–Virtual and Physical Server Owner
•
ST–Solutions Team member
•
FE–Form Extender
Cisco Intelligent Automation for Cloud Administrator Guide
OL-29973-01
1-1
Chapter 1
User Roles and Capabilities
Overview of User Roles
•
Cloud Provider: The group which is hosting the cloud. This may be an Enterprise IT department,
or a Service Provider.
– Cloud Provider Technical Administrator (CPTA). Manages cloud resources and services via
the service catalog. Has access to internal network and systems (underlying cloud
infrastructure). Onboards and offboards tenants.
– Cloud Provider Business Administrator (CPBA). This role is associated with processing
financial approvals for money being spent, managing the money and quotas associated with
capacity management.
•
Tenant: A tenant represents a customer, a unique billable entity.
– Tenant Technical Administrator (TTA). The catalog of services available to each tenant
organization is determined by the set of elections made by a tenant administrator.
– Tenant Business Administrator (TBA). Financial approval for money being spent. Can create
organizations and assign Organization Technical Administrators to Organizations.
•
Organization: Each tenant has one or more organizations. An organization contains its own catalog.
– Service Portal User (SPU). This role gets assigned to every Organizational Unit and a user
inherits this role through his or her OU.
– Organization Technical Administrator (OTA). Manages Server Owners, resources, and
services. Orders VDCs, firewall and load-balancing services for VDC zones and networks.
– Virtual Server Owner (VSO). A consumer of the services. Orders virtual machines, firewall
and load-balancing services for their virtual servers.
– Virtual and Physical Server Owner (VPSO). A consumer of the services. Orders physical and
virtual machines, firewall and load-balancing services for their servers.
•
Service Designer:
– Solutions Team (ST) member. Has permissions to perform specific tasks in Service Groups,
Active Form Components (AFCs), and Dictionaries.
– Form Extender (FE) member. Has permissions to perform specific tasks in Service Groups,
Active Form Components (AFCs), and Dictionaries.
Note
A Technical Administrator role has capabilities and permissions within the system greater than (a
superset of) those given to their Business Administrator counterpart.
Additionally, the system-defined “Anyone” role includes all of the Prime Service Catalog roles within
an organization. This role is a selectable option for certain user properties that identify individuals who
can order on behalf of the user and read or change the user’s record.
Note
The Service Portal User (SPU) role is automatically assigned to every Organizational Unit. Users inherit
this role through their organizational unit (OU).
Cisco Intelligent Automation for Cloud Administrator Guide
1-2
OL-29973-01
Chapter 1
User Roles and Capabilities
User Roles
Figure 1-1
Users by Role
Cloud Provider
Business
Technical
Owner
$$$
Cloud Provider
Technical Administrators
Tenant
Cloud Provider
Business Administrators
Tenant Business
Administrators
Organization
Tenant Technical
Administrators
Service Designer
Organization Technical
Administrators
Virtual Server Owner/
Virtual and Physical
Server Owner
Form Extender
370885
Solution Team
User Roles
Cloud Provider Technical Administrator
The Cloud Provider Technical Administrator (CPTA) manages both the underlying infrastructure as well
as the Cisco IAC cloud management software. As employees of the service provider, Cloud Provider
Technical Administrators are responsible for purchasing, installing, and configuring the Cisco IAC
solution, then inviting customers to be customers of the Cloud solution. Cloud Provider Technical
Administrators have access to the following modules:
•
Service Portal User
– Access Service Portal capability.
Cisco Intelligent Automation for Cloud Administrator Guide
OL-29973-01
1-3
Chapter 1
User Roles and Capabilities
User Roles
•
Service Portal
– Access and perform tasks from all portals and portlets.
•
Service Manager
– Categorize and process service request approvals and perform other manual tasks that arise
during service delivery.
– Manage standards for service items, such as lease terms, network types, operating system types,
platform element types and options, and so on.
•
Service Item Manager
– Create or modify ordering standards such as available server sizes and managed lease term
limits, among other examples (e.g., managing the VDC Topology offerings).
•
Administration
– Link to and utilize data from your enterprise directory and other sources of user data.
– Customize your Prime Service Catalog environment with colors and branding, and turn on or
off various site-wide settings, such as custom style sheets and directory integration.
– Modify standard lists of values used across the site and in related reports.
Cloud Provider Business Administrator
The Cloud Provider Business Administrator (CPBA) is in charge with overseeing and administrating a
public or private cloud as a revenue generating business. This covers:
Note
•
Determining the mix of services that the public or private cloud is offering in the market.
•
Determining the pricing of services and service options.
•
Handling the business interaction with individual tenants.
When operating a private cloud, even one including tenants, IT does run a business. Therefore, the role
of the CPBA may be reduced to exclude the second bullet item, above.
CPBAs have access to the following modules:
•
Service Portal: Access to the following pages: My Cloud and Tenant Management
•
Demand Management: Account management, billing rates, and agreements
•
Service Item Manager: Manage service items, and standards
Tenant Technical Administrator
The Tenant Technical Administrator (TTA) is an employee of the organization who manages tenants
from a technical standpoint. In a self-managed tenant, a Tenant Technical Administrator is the
administrative authority within the tenant on all technical matters related to using the cloud system, and
is the tenant's technical representative to the cloud provider. TTAs do the following:
•
Manage the tenant’s user accounts and organizational structure.
•
Manage tenant’s Virtual Data Centers and related elements.
•
Manage tenant-wide services offered to all their organizations.
Cisco Intelligent Automation for Cloud Administrator Guide
1-4
OL-29973-01
Chapter 1
User Roles and Capabilities
User Roles
In this regard, the TTA assumes some of the responsibility of a CPTA in a single tenant (no-tenant)
private cloud. In provider-managed tenants, the tenant hires the cloud provider to perform all
administrative duties. As a result, there may not be a tenant user that acts as a TTA. A provider user will
be appointed to perform the above duties and order on behalf of the tenant.
Each tenant has at least one Tenant Technical Administrator, whose account is typically created when
the tenant is first created. The Tenant Technical Administrator can create Organizational Technical
Administrators and Cloud End-Users. The Tenant Technical Administrator role may be assigned by a
CPTA or another TTA. A Tenant Technical Administrators role would have the rights over all objects
owned by organizations for the tenant.
TTAs have access to the following modules:
•
Service Item Manager
•
Organization Designer
•
Service Portal
Tenant Business Administrator
The Tenant Business Administrator (TBA) is an employee of the organization who manages tenants from
a business standpoint. In a multi-tenant cloud, the Tenant Business Administrator is the commercial and
business authority within the tenant and represent these concerns to the cloud provider. These
responsibilities include:
•
Negotiate pricing, service options, service levels and other service terms with the cloud provider.
•
Approve high cost service orders by tenant users.
•
Analyze cloud costs to the tenant, over time, by service, by organization, in order to control costs
and ensure the best return on investment.
In a provider-managed tenant, since there may not be a tenant user that is a technical administrator, the
TBA serves as the only tenant representative.
Note
In private clouds with multiple tenants, there may not be a TBA user; and if there is, their role may be
reduced to only perform the last two bullet items above.
TBAs have access to the following modules:
•
Organization Management
•
Service Manager
•
Service Portal
Organization Technical Administrator
An Organization Technical Administrators (OTA) is an employee of the organization with some
administrative access and control over their organization’s environment. The Organization Technical
Administrators manage an organization’s user accounts, virtual data centers, and organization-specific
service catalogs in Prime Service Catalog. They also assign users to Server Owner roles within the
organization. The Organization Technical Provider has access to the following modules:
•
Service Portal—Access the following pages to order Prime Service Catalog services:
Cisco Intelligent Automation for Cloud Administrator Guide
OL-29973-01
1-5
Chapter 1
User Roles and Capabilities
User Roles
– My Servers—View a list of all of the servers you own or manage, and perform actions such as
powering up or down, taking a snapshot, or decommissioning.
– User Management—Add, modify, and remove users.
– Order Cloud Services—Commission a virtual machine or physical server or VDC, manage
load-balancers, or manage network zone security within VDCs.
•
My Services—Complete the following tasks:
– Create users and update user profile information.
– View own and Organization’s constituent users’ Run Rate—the set of recurring charges incurred
for cloud services they or their users have purchased.
– View details and manage network topology and capacity of VDCs to which the OTA has access.
May grant other organizations access to their VDCs.
– View their prior orders and current order status (for themselves and users within their
organization)
Virtual and Physical Server Owner
The Virtual and Physical Server Owner (VPSO) is an employee of the organization who orders and
provisions both virtual and physical servers. The Virtual and Physical Server Owner has access to the
following portal pages in the Service Portal module:
•
My Servers—View a list of all of the servers you own or manage, and perform actions such as
powering up or down, taking a snapshot, or decommissioning.
•
Order Cloud Services—Commission or decommission a virtual or physical server.
•
View Run Rate—View the set of recurring charges incurred for the cloud services purchased.
•
View Details—View details, topology, and capacity of VDCs to which the user has access.
•
View Orders—View prior orders and current order status.
Virtual Server Owner
The Virtual Server Owner (VSO) is an employee of the organization who orders and provisions virtual
machines. The Virtual Server Owner has access to the following portals in the Service Portal module:
•
My Servers—View a list of all of the servers you own or manage, and perform actions such as
powering up or down, taking a snapshot, or decommissioning.
•
Order Cloud Services—Commission or decommission a virtual server, or firewall and
load-balancing services.
•
View Run Rate—View the set of recurring charges incurred for the cloud services purchased.
•
View Details—View details, topology, and capacity of VDCs to which the user has access.
•
View Orders—View prior orders and current order status.
Cisco Intelligent Automation for Cloud Administrator Guide
1-6
OL-29973-01
Chapter 1
User Roles and Capabilities
User Roles
Solutions Team
Solution Designers are to create new services or modify existing ones (maybe reference the SC docs for
further info on what this means). The Solutions Team (ST) member has permissions to perform the tasks
in the following categories:
•
Service Groups
– Assign Rights and View Services in service groups that contain Cisco content solutions.
– Design services, assign rights, and view services in service groups that contain Cisco content
solution extensions.
– View all aspects of the service definition.
•
Active Form Components (AFCs)
– “View Form” permission in AFC groups that contain Cisco content solutions.
– “View Forms” and “Design Forms” permissions in AFC groups that contain Cisco content
solution extensions.
•
Dictionaries
– Read permission in dictionary groups that contain Cisco content solutions.
– Read/write permissions in dictionary groups that contain Cisco content solution extensions.
Form Extender
Form extenders modify existing service forms to include form components built by solution designers.
They are a consumer of the product made by the solution designers. The Form Extender (FE) has
permissions to perform the tasks in the following categories:
•
Service Groups
– Design Services, Assign Rights and View Services in service groups that contain Cisco content
solutions, but can only see the Form tab.
– Design Services, Assign Rights and View Services in service groups that contain Cisco content
solution extensions, but can only see the Form tab.
•
Active Form Components (AFCs)
– “View Form” permission in AFC groups that contain Cisco content solutions.
– “View Forms” and “Design Forms” permissions in AFC groups that contain Cisco content
solution extensions.
•
Dictionaries
– Read permission in dictionary groups that contain Cisco content solutions.
– Read/write permissions in dictionary groups that contain Cisco content solution extensions.
Cisco Intelligent Automation for Cloud Administrator Guide
OL-29973-01
1-7
Chapter 1
User Roles and Capabilities
Capabilities by User Role
Capabilities by User Role
Table 1-2
Capabilities by User Role
Category
Service
CPTA
CPBA
TTA
TBA
OTA
V/PSO
VSO
ST
FE
Configure HTTPS agents
4
0
0
0
0
0
0
0
0
Configure REX agents
4
0
0
0
0
0
0
0
0
Register a Cisco UCS blade
4
0
0
0
0
0
0
0
0
Manage blade pools
4
0
0
0
0
0
0
0
0
Remove a Cisco UCS blade
4
0
0
0
0
0
0
0
0
Assign cluster metric service
item data
4
0
0
0
0
0
0
0
0
Assign data center metric
service item data
4
0
0
0
0
0
0
0
0
Assign datastore metric
service item data
4
0
0
0
0
0
0
0
0
Assign IP Address service
item data
4
0
0
0
0
0
0
0
0
Assign network metric
service item data
4
0
0
0
0
0
0
0
0
Assign resource pool metric
SI data
4
0
0
0
0
0
0
0
0
Assign Cisco UCS metric
service item data
4
0
0
0
0
0
0
0
0
Refresh metrics
4
0
0
0
0
0
0
0
0
Run Rates
Manage run rates
4
0
0
0
0
0
0
0
0
Networks
Add or remove an
organization network
4
0
0
0
0
0
0
0
0
Order a virtual machine and
install an operating system
4
0
0
0
4
4
4
0
0
Order a virtual machine from
template
4
0
4
4
4
4
4
0
0
Decommission a virtual
machine
4
0
4
4
4
4
4
0
0
Order a physical server
4
4
4
4
4
4
4
0
0
Decommission a physical
server
4
4
4
4
4
4
4
0
0
Define a managed lease
instance for a new server
4
4
4
4
0
4
4
0
0
Extend a managed lease
instance on a server
4
4
4
4
4
4
4
0
0
Agents
Cisco UCS
Blades
Metrics
Ordering
Servers
Cisco Intelligent Automation for Cloud Administrator Guide
1-8
OL-29973-01
Chapter 1
User Roles and Capabilities
Capabilities by User Role
Table 1-2
Capabilities by User Role (continued)
Category
Service
CPTA
CPBA
TTA
TBA
OTA
V/PSO
VSO
ST
FE
Create virtual data center
4
4
4
4
4
0
0
0
0
Decommission virtual data
center
4
4
4
4
4
0
0
0
0
Modify VDC size
4
4
4
4
4
0
0
0
0
Add network to VDC
4
4
4
4
4
0
0
0
0
Remove network from VDC
4
4
4
4
4
0
0
0
0
Add or remove a user as a
Server Owner
4
4
4
4
4
0
0
0
0
Assign or remove a Cloud
Provider Technical
Administrator
4
4
0
0
0
0
0
0
0
Assign or remove
Organization Technical
Administrator
4
4
0
0
4
0
0
0
0
Users and IAC
Modify user properties
Roles
4
4
4
0
4
0
0
0
0
View Cloud Provider
Technical Administrator role
settings
4
4
4
4
0
0
0
0
0
View Organization Technical
Administrator role settings
4
0
4
4
4
0
0
0
0
View Virtual Server Owner
role settings
4
0
4
4
0
4
4
0
0
View Virtual and Physical
Server Owner role settings
4
0
4
4
0
0
0
0
0
View Form Extender Role
settings
4
0
4
4
0
0
0
0
4
View Solutions Team role
settings
4
0
4
4
0
0
0
4
0
Modify Server Configuration
4
4
4
4
4
4
4
0
0
Power-up, power-down,
power-cycle a physical
server
4
4
0
0
4
4
4
0
0
Power-up, power-down,
power-cycle a Virtual
Machine
4
4
0
0
4
4
4
0
0
Take, revert-to, or remove a
server snapshot
4
4
0
0
4
4
4
0
0
Virtual Data
Centers
Server
Administration
Server
Operations
Cisco Intelligent Automation for Cloud Administrator Guide
OL-29973-01
1-9
Chapter 1
User Roles and Capabilities
Support for Multiple Cloud Platforms
Table 1-2
Capabilities by User Role (continued)
Category
Service
System Setup
and
Management
Server
Templates
CPTA
CPBA
TTA
TBA
OTA
V/PSO
VSO
ST
FE
Connect or update the cloud
infrastructure
4
0
4
4
0
0
0
0
0
Configure the e-mail
notification templates
4
0
4
4
0
0
0
0
0
Set provisioning Settings
4
0
0
0
0
0
0
0
0
Set up or update the shared
server zone
4
0
0
0
0
0
0
0
0
Validate platform elements
4
0
0
0
0
0
0
0
0
Register or Update Service
Profile Template
4
0
0
0
0
0
0
0
0
Register VM Template
4
0
0
0
0
4
4
0
0
Register Operating System
Template
4
0
0
0
0
0
0
0
0
Add or remove an
organization
4
4
4
4
4
0
0
0
0
Add, modify, or remove an
organization
4
4
4
4
4
0
0
0
0
4
4
4
4
4
0
0
0
0
Create or modify person
profiles in the organization
(via Organization Designer)
0
0
4
0
0
0
0
0
0
Add or modify the Cloud
Administration organization
4
4
4
0
0
0
0
0
0
Create, modify, remove
Organizations organization networks
Support for Multiple Cloud Platforms
Table 1-3
Support for Multiple Cloud Platforms
VMware
vCenter
Server
VMware
vCloud
Director
OpenStack Cisco UCS
Manager and
Cloud
Cisco Server
Manager
Cisco UCS
Director
Amazon
EC2
Provisioner
(Physical Server)
Power Down Virtual Machine
4
4
4
0
4
4
Power Up Virtual Machine
4
4
4
0
4
4
Power Cycle Virtual Machine
4
4
4
0
4
4
Modify Configuration
4
4
4
0
0
0
View Snapshots
4
4
4
0
4
0
Take Snapshot
4
4
4
0
4
0
Revert to Snapshot
4
4
4
0
4
0
Cisco Intelligent Automation for Cloud Administrator Guide
1-10
OL-29973-01
Chapter 1
User Roles and Capabilities
Support for Multiple Cloud Platforms
Table 1-3
Support for Multiple Cloud Platforms (continued)
VMware
vCenter
Server
VMware
vCloud
Director
OpenStack Cisco UCS
Manager and
Cloud
Cisco Server
Manager
Cisco UCS
Director
Amazon
EC2
Provisioner
(Physical Server)
Delete Snapshot
4
4
4
0
4
0
Decommission Virtual Machine
4
4
4
0
4
0
Convert VM to Template
4
4
0
0
0
0
Clone VM to Template
4
4
0
0
0
0
Create VM Firewall Rule
4
4
0
0
0
0
Delete Server Firewall Rule
4
4
0
4
0
0
Modify Server Ownership
4
4
4
4
4
4
Allocate Floating IP Address
4
4
0
4
0
0
Create VM Firewall Rule
0
0
0
0
0
0
Remove VM Firewall Rule
0
0
0
0
0
0
Create Physical Firewall Rule
4
4
0
4
0
0
Remove Physical Firewall Rule
4
4
0
4
0
0
Manage Load Balancer
4
4
0
0
0
0
Add to Server Group
4
4
0
0
0
0
Remove from Server Group
4
4
0
0
0
0
Modify VDC Size
4
4
4
0
0
0
Decommission VDC
4
4
4
0
0
0
Manage Access to VDC
4
4
0
0
0
0
Add a Network to VDC
4
4
0
0
0
0
Remove Network from VDC
4
4
0
0
0
0
Modify Network Properties
0
0
0
0
0
0
Order a Virtual Machine from Template
4
0
4
0
4
4
Order a Virtual Machine and Install an OS
0
0
0
0
0
0
Order a Physical Server
0
0
0
0
0
0
Create VDC Firewall Rule
4
0
0
0
0
0
Delete VDC Firewall Rule
4
0
0
0
0
0
Create Server Group
4
0
0
0
0
0
Delete Server Group
4
0
0
0
0
0
Update LB Service Group
4
0
0
0
0
0
Delete LB Service Group
4
0
0
0
0
0
Add Member to Service Group
4
0
0
0
0
0
Manage Service Group Membership
4
0
0
0
0
0
Delete Service Group
4
0
0
0
0
0
Cisco Intelligent Automation for Cloud Administrator Guide
OL-29973-01
1-11
Chapter 1
User Roles and Capabilities
Support for Multiple Cloud Platforms
Table 1-3
Support for Multiple Cloud Platforms (continued)
VMware
vCenter
Server
VMware
vCloud
Director
OpenStack Cisco UCS
Manager and
Cloud
Cisco Server
Manager
Cisco UCS
Director
Amazon
EC2
Provisioner
(Physical Server)
Add Member to Server Group
4
0
0
0
0
0
Remove Member from Server Group
4
0
0
0
0
0
Cisco Intelligent Automation for Cloud Administrator Guide
1-12
OL-29973-01
CH A P T E R
2
Setting Up REX and nsAPI User Accounts
This chapter guides you through how to create user accounts for REX adapter and nsAPI that will be
used to connect Prime Service Catalog to the REX adapter and Process Orchestrator, respectively.
Tip
You created at least one nsAPI username and password when you imported and configured Cisco
Intelligent Automation for Cloud into Prime Service Catalog. (See “Installing the Intelligent Automation
for Cloud Starter TAP” section on page 5-9 of the Cisco Intelligent Automation for Cloud 4.0 Installation
Guide).
Setting Up A REX User Account
Step 1
Choose Organization Designer from the module drop-down list.
Step 2
On the Organization Designer home page, click Create Person in the Common Tasks pane.
Note
Step 3
If you are using directory integration, the local password of the REX user must match the directory
integration password. To do so, log in with nsAPI user; a local account will be created. Then, go to
Organization Designer and update the password of the nsAPI user to match the directory integration
password. Note that the time zone for these users need to be GMT (Greenwich Mean Time).
Set up the REX user account:
Note
You may only set up REX user account as a local account; If you're using directory integration,
the REX user account will still be from a local source.
On the Create Person form, provide the necessary information.
Click the Help icon (the red question mark in the upper right) for a good overview of this
process. You will also find details on how to use this form and what each of the fields on this
form require.
Step 4
Click Create to submit and close the form.
Cisco Intelligent Automation for Cloud Installation Guide
OL-29973-01
2-1
Chapter 2
Setting Up REX and nsAPI User Accounts
Configuring Agent Properties
When the form closes, the People portal displays, showing the user information you just entered. If you
need to make corrections, make them before proceeding to the next step.
Step 5
Click Add in the upper right corner to add the REX user account.
Configuring Agent Properties
There are two new Agent types: DB and NSAPI. To configure agent properties for all REX agents and
DB/HTTP/NSAPI agents, refer to the following sections:
•
Set username and password for the “REX Set REX Agent Properties” agent
•
Start “REX Set REX Agent Properties” agent
•
Set REX Agent Configuration
•
Start All REX Agents
•
Setting DB, HTTP, NSAPI Agents Configuration
•
Start all other agents
Setting Username and Password for REX Set REX Agent Properties
Step 1
Choose Service Link from the module drop-down list.
Step 2
Click the Manage Integrations tab along the top left of the screen.
Step 3
In the Agents pane on the left, expand REX Set REX Agent Properties (you will most likely need to
scroll down) and click Outbound Properties.
Figure 2-1
REX Set REX Agent Properties
Step 4
In the REXOutboundAdapter.Username field, enter the REX login name that you created in the Create
Person form.
Step 5
In the REXOutboundAdapter.Password field, enter the REX password in the Create Person form.
Step 6
Click Save.
Cisco Intelligent Automation for Cloud Installation Guide
2-2
OL-29973-01
Chapter 2
Setting Up REX and nsAPI User Accounts
Configuring Agent Properties
Starting the REX Set Agent Properties Agent
Step 1
Choose Service Link from the module drop-down list, then click the Control Agents tab to open the
portal. The Control Agents portal displays a list of all agents.
Step 2
Click the red icon next to REX Set REX Agent Properties, then click Start Selected.
Tip
If you do not see REX Set REX Agent Properties in the list, do one of the following:
- scroll down
- use the page buttons to go up and down the list or to enter a specific page number
- sort by agent name by clicking the Name column heading.
The red icons turn to green, indicating that they are now sending and receiving.
Setting REX Agent Configuration
Configure all of the REX agent properties, then verify that the agents are configured correctly.
Step 1
Choose Service Portal from the module drop-down list.
Step 2
Click Setup to display the nested menu, then click System Settings.
Step 3
On the System Settings page, click the System Settings tab.
Step 4
On the Agent Properties Configuration portlet, click:
– Set REX Agent Configuration
Step 5
The Set REX Agent Configuration form displays.
Step 6
On the Set REX Agent Configuration form, enter the REX account login name, then enter and re-enter
the REX account password.
Step 7
Enter the URL to the Prime Service Catalog Request Center server in the Prime Service Catalog
Request Center URL field. The URL should include http or https, the hostname and port number, and
the pathname to RequestCenter. For example, http://localhost:8080/RequestCenter.
Step 8
Click Submit Order to submit the form and display the Order Confirmation page for the service that
you ordered. Do not close the order confirmation.
Step 9
In the Requisition Details pane, click the requisition number to open the requisition summary page.
Step 10
Click Comments & History in the menu on the right side of the window.
Step 11
In the System History pane, look for errors. If the REX agents are configured correctly, you will see a
message for each agent stating that is was updated successfully.
Step 12
Close the Comments and History window.
Cisco Intelligent Automation for Cloud Installation Guide
OL-29973-01
2-3
Chapter 2
Setting Up REX and nsAPI User Accounts
Configuring Agent Properties
Starting All REX Agents
Step 1
Choose Service Link from the module drop-down list, then click the Control Agents tab to open the
portal. The Control Agents portal displays a list of all agents.
Step 2
Select each of the following REX agents:
•
REX Add Organization Unit
•
REX Add Organization Unit (Tenant)
•
REX Add Person
•
REX Create Queue
•
REX DeactivateOU
•
REX Delete Queue
•
REX Modify Organization Unit
•
REX Set DB Agent Properties
•
REX Set HTTP Agent Properties
•
REX Set NSAPI Agent Properties
Note
If you do not see any REX agents in the list, scroll down. Or, sort by the agent name by clicking
the Name column heading.
Step 3
Click Start Selected. (This button is located on top right of the screen.)
Step 4
Refresh the screen by clicking Refresh (on the navigation buttons near the bottom right of the screen).
The agents become green after you refresh.
Setting DB, HTTP, NSAPI Agents Configuration
Step 1
Choose Service Portal > Setup > System Settings.
Step 2
On the System Settings page, click System Settings. Then, on System Settings, click Set Agent
Configuration to open the form.
Step 3
On the Set Agent Configuration form, select an Agent Type, then provide the required information.
Step 4
When you are done, click Submit Order to submit the form and display the Order Confirmation page
for the service that you ordered. Do not close the order confirmation.
Step 5
In the Requisition Details pane on the Order Confirmation page, click the requisition number to open the
requisition summary page.
Step 6
Click Comments & History in the menu on the right side of the window.
Step 7
In the System History pane on the Comments and History page, look for errors. If the agents were
configured correctly, you will see a message that the agent was updated successfully.
Step 8
Close the Comments and History window.
Cisco Intelligent Automation for Cloud Installation Guide
2-4
OL-29973-01
Chapter 2
Setting Up REX and nsAPI User Accounts
Setting Up An nsAPI User Account
Setting Up An nsAPI User Account
Step 1
On the Create Person form, provide the following information:
Step 2
Click Create to close the form and return to Organization Designer.
Step 3
In Organization Designer, select People from the Search drop-down list.
In the People pane below, names display.
Figure 2-2
Search Box
Step 4
Locate and click the name of the nsAPI user.
Step 5
From the General menu on the right side of the page, choose Calendar.
Figure 2-3
Right-side Menu
Step 6
In the Calendar pane, change all time values in the To column to 11:59 PM.
Step 7
Click Update to submit the form.
Assigning the Cloud Technical Administrator Role to an nsAPI User
Step 1
Choose Service Portal from the module drop-down list. The menu bar displays.
Step 2
Click Setup to display the nested menu, then click Administrators.
Step 3
On the Cloud Administrators portlet, click:
Step 4
On the Add Cloud Administrator form, choose Select Existing User from the Action drop-down list.
Step 5
Select the nsAPI user.
Step 6
Click Submit Order.
– Add Cloud Administrator
Cisco Intelligent Automation for Cloud Installation Guide
OL-29973-01
2-5
Chapter 2
Setting Up REX and nsAPI User Accounts
Starting All Other Agents
Manually Adding the Site Administrator Role to an nsAPI User
You can manually add the Site Administrator role to an nsAPI user without directory service. Follow the
steps below.
Step 1
Choose Organization Designer from the module drop-down list, select the People tab.
Step 2
Select the nsAPI user.
Step 3
Choose Roles, check the Site Administrator check box, then click Add.
Starting All Other Agents
Step 1
Choose Service Link from the module drop-down list, then click the Control Agents tab.
Step 2
While pressing and holding Shift, click the red icon next to the first agent in the list, then click the red
icon of the last agent in the list to select all of the agents, then click Start Selected.
Note
If a vertical scroll bar appears in the list, scroll down to select the last agent on the page.
The red icons turn to green, indicating that they are now sending and receiving.
Step 3
If there are additional agents in the list, use the scroll arrow at the bottom of the list to display to them,
then repeat Step 2, above
Cisco Intelligent Automation for Cloud Installation Guide
2-6
OL-29973-01
CH A P T E R
3
Managing Tenants
Tenant in the context of a cloud infrastructure and SaaS is simply another name for “customer.” An
organization would have many “customers,” or tenants, and its organization (and users) could be part of
a shared infrastructure.
In Cisco Intelligent Automation for Cloud 4.0, no tenant can determine the existence of any other tenant;
tenants may only see members of their own tenancy (users and groups/roles). Because tenants are
authenticated and authorized to access their data, no tenant can access the data of any other tenant,
including:
Note
•
Data in motion (network)
•
Data at rest (storage)
•
Data in memory (compute)
Note that a given cloud provider may have some inherent access to the data within their own
infrastructure.
In addition, no tenant can perform an operation that might impact the service of another tenant outside
of shared services. Each tenant’s configuration cannot be limited by any other tenant’s existence or
configuration in any way, including by naming or addressing.
Note
Cisco IAC supports an individual’s membership to a single organizational unit or membership (not
multiple).
Onboarding a Tenant
In Cisco Intelligent Automation for Cloud 4.0, you create tenants by onboarding them. Tenants are your
customers who share the Cisco IAC environment. The framework provides the ability to bring new
enterprises on board the existing configuration. This framework separates organizations from each
interfering with each other. To onboard a new tenant:
Step 1
Choose Service Portal from the module drop-down list.
Step 2
Select Management and then Tenant Management.
Step 3
On the Tenant Management screen, scroll down and click Onboard Tenant.
Cisco Intelligent Automation for Cloud Administrator Guide
OL-29974-01
3-1
Chapter 3
Managing Tenants
Onboarding a Tenant
Step 4
On the Onboard Tenant form:
•
Enter the full name of the company.
– Enter the company abbreviation. (Maximum 4 characters)
– Enter the (optional) description.
•
Note
•
Note
Step 5
Select Quotas (used to determine the quotas for the tenant), such as “Large.”
Select Quotas is ideal for the cautious Tenant, who in conversation with the CPBA, has yet to be
comfortable with their spending in the cloud. Select Quotas allows the Tenant (the TBA) to cap
the cloud expenditure. This ability to create a cap may help make many Tenants more
comfortable when signing up for cloud services.
Select a Private Subnet.
In the event that a Tenant chooses to have a Connectivity Type of “Enterprise,” this private
subnet range should be non-overlapping with the Tenant’s existing Enterprise networks.
Select a Primary Contact: You can now select an existing user or create a new user.
•
If you choose to Create New User as the Action.
– Enter the first name and last name of the new user.
– Type a unique login identifier.
– Enter a Password and Confirm the Password.
– Enter the contact e-mail address and contact title.
– Enter the Primary Contact phone number.
– Enter the physical (shipping/mailing) address (optional).
Step 6
Set Tenant-wide Service Options.
Note
Step 7
By default, services related to Virtual Security Gateways (VSGs), Cloud Services Routers
(CSRs) and Adaptive Security Appliances (ASAs) are turned off. This is to comply with Cisco’s
Multiple Security Zones, Enhanced VM Security, Load Balancing Services. If you need services
related to VSGs, CSRs, and/or ASAs, you must manually enabled them as and when needed.
Select a connection type for Virtual Data Centers for this tenant.
•
Enter the Enterprise VRF Connection to be used as transit network for Enterprise Connectivity.
Cisco Intelligent Automation for Cloud Administrator Guide
3-2
OL-29974-01
Chapter 3
Managing Tenants
Offboarding a Tenant
Note
Step 8
It is important to note that the choice of Connection Type and the Service Offering Elections
have a cascading affect on the availability of connection types and services offering to the
underlying organization and its users.
Click Submit.
Offboarding a Tenant
Step 1
Choose Service Portal from the module drop-down list.
Step 2
Select Management and then Tenant Management.
Step 3
On the Tenant Management page, scroll down and click Offboard Tenant.
Step 4
On the Offboard Tenants form, complete the necessary information.
Step 5
Click Submit.
Modifying a Tenant
Step 1
Choose Service Portal from the module drop-down list.
Step 2
Select Management and then Tenant Management.
Step 3
On the Tenant Management page, scroll down and click Modify Tenant.
Step 4
On the Modify Tenant form, modify the information as needed:
Step 5
•
Select Provider Name.
•
Select the name of the company.
•
Modify the Company Abbreviation.
•
Modify the description
•
Select the quotas, this is used to determine the quotas for the tenant.
Click Submit.
Cisco Intelligent Automation for Cloud Administrator Guide
OL-29974-01
3-3
Chapter 3
Managing Tenants
Viewing Tenant Information
Viewing Tenant Information
A Tenant Business Administrators (TBA) would use the information available here to quickly discern
which organization is spending the most/least in the cloud. In addition, he or she can discern which cloud
service is costing a given organization the most and the least.
Step 1
Choose Service Portal from the module drop-down list.
Step 2
Select Management and then Tenant Management.
Step 3
Use the Dashboard (to the right of the screen) to view information, some in chart format.
Step 4
Hover over, and/or click on, an item to drill down or to see additional information:
Figure 3-1
Step 5
Sample Hover View
Exit when done.
Understanding Multi-Tenancy Views in VMware and UCS Manager
VMware vCenter
As shown in Figure 3-2, the folder structure in vCenter in the VM and Templates view is such that
provider troubleshooting is easier, tenant namespace is guaranteed, and CloudSync may consider
tenancy.
Cisco Intelligent Automation for Cloud Administrator Guide
3-4
OL-29974-01
Chapter 3
Managing Tenants
Viewing Tenant Information
Figure 3-2
Multiple Tenants in VMware vCenter
org-root
org-tenant (org-%t)
org-organization (org-%o)
Service Profiles &
Templates
361878
......
UCS Manager
As shown in Figure 3-3, the folder structure for UCS Manager is such that provider troubleshooting is
easier, tenant namespace is guaranteed, and CloudSync may consider tenancy.
Figure 3-3
Multiple Tenants in UCS Manager
Datacenter
Tenant (%t)
Organization (%o)
VM
361879
......
Cisco Intelligent Automation for Cloud Administrator Guide
OL-29974-01
3-5
Chapter 3
Managing Tenants
Viewing Tenant Information
Cisco Intelligent Automation for Cloud Administrator Guide
3-6
OL-29974-01
CH A P T E R
4
Managing Organizations and Users
Understanding Organizations
Organizations are users who are grouped according to function or business. There are two kinds of
organizations: business units and service teams. Note that new cloud infrastructure for advanced network
services are provisioned and dedicated on a ‘per Organization’ basis. Organizations fit within the overall
logical construct of Cisco IAC, as shown in a simplified way in Figure 4-1.
Figure 4-1
Logical Construct of Cisco IAC
Virtual Data Center 1
Organization A
Virtual Data Center 2
Virtual Data Center 3
Tenant
Cloud Provider
Virtual Data Center 1
Virtual Data Center 2
Virtual Data Center 3
370882
Organization B
Cisco Intelligent Automation for Cloud Administrator Guide
OL-29973-01
4-1
Chapter 4
Managing Organizations and Users
Understanding Organizations
Organizations
Organizations are groups of end users who order services. The typical business unit represents a
department or group with a specific purpose—for example, marketing—that has an interest in
maintaining separate servers from other groups. This type of organization represents the majority of
organizations in the cloud system. Business units include the following types of users:
•
Organization Technical Administrator (Organization Technical Administrator, page 1-5)
•
Virtual Server Owner (Virtual Server Owner, page 1-6)
•
Virtual and Physical Server Owner (Virtual and Physical Server Owner, page 1-6)
Service Teams
Service teams are units whose members administer and maintain the Cisco IAC solution, which includes
Prime Service Catalog. Service teams typically include employees of the service provider who are Cloud
Provider Technical Administrators and Site Administrators. Cisco technicians might also be part of
service teams. The Cloud Provider Technical Administrator is a member of the CPTA Organization Unit
service team. For information on the Cloud Provider Technical Administrator role, see Cloud Provider
Technical Administrator, page 1-3.
Working with Organizations
To create an organization or view details on an existing organization, such as number of users and lists
of organization administrators and accessible networks/VLANs, use the Tenant Management feature.
New cloud infrastructure for advanced network services are provisioned and dedicated on a per
Organization basis. This section provides instructions on how to define a new organization of Cloud
users.
Note
Cisco IAC supports an individual’s membership to a single organizational unit or membership (not
multiple).
Note that if directory authorization has been enabled for your Cloud environment, you may have to create
organizations from the directory rather than by using this Prime Service Catalog service. Directory
integration can be configured so that organizations must be created, defined, and managed from the
directory. In this case, any changes you make to an organization or user will be overridden by the
definitions set in the directory.
Note
To add an Organization Technical Administrator to the new organization, see Adding or Removing an
Organization Technical Administrator, page 4-9.
Step 1
Choose Service Portal from the module drop-down list.
Step 2
Select Management from the Cisco IAC menu bar, then select Tenant Management.
Step 3
On the Tenants and Organizations page, use the tabs and other controls, such as the Quotas tab as needed
to view information on your organizations.
Step 4
To create a new organization, click Create Organization.
Cisco Intelligent Automation for Cloud Administrator Guide
4-2
OL-29973-01
Chapter 4
Managing Organizations and Users
Adding Cloud Provider Technical Administrators
Step 5
On the Create Organization form, enter a name for the organization. You can also enter an optional
description. (Organizations may not contain forward slashes.)
Step 6
Click Submit Order.
Creating the Cloud Provider Technical Administrator Organization
Step 1
Choose Service Portal from the module drop-down list to display the text menu bar.
Step 2
Click Setup to display the nested menu and click System Settings.
Step 3
On the System Settings page, click the Administrators tab to open the portlet.
Step 4
On the Administrators portlet, click:
– Modify Cloud Administration Organization
The Modify Cloud Administration Organization form displays.
Step 5
Step 6
On the Modify Cloud Administration Organization form:
•
Enter Cloud Administration Organization.
•
Enter a description of the organization (Optional).
•
Enter a Global Public IP Address Pool to modify.
Click Submit Order.
Adding Cloud Provider Technical Administrators
Adding Cloud Administrators in the Directory Service
This section applies only if you are using a directory service to import user and organization data. Before
you proceed, directory integration must be set up. For instructions on setting up directory integration,
see Chapter 3, “Setting Up Optional Directory Integration.”
After you set up directory integration, users are automatically imported when they log in, and their Cisco
IAC roles are automatically assigned based on the user groups to which they were added in the directory.
User roles are assigned when you define group role-mappings during directory integration setup (as
shown in “Adding the nsAPI User to the Cloud Administration Group” section on page 3-6 in Chapter 3,
“Setting Up Optional Directory Integration”). You assign the Cloud Administrator role to a user from
the directory, rather than from within Cisco IAC, by adding the user to the Cloud Administrator user
group in the directory.
Adding a Cloud Administrator From a New User
If you are using a directory service to import the Cloud Administrator, see the information in the
following section, Adding Cloud Administrators in the Directory Service (If Applicable), page 1-5.
Cisco Intelligent Automation for Cloud Administrator Guide
OL-29973-01
4-3
Chapter 4
Managing Organizations and Users
Removing an Organization
Step 1
Choose Service Portal from the module drop-down list to display the text menu bar.
Step 2
Click Setup to display the nested menu, then click System Settings.
Step 3
On the System Settings page, click the Administrators tab.
Step 4
On the Administrators page, click:
– Add Cloud Administrator
Step 5
On the Add Cloud Administrator form, choose Create New User from the Action drop-down list.
The fields for creating a new user as a Cloud Administrator display.
Step 6
Provide the following:
•
Enter the first and last name of the new Cloud Administrator.
•
Enter a unique login identifier for the Cloud Administrator.
•
Enter the new Cloud Administrator’s e-mail address.
•
From the drop-down list, choose the time zone associated with the new Cloud Administrator's
primary address.
•
Enter then re-enter the password for the new Cloud Administrator.
Step 7
Click Submit Order.
Step 8
To create additional Cloud Administrators, repeat Step 5 through Step 8.
Adding a Cloud Administrator From an Existing User
Step 1
Choose Service Portal from the module drop-down list to display the text menu bar.
Step 2
Click Setup to display the nested menu, then click System Settings.
Step 3
On the System Settings page, click the Administrators tab.
Step 4
On the Administrators page, click:
– Add Cloud Administrator
Step 5
On the Add Cloud Administrator form, choose Select Existing User from the Action drop-down list.
Step 6
Select a user.
Step 7
Click Submit Order.
Removing an Organization
Tip
Step 1
You can only remove an organization if the unit currently has no provisioned servers or virtual data
centers. To decommission servers or virtual data centers, see the Cisco Intelligent Automation for Cloud
4.0 User Guide.
Choose Organization Designer from the module drop-down list.
Cisco Intelligent Automation for Cloud Administrator Guide
4-4
OL-29973-01
Chapter 4
Managing Organizations and Users
Creating and Managing Users
Step 2
Select the organization you would like to remove.
Step 3
Review the information to confirm that the selected organization is the one that you want to remove.
Step 4
Click Remove.
Creating and Managing Users
The sections that follow provide information and instructions for adding, modifying, and removing a
user from an organization.
Note
Cisco IAC supports an individual’s membership to a single organizational unit or membership (not
multiple).
Modifying User Properties
If directory authorization has been enabled for your Cloud environment, then you may have to create
users and assign, change, or remove roles from the directory rather than by using the Prime Service
Catalog services outlined in this section. Directory integration can be configured so that users must be
managed from the directory. In this case, any changes you make to an user using Prime Service Catalog
will be overwritten by the definitions set in the directory.
Note
You can also optionally add or modify calendar and additional contact information from the
Organization Designer module. For information, see Figure 4-1 on page 4-6.
Step 1
Select Service Portal from the module menu.
Step 2
Select Management > Tenant Management.
Step 3
Select the User tab.
Step 4
On the left select Tenant/Org.
Step 5
From the list on the right, click gear next to the user you want to edit.
Step 6
From the popup, select Modify User Properties.
The user’s current information appear.
•
Optional. Update the email.
•
Mandatory select user role.
Note
Step 7
A TTA administrator is able to demote a TTA/TBA user and change his role to OTA, VSO, or
VPSO. In that case, you are prompted to select an organization under this tenant.
Click Submit Order.
Cisco Intelligent Automation for Cloud Administrator Guide
OL-29973-01
4-5
Chapter 4
Managing Organizations and Users
Creating and Managing Users
Adding or Modifying User Details
In the Organization Designer module, you can add, update, or delete optional details about a user, such
as additional contact and calendar information. Although such details are optional in Prime Service
Catalog, they may be useful or required by the user’s organization. If you modify a user’s name or e-mail
address, the change appears globally in Prime Service Catalog.
Note
See first Note under Modifying User Properties.
You can also modify a user’s name and e-mail address from the User Management portal. You can also
use the form to assign the user a Server Owner role. The changes appear globally. If external
authentication is enabled for your environment, you must modify user details from the directory.
Step 1
Choose Organization Designer from the module drop-down list and click the People tab.
Step 2
On the Organization Designer Home page, use one of the following methods to locate the user:
Step 3
•
Use the People search field. Click the user’s name in the search results to open the user’s details.
•
Browse the list in the People pane to locate the user, then click the user’s name to open the user’s
details. If the user is inactive, ensure that the Show Active Only check box is unchecked.
Use the menu on the right to make any or all of the updates:
•
General—First and last name, time zone, and login information
•
Address—Company and personal mailing addresses
•
Contact—Business and personal e-mail addresses, phone numbers, and fax numbers
•
Extensions—Information about the user within the business structure, such as cost center number,
employee type, and management level. Includes customizable fields.
•
Calendar—Schedule of the user’s typical hours of availability and non-working days, and special
dates.
Changing a User’s Status to Active or Inactive
When users are created in Prime Service Catalog or imported to Prime Service Catalog from a directory
service, their user status is automatically “Active.” They can log in, view server details, order servers,
and use other services, depending on their roles.
Note
See first Note under Modifying User Properties.
A user whose status is “Inactive” in Prime Service Catalog can log in but cannot use the services or see
server details. There are two circumstances under which a user becomes inactive:
•
A Cloud Provider Technical Administrator has manually changed the user’s status to inactive in
Organization Designer. Thus, the user has an assigned role but is Inactive. In this case, if the user’s
status changed back to Active, the user’s previous role and organization assignment are restored.
Cisco Intelligent Automation for Cloud Administrator Guide
4-6
OL-29973-01
Chapter 4
Managing Organizations and Users
Creating and Managing Users
•
The user’s status was automatically changed to inactive when a Cloud Provider Technical
Administrator removed the user’s assigned role. Thus, the user has no assigned role and is Inactive.
In this case, to change the user’s status back to Active, the Cloud Provider Technical Administrator
must assign a role to the user after re-activating.
To change a user’s status to Active or Inactive, perform the following steps.
Step 1
Choose Organization Designer from the module drop-down list and click the People tab.
Step 2
On the Organization Designer Home page, use one of the following methods to locate the user:
•
Use the People search field. Click the user’s name in the search results to open the user’s details.
•
Browse the list in the People pane to locate the user, then click the user’s name to open the user’s
details. If the user is inactive, ensure that the Show Active Only check box is unchecked.
Note
The names of users with inactive status appear in the People list in italics with
strike-through.
Step 3
In the General pane, choose Active or Inactive from the Status drop-down menu.
Step 4
Click Update.
If you have changed a user’s status back to active and the user currently has no role, you must assign a
role so that the user can log in and use Cisco IAC.
Step 1
On the user’s details page, click Roles in the menu on the right.
Step 2
In the Roles pane, click Add to expand the Roles list.
Step 3
In the Roles list, locate the role that you want to assign to the user, check the check box, then click Add.
Adding an Existing User as a Cloud Provider Technical Administrator
When you assign the Cloud Provider Technical Administrator role, the user’s organization unit
automatically changes to the Cloud Provider Technical Administrator organization, and the user’s
current organization is removed.
For example, a user belongs to an organization called “HR.” If the user is added as a Cloud Provider
Technical Administrator, the user’s organization becomes the Cloud Provider Technical Administrator
organization, and the user’s membership in the HR organization is removed.
Note
Step 1
For information on the Cloud Provider Technical Administrator role, see Cloud Provider Technical
Administrator, page 1-3.
Choose Service Portal from the module drop-down list, then click the System Setup tab to open the
portal.
The Cloud Administrators portlet is displayed by default.
Step 2
On the Cloud Administrators portlet, click Add Cloud Administrator to open the form.
Cisco Intelligent Automation for Cloud Administrator Guide
OL-29973-01
4-7
Chapter 4
Managing Organizations and Users
Creating and Managing Users
Note
Step 3
If the information shown in Figure 4-2 on page 4-12 appears on the form, then directory
integration is enabled for your environment. In this case, see Managing Organizations and Users
With Directory Integration, page 4-11 before proceeding.
On the Add Cloud Administrator form, choose Select Existing User from the Action drop-down list.
An alert appears advising you that the user’s organization will change to that of the Cloud Technical
Provider Administrator organization. If you are sure you want to proceed, click OK.
Step 4
In the Select User field, click Select to open the Select Person dialog box.
Step 5
Enter the First Name or Last Name of the user, or enter a wildcard *, and click Search to find the user.
Step 6
In the Search Results area, click the radio button next to the name of the user, then click OK.
Step 7
Click Submit Order.
Creating a New User to Add as a Cloud Provider Technical Administrator
Create a new user to add a Cloud Provider Technical Administrator.
Note
Step 1
For information on the Cloud Provider Technical Administrator role, see Cloud Provider Technical
Administrator, page 1-3.
Choose Service Portal from the module drop-down list, then click the System Setup tab to open the
portal.
The Cloud Administrators portlet displays.
Step 2
On the Cloud Administrators portlet, click Add Cloud Administrator to open the form.
Step 3
On the Add Cloud Administrator form, choose Create New User from the Action drop-down list.
Step 4
Provide the following information:
Step 5
•
Enter the first and last name of the new Cloud Provider Technical Administrator.
•
Enter a unique login identifier for the Cloud Provider Technical Administrator.
•
Enter the new Cloud Provider Technical Administrator’s e-mail address.
•
From the drop-down list, choose the time zone associated with the new Cloud Provider Technical
Administrator's primary address.
•
Enter and then re-enter the password for the new Cloud Provider Technical Administrator.
Click Submit Order.
Cisco Intelligent Automation for Cloud Administrator Guide
4-8
OL-29973-01
Chapter 4
Managing Organizations and Users
Creating and Managing Users
Removing a Cloud Provider Technical Administrator
This section describes how to remove the Cloud Provider Technical Administrator (CPTA) role from a
user without deleting the user. When a user’s role is removed, the user’s account status is automatically
changed to Inactive, and the user becomes “role-less”. Inactive users can log in to Prime Service Catalog
but cannot use any of its services. If you assign the user another role, you must change the user’s status
back to Active. See Changing a User’s Status to Active or Inactive, page 4-6.
Note
Step 1
For information on the Cloud Provider Technical Administrator role, see Cloud Provider Technical
Administrator, page 1-3.
Choose Service Portal from the module drop-down list, then click the System Setup tab to open the
portal.
•
Step 2
The Cloud Administrators portlet displays.
On the Cloud Administrators portlet, click Remove Cloud Administrator to open the form.
Note
If the information shown in Figure 4-2 appears on the form, then directory integration is enabled
for your environment. In this case, see Managing Organizations and Users With Directory
Integration, page 4-11 before proceeding.
Step 3
On the Remove Cloud Administrator form, click Select to open the Select Person dialog box.
Step 4
Enter the First Name or Last Name of the user, or enter a wildcard *, and click Search.
Step 5
In the Search Results area, click the radio button next to the name of the user, then click OK.
Properties for the user display on the form.
Step 6
Click Submit Order.
Adding or Removing an Organization Technical Administrator
This module explains how to change an existing user’s role to Organization Technical Administrator
(OTA) for an organization, or remove the user’s Organization Technical Administrator role without
deleting the user.
Note
If directory authorization has been enabled for your Cloud environment, then you may have to create
users and assign, change, or remove roles from the directory rather than by using the Prime Service
Catalog services outlined in this section. Directory integration can be configured so that users must be
managed from the directory. In this case, any changes you make to an user using Prime Service Catalog
will be overwritten by the definitions set in the directory.
Adding an Existing User as an Organization Technical Administrator
If directory authorization has been enabled for your Cloud environment, then you may have to create
users and assign, change, or remove roles from the directory rather than by using the Prime Service
Catalog services outlined in this section.
Cisco Intelligent Automation for Cloud Administrator Guide
OL-29973-01
4-9
Chapter 4
Managing Organizations and Users
Creating and Managing Users
Directory integration can be configured so that users must be managed from the directory. In this case,
any changes you make to an user using Prime Service Catalog will be overwritten by the definitions set
in the directory.
Step 1
Choose Service Portal from the module drop-down list, then click the Organization Management tab.
Step 2
On the Organization Management portal, click Add Organization Technical Administrator to open the
form.
Note
If the information shown in Figure 4-2 on page 4-12 appears on the form, then directory
integration is enabled for your environment. In this case, see Managing Organizations and Users
With Directory Integration, page 4-11 before proceeding.
Step 3
On the Add Organization Technical Administrator form, choose the organization to which you want to
assign the user from the drop-down list.
Step 4
In the User Properties area, click Select to open the Select Person dialog box.
Step 5
Enter the First Name or Last Name of the user, or enter a wildcard *, and click Search to find the user.
Step 6
In the Search Results area, click the radio button next to the name of the user you want to add as an
Organization Technical Administrator, then click OK.
Step 7
Click Submit Order.
Note
For information on the Organization Technical Administrator role, see Organization Technical
Administrator, page 1-5.
Creating a New User to Add as an Organization Technical Administrator
If directory authorization has been enabled for your Cloud environment, you may have to create users
and assign, change, or remove roles from the directory rather than by using the Prime Service Catalog
services outlined in this section. Directory integration can be configured so that users must be managed
from the directory. In this case, any changes you make to an user using Prime Service Catalog will be
overwritten by the definitions set in the directory.
Step 1
Choose Service Portal from the module drop-down list, then click the Organization Management tab
to open the portal.
Tip
You can also add OTA from User Management. To do so, select Tenant, then select org. VSO
and VPSO can also be added this way.
Step 2
On the Organization Management portal, click Add Organization Technical Administrator.
Step 3
On the Add Cloud Administrator form, choose Create New User from the Action drop-down list.
Step 4
Provide the following information:
•
Enter the first and last name of the new Organization Technical Administrator.
•
Enter a unique login identifier for the new Organization Technical Administrator.
Cisco Intelligent Automation for Cloud Administrator Guide
4-10
OL-29973-01
Chapter 4
Managing Organizations and Users
Managing Organizations and Users With Directory Integration
Step 5
•
Enter the new Organization Technical Administrator’s e-mail address.
•
From the drop-down list, choose the time zone associated with the new Organization Technical
Administrator's primary address.
•
Enter and then re-enter the password for the new Organization Technical Administrator.
Click Submit Order.
Removing an Organizational Technical Administrator
Remove the Organization Technical Administrator (OTA) from a user without deleting the user. When a
user’s role is removed, the user becomes “role-less” and Status is automatically changed to Inactive.
Inactive users can log in to Prime Service Catalog but cannot use any of its services. If you assign the
user another role, you must change the user’s status back to Active. See Changing a User’s Status to
Active or Inactive, page 4-6.
Step 1
Choose Service Portal from the module drop-down list, then click the Organization Management tab.
Step 2
On the Organization Management portal, click Remove Organization Technical Administrator to
open the form.
Note
If the information shown in Figure 4-2 on page 4-12 appears on the form, then directory
integration is enabled for your environment. In this case, see Managing Organizations and Users
With Directory Integration, page 4-11 before proceeding.
Step 3
On the Remove Organization Technical Administrator form, click Select to open the Select Person
dialog box.
Step 4
Enter the First Name or Last Name of the user, or enter a wildcard *, and click Search to find the user.
Step 5
In the Search Results area, click the radio button next to the name of the user you want to remove as an
Organization Technical Administrator, then click OK.
Properties for the user display on the form.
Step 6
Click Submit Order.
Managing Organizations and Users With Directory Integration
If directory service is enabled for your environment, you must add, modify, or remove users (Cloud
Provider Technical Administrators, Organization Technical Administrators, and Server Owners) from
the directory rather than using the Prime Service Catalog services described in this section. For
instructions, see the documentation that came with your directory software.
If you are unsure whether directory integration is enabled in your Cloud environment, the information
shown in Figure 4-2 will appear on the forms for adding, modifying, and removing users.
Cisco Intelligent Automation for Cloud Administrator Guide
OL-29973-01
4-11
Chapter 4
Managing Organizations and Users
Managing User Roles
Figure 4-2
Directory Authorization Notation
Managing User Roles
By assigning a role to a user, you are granting a pre-defined set of permissions and access levels,
depending on their purpose. For example, while a Server Owner manages individual servers within an
organization, a cloud provider technical administrator oversees cloud system operations that support
multiple organizations.
Adding or Removing a Server Owner
This section explains how to Assign a Virtual Server Owner or Virtual and Physical Server Owner role
to a new or existing user. If you are unsure whether directory integration is enabled in your Cloud
environment, the information shown in Figure 4-2 on page 4-12 will appear on the Add User form. In
that case, see the following section, Adding an Existing User as a Server Owner.
Note
If directory authorization has been enabled for your Cloud environment, then you may have to create
users and assign, change, or remove roles from the directory rather than by using the Prime Service
Catalog services outlined in this section. Directory integration can be configured so that users must be
managed from the directory. In this case, any changes you make to an user using Prime Service Catalog
will be overwritten by the definitions set in the directory.
Note
For more information about the Server Owner roles, see Virtual Server Owner, page 1-6 and Virtual and
Physical Server Owner, page 1-6.
Adding an Existing User as a Server Owner
For more information about the Server Owner roles, see Virtual Server Owner, page 1-6 and Virtual and
Physical Server Owner, page 1-6.
Step 1
Choose Service Portal from the module drop-down list, then click Management from the menu.
Step 2
Select Tenant Management.
Step 3
On the Tenant Management page, click the Users tab.
Step 4
Click Add User to open the form.
Cisco Intelligent Automation for Cloud Administrator Guide
4-12
OL-29973-01
Chapter 4
Managing Organizations and Users
Managing User Roles
Figure 4-3
Note
User Management Page
If the information shown in Figure 4-2 appears on the form, then directory integration is enabled
for your environment. In this case, see Managing Organizations and Users With Directory
Integration, page 4-11, before proceeding.
Step 5
On the Add User form, choose the organization to which you want to add the user from the Organization
drop-down list.
Step 6
Choose Select Existing User from the Action drop-down list to display the Select User field.
Note
If the user belongs to a different home organization than the organization you chose in Step 3,
an alert will appear advising you that if you proceed, the user’s home organization will change
to the organization you have selected. If this is acceptable, click OK.
Step 7
Click Select to open the Select Person dialog box.
Step 8
In the Select User field, click Select to open the Select Person dialog box.
Step 9
Enter the First Name or Last Name of the user, or enter a wildcard *, and click Search.
Step 10
In the Search Results area, click the radio button next to the name of the user, then click OK. Properties
for the user display on the form.
Step 11
Click Submit Order.
Creating a New User to Add as a Server Owner
For more information about the Server Owner roles, see Virtual Server Owner, page 1-6 and Virtual and
Physical Server Owner, page 1-6.
Step 1
Choose Service Portal from the module drop-down list, then click the User Management tab to open
the portal page.
Step 2
On the User Manager portal page, click Add User to open the form.
Step 3
On the Add User form, choose the organization to which you want to add the user from the Organization
drop-down list.
Step 4
Choose Create New User from the Action drop-down list.
•
Enter the first and last name of the new user.
•
Enter a unique login identifier for the user.
•
Enter the user’s e-mail address.
Cisco Intelligent Automation for Cloud Administrator Guide
OL-29973-01
4-13
Chapter 4
Managing Organizations and Users
Managing User Roles
Step 5
•
From the drop-down list, choose the time zone associated with the user's primary address.
•
Enter and then re-enter the password for the user.
Click Submit Order.
Removing a Server Owner
Remove the Virtual or Virtual and Physical Server Owner role from a user, without deleting the user.
When a user’s role is removed, the user’s account status is automatically changed to Inactive, and the
user becomes “role-less”. Inactive users can log in to Prime Service Catalog but cannot use any of its
services. If you assign the user another role, you must change the user’s status back to Active.
Step 1
Choose Service Portal from the module drop-down list, then click the User Management tab.
Step 2
On the User Management portal, click Remove User to open the form.
Step 3
On the Remove User form, click Select to open the Select Person dialog box.
Step 4
Enter the First Name or Last Name of the user, or enter a wildcard *, and click Search to find the user.
Step 5
In the Search Results area, click the radio button next to the name of the user you want to remove as a
Virtual or Virtual and Physical Server Owner, then click OK. Properties for the user display on the form.
Step 6
Click Submit Order.
Assigning a User to a Server Owner Role
For more information about the Server Owner roles, see Virtual Server Owner, page 1-6 and Virtual and
Physical Server Owner, page 1-6.
Note
See first Note under Modifying User Properties.
Step 1
Choose Service Portal from the module drop-down list and click the User Management tab.
Step 2
On the User Management portal, click Modify User Properties to open the form.
Step 3
On the Modify User Properties form, choose the user’s organization from the Organization drop-down
menu.
Step 4
In the Select User field, click Select to open the Select Person dialog box.
The user’s current home organization and role appear.
Step 5
Optional. Update the user’s e-mail address, first name, and last name.
Step 6
Optional. Click either the Virtual Server Owner or Virtual and Physical Server Owner radio button
to assign the user to a Server Owner role, or to change the user’s role from one Server Owner role to the
other.
Step 7
Click Submit.
Cisco Intelligent Automation for Cloud Administrator Guide
4-14
OL-29973-01
Chapter 4
Managing Organizations and Users
Managing User Roles
Reassigning a Server Owner to Another Server Owner Role
Change a user’s Virtual Server Owner role to the Virtual and Physical Server Owner role, or vice versa.
For more information about the Server Owner roles, see Virtual Server Owner, page 1-6 and Virtual and
Physical Server Owner, page 1-6.
Note
See first Note under Modifying User Properties.
Step 1
Choose Service Portal from the module drop-down list and click the User Management tab.
Step 2
On the User Management portal, click Modify User Properties to open the form.
Step 3
On the Modify User Properties form, choose the user’s organization from the Organization drop-down
menu.
Step 4
In the Select User field, click Select to open the Select Person dialog box.
The user’s current home organization and role appear.
Step 5
Optional. Update the user’s first name, last name, or e-mail address.
Step 6
For Assigned Role, change the user’s Server Owner role by clicking the Virtual Server Owner or
Virtual and Physical Server Owner radio button.
Step 7
Click Submit Order.
Reassigning an Organization Technical Administrator as a Server Owner
Change a user’s role within an organization from Organization Technical Administrator to Virtual Server
Owner or Virtual and Physical Server Owner. For more information about the Server Owner roles, see
Virtual Server Owner, page 1-6 and Virtual and Physical Server Owner, page 1-6.
Note
Step 1
See first Note under Modifying User Properties.
Follow the steps for removing an organization technical administrator, outlined in Removing an
Organizational Technical Administrator, page 4-11.
Note
When a user’s role is removed, the user becomes “roleless,” and is automatically given Inactive
status. You must change the user’s status back to Active.
Step 2
After submitting the order to remove the role, click General in the menu on the right.
Step 3
From the Status drop-down menu, choose Active.
Step 4
Click Update.
Step 5
Follow the steps for adding a server owner, outlined in Assigning a User to a Server Owner Role,
page 4-14.
Cisco Intelligent Automation for Cloud Administrator Guide
OL-29973-01
4-15
Chapter 4
Managing Organizations and Users
Changing the nsAPI User Account Username and Password
Reassigning a Server Owner as a Organization Technical Administrator
Change a user’s role within an organization from Virtual Server Owner or Virtual and Physical Server
Owner to Organization Technical Administrator. For more information about the Server Owner roles,
see Virtual Server Owner, page 1-6 and Virtual and Physical Server Owner, page 1-6.
Note
See first Note under Modifying User Properties.
Step 1
Follow the steps in Reassigning an Organization Technical Administrator as a Server Owner, page 4-15.
Step 2
Follow the steps in Removing an Organization, page 4-4.
Changing the nsAPI User Account Username and Password
During Prime Service Catalog setup, a local nsAPI user was created exclusively for use when
configuring Prime Service Catalog API. You can change the username, password, or both.
Changing the nsAPI User Credentials in Prime Service Catalog
For information on how the nsAPI User was created, see the Cisco Intelligent Automation for Cloud 4.0
Configuration Guide.
Step 1
Choose Organization Designer from the module drop-down list, then click the People tab.
Step 2
In the People pane on the left, enter nsapi in the search field, then click Search.
Step 3
Click the nsAPI username to display user information.
Step 4
Edit the values in either or both the username (Login) and password.
Step 5
Click Update.
Updating nsAPI agents
When you change the nsAPI username, password or both, you must also reset all NSAPI Agent
Properties using the “Set Agent Configuration” service.
Please refer to “Setting DB, HTTP, NSAPI Agents Configuration” section on page 2-4 for more
information.
Cisco Intelligent Automation for Cloud Administrator Guide
4-16
OL-29973-01
CH A P T E R
5
Provisioning and Managing Networks
Cisco IAC 4.0 allows you to add, remove, and modify networks. This module explains the processes
involved in managing your networks. You can define a network using VMware vCenter port groups as
well as auto-provision a network by creating new VMware vCenter port groups.
Network Types
Add an L2/L3 network for cloud system use, for a community VDC, or for a virtual data center. You can
add the following types of networks:
Infrastructure Networks
Infrastructure networks are used to deploy the management interfaces of the components which
make up your cloud. Generally this represents the management network for VMware ESX hosts.
Registration of at least one infrastructure network is required for automated provisioning of ESXi
hosts.
Community Networks
Community networks provide the same purpose as a user network, but are available to any cloud
user for deploying servers.
User Networks
Define a shared or controlled-access network within the cloud system for users in an organization
to deploy servers.
Cisco Intelligent Automation for Cloud Administrator Guide
OL-29973-01
5-1
Chapter 5
Provisioning and Managing Networks
Adding an Existing Network
Management Networks
A management network can optionally be assigned to a user network. A management network
within the cloud system may be used to manage cloud servers; for example, for remote access and
monitoring. When a management network is assigned to a user network and a server is deployed
with two network interfaces, the first network interface will be placed into the user network and the
second network interface will be placed into the assigned management network.
Adding an Existing Network
Step 1
Choose Service Portal from the module drop-down list to display the text menu bar.
Step 2
Click Setup to display the nested menu.
Step 3
Select System Settings.
Step 4
On System Settings, click the Networks tab.
Step 5
On the Networks portlet, click:
– Add a Network
Step 6
On the Add Network form, specify the following:
•
Enter a short network name that will be shown to users in the drop-down lists.
•
Enter the network for this subnet in CIDR notation. Enter only an IPv4 type of IP address. For
example, 192.168.1.x/24.
Note
The subnets from /23 to /29 are supported. In addition, this setting is only available if the
Network Type is User.
Specify the duplication policy for this network. Public networks are globally unique; private
networks must only be unique within associated network device contexts.
Step 7
Step 8
Choose the network type from the drop-down list.
•
For Community networks, choose User.
•
Select how IP addresses management is done in this network: Internally by Cisco IAC, or via an
external IP management tool.
Select the port profile corresponding to the IP range being created.
•
Select the UCS VLAN that corresponds to the IP range being created. The UCS VLAN should match
the VLAN for the port profile.
•
Display only. The subnet mask is generated from the prefix of the vCenter network you specified on
this form.
•
The “gateway” address is the floating “VIP” shared by the real members.
•
Use the default gateway network that is populated from the subnet address or enter a different
gateway network address (for example, 192.168.1.x).
Note
The pre-population of the gateway address is a convenience feature; if it does not suggest
the address that is right for your network, you should either correct or remove it. This IP
address will not be assigned to any server deployed by the system.
Cisco Intelligent Automation for Cloud Administrator Guide
5-2
OL-29973-01
Chapter 5
Provisioning and Managing Networks
Removing a Network
Step 9
FHRP is a term used to describe the various First Hop Redundancy Protocols. This includes HSRP
(common at Cisco) and VRRP (common outside of Cisco). The FHRP 1 and 2 address are the “real” IP
addresses of the routers participating in the redundancy protocol.
•
Enter the FHRP (First Hop Redundancy Protocol) gateway 1 and 2 network IP addresses, or keep
the default values.
Note
•
The pre-population of the FHRP addresses are a convenience feature; if they do not suggest
the address that is right for your network, you should either correct or remove them. These
IP addresses will not be assigned to any server deployed by the system.
Use the default broadcast address that is populated from the subnet address or enter a different
broadcast network address. For example, 192.0.2.255. This IP address will not be assigned to any
server deployed by the system.
Enter one of the following:
– The valid primary DNS address for servers on this network
– A dummy primary DNS address.
•
This IP address will not be assigned to any server deployed by the system. Enter one of these:
– The valid secondary DNS address for servers on this network.
– A dummy secondary DNS address.
Note
Step 10
Amazon reserves the first four (4) IP addresses and the last one (1) IP address of every subnet
for IP networking purposes. In Amazon networks, IP addresses should be marked as excluded
using the Network Management page.
Click Submit Order.
Removing a Network
You can remove a Layer 3 network, including its IP Pool, and disassociate it from port profiles. When
you remove a network, the process first disassociates the IP addresses from the selected network, and
then removes the network mapping of this network.
Step 1
Select Service Portal > System Setup > System Settings and then select the Networks tab.
Step 2
On the Networks portlet, click:
– Remove a Network
Step 3
On the Remove Network form, select the Network Name.
Step 4
Click Submit Order.
Cisco Intelligent Automation for Cloud Administrator Guide
OL-29973-01
5-3
Chapter 5
Provisioning and Managing Networks
Managing Network IP Capacity
Managing Network IP Capacity
To view a list of your networks and IP capacity information for each network:
Step 1
Choose Service Portal from the module drop-down list.
The text menu bar displays.
Step 2
Click Cloud Operations to display its nested menu.
Step 3
Select Network Management from the menu.
You will see a portal displaying your Networks and IP Address Assignments.
Viewing the List of a Specific Network
Sometimes you need to view only IP capacity information for a specific network rather than for all
available networks.
Step 1
Select the radio button next to the network for which you want to view information and click refresh.
The Network Capacity panel displays capacity information from other networks
Step 2
In order to see only IPs for the chosen network, click Apply filter.
Managing IP Address Exclusions
You will want to manage exclusions to facilitate brownfielding existing networks, which may have
existing hosts. These hosts will have prior IP address assignments that need to be accounted for; these
will need to be excluded from use. The Network Management page also allows the CPTA to manage
individual network utilization.
Step 1
Select Service Portal > System Setup > System Settings and then select the Networks tab.
Step 2
On the Networks portlet, click:
– Manage IP Address Exclusions
Step 3
The Manage IP Address Exclusions form displays.
Cisco Intelligent Automation for Cloud Administrator Guide
5-4
OL-29973-01
Chapter 5
Provisioning and Managing Networks
Adding a Public Subnet to a Network POD
Figure 5-1
Manage IP Address Exclusions Form
Step 4
Select the Network from the top table.
Step 5
Use the IP Address Assignments table to select the IP Address.
Step 6
Use the drop-down list to filter by:
Step 7
•
Assigned
•
Unassigned
•
Excluded
When you are done, click Save.
Adding a Public Subnet to a Network POD
You will want to add a Public Subnet to a Network POD to provide a collection of available, public IP
addresses to be used for assignment to singular servers as either Floating or Virtual IP Addresses. The
services are used by load-balancing and Network Address Translation (NAT) services. Individual IP
address assignment are created as either a Floating IP Address (for NAT) or a Virtual IP Address (for
load-balancing).
Step 1
Select Service Portal > Setup > System Settings and then select the Networks tab.
Step 2
On the Networks portlet, click:
– Add Public Subnet to a Network POD
Step 3
Step 4
On the Add a Public Subnet to a Network POD form, complete the required fields:
•
Subnet Address: The network address of the subnet
•
Subnet Bitmask: The bitmask (numeric) of the subnet you are adding. Do not include the slash.
•
Network POD Name: Assigned Subnets: The public subnets that have already been assigned.
•
Unassigned Subnets: The free public subnets remaining in the pool.
Click Submit Order.
Cisco Intelligent Automation for Cloud Administrator Guide
OL-29973-01
5-5
Chapter 5
Provisioning and Managing Networks
Adding a Network to a Community VDC
Adding a Network to a Community VDC
After a community VDC is provisioned, additional networks can be added. Since community VDCs are
a community virtual center, networks are added to the community VDC through the My Virtual Data
Centers portal page. The network to be added must already exist. Only community networks can be
added to the community VDC. To add a network to the community VDC:
Step 1
Choose Service Portal from the module drop-down list and click the My Virtual Data Centers tab.
Step 2
Select the community VDC in the list of virtual data centers that a network should be added to.
Step 3
Click the Add Network to VDC action.
Step 4
In the Network Name field, select the network to be added. Only community networks are shown.
Step 5
In the Management Network field, optionally select a management network to be associated with the
community network. The management network should be the same subnet size as the community
network.
Provisioning a New Network for a Virtual Data Center
After a virtual data center is created, Organization Technical Administrators (OTAs) can request
additional networks for the virtual data center. Once the request is submitted, the Cloud Provider
Technical Administrator (CPTA) may need to approve the request and assign a new network to the virtual
data center. The network to be added must already exist. If the Cloud Provider Technical Administrator
initiates the request, he or she can directly assign a new network to the virtual data center and the request
will not go for approval. To add a network to virtual data center:
Step 1
Choose Service Portal from the module drop-down list and click the My Virtual Data Centers tab.
Step 2
Click the Add Network to VDC action.
Step 3
Select the number of hosts per network needed for the network to be added. This is used by the Cloud
Provider Technical Administrator to determine which size network subnet to assign to the virtual data
center.
Step 4
Click Submit Order. The requisition will go to the Cloud Provider Technical Administrator for
approval.
.
Defining a Network Using Existing Port Groups
Viewing the List of All Networks
To view a list of your networks and IP capacity information for each network:
Step 1
Choose Service Portal from the module drop-down list.
The text menu bar displays.
Cisco Intelligent Automation for Cloud Administrator Guide
5-6
OL-29973-01
Chapter 5
Provisioning and Managing Networks
Defining a Network Using Existing Port Groups
Step 2
Click Operations to display its nested menu.
Step 3
Select Network Management from the menu.
You will see a portal displaying your Networks and IP Address Assignments.
Viewing the List For a Specific Network
Sometimes you need to view only IP capacity information for a specific network rather than for all
available networks.
Step 1
Select the radio button next to the network for which you want to view information and click refresh.
The Network Capacity panel displays capacity information from other networks
Step 2
In order to see only IPs for the chosen network, click Apply filter.
Obtaining Approvals for Adding a Network to a VDC
After an Add Network to VDC requisition is submitted by an Organization Technical Administrator, it
goes to the CPTA’s Cloud Service Approval Administrator queue for approval. The CPTA must assign a
network to the virtual data center and then approve the requisition.
Step 1
Choose Service Portal from the module drop-down list and click the My Approvals tab.
Step 2
Click on the Order # for the Add Network to VDC requisition that requires approval. This brings up the
requisition.
Step 3
In the Network Name field, select the network to be added.
Step 4
In the Management Network field, optionally select a management network to be associated with the
community network. The management network should be the same subnet size as the community
network.
Step 5
Click Update to update the requisition with the VDC resource assignment information.
Step 6
Click Approve for the request.
Deleting a Network from the Cloud System
The Remove Network from VDC process should completely delete a network from the cloud system in
a single step. VDC networks will be deprovisioned and all resources will be returned to their respective
pools. However, you may find it necessary under some circumstance to use the following procedure.
Note that before you permanently remove a network, you must first remove any IP address assignments
associated with the network.
Step 1
Choose Service Portal from the module drop-down list.
Step 2
Click Setup > System Settings.
Cisco Intelligent Automation for Cloud Administrator Guide
OL-29973-01
5-7
Chapter 5
Provisioning and Managing Networks
Defining a Network Using Existing Port Groups
Step 3
Click the Networks tab.
Step 4
On the Networks page, click Remove a Network.
Step 5
On the Remove Network form, choose the network from the drop-down list. If the network has IP
addresses associated with it, an alert will inform you, and you cannot proceed with the deletion.
Step 6
Click Submit Order.
Removing a Network from a Virtual Data Center
Step 1
In Prime Service Catalog, locate the virtual data center in the grid, then click the name.
Step 2
In the Manage Virtual Data Center collapsible panel, click on Remove Network from VDC.
Step 3
Select the network you want to remove from the Network Name drop-down list.
Step 4
Click Submit Order.
Auto-Provisioning a Network Using New Port Profiles
If there are no existing port profiles, or if users have a need for new port profiles, Cisco IAC 4.0 will
auto-provision the port profiles with of the creation of the networks—there is no need to run Add
Network as a separate service. Anytime you create you delete a network, Cisco IAC 4.0 auto-deletes any
newly-created port profiles created as part of the auto-provision (not any of the previously-created port
profiles).
Note
Auto-provisioning is new for Cisco IAC 4.0. Note that creating new networks is supported only with
Nexus 1000v.
A Note About Prerequisites
The following pools are required to be available in order to successfully auto-provision a network using
new port profiles:
•
Private IP Address Pool - This is set up during the Create Tenants process (onboarding tenants)
(see Onboarding a Tenant, page 3-1).
•
VLAN Pool - This is set up during the Create Network Pod process. Information on creating and
managing PODs can be found in the Cisco Intelligent Automation for Cloud 4.0 User Guide.
Cisco Intelligent Automation for Cloud Administrator Guide
5-8
OL-29973-01
CH A P T E R
6
Setting Up the Infrastructure
You set up your Cisco Intelligent Automation for Cloud 4.0 infrastructure by:
•
Connecting Cloud Platform Elements
•
Setting Provisioning Settings
•
Setting System-Wide Service Options
•
Remediating Platform Element Discovery Errors
•
Creating One or More PODs
•
Registering a Datastore
•
Setting Up a Community VDC
•
Adding a Server Owner
•
Assigning Mail Addresses for Queue Notifications
•
Adding Additional Networks
•
Inactivating Reserved Portlet Buttons from the Service Portal Toolbar
Connecting the Cloud Platform Elements
You must first define the connection information for the platform elements that will be used in Cisco
Intelligent Automation for Cloud 4.0. This section describes how to define the connections for the
following platform elements (all of which are associated with a Compute Point of Delivery, or POD):
•
Cisco Prime Network Services Controller (PNSC)
•
VMware vCenter Server
•
Cisco Unified Computing System (UCS) Manager
•
Cisco Server Provisioner
•
Cisco Unified Computing System Director (UCSD)
•
OpenStack Cloud Manager
•
Amazon EC2
Note
Amazon reserves the first four (4) IP addresses and the last one (1) IP address of every subnet
for IP networking purposes. In Amazon networks, IP addresses should be marked as excluded
using the Network Management page.
Cisco Intelligent Automation for Cloud Administrator Guide
OL-29973-01
6-1
Chapter 6
Setting Up the Infrastructure
Connecting the Cloud Platform Elements
As you define each platform element, the discovery process automatically begins and runs in the
background. If there is a discovery error for the platform element, you will receive an e-mail notification.
Note
Notifications of discovery errors will be set to the notifications e-mail address for the Cloud Service
Approval Administration queue. Instructions for assigning queue notifications appear in the previous
chapter. If you have not done so, return to Assigning Mail Addresses for Queue Notifications, page 6-12,
for instructions before you proceed with the tasks in this section.
Defining the Connection Information for VMware vCenter
Complete the following steps to define connection information for VMware vCenter.
Step 1
Launch Cisco IAC and log in as a Cloud Provider Technical Administrator.
Step 2
Choose Service Portal from the module drop-down list and click the Setup tab.
Step 3
On the System Setting portal, click the Connections tab to open the portlet.
Step 4
On the Connections portlet, click Connect Cloud Infrastructure to open the form.
Step 5
Specify the following connection information for the network services manager:
Step 6
•
Enter the IP address or the name of the server that hosts the Network Services Manager. For
example: test-esxvc-01.domain.local
•
Enter the TCP/IP port used to connect to the Network Services Manager. By default, port 8443 is
used.
•
Determine whether SSL certificate errors and choose the appropriate radio button.
•
Optional. Enter information that describes the Network Services Manager.
•
Enter the account name to use when connecting to the VMware vCenter Server.
•
Enter and re-enter the password assigned to the account used to connect to the VMware vCenter
Server.
Click Submit Order.
Note
Keep the Connections portlet open and proceed to Defining the VMware vCenter Server
Platform Element, next.
Defining the VMware vCenter Server Platform Element
Complete the following steps to define connection information for VMware vCenter.
Step 1
Open Cisco Cisco IAC and log in as a Cloud Provider Technical Administrator.
Step 2
Choose Service Portal from the module drop-down list and click the Setup tab.
Step 3
On the System Settings portal, click the Connections tab to open the portlet.
Step 4
On the Connections portlet, click Connect Cloud Infrastructure to open the form.
Cisco Intelligent Automation for Cloud Administrator Guide
6-2
OL-29973-01
Chapter 6
Setting Up the Infrastructure
Connecting the Cloud Platform Elements
Step 5
On the Connect Cloud Infrastructure form, choose VMware vCenter Server from the Platform Element
Type drop-down list.
Note
Step 6
Step 7
For Cisco IAC, vCenter object names cannot contain forward slashes. If your vCenter object
names contains forward slashes, please rename the files before you specify a vCenter path.
Specify the following connection information for the VMware vCenter Server:
•
Enter the IP address or the name of the server that hosts the VMware vCenter Server. For example:
test-esxvc-01.domain.local
•
Enter the TCP/IP port used to connect to the VMware vCenter Server. By default, port 443 is used.
•
Optional. Enter information that describes the VMware vCenter server.
•
Click the True or False radio button to indicate whether secure connection protocol is used to
connect to the server. True is selected by default.
•
Enter the account name to use when connecting to the VMware vCenter Server.
•
Enter and re-enter the password assigned to the account used to connect to the VMware vCenter
Server.
Click Submit Order.
Note
If you receive an e-mail notification that discovery of the VMware vCenter platform element
failed, proceed to the next sections to define the Cisco UCS Manager and Cisco Server
Provisioner platform elements. When you have completed these tasks, see Remediating Platform
Element Errors, page 6-8, for instructions on how to remediate the error.
Defining the Cisco UCS Manager Platform Element
You must be logged in as the Cloud Provider Technical Administrator to perform this task. Complete the
following steps to define the connection information for the Cisco UCS Manager that will be used in
Cisco Intelligent Automation for Cloud 4.0.
Step 1
Open Cisco Cisco IAC and log in as a Cloud Provider Technical Administrator.
Step 2
Choose Service Portal from the module drop-down list and click the Setup tab.
Step 3
On the System Settings portal, click the Connections tab to open the portlet.
Step 4
On the Connections portlet, click Connect Cloud Infrastructure to open the form.
Step 5
On the Connect Cloud Infrastructure form, choose Cisco UCS Manager from the Platform Element
Type drop-down list.
Step 6
Specify the following connection information for the Cisco UCS Manager server:
•
Enter the host name or IP address for the Cisco UCS Manager server.
•
For example: test-ucs-000.domain.local
•
Enter the TCP/IP port used to connect to the Cisco UCS Manager server.
•
By default, the following ports are used:
Cisco Intelligent Automation for Cloud Administrator Guide
OL-29973-01
6-3
Chapter 6
Setting Up the Infrastructure
Connecting the Cloud Platform Elements
Step 7
•
Port 443—SSL protocol
•
Port 80—HTTP connection
•
Optional. Enter information that describes the Cisco UCS Manager server.
•
Click the True or False radio button to indicate whether secure connection protocol is used to
connect to the server. True is selected by default.
•
Click the True or False radio button to indicate whether certificate error messages should be
ignored. True is selected by default.
•
Choose the time zone that is used on the Cisco UCS Manager server from the drop-down list.
•
Enter the account name to use when connecting to the Cisco UCS Manager server.
•
Enter the password assigned to the account used to connect to the Cisco UCS Manager server.
•
Re-enter the password to confirm it.
Click Submit Order.
Note
If you receive an e-mail notification that discovery of the Cisco UCS Manager platform element
failed, proceed to the next section to define the Cisco Server Provisioner platform element, then
see Remediating Platform Element Errors, page 6-8, for instructions on how to remediate the
error.
Defining the Cisco Server Provisioner Platform Element
You must be logged in as the Cloud Provider Technical Administrator to perform this task. Complete the
following steps to define the connection information for the Cisco Server Provisioner.
Step 1
Open Cisco Cisco IAC and log in as a Cloud Provider Technical Administrator.
Step 2
Choose Service Portal from the module drop-down list and click the Setup tab.
Step 3
On the System Settings portal, click the Connections tab to open the portlet.
Step 4
On the Connections portlet, click Connect Cloud Infrastructure to open the form.
Step 5
On the Connect Cloud Infrastructure form, choose Cisco Server Provisioner from the Platform Element
Type drop-down list.
Step 6
Specify the following connection information for the Cisco Server Provisioner server:
Field
Action
Host Name
Enter the host name or IP address for the Cisco Server Provisioner server.
For example: test-sp-01.domain.local
Port
Enter the TCP/IP port used to connect to the Cisco Server Provisioner server.
By default, Port 80 is used for HTTP connection.
Description
Optional. Enter information that describes the Cisco Server Provisioner server.
Username
Read-only. Defaults to the console root username of the Cisco Server Provisioner.
Cisco Intelligent Automation for Cloud Administrator Guide
6-4
OL-29973-01
Chapter 6
Setting Up the Infrastructure
Setting Provisioning Settings
Step 7
Field
Action
Enter password
Read-only. Defaults to the console root password of the Cisco Server Provisioner.
Re-enter
password
Re-enter the password to confirm it.
Click Submit Order.
Note
If you receive an e-mail notification that discovery of the Cisco Server Provisioner platform
element failed, see Remediating Platform Element Errors, page 6-8, for instructions on how to
remediate the error.
Setting Provisioning Settings
Specify the settings for bare metal and virtual machine provisioning, then verify that the bare metal and
virtual machine provisioning settings are configured correctly.
Step 1
Choose Service Portal from the module drop-down list and click the Setup.
Step 2
On the System Settings portal, click the System Settings tab.
Step 3
On the System Settings portlet, click Set Provisioning Settings.
Step 4
On the Server Provisioning Settings form, specify the following:
Step 5
•
Set the default the time zone for Cisco Server Provisioner.
•
Enter the period of time allowed, specified in minutes, before a virtual machine deployment
operation is determined as failed.
•
Enter the amount of time, in whole hours, to suppress duplicate alerts related to cloud automation.
•
The amount of time, in whole hours, between consecutive periodical executions of the CloudSync
infrastructure discovery service.
•
The period of time allowed, specified in minutes, before a CloudSync Discovery operation is
determined as failed.
•
The amount of time, in minutes, between consecutive periodical executions of platform element
connection validation services.
•
Enter the name of the Windows domain for commissioned Windows servers to join.
•
Enter the username and password for the Windows domain user to join the Windows VM to the
Windows domain.
•
Linux only. Choose the default time zone for the Linux server from the drop-down list. For valid time
zone values, see the VMware documentation on VMware.com.
•
Windows only. Choose the default time zone for the Windows server from the drop-down list. For
valid time zone values, see the VMware documentation on VMware.com.
Click Submit Order to submit the form and display the Order Confirmation page for the service that
you ordered. Do not close the order confirmation.
Cisco Intelligent Automation for Cloud Administrator Guide
OL-29973-01
6-5
Chapter 6
Setting Up the Infrastructure
Setting System-Wide Service Options
Step 6
In the Requisition Details pane on the Order Confirmation page, click the requisition number to open the
requisition summary page.
Step 7
Click Comments & History in the menu on the right side of the window.
Step 8
Close the Comments and History window.
Setting System-Wide Service Options
Use the Set System-Wide Service Options service to control what ordering options are available to users
in Cisco Intelligent Automation for Cloud by globally enabling or disabling the following Cisco IAC
services:
•
Order a VM from template
•
Order a VM and install an operating system
•
Order a physical server
•
Create a virtual datacenter
•
ESXi provisioning
•
Community VDCs
These settings affect all clients across all tenants and cannot be configured at tenant-level.
Before enabling each of the service options, make sure the following prerequisite configuration steps are
performed:
Table 6-1
Prerequisite Configuration Steps
Step
Create a virtual
datacenter
Requirement
•
vCenter platform element is
registered
•
POD is created
•
vCenter platform element is
registered
•
POD is created
Order VM from
Template
•
VM templates created and discovered
•
Virtual Data Center or Community
VDC is created
Order a VM and
install an
operating system
•
VLAN for Cisco Server Provisioner
to use as its private PXE VLAN
defined in vCenter
•
Cisco Server Provisioner Operating
System Template is created
•
Virtual Data Center or Community
VDC is created
Community
VDCs
Configuration Steps
•
Register Datastores
•
Create networks
•
Register Datastores
•
Create networks
•
Register Virtual Machine templates
•
Register Cisco Server Provisioner
Platform Element
•
Create/Modify POD to contain the
Cisco Server Provisioner Platform
Element
•
Discover and Register Cisco Server
Provisioner operating system
templates
Cisco Intelligent Automation for Cloud Administrator Guide
6-6
OL-29973-01
Chapter 6
Setting Up the Infrastructure
Setting System-Wide Service Options
Table 6-1
Prerequisite Configuration Steps (continued)
Step
Order a physical
server
ESXi
provisioning
Requirement
Configuration Steps
•
VLAN for Cisco Server Provisioner
to use as its private PXE VLAN
defined in UCS Manager
•
At least one UCS service profile
template for physical server
provisioning is created
•
Cisco Server Provisioner Operating
System Template is created
•
Virtual Data Center or Community
VDC is created
•
VLAN for Cisco Server Provisioner
to use as its private PXE VLAN
defined in UCS Manager
•
At least one hypervisor UCS service
profile template for each vCenter
cluster is created
•
Cisco Server Provisioner Operating
System Template for ESXi is created
•
Place blades in the Physical Blade
Pool
•
Discover and register Cisco Server
Provisioner operating system
templates
•
Discover and register Cisco UCS
service profile templates
•
Infrastructure Network is created
•
Place blades in the Virtual Blade
Pool
•
Discover and register Cisco UCS
service profile templates
•
Discover and register Cisco Server
Provisioner operating system
templates
When a service is disabled, users (Organization Technical Administrators and Server Owners) are
prevented from ordering from the portal or portlet, and from submitting service forms from the My
Services module. Although users can see the portal or portlet of the disabled service, a “disabled”
message displays, and “Submit” buttons are hidden on the service forms.
Disabling an option only affects what clients can order from the catalog from the time the Set System
Wide Service Options service order is fulfilled. It does not affect current, active services that have
already been ordered.
Tip
You can re-enable a disabled service at any time.
Step 1
Select Service Portal > Setup > System Settings.
Step 2
Select the System Settings tab, then click Set System-wide Service Options to open the form.
Step 3
Disable a service by clicking the No radio button, or re-enable a disabled service by clicking the Yes
radio button.
Step 4
Optional. Edit the customer message.
Because this message appears globally for all disabled services, it is recommended that you keep the
description generic.
Step 5
Click Submit Order to send the order, close the form, and display the order confirmation.
Step 6
Close the order confirmation, and proceed to Remediating Platform Element Errors.
Cisco Intelligent Automation for Cloud Administrator Guide
OL-29973-01
6-7
Chapter 6
Setting Up the Infrastructure
Remediating Platform Element Errors
Remediating Platform Element Errors
If you ever receive an e-mail notification of a discovery error related to a platform element you defined,
follow the instructions in this section to remediate the error.
Step 1
Select Service Portal from the modules drop-down list.
Step 2
From the Operations menu, select Error Remediation.
Step 3
In the grid on the Error Remediation portal, locate the error and click “Expand” icon to view it.
Error details appear in the Take Action area below the grid.
Step 4
To see the available remediation actions, click the “gear” icon.
Step 5
Click one of the following, as appropriate.
•
Cancel—(Always available) Halt the service immediately and take no further action. No cleanup or
verification of the integrity of data is performed.
•
Restart—Performs a Cancel followed by Restart. To do a rollback it requires a special rollback flag
set in the ERS instrumentation. In the case of Restart, the Rollback flag is set to true, so a Rollback
is getting executed on Restart. The flag is set to False by default.
•
Retry—Attempts to resume service fulfillment at the step that failed. A retry of the step is executed
from a start point set in the service orchestration.
•
Ignore—Attempts to resume service fulfillment, skipping the step that failed.
•
Rollback—Relinquishes all resources, all infrastructure and service item changes are reversed, and
restores the cloud to the state prior to the service fulfillment request.
Registering a Datastore
Datastores that are discovered automatically during Connect Cloud Infrastructure must be registered
before they can be used in the VDC community and organization virtual data centers. A single datastore
can be used by one or more Virtual Data Centers.
Step 1
Choose Service Portal from the module drop-down list and click Manage Cloud Infrastructure.
Step 2
Select Datastores in the VMware vCenter resources. Discovered datastores for the VMware vCenter
will be shown.
Step 3
Select a datastore with a status of Discovered that should be registered for use.
Step 4
Click Register. This starts the Register Datastore service.
Step 5
Enter a display name and description for the Datastore (optional).
Step 6
Click Submit Order and proceed to Setting Up a Community VDC.
Cisco Intelligent Automation for Cloud Administrator Guide
6-8
OL-29973-01
Chapter 6
Setting Up the Infrastructure
Setting Up a Community VDC
Setting Up a Community VDC
A community VDC (community virtual data center) can be used by server owners in any organization to
provision virtual and physical servers. A community VDC lives on a cluster in a POD and has datastores,
resource pools, and community networks resources associated with it. Multiple community VDCs can
be created by the Cloud Provider for server owners to provision servers in.
A virtual data center has an associated size that determines limits for the number of virtual servers,
physical servers, vCPUs, CPU MHz, storage, and memory.
Limits are enforced by comparing the sum of the number of provisioned virtual and physical servers and
the vCPUs, memory, and storage for a server size against the limits defined for the virtual data center
size. A VMware resource pool is created for each virtual data center. This allows further control of
resource utilization by defining CPU and memory limits, as well as CPU and memory reservations in the
VMware resource pool.
Step 1
Choose Service Portal from the module drop-down list.
Step 2
Select System Settings from the Setup tab.
Step 3
Click the Community VDCs tab to open the portlet.
Step 4
Click Create a Community VDC.
Step 5
On the Create a Community VDC form, specify the following:
Step 6
•
Enter a descriptive name for the community VDC. This name will be displayed when server owners
select the virtual data center.
•
Indicate whether this community VDC is connected to Internet or enterprise internal network. Select
Internet-Connected or Enterprise-Connected.
•
Select the Size of the Community Virtual Data Center. The size determines the maximum limits for
the number of virtual servers, maximum number of vCPUs, CPU MHz, memory, and storage.
•
A virtual data center can contain multiple networks. Select the number of networks for the virtual
data center. If more than one network is selected, additional Add Network sections will be shown
on the form.
•
POD is the Compute Point of Delivery where the virtual data center will be commissioned.
•
Select the virtual data center will be deployed on. A cluster can host multiple virtual data centers.
•
Select the datastore for the virtual data center VM storage. A single datastore can be associated with
multiple virtual data centers.
•
Enter the CPU reservation in MHz for the virtual data center resource pool. The default value is
based on the VDC Size selected. This corresponds directly to the VMware resource pool CPU
reservation.
•
Enter the memory reservation in GB for the virtual data center resource pool. The default value is
based on the VDC Size selected. This corresponds directly to the VMware resource pool memory
reservation.
•
Only community networks can be used in community VDC. Select the community network to be
used for the community virtual data center.
•
Optionally, a management network can be associated with a virtual data center. If desired, select a
management network for the virtual data center.
Click Submit Order.
Cisco Intelligent Automation for Cloud Administrator Guide
OL-29973-01
6-9
Chapter 6
Setting Up the Infrastructure
Creating an Organization
Creating an Organization
Organizations in the Cisco IAC solution typically correspond to organizations company organizational
structures such as Sales, Engineering, HR. Organizations must be created first before users can be added.
When an organization is created, an Approval Queue named 'Approvals for <org name>' is also created
to handle approvals for that organization.
Step 1
Select Service Portal from the module drop-down list.
Step 2
Select Management > Tenant Management.
Step 3
On the Tenants and Organizations page, click Create Organization to open the form.
Step 4
On the Create Organization form, specify the following:
Step 5
•
A descriptive name for the organization.
•
Optional. Any relevant information about the organization that a user with organization
management permissions would need to know.
Click Submit Order.
Creating a New User to Add as an Organization Technical
Administrator
If you are not using a directory service, complete the following steps to assign an existing user as an
Organization Technical Administrator for an organization. Organization Technical Administrator are
employees of the organization with some administrative access and control over their organization’s
environment. The Organization Technical Administrators manage an organization’s user accounts,
virtual data centers, and organization-specific service catalogs in Cisco IAC. They also add Server
Owners, or users, within the organization (see Adding a Server Owner, page 6-11).
Note
If the information shown in Figure 6-1 appears on the Add Organization Technical Administrator form,
we strongly recommended that you do not proceed with the Add Organization Technical Administrator
service. In this case, the external directory has already defined the user with an organization and role.
Any changes you make will be overridden by the definitions set in the directory.
Figure 6-1
Directory Authorization Notation
Step 1
Select Service Portal from the module drop-down list.
Step 2
Select Management > Tenant Management.
Cisco Intelligent Automation for Cloud Administrator Guide
6-10
OL-29973-01
Chapter 6
Setting Up the Infrastructure
Adding a Server Owner
Step 3
On the Tenants and Organizations page, choose the organization to which you want to add the new user
as an Organization Technical Administrator.
Step 4
Choose Create New User from the Action drop-down list.
Step 5
Provide the following:
Step 6
•
Enter the user’s first and last name.
•
Enter a unique login identifier for the user.
•
Enter the user’s primary e-mail address.
•
Choose the time zone of the user’s primary physical location.
•
Create, then re-enter a password for the user.
Click Submit Order.
Adding a Server Owner
Cisco IAC users consist of Server Owners, who are end users of an organization who order and provision
servers. There are two kinds of Server Owners:
•
Virtual and Physical Server Owner—Orders and provisions virtual machines and physical servers.
•
Virtual Server Owner—Orders and provisions virtual machines only.
Both users are created using the same form. To add users, complete the following steps:
Step 1
Choose Service Portal from the module drop-down list and click the User Management tab.
Step 2
On the User Management portal, click Add User.
Step 3
On the Add User form, choose the organization to which you want to add a new user as a Server Owner.
Step 4
Choose Create New User from the Action drop-down list. Provide the following:
•
Enter the first and last name of the new Server Owner, a unique login identifier for the new Server
Owner, and the new Server Owner’s e-mail address.
•
Click one of the following radio buttons to indicate the role to be assigned to the user:
– Virtual Server Owner—User can order virtual servers.
– Virtual and Physical Server Owner—User can order both virtual and physical servers.
Step 5
Step 6
•
From the drop-down list, choose the time zone of the new Server Owner’s primary address.
•
Enter, then re-enter the password for the new Server Owner.
In the Roles field, click one of the following radio buttons to indicate the role to be assigned to the user:
•
Virtual Server Owner—User can order virtual servers.
•
Virtual and Physical Server Owner—User can order both virtual and physical servers.
Click Submit Order.
Cisco Intelligent Automation for Cloud Administrator Guide
OL-29973-01
6-11
Chapter 6
Setting Up the Infrastructure
Assigning Mail Addresses for Queue Notifications
Assigning Mail Addresses for Queue Notifications
You must update the queue configuration settings with the e-mail addresses that will receive e-mail
notifications for changes in the service queues. A queue is a repository for administrative tasks that must
be performed, such as monitoring service delivery, lease instances, or failed service remediation. Tasks
are automatically added to the queue by the Cloud system. Users with permissions can see the queues,
assign tasks, and take action on the tasks in Service Manager. When an organization is created, Cisco
IAC creates the following approvals queue:
Approval for <Organization Name>
This queue will contain tasks that are waiting for approval by the Organization Technical Administrator.
Cloud Provider Technical Administrators and Organization Technical Administrators can monitor,
assign, or address tasks added to the queues. Those users with access to the queues can perform the tasks
added to the queues. When a task is added to a queue or is assigned or reassigned to a user, the designated
users receive e-mail notifications.
Note
For information about working with queues, see the Cisco Intelligent Automation for Cloud 4.0 User
Guide.
To prepare the queues for use, you must specify the e-mail addresses of the users who receive e-mail
notifications when a task is added to a queue. If you skip this task, no one will receive notifications of
changes to the queues. Use mailing lists (aliases), not specific user e-mail addresses. You must configure
e-mail addresses for each queue.
Step 1
Launch Cisco IAC and log in as an Cloud Provider Technical administrator.
Step 2
Choose Organization Designer from the module drop-down list, then click the Queues tab.
Step 3
In the Queues pane, click Approvals for <Organization Name>.
Step 4
From the menu on the right side of the window, click Contact to display the Contact pane.
Step 5
Click Add New button, select e-mail as the Type and enter the e-mail address in the value field.
Step 6
Click Update.
Cisco Intelligent Automation for Cloud Administrator Guide
6-12
OL-29973-01
CH A P T E R
7
Managing Standards
Service option standards are the options that appear in drop-down lists for users to choose when ordering
servers. Using the Standards service, you can control the available lease term options by adding or
modifying of these service option standards. You can add, modify, or delete the lease term, operating
system, server, VDC or community VDC size standards for ordering servers. The values you set will
appear as choices for users when ordering servers.
Viewing Standards Settings
View the default standard settings for lease term, operating systems, and server size to determine
whether you want to change the values.
Step 1
Choose Service Portal from the module drop-down list
Step 2
Click the Setup > System Settings.
Step 3
Click the Standards tab.
Step 4
Click Define Order Standards.
Step 5
Wait for the Standards form to load. Then, at the left of the panel, open the Service Options folder if it
is currently closed.
Step 6
Click Lease Terms and note the settings.
Warning
Step 7
Lease term settings are defined in seconds. If you add or modify a lease term standard, you will need
to know the number of seconds in the new lease duration. The table in Step 7 of Adding a New Lease
Term Standard, page 7-2, lists seconds in hour and day units to help you calculate the values.
Repeat Step 1 through Step 5 for OS Systems and Server Size.
Adding, Modifying, or Deleting a Lease Term Standard
Lease term standards define the lease duration options that users can choose from drop-down lists when
they order servers. A lease is a service option that sets a duration (for example, three months) on a server
from the time it is commissioned. During the lease period, the server is active and accessible to users.
When the lease term expires, the server is automatically decommissioned and placed into storage for a
Cisco Intelligent Automation for Cloud Administrator Guide
OL-29973-01
7-1
Chapter 7
Managing Standards
Adding, Modifying, or Deleting a Lease Term Standard
defined length of time. (When a server is decommissioned, it has not been deleted, but it is not accessible
to users.) When the storage period expires, the server is deleted and its data is lost. A Server Owner can
extend the lease on the server while it is active, or re-commission the server while it is in storage.
Instructions for extending a lease and commissioning a server are provided in the Cisco Intelligent
Automation for Cloud 4.0 User Guide.
Each lease term standard has four settings:
•
Term—The name of the option describing the duration of the lease. For example, 90 days. This value
appears in the drop-down list for users to choose, so it must be clear and descriptive.
•
Runtime Seconds—The duration of the lease, defined in seconds. The runtime value must always
match the defined term. For example, a 30 day lease has a runtime value is 2592000 seconds. This
value is hidden from users.
Note
The table in Step 7 of Adding a New Lease Term Standard, page 7-2, lists seconds in hour
and day units to help you determine values for lease terms.
•
Storage Seconds—The time period during which the server is stored after the lease expires. The
default setting is 864000 seconds, or 10 days. This value is hidden from users.
•
Warning1Seconds—The number of seconds before the lease expiration date when the first
expiration warning notification is sent to the server owner. The default setting is 604800 seconds, or
7 days after commission. This value is hidden from users.
•
Warning2Seconds—The number of seconds before the lease expiration date when the second
expiration warning notification is sent to the server owner. The default setting is 86400 seconds, or
1 day before expiration. This value is hidden from users.
Cisco IAC ships with five preconfigured lease term standards: 30 days, 90 days, 6 months (180 days), 1
year, and No Lease. You can accept, modify, or delete a default lease term standard, and you can add a
new standard.
Adding a New Lease Term Standard
Step 1
Choose Service Portal from the module drop-down list, then click the System Setup tab.
Step 2
On the System Setup portal, click the Standards tab to open the portlet.
Step 3
On the Standards portlet, click Define Order Standards.
Step 4
Click Lease Terms in the Service Options folder on the left.
Step 5
Click Add New. An empty row appears.
Step 6
In the Standard Data table, click inside the Term field in the new row and enter a label for a unit of time
(for example, 60 days). This entry will appear to users in the drop-down list on the order forms.
Note
Step 7
It is recommended that you avoid using months, because the numbers of days in months vary.
Because lease durations are defined in seconds, and the seconds values would not be consistent
from month to month. It is recommended that you use four-week units instead of months.
Click inside the Runtime Seconds field and enter the number of seconds in the Term duration you defined
in Step 5. Do not include commas in the value.
Cisco Intelligent Automation for Cloud Administrator Guide
7-2
OL-29973-01
Chapter 7
Managing Standards
Adding, Modifying, or Deleting a Lease Term Standard
The Runtime Seconds value must match the Term you have entered. For example, the runtime value for
a 60-day lease term is 5184000 seconds. Use the figures in the following table to calculate the Term
duration in seconds.
Duration
Runtime Value (Seconds)
12 hours
43200
1 day
86400
7 days
604800
28 days
2419200
180 days (about 6 months)
15552000
365 days (1 year)
31536000
Step 8
In the Storage Seconds field, enter the amount of time, in seconds, during which the decommissioned
server is held in storage. When this defined storage duration expires, the server will be deleted. The
suggested Storage Seconds value is 864000, or 10 days.
Step 9
In the Warning1Seconds field, enter the amount of time, in seconds, before the lease expiration date
when the first notification of expiration is automatically sent to the server owner. The suggested
Warning1Seconds value is 604800, or 7 days before lease expiration.
Step 10
In the Warning2Seconds field, enter the amount of time, in seconds, before the lease expiration date
when the second notification of expiration is automatically sent to the server owner. Depending on the
width of your screen, you may need to scroll to the right to see the Warning2Seconds field.The suggested
Warning2Seconds value is 86400, or 1 day before lease expiration.
Step 11
Click Save.
Modifying a Lease Term Standard
Note that the Term label and the Runtime Seconds value must match. Do not modify either without
modifying the other.
Step 1
Choose Service Portal from the module drop-down list, then click the System Setup tab.
Step 2
On the System Setup portal, click the Standards tab.
Step 3
On the Standards portlet, click Define Order Standards.
Step 4
Click Lease Terms in the Service Options folder on the left.
Step 5
In the Standard Data column, click inside the Term field in the appropriate row and change the label (for
example, 8 weeks). This entry will appear to users in the drop-down list on the order forms.
Note
Step 6
It is recommended that you avoid using months, because the numbers of days in months vary.
Because lease durations are defined in seconds, and the seconds values would not be consistent
from month to month. It is recommended that you use four-week units instead of months.
Use the figures in the table Step 7 of Adding a New Lease Term Standard, page 7-2, to calculate a
duration in seconds.
Cisco Intelligent Automation for Cloud Administrator Guide
OL-29973-01
7-3
Chapter 7
Managing Standards
Adding, Modifying, or Deleting an Operating System Standard
Note
Step 7
For Storage Seconds, Warning1Seconds, and Warning2Seconds, you can change the values, or accept
the default values:
•
Storage Seconds—864000 (10 days)
•
Warning1Seconds—604800 (7 days)
•
Warning2Seconds—86400 (1 day)
Note
Step 8
The runtime must match the number of seconds in the Term you have entered. Do not include
commas in the value.
Depending on the width of your screen, you may need to scroll to the right to see the
Warning2Seconds field.
Click Save.
Deleting a Lease Term Standard
Do not delete or modify the No Lease standard unless you want to enforce leases on servers. If you delete
the No Lease standard, users will not be able order servers without leases.
Step 1
Choose Service Portal from the module drop-down list, then click the System Setup tab.
Step 2
On the System Setup portal, click the Standards tab to open the portlet.
Step 3
On the Standards portlet, click Define Order Standards.
Step 4
Click Lease Terms in the Service Options folder on the left.
Step 5
In the Standard Data column, click inside the Term field for the standard that you want to delete.
Step 6
Click Delete, then confirm the deletion.
Step 7
Click Save.
Adding, Modifying, or Deleting an Operating System Standard
Cisco IAC ships with five pre-defined O/S standards that users can choose when commissioning virtual
machines with operating systems installed and administrators use to register VM templates:
•
Linux—CentOS 5/6 64-bit
•
Linux—Red Hat Enterprise Linux 6 64-bit
•
Windows—Windows Server 2008 R2 64-bit
•
VMware ESXi—ESXi 4.1
•
VMware ESXi—ESXi 5.0
Cisco Intelligent Automation for Cloud Administrator Guide
7-4
OL-29973-01
Chapter 7
Managing Standards
Adding, Modifying, or Deleting an Operating System Standard
Adding an Operating System Standard
Step 1
Choose Service Portal from the module drop-down list, then click the System Setup tab.
Step 2
On the System Setup portal, click the Standards tab.
Step 3
On the Standards portlet, click Define Order Standards.
Step 4
Click OS Systems in the Service Options folder on the left.
Step 5
Click Add New. An empty row appears.
Step 6
•
In the Standard Data column, click inside the OS Type field in the new row and enter the OS Type
(Windows, Linux, or VMware ESXi). This entry will appear to users in drop-down lists on the order
forms.
•
In the OS System field, enter the name of the operating system and the version number.
Click Save.
Modifying an Operating System Standard
Step 1
Choose Service Portal from the module drop-down list, then click the System Setup tab.
Step 2
On the System Setup portal, click the Standards tab.
Step 3
On the Standards portlet, click Define Order Standards.
Step 4
Click OS Systems in the Service Options folder on the left.
Step 5
In the Standard Data column, click inside the OS System field in the new row and edit the value.
Step 6
Click Save.
Deleting an Operating System Standard
Step 1
Choose Service Portal from the module drop-down list, then click the System Setup tab.
Step 2
On the System Setup portal, click the Standards tab.
Step 3
On the Standards portlet, click Define Order Standards.
Step 4
Click OS Systems in the Service Options folder on the left.
Step 5
In the Standard Data column, click inside the OS System field for the standard that you want to delete.
Step 6
Click Delete, then confirm the deletion.
Step 7
Click Save.
Cisco Intelligent Automation for Cloud Administrator Guide
OL-29973-01
7-5
Chapter 7
Managing Standards
Adding, Modifying, or Deleting a Server Size Standard
Adding, Modifying, or Deleting a Server Size Standard
Cisco IAC ships with four pre-defined server size standards that users can choose when commissioning
servers: Small, Medium, Large, and Extra Large. Each standard defines the CPU, Memory GB, and
Storage GB, as shown in Table 7-1.
Table 7-1
Default Server Sizes
Server Size
CPUs
Memory (GB)
Storage (GB)
Extra Small
1
1
30
Small
2
2
30
Medium
2
4
40
Large
4
6
40
Extra Large
8
8
60
You can accept, modify, or delete a server size standard, and you can add a new standard.
Note
For “Order VM and Install OS,” the minimum disk size must be 30GB. This is a Cisco Server Provisioner
restriction.
Adding a Server Size Standard
Step 1
Choose Service Portal from the module drop-down list, then click the System Setup tab.
Step 2
On the System Setup portal, click the Standards tab.
Step 3
On the Standards portlet, click Define Order Standards.
Step 4
Click Server Size in the Service Options folder on the left.
Step 5
Click Add New. An empty row appears.
Step 6
In the Standard Data column, click inside the Server Size field in the new row and enter the a label for
the new size (for example, Extra Small). This entry will appear to users in drop-down lists on the order
forms.
Step 7
Enter the values for CPUs, Memory GB, and Storage GB in the appropriate fields.
Note
Step 8
Depending on the width of your screen, you may need to scroll to the right to see the Storage GB
field.
Click Save.
Cisco Intelligent Automation for Cloud Administrator Guide
7-6
OL-29973-01
Chapter 7
Managing Standards
Adding, Modifying, or Deleting a VDC Size Standard
Modifying a Server Size Standard
Step 1
Choose Service Portal from the module drop-down list, then click the System Setup tab.
Step 2
On the System Setup portal, click the Standards tab.
Step 3
On the Standards portlet, click Define Order Standards.
Step 4
Click Server Size in the Service Options folder on the left.
Step 5
In the Standard Data table, click in any of the fields to set new values.
Step 6
Click Save.
Deleting a Server Size Standard
Step 1
Choose Service Portal from the module drop-down list, then click the System Setup tab.
Step 2
On the System Setup portal, click the Standards tab.
Step 3
On the Standards portlet, click Define Order Standards.
Step 4
Click Server Size in the Service Options folder on the left.
Step 5
In the Standard Data column, click inside the Server Size field for the standard that you want to delete.
Step 6
Click Delete, then confirm the deletion.
Step 7
Click Save.
Adding, Modifying, or Deleting a VDC Size Standard
Cisco IAC ships with six predefined VDC standards that OTAs can choose when commissioning VDCs:
•
Small, Medium, and Large standards define the sizes for VDCs.
•
Small Shared, Medium Shared, and Large Shared standards define the sizes for community VDCs.
Each standard defines the following settings:
Setting
Description
Maximum number of virtual The maximum number of virtual servers allowed in this VDC. After
servers limit
this limit has been reached, additional virtual servers cannot be
created in the VDC.
Maximum number of vCPU The maximum number of vCPUs allowed in this VDC. After this
limit
limit has been reached, additional virtual servers cannot be created
in the VDC
Maximum memory (GB)
limit
The maximum amount of memory in GB allowed in this VDC.
Enforcement of this limit is based on the memory specification in
the Server standards. The memory limit is also used for creating the
VMware resource pool.
Cisco Intelligent Automation for Cloud Administrator Guide
OL-29973-01
7-7
Chapter 7
Managing Standards
Adding, Modifying, or Deleting a VDC Size Standard
Setting
Description
Maximum total storage
(GB) limit
The maximum amount of memory in GB allowed in this VDC.
Enforcement of this limit is based on the storage specification in the
Server standards. It does not account for thin provisioning or space
used by snapshots.
Maximum number of
servers limit
Maximum number of servers allowed in this VDC; after this limit
has been reached, additional servers cannot be created in the VDC.
CPU Limit (MHz)
The maximum amount of CPU in MHz virtual servers in this VDC
is allowed to use. This number is determined by the CPU compute
capacity available in the cluster. This enforced through the VMware
resource pool CPU Limit. -1 specifies unlimited.
Resource Pool CPU
Reservation (MHz)
The amount of CPU in MHz to reserve for this VDC. The
reservation is handled by the VMware resource pool CPU
Reservation. The default is 0.
Resource Pool Memory
Reservation (GB)
The amount of memory in GB to reserve for this VDC. The
reservation is handled by the VMware resource pool Memory
Reservation. The default is 0.
Number of Snapshots
Default value for maximum number of snapshots allowed per VDC.
After this limit has been reached for a virtual server, no additional
snapshots can be taken for that server.
Community VDC (Yes - No Specifies whether this standard applies to a community VDC. This
boolean)
should be set to Yes, if this standard is for a community VDC and
No, if this standard is for an organization VDC. This setting is
case-sensitive.
Size Order
Specifies the order of the sizes relative to each other. An Integer is
used to define this. For example, Small is 1, Medium is 2, Large is 3.
The following table summarizes the maximum values for the virtual servers. You can accept, modify, or
delete a server size standard, or you can add a new standard. To add a new standard, use the VDC Size
Calculator determine the proper VDC sizing. For more information about the VDC Calculator, see
Planning VDC Package Sizing, page 7-10.
Table 7-2
Maximum Values for Virtual Servers
Resource
Pool CPU
Max
Physical CPU Limit Reservation
(MHz)
Servers (MHz)
Resource
Pool
Memory
Reservation Number of Community
(GB)
Snapshots VDC
Max
Virtual
Servers
Max
vCPU
Max
Total
Max
Memory Storage
(GB)
(GB)
50
74
296
7500
0
22,200
0
0
5
No
Medium 100
145
580
14,750
2
43,500
0
0
5
No
Large
250
366
1458
37,002
4
109,200
0
0
5
No
Small
Shared
250
366
1458
37,002
10
109,200
0
0
5
Yes
Small
Cisco Intelligent Automation for Cloud Administrator Guide
7-8
OL-29973-01
Chapter 7
Managing Standards
Adding, Modifying, or Deleting a VDC Size Standard
Table 7-2
Maximum Values for Virtual Servers (continued)
Max
vCPU
Max
Max
Total
Memory Storage
(GB)
(GB)
Resource
Max
Pool CPU
Physical CPU Limit Reservation
Servers (MHz)
(MHz)
Resource
Pool
Memory
Reservation Number of Community
(GB)
Snapshots VDC
Medium 500
Shared
725
2900
73,750
10
217,500
0
0
5
Yes
Large
Shared
1450
5800
147,500 10
435,000
0
0
5
Yes
Max
Virtual
Servers
1000
Adding a VDC Size Standard
Step 1
Use the VDC calculator to calculate the appropriate values for the number of virtual servers for this
standard.
Step 2
Choose Service Portal from the module drop-down list, then click the System Setup tab.
Step 3
On the System Setup portal, click the Standards tab.
Step 4
On the Standards portlet, click Define Order Standards.
Step 5
Click VDC Sizes in the Virtual Data Center folder on the left.
Step 6
Click Add New. An empty row appears.
Step 7
In the Standard Data column, click inside the Name field in the new row and enter the a label for the new
size (for example, Extra Small). This entry will appear to users in drop-down lists on the order forms.
Step 8
Enter the values for the other fields based on the results provided by the VDC Size calculator. Depending
on the width of your screen, you may need to scroll to the right to see the Storage GB field.
Step 9
Enter Yes if this standard is a community VDC or No if this standard is for a organization VDC.
Step 10
For the Size Order, specify an integer for the new standards size relative to the other sizes. For example,
1 for Small, 2 for Medium, 3 for Large.
Step 11
Click Save.
Modifying a VDC Size Standard
Step 1
Choose Service Portal from the module drop-down list, then click the System Setup tab.
Step 2
On the System Setup portal, click the Standards tab.
Step 3
On the Standards portlet, click Define Order Standards.
Step 4
Click VDC Sizes in the Virtual Data Center folder on the left.
Step 5
In the Standard Data table, click in any of the fields to set new values.
Step 6
Click Save.
Cisco Intelligent Automation for Cloud Administrator Guide
OL-29973-01
7-9
Chapter 7
Managing Standards
Planning VDC Package Sizing
Deleting a VDC Size Standard
Step 1
Choose Service Portal from the module drop-down list, then click the System Setup tab.
Step 2
On the System Setup portal, click the Standards tab.
Step 3
On the Standards portlet, click Define Order Standards.
Step 4
Click VDC Sizes in the Virtual Data Center folder on the left.
Step 5
In the Standard Data table, click inside the Name field for the standard that you want to delete.
Step 6
Click Delete, then confirm the deletion.
Step 7
Click Save.
Planning VDC Package Sizing
Only Cloud Provider Technical Administrators have access to this feature. Cloud Provider Technical
Administrators often need to determine the most effective sizes for virtual data center packages to match
their customer's needs. To avoid any big leftover gaps or unused resources, the VDC Calculator can help
build well-balanced offerings that closely match a customer needs, with the correct ratios between size
elements of the package (CPU, memory, and storage resource limitations).
Step 1
Choose Service Portal from the module drop-down list and click the VDC Calculator tab. Then, in the
Planned VDC VM Limit step, enter the approximate number of virtual machines in the VDC.
Step 2
In the Planned VM Distribution step, enter names for each virtual machine size and the respective
virtual machine percentages. For readability, try to make the distribution percentage equal to 100%.
Step 3
The Planned VM Configuration step displays the respective virtual machine configuration attributes
for each size. The VDC Calculator uses these attributes, plus the following values, to create a weighted
average:
Step 4
•
MHz allocated per vCPU—Enter how much real CPU (in MHz) should be assumed per vCPU
allocated to a VM. This drives the total MHz boundaries of the resource pool.
•
Snapshots per VM—Enter how many snapshots will be assumed when calculating the suggested
datastore size.
The VDC Calculator returns the suggested VDC package.
Cisco Intelligent Automation for Cloud Administrator Guide
7-10
OL-29973-01
CH A P T E R
8
Financial Management
Financial Management Features
Cisco Intelligent Automation for Cloud 4.0 provides the following financial management tools.
Pricing. A method to set pricing on common objects.
Showback. A mechanism to allow users to see the calculated cost of their potential orders during the
ordering process.
Run Rates. Both a mechanism for users to see the recurring cost of the items that they own, as well as
a mechanism for administrators to see the recurring cost of the items that their tenants own.
Billing Integration. Real-time billing events that can be consumed by a billing system within an
extension point.
Note
Cisco IAC does not provide billing (such as invoicing and payment transacting) functionality, nor
metering (financial management based on measured utilization) functionality.
Figure 8-1
Financial Management Categories
Cisco Intelligent Automation for Cloud Administrator Guide
OL-29974-01
8-1
Chapter 8
Financial Management
Pricing Models
Pricing Models
Cisco Intelligent Automation for Cloud supports complex pricing including:
•
Consumption-based Pricing. This is pricing done on the individual, atomic units of cloud
infrastructure, such as physical servers are priced based on the blade type (CPU, Memory, Disk, and
so on).
•
Reservation-based Pricing. This is pricing based on the assignment of cloud infrastructure to a
tenant. Allocated infrastructure may or may not be reserved, which allows for over-subscription; for
example, floating IP addresses or a small VDC.
Note
•
Whether the infrastructure that comprises a VDC is in fact reserved by the provider for use solely
by the tenant is a choice left to the provider.
Both Consumption and Reservation-based Pricing. For example, virtual machine with multiple
disks attached.
Billable Items
The following are the billable items available in Cisco Intelligent Automation for Cloud:
•
Virtual Data Centers. VDC Package Size: Each size defaults to $0 (configurable).
•
Network Appliances. Cisco CSR 1000v, Cisco Prime NSC, Cisco VSG, and Citrix Netscaler VPX.
Note
Each appliance is assigned a default price.
•
Networks. Floating IP Address and Virtual IP Addresses. (Default price for FIPs is US$3; for VIPs,
US$0).
•
Virtual Machines. Server Size, Template (no default price), CPU, Memory (GB), and Total Storage
(GB).
•
Physical Servers. Template (no default price), CPU, Memory, and Total Storage.
Default Pricing
Default prices are provided to facilitate initial product deployment. You can also use default prices to:
Note
•
facilitate conversations with the customer
•
provide a starting point for consideration of customization
•
facilitate proof of concepts and product demonstrations
Default prices should be replaced with deployment-specific pricing
Cisco Intelligent Automation for Cloud Administrator Guide
8-2
OL-29974-01
Chapter 8
Financial Management
Pricing Models
Pricing for Physical and Virtual Servers Based on Server Templates
Server Templates are not shipped with Cisco IAC. However, Cisco IAC does include templates from
many different cloud platforms. These templates do not have prices defined by default. You will need to
define prices upon registration of the template.
Table 8-1
Server Templates
Price
Server Type
Template
(units of currency)
Interval
Virtual
OS Template
Set upon registration
One-time
Virtual
vCenter Template
Set upon registration
One-time
Virtual
EC2 Image
Set upon registration
One-time
Virtual
OpenStack Image
Set upon registration
One-time
Physical
OS Template
Set upon registration
One-time
Pricing for Virtual Servers Based on Server Size
In Cisco IAC, “provisioned” Virtual Machines (VMs) are priced by assigned server size. There is a
surcharge for any additional resources (such as additional CPUs). Upon registration, “discovered” VMs
will have size “custom” assigned. No price is associated with the “custom” size.
Table 8-2
Server Pricing
Price
Server Size
CPU
Mem (GB)
Storage (GB)
(units of currency)
Interval
Extra Small
1
1
30
21.50
Per Billing Cycle
Small
2
2
30
41.50
Per Billing Cycle
Medium
2
4
40
62.00
Per Billing Cycle
Large
4
6
40
102.00
Per Billing Cycle
Extra Large
8
8
60
163.00
Per Billing Cycle
Additional Resources
Table 8-3
Additional Server Resources
Price
Infrastructure
Type
Unit of Measure
(units of currency)
Interval
CPU
Virtual
1
20.00
Per Billing Cycle
Memory
Virtual
1 GB
2.00
Per Billing Cycle
Storage
Virtual
1 GB
1.00
Per Billing Cycle
Cisco Intelligent Automation for Cloud Administrator Guide
OL-29974-01
8-3
Chapter 8
Financial Management
Pricing Models
Pricing for Physical Servers
Table 8-4
Default Resource Prices
Price
Physical Server
(units of currency)
Interval
CPU
15.00
Per Billing Cycle
Memory (GB)
15.00
Per Billing Cycle
Storage (GB)
.05
Per Billing Cycle
Table 8-5
Price Example
Price
Physical Server
CPU
Mem (GB)
Storage (GB)
(units of currency)
Example Profile
8
48
100
845.00
Pricing for Virtual Data Centers
Table 8-6
Default Resource Prices
Price
VDC Size
(units of currency)
Interval
Small
0
Per Billing Cycle
Medium
0
Per Billing Cycle
Large
0
Per Billing Cycle
Pricing for Network Services
Table 8-7
Default Resource Prices
Price
Network Resources
(units of currency)
Interval
Cisco CSR 1000v
30
Per Billing Cycle
Cisco VSG
20
Per Billing Cycle
Cisco Netscaler VPX
30
Per Billing Cycle
Cisco Intelligent Automation for Cloud Administrator Guide
8-4
OL-29974-01
Chapter 8
Financial Management
Financial Management by Persona
Pricing Example
CSR 1000v (L-CSR-50M-STD-1Y=)
•
1-year license for 50 Mbps Max throughput, Standard package, excludes SASU3, 4GB RAM, 4 CPU
•
This is a one year license with 50Mbps throughput at $350, so we're looking at monthly pricing of
$350/12 = $29.16
Pricing for Floating and Virtual IP Addresses
Table 8-8
Floating and Virtual IP Addresses
Price
IP
(units of currency)
Notes
Floating IP
3
Based on consumption of a public IP
address.
Virtual IP
0
Based on consumption of load-balancing
services.
Financial Management by Persona
Operations Performed by Cloud Provider Business Administrators
Cloud Provider Business Administrators perform any or all of the following operations:
•
View all tenants’ run rates
•
View a single tenant’s run rates
•
Set system-wide prices
•
Modify prices per tenant
Setting Prices on Cloud Services
Setting Prices For All or Specific Tenants
For Server Templates. Upon registration of the template, price will be set for all tenants who are given
access to the template. To preserve historical pricing, upon update of the template, price will not be
changed for existing users (tenants) of the template, but only for tenants who are given new access to the
template.
For All Other Cloud Resources. Go to Price Rates. Update the price rate tables for all or specific
tenants.
Note
Bulk operations are not supported, but grandfathering of all pricing is supported.
Cisco Intelligent Automation for Cloud Administrator Guide
OL-29974-01
8-5
Chapter 8
Financial Management
Setting Price Rates
Setting Different Prices For Different Tenants
System-Wide Pricing. A “Master Rate Group” defines system-wide pricing and shipped with the
product. Default prices facilitate the ability to quickly deploy the solution as well as product
demonstrations.
Tenant-Specific Pricing. A tenant-specific rate group is created when each tenant is onboarded. New
tenants receive default pricing set by the provider in the “Master Rate Table”. Tenant-specific pricing
may be configured once the tenant has been on-boarded.
Note
Default prices should be replaced with deployment-specific pricing.
Setting Price Rates
You can set, modify, and delete price rates per tenant using the Price Rates feature.
Step 1
Choose Service Portal from the module drop-down list.
The text menu bar displays.
Step 2
Click Management to display the nested menu.
Step 3
Click Price Rates.
The Billing Rates page displays (Figure 8-2). The purpose of this page is to allow the CPBA to define
standard prices for cloud services offered, as well as to define tenant-specific rates. For example, the
CPBA could give a particularly good customer a special discount rate.
Figure 8-2
Step 4
Billing Rate Definition Work Area
Manage price rates as needed. You can switch between tabs as you work:
•
Billing Rate Definition
•
Billing Rate Table
Cisco Intelligent Automation for Cloud Administrator Guide
8-6
OL-29974-01
Chapter 8
Financial Management
Setting Price Rates
Figure 8-3
Billing Rate Table Work Area
Step 5
On the Billing Rate table, you can add or delete rates, as well as modify. To modify, click in any field
and make your changes (as shown in Figure 8-3, above).
Step 6
Click Save when you are finished.
Warning
We strongly advise that you DO NOT CHANGE the Rate of Measure on this window. Doing so will
cause the UI showback calculation to stop working. There is a “Master Rate Group” controlling
default prices system-wide for all newly-onboarded tenants.
Cisco Intelligent Automation for Cloud Administrator Guide
OL-29974-01
8-7
Chapter 8
Financial Management
Setting Price Rates
Cisco Intelligent Automation for Cloud Administrator Guide
8-8
OL-29974-01
A P P E N D I X
A
Glossary of Terms
The following contains a list of acronyms important for understanding the installation, configuration,
and day-to-day use of Cisco Intelligent Automation for Cloud 4.0.
A
AD
Active Directory (AD) is a directory service implemented by Microsoft for Windows
domain networks
Amazon EC2
See EC2
AS
Advanced Services – Team of professional services engineers with Cisco, same as
Cisco Services
Autonomous System– In a routing context
ASA
Adaptive Security Appliance
AWS
Amazon Web Services
B
BaseDN
Base-distinguished name; used in LDAP authentication. See DN
BindDN
Bind-distinguished name; used in LDAP authentication. See DN
C
CaaS
Compute as a Service. See also IaaS and SaaS
CDP
Cisco Device Protocol
CIAC
Cisco Intelligent Automation for Cloud
CP
Cloud Portal. This name is no longer in use (but you may still find it in older
documents.) The new name for this product is Cisco Prime Service Catalog.
CPBA
Cloud Provider Business Administrator
CPTA
Cloud Provider Technical Administrator
CSR
Cloud Services Router
CUIC
Cisco Unified Infrastructure Controller
Cisco Intelligent Automation for Cloud 4.0
Glossary
A-1
Appendix A
Glossary of Terms
D
DBA
Database Administrator
DHCP
Dynamic Host Configuration Protocol
DN
Name that uniquely identifies an entry in an LDAP directory. A DN is made up of
“attribute=value” pairs separated by commas
DNS
Domain Name System
DRS
Distributed Resource Scheduler. Part of VMware vSphere
E
EC2
Amazon Elastic Compute Cloud
EFT
Early Field Testing [release of beta software to select internal and external
stakeholders for a trial period]
ELMI
Enhanced Local Management Interface
ESXi
ESXi is a bare-metal hypervisor from VMware
F-H
FCS
Field Customer Ship
FHRP
First Hop Redundancy Protocol
HSRP
Hot Standby Router Protocol
HTML
HyperText Markup Language. A language for displaying information in a web
browser
I
IaaS
Infrastructure as a Service. See also Saas and CaaS
IAC
Cisco Intelligent Automation for Cloud
IIS
Internet Information Services, an extensible web server created by Microsoft
ILMI
Interim Local Management Interface
IPAM
IP Address Management
JKL
JBoss
Open Source Java Application Server from JBoss, a division of Red Hat Inc.
JQuery
Cross-browser JavaScript library
KDE
“K Desktop Environment;” A network-transparent desktop environment used on
UNIX workstations
LAN
Local Area Network
LDAP
Lightweight Directory Access Protocol. A protocol for accessing and maintaining
distributed directory information services over an Internet
LLDP
Link Layer Discovery Protocol
LUN
Logical Unit Number
Cisco Intelligent Automation for Cloud 4.0
A-2
Glossary
Appendix A
Glossary of Terms
M-N
MAC
Media Access Control
Mapping
Refers to mapping within Active Directory
NFS
Network File System
NSC
Network Service Controller
NMTG
Network Management Technology Group
nsAPI
Cisco offers a set of standard REST (Representational State Transfer) APIs and Java
stubs for accessing entities defined in Service Portal. They are collectively known
as nsAPI.
O
OpenStack
Initiative developed jointly by Rackspace Hosting and NASA. See:
http://www.openstack.org/
OTA
Organization Technical Administrator
OU
Organizational Unit
P
PNC
PowerVu Network Center
PNSC
Cisco Prime Network Services Controller (formerly known as VNMC)
PO
Cisco Process Orchestrator
POC
Proof Of Concept – Hands-on engagement of select customers with beta product
install in their environment at customer site
POD
Point of Delivery or Point of Distribution
PSC
Cisco Prime Service Catalog
Q
Queue
A first-in/first-out (FIFO) list of elements, where the first element added to the
queue will be the first one to be removed.
Query
A request for information from a database. See JQuery
R
RabbitMQ
Open source message broker software (middleware) for Advanced Message
Queuing
RDP
Remote Desktop Protocol
S
SAN
Storage Area Network
SaaS
Software as a Service; See also CaaS and IaaS
SC
Service Catalog
SDP
Service Delivery Platform
Cisco Intelligent Automation for Cloud 4.0
Glossary
A-3
Appendix A
Glossary of Terms
SDU
Systems Development Unit
SSL
A cryptographic protocol used to provide secure communication over the Internet
SNMP
Simple Network Management Protocol
SP
Cisco Server Provisioner
SSH
Secure Shell
T
TAC
Technical Assistance Center
TBA
Tenant Business Administrator
Tenant
Member of a multi-tenancy server/zone; another word for “customer”
TTA
Tenant Technical Administrator
U
UCS
Cisco Unified Computing System
UCSD
Cisco Unified Computing System Director (USCD)
UUID
Universal Unique Identifier. A 128-bit number used to uniquely identify an object
or entity
V
vASA
Virtual Adaptive Security Appliance
VDC
VMware Virtual Cloud Director
VDC
Virtual Data Center
VIP
Virtual IP
VNMC
Virtual Network Management Center (same as NSC). This name is no longer used.
This product is now known as Cisco Prime Network Services Controller.
VLAN
Virtual LAN
VMDC
Virtualized MultiService Data Center
VRRP
Virtual Router Redundancy Protocol
VSG
Virtual Security Gateway
VSO
Virtual Server Owner
V/PSO
Virtual and Physical Server Owner
WXYZ
Week 0
Marker to denote AS’s successful, autonomous deployment of IAC and successful
testing of flagship services.
WWNN
World Wide Node Name
WWPN
World Wide Port Names
Cisco Intelligent Automation for Cloud 4.0
A-4
Glossary
INDEX
REX Set REX Agent Properties
A
starting
Adding
Anyone (role)
Cloud Administrator From a New User
4-3
Cloud Administrator From an Existing User
Existing Network
2-6
1-2
Assigning
4-4
Cloud Administrators in the Directory Service
Cloud Provider Technical Administrators
2-2, 2-3
Mail Addresses for Queue Notifications
4-3
Assigning a User to a Server Owner Role
4-3
6-12
4-14
Assigning the Cloud Technical Administrator Role to an
nsAPI User 2-5
5-2
Auto-Provisioning a Network Using New Port
Profiles 5-8
Existing User as a Cloud Provider Technical
Administrator 4-7
Existing User as an Organization Technical
Administrator 4-9
Existing User as a Server Owner
Network to a Community VDC
New Lease Term Standard
5-6
Billable Items
7-5
C
4-6
or Removing an Organization Technical
Administrator 4-9
or Removing a Server Owner
Capabilities by User Role
network
5-5
VDC Size Standard
nsAPI User Account Username and Password
7-6
User’s Status to Active or Inactive
logical construct of
8-3
defining as platform element
7-7
6-4
Cisco Server Provisioner Platform Element
Defining
agents
4-1
Cisco Server Provisioner
Adding, Modifying, or Deleting a Server Size
Standard 7-6
Adding, Modifying, or Deleting a VDC Size Standard
4-6
Cisco IAC
Adding, Modifying, or Deleting an Operating System
Standard 7-4
configuring REX agents
4-16
nsAPI User Credentials in Prime Service
Catalog 4-16
7-9
Adding, Modifying, or Deleting a Lease Term
Standard 7-1
Additional Resources
5-6
Changing
6-11
Server Size Standard
1-8
capacity
4-12
Public Subnet to a Network POD
Server Owner
8-2
7-2
Operating System Standard
or Modifying User Details
B
4-12
6-4
Cisco UCS Manager
2-3
REX Set HTTP Agent Properties
defining as platform element
2-3
6-3
Cisco UCS Manager Platform Element
Cisco Intelligent Automation for Cloud Administrator Guide
OL-29973-01
IN-1
Index
defining
DB, HTTP, NSAPI Agents Configuration
6-3
Cloud Administrator
Default Pricing
adding from existing user
adding from new user
Cisco Server Provisioner Platform Element
4-3
Cisco UCS Manager Platform Element
Network Using Existing Port Groups
6-1
Cloud Provider Business Administrator
Operations Performed by
Removing
Lease Term Standard
1-3
Operating System Standard
4-7
Server Size Standard
4-3
VDC Size Standard
4-9
setting pricing for
Cloud Services
Directory Integration
7-7
7-10
8-6
add network to
4-12, 6-10
4-11
8-5
Community VDC
setting up
7-5
Directory Authorization Notation
4-3
setting pricing on
E
5-6
6-9
Errors
Configuring Agent Properties
2-2
Connecting Cloud Platform Elements
Platform Element
6-1
remediating
Creating
Example pricing
and Managing Users
6-8
8-5
4-5
Cloud Provider Technical Administrator
Organization 4-3
F
New User to Add as a Cloud Provider Technical
Administrator 4-8
Features
of Financial Management
8-1
New User to Add as an Organization Technical
Administrator 4-10, 6-10
Financial Management by Persona
New User to Add as a Server Owner
Financial Management Features
Organization
5-7
Different Prices For Different Tenants
1-3
Cloud Provider Technical Administrators
adding
6-2
7-4
Network from the Cloud System
responsibilities
6-2
Deleting
4-3
creating home organization for
5-6
VMware vCenter Server Platform Element
8-5
Cloud Provider Technical Administrator
adding existing user as
6-4
6-3
VMware vCenter Connection Information
1-4
Cloud Provider Business Administrators
adding
8-2
Defining
4-4
Cloud Platform Elements
Connecting
2-4
4-13
6-10
8-5
8-1
Fixing
Platform Element Errors
6-8
Floating and Virtual IP Addresses
D
Datastore
registering
pricing for
8-5
Form Extender
1-7
6-8
Cisco Intelligent Automation for Cloud Administrator Guide
IN-2
OL-29973-01
Index
pricing
H
8-2
Modifying
Hover View
3-4
Lease Term Standard
7-3
Operating System Standard
Properties of a Network
I
Server Size Standard
User Properties
IP addresses
viewing
Modifying a Tenant
Items
billable
5-6, 5-7
7-7
4-5
VDC Size Standard
5-6
7-5
7-9
3-3
Modifying Properties of a Network
8-2
5-7
Multiple Cloud Platforms
Support for
L
Lease Term Standard
Adding, Modifying, or Deleting
adding new
deleting
N
7-1
Network
7-2
add community VDC to
7-4
modifying
adding existing
7-3
capacity
5-4, 5-7
5-2
deleting from system
5-6
Logical Construct of Cisco IAC
port profiles and
properties of
M
removing
Mail Addresses for Queue Notifications
assigning
6-12
5-5
5-7
5-8
5-6
5-3
5-1
viewing
6-12
Manage IP Address Exclusions Form
5-6
Network IP Capacity
5-4
Network POD
Managing
IP Address Exclusions
Network IP Capacity
5-4
5-4
Organizations and Users With Directory
Integration 4-11
User Roles
4-12
Managing users
4-5
Manually Adding the Site Administrator Role to an nsAPI
User 2-6
Models
Types
5-6
5-7
deleting from the Cloud System
4-1
5-8
5-6
defining using Existing Port Groups
List of All Networks
viewing
5-6
auto-Provisioning using new Port Profiles
List for a specific Network
viewing
1-10
public subnet and
5-5
networks
removing from organization
5-7
New Lease Term Standard
Adding
7-2
NSAPI agents
understanding
nsAPI User Account
4-16
2-5
nsAPI User Account Username and Password
Cisco Intelligent Automation for Cloud Administrator Guide
OL-29973-01
IN-3
Index
changing
Planning
4-16
VDC Package Sizing
nsAPI User Credentials in Prime Service Catalog
changing
7-10
Platform Element Errors
4-16
Remediating
Element Errors
O
remediating
Obtaining Approvals for Adding a Network to a VDC
5-7
6-8
platform elements
Offboarding a Tenant
3-3
Cisco Server Provisioner, defining
Onboarding a Tenant
3-1
Cisco UCS Manager, defining
Adding
Adding, Modifying, or Deleting
auto-provisioning a Network
7-4
Prerequisites
7-5
modifying
setting
5-8
8-6
Prices
Organization
setting for Cloud Services
6-10
Removing
4-4
default
8-2
Example
removing network
5-7
understanding
Models
Virtual Servers
1-5
8-4
8-4
based on Server Size
1-5
8-3
Provisioning a New Network for a Virtual Data
Center 5-6
OTA
Removing
8-2
Virtual Data Centers
4-2
Organization Technical Administrator
8-5
for Physical and Virtual Servers Based on Server
Templates 8-3
4-3
4-1
working with
8-5
for Floating and Virtual IP Addresses
4-2
Cloud Administrator home organization, creating
user roles
8-5
Pricing
organization
Organizations
5-8
Price Rates
7-5
Operations Performed by Cloud Provider Business
Administrators 8-5
Creating
6-2
Port Profiles
7-5
deleting
6-3
VMware vCenter Server, defining
Operating System Standard
6-4
4-11
Provisioning Settings
configuring
Setting
P
6-5
6-5
Public Subnet
Package Sizing
adding to a network POD
5-5
VDC
planning
7-10
Q
Persona
Financial Management by
8-5
Physical and Virtual Servers Based on Server Templates
pricing for
Queue Notifications
assigning mail addresses for
6-12
8-3
Cisco Intelligent Automation for Cloud Administrator Guide
IN-4
OL-29973-01
Index
Server Owner Role
R
Server Owners
Reassigning an Organization Technical Administrator as a
Server Owner 4-15
Reassigning Server Owner
Virtual
4-14
4-12
1-6
Virtual and Physical
1-6
Servers
as a Organization Technical Administrator
to Another Server Owner Role
4-16
virtual
4-15
pricing for
Registering
8-4
Server Size Standard
Datastore
6-8
Adding
Remediating
7-6
Adding, Modifying, or Deleting
Platform Element Errors
6-8
deleting
Removing
7-7
modifying
Cloud Provider Technical Administrator
Network
4-9
System-Wide
4-4
Organizational Technical Administrator
Server Owner
4-11
4-14
setting
6-6
Service Teams
4-2
Setting
Removing a Network from a Virtual Data Center
Resources
5-8
Different Prices For Different Tenants
Price Rates
additional
8-3
REX agents, configuring
2-3
Prices on Cloud Services
2-3
Provisioning Settings
REX Set HTTP Agent Properties
2-3
2-2
VDC Package
Solutions Team
REX User Account
6-6
6-9
Sizing
setting username and password for
starting
6-5
Setting Up a Community VDC
REX Set REX Agent Properties
8-5
8-5
System-Wide Service Options
2-3
8-6
8-6
Prices For All or Specific Tenants
REX Agent Configuration
starting
7-7
Service Options
5-3
Organization
7-6
2-1
7-10
1-7
Standard
Roles
Lease Term
Server Owner
4-14
adding
roles
7-2
deleting
See also user roles
7-4
modifying
7-3
Operating System
adding
S
7-5
deleting
Server Owner
adding
modifying
6-11
adding an Existing User as
Removing
7-5
4-14
7-5
Server Size
4-12
adding
deleting
7-6
7-7
Cisco Intelligent Automation for Cloud Administrator Guide
OL-29973-01
IN-5
Index
modifying
User Roles
7-7
managing
VDC Size
adding
user roles
7-9
deleting
1-3
Organization Provider Technical Administrator
overview of
7-1
Starting All Agents
Virtual Server Owners
2-4
Starting the REX Set Agent Properties Agent
Support for Multiple Cloud Platforms
2-3
1-10
Users by Role
1-5
1-1
Virtual and Physical Server Owners
2-6
Starting All REX Agents
1-6
1-6
1-3
User Status
Changing
System-Wide Service Options
Setting
1-2
Cloud Provider Technical Administrator
7-9
Standards Settings
viewing
1-3
Anyone
7-10
modifying
4-12
4-6
6-6
V
T
vCenter Server, defining as platform element
Teams
6-2
VDC
Service
Community
4-2
setting up
Tenant
offboarding
3-3
onboarding
3-1
Size Standard
adding
Tenant Business Administrator
1-5
7-9
VDC Package Sizing
planning
Tenant information
viewing
6-9
7-10
VDCs
3-4
Tenant Technical Administrator
1-4
pricing for
8-4
VDC Size Standard
Adding
U
7-9
Adding, Modifying, or Deleting
Understanding Organizations
Updating NSAPI agents
4-1
4-16
7-10
modifying
7-9
Viewing
User
properties
roles
deleting
7-7
List of All Networks
4-5
Standards Settings
4-12
User Details
7-1
Viewing Tenant Information
4-6
User Management Page
5-6
4-13
3-4
Viewing the List For a Specific Network
Username and Password for REX Set REX Agent
Properties 2-2
Virtual and Physical Server Owners
User Properties
Virtual Data Centers
modifying
4-5
user roles
pricing for
5-4, 5-7
1-6
1-6
8-4
Cisco Intelligent Automation for Cloud Administrator Guide
IN-6
OL-29973-01
Index
Virtual Server Owners
user roles
1-6
1-6
Virtual Servers
pricing
based on Server Size
pricing for
8-3
8-4
VMware
vCenter Server, defining as platform element
6-2
VMware vCenter Server Connection Information
defining
6-2
VMware vCenter Server Platform Element
defining
6-2
W
Working with Organizations
4-2
Cisco Intelligent Automation for Cloud Administrator Guide
OL-29973-01
IN-7
Index
Cisco Intelligent Automation for Cloud Administrator Guide
IN-8
OL-29973-01