Environments

About Environments

An environment is a resource that consists of one or more associated cloud regions and cloud accounts and that has been set aside for specific deployment needs. Users deploy applications to deployment environments, and deployment environments can be shared with multiple users.

For example, a Development environment could be associated with a development cloud and a Production deployment environment could be associated with a production grade high-performance cloud. Users on a development team would have the ability to deploy only to the Development environment and users on an operations team would have the ability to deploy only to  the Production environment.

The Environments Page 

You can add, view, manage, and delete deployment environments from the Environments page. To access this page, choose the Environments tab.

When Governance Rules is set to ON:

  • Only tenant admins can add new deployment environments. 
  • Co-Admins are not permitted to add deployment environments.

 The Deployment Environment pages list configured information and allows you perform the following actions:

Actions Dropdown
Description
Edit

Change configurations for an existing deployment environment. Once configured, you can only perform the following changes to a deployment environment:

  • Change the name of the deployment environment.
  • Add or change a description
  • Change the Cloud Region
  • Change the Cloud Account
  • Change the Network Settings

See the Adding a Deployment Environment section (below) for additional details.

Share

Share a deployment environment. See Deployment Environment Permissions for details.

When you create a deployment environment and share it with a user without checking the Promote from option, be aware that the Migrate action will not be available when this user deploys an application that uses this deployment environment.

Delete

Delete a deployment environment.

If you choose to delete a configured deployment environment, the Delete Deployment Environment popup to confirm your intention, deletes the configured environment, and displays a status message at the top of the Environment page.

Associate Rules

Add system tag matching rules to a deployment environment.

When you use this deployment environment to deploy an application or an application profile you can select a tag that is associated with this environment. This automatically populates the cloud account configuration information.

If rules-based governance is enabled, the system takes various automatic actions based on the tags that are associated with this deployment environment. See System Tags for additional context.

Adding an Environment

When you add an environment, you create a new deployment environment based on configuration settings that you make. To add a deployment environment, follow these steps:

You can add multiple cloud accounts for each cloud region. You can additionally select a default cloud account for each deployment environment by clicking the Pin icon.

  1. Access the CCM UI and navigate to the Environments tab. The Deployments page refreshes to display the configured environments.

  2. Click Add Environment. The New Deployment Environment page displays.

  3. In the General Settings section: 
    1. Provide the deployment environment Name
    2.  (Optional) Provide a Description. 
    3. (Optional) Toggle the Approval required to deploy to this environment switch. 
      1. On: To require the approval an authorized user for the deployment of any application to this deployment environment. 
      2. Off(Default) Approval is not required.
  4. In the Cloud Selection section:
    1. Select the checkbox for the required Cloud Region. This cloud region must be the same as the CCO cloud region (used to manage your new APIC controller extension in the above section).
    2. Select the Cloud Account from the dropdown list. 
  5. (Optional)  Configure the Cloud Settings section and the Use Simplified Networks section for your cloud. 

    If multiple users have access to some regions/clouds as part of the deployment environment, be aware that these users may not be able to access all cloud accounts and regions used in deployment environments. In such cases, the Network Mapping option is disabled for these users and they will not be able to delete any existing networks, if already defined as part of the deployment environment.

     

    •  VMware - Cloud and Network Settings

      VMware Cloud Settings

      The following fields are available for VMware cloud regions.

      Select the required option from the dropdown lists for each field identified in the following table:

      FieldDescription
      DatacenterRequired. The name of the datacenter object in vSphere.
      Cluster

      Required.The name of the server group in this datacenter's virtual environment in vSphere where you want to deploy VMs.

      Datastore

      The list of DataStores (DS) from vSphere. Effective CloudCenter 4.8.0, you can select both the datastore cluster and the the DS if DRS is disabled. When you select a Datastore cluster, if DRS is:

      • Disabled – Select a Datastore deployment from a dropdown menu or leave the DS un-selected so the CloudCenter platform can make a random selection.
      • Enabled – The Datastore dropdown is disabled and neither you nor the CloudCenter platform can make any selection.
      Resource PoolThe default computing resources used to manage resource allocations between VMs. Use the default source pool name from vSphere where you need to deploy instances.
      Target Deployment Folder

      The default folders used to group objects of the same type for  management and VM deployment.

      Enable Full Clone

      If you make changes to the callouts or attributes for a Cloud Region, you must restart the CCO for the changes to take effect.

      If you use VM Template when configuring images for VMware cloud environments, be aware of the following settings.

      SettingDescription
      Full Clone
      • Use if you select an image that is mapped to a VM Template.
      • The full clone operation is performed on the source VM or VM template, the cloned VM can be on either datastore or datastore cluster that you specify.
      • You can use the Full clone option for both Snapshots and VM Templates.
      Linked Clone
      • Use if the image is mapped to a snapshot.
      • Add a folder in vSphere (to store your CloudCenter snapshots), name it CliqrTemplates, and add this snapshot to the CliqrTemplates folder.

      When you use a Snapshot, both the Linked Clone and Full Clone options are possible settings. See Configure Image IDs for additional context.

      To configure these settings, you should have already configured the following entities in VMware:

      • A VMware cluster
      • A datastore cluster

      To configure the clone settings in the CloudCenter platform, select the Enable Full Clone (linked clone) checkbox

      Full Clone SettingDescription
      Selected

      CloudCenter creates a full disk clone of the VM.

      If the root size reflects the same size as the template, be sure to resize the partition once the instance is up and running.

      Not Selected (default)CloudCenter creates a thin clone which is faster but relies on the original VM disk being available in its original location.

      Root Disk Resizable

      You can only select the Root Disk Resizable if the Cloning Mode is set to Full Clone (Enable Full Clone = Selected).

      This feature is only available for VMware VMs.

      The CloudCenter platform provides the capability to resize the root disk for VMware VMs by a configurable setting to specify the root disk size based on the OS type. This configuration setting is similar to the data store cluster setting.

      When you initially provision the VM, you can define the base OS disk size in the instance type configuration for each VM. A default VM includes a base (root) OS disk and an ephemeral disk. Some enterprises may have a requirement in place to only use one disk instead of both disks.

      You can only increase (not reduce) the VM root disk size – The new root disk size should not be smaller than the default root disk size.

      For example, if the root disk size is 250 GB, then you can only resize the instance type to be greater than 250 GB. The instance size in this case cannot be less than 250 GB.

      • Enabled: When you specify the Instance Type Storage for a deployment and if this setting is greater than the configured root disk size in the template or snapshot, then the root size of the deployed VM will be set to the size specified in the instance type.

        The additional space is not formatted or partitioned by CloudCenter. Use the Node initialization script to perform these tasks.

      • Disabled: When this option is disabled, an additional disk with the specified size is created in the instance type.

      VMware Network Settings
      1. Toggle the Visibility  switch to determine if you want to allow your end users to use pre-configured settings.  
        • OFF: (Default) End users are not allowed to use preconfigured ACI extensions.
          1. Select the Network in the NIC section. See IP Allocation Mode for additional context on NIC configuration.
          2. Add additional NICs, if required.
        • ON: End users are allowed to use preconfigured ACI extensions.
          1. Select the required extension, the corresponding options are displayed in the dropdown list for the remaining fields (see Extensions for additional details):
          2. Select the APIC Extension from the dropdown list (see Extensions for additional details).
          3. Select the APIC Virtual Machine Manager (VMM) associated with this APIC Extension from the filtered dropdown list .
          4. Select the APIC Tenant associated with this APIC Extension from the filtered dropdown list.
      2. Select the Network in the NIC section.
        • If you select VMware, select the Network in the NIC section. See IP Allocation Mode for additional context on NIC configuration.
        • If you select Cisco ACI, select the type in the End Point Group (EPG) Type field.
          1. Existing EPG: If you select this type, you must further select a pre-existing EPG (that is already connected to one of the Bridge Domains) from the Existing EPG dropdown, which appears if you select this type.
          2. New EPG: If you select this type, you must further select a pre-existing Bridge Domain (to which this EPG must connect) from the Bridge Domain dropdown list.
          3. Bridge Domain Template: See Extensions for additional context.
      3. Add additional NICs, if required.
      SSH Options

      See SSH Options for additional context.

    •  vCD - Cloud and Network Settings

      vCD Cloud Settings

      The following fields are available for VMware cloud regions.

      Select the required option from the dropdown lists for each field identified in the following table:

      FieldDescription
      vCloud Org VDC
      Required. The name of the Virtual Data Center (VDC) in vCloud Director.
      vCloud Storage ProfilesRequired. The storage profiles to deploy the VMs.
      vCD Network Settings
      1. Select the Network in the NIC section. If you select vCD, select the OrgVdcNetwork in the NIC section. See IP Allocation Mode for additional context on NIC configuration
      2. Add additional NICs, if required.
      SSH Options

      See SSH Options for additional context.

    •  Amazon - Cloud and Network Settings
      AWS Cloud Settings

      The Instance Profile field is optional – provide the Amazon Resource Name (ARN) used for the Instance Profile configured in your AWS Cloud account. If you specify the Instance Profile name, the CloudCenter platform launches VMs within the IAM role that is associated with the corresponding instance profile.

      AWS Network Settings
      1. Select the required option from the dropdown list for the VPC field. See AWS Configurations for additional context.
      2. Toggle the Visibility  switch to determine if you want to allow your end users to use pre-configured settings.  
        • OFF: (Default) End users are not allowed to associate the public IP with the NIC.
        • ON: End users are allowed to associate the public IP with the NIC.
      3. Select the required Network in the NIC section.
      4. The Private IP Allocation mode in the NIC section defaults to DHCP. The DHCP strategy allows the IP to be allocated by the DHCP server to the instance on server boot up. This IP address is not known prior to server boot up. See IP Allocation Mode for additional context on NIC configuration.
      5. Add additional NICs, if required.
    •  OpenStack - Cloud and Network Settings
      OpenStack Cloud Settings

      The following fields are available for OpenStack cloud regions.

      FieldDescription
      Cloud Tenant

      Multiple OpenStack tenants share cloud accounts in the CloudCenter platform. At deployment time, the CloudCenter platform allows you to select the required OpenStack tenant. You can create access key pairs in the OpenStack console so these key pairs are visible when submitting jobs using the CloudCenter platform.

      In this case, the concept of Tenant Name and Tenant ID is specific to the OpenStack cloud, not the CloudCenter platform. See OpenStack Configurations for additional context.

      Availability Zone(s)The default and/or additional Availability Zone(s) for this region. See Availability Sets and Zones for additional context.
      OpenStack Network Settings
      1. Toggle the Visibility  switch to determine if you want to allow your end users to use pre-configured settings.  
        • OFF: (Default) End users are not allowed to associate the public IP with the NIC.
        • ON: End users are allowed to associate the public IP with the NIC.
      2. Select the required Network in the NIC section.
      3. Select the Private IP Allocation mode in the NIC section. See IP Allocation Mode for additional context on NIC configuration.
        1. DHCP: (Default) This strategy allows the IP to be allocated by the DHCP server to the instance on server boot up. This IP address is not known prior to server boot up.
        2. Preallocate IP: This strategy allows the cloud infrastructure IP allocation to be dynamically provided before the server boots up.
      4. Add additional NICs, if required.
    •  Azure - Cloud and Network Settings

      Azure Cloud Settings

      You must configure the Virtual Network for Azure cloud regions. See Azure Configurations for additional context.

      Azure Network Settings
      1. Toggle the Visibility  switch to determine if you want to allow your end users to use pre-configured settings.  
        • OFF: (Default) End users are not allowed to associate the public IP with the NIC.
        • ON: End users are allowed to associate the public IP with the NIC.
      2. Select the required Subnet in the NIC section.
      3. Add additional NICs, if required.

    •  AzureRM - Cloud and Network Settings

      AzureRM Cloud Settings

      Configure the following fields for AzureRM cloud regions to access the portal. 

      FieldDescription
      Resource GroupThe same region as your CCO. 
      Storage Account

      The reason to create two storage accounts is that, some instance types (for example, Standard_DS1, Standard_GS1) can use the premium storage account to enhance performance and use standard storage account. The other instance type can use the standard storage account only.

      Diagnostics

      CloudCenter users can view diagnostics provided by Azure Resource Manager from multiple places in the Azure console. The metrics and logs are stored in the related storage account.

      Microsoft has multiple settings to determine how metrics are collected (time interval) and to specify the metrics to be collected. CloudCenter uses the default Microsoft settings.

      Enable Availability Set

      All VMs within a cluster are placed in the same subnet. So all VMs inside the same Availability Set are placed in the same subnet. If you do not enable the Availability Set, an availability set is NOT created. To ensure high availability, the VM(s) placement in fault/update domains are not guaranteed to be in different domains. See Availability Sets and Zones for additional context.

      Virtual NetworkBased on the Resource Group and the CCO location.

       

      AzureRM Network Settings
      1. Toggle the Visibility  switch to determine if you want to allow your end users to use pre-configured settings.  
        • OFF: (Default) End users are not allowed to associate the public IP with the NIC.
        • ON: End users are allowed to associate the public IP with the NIC.
      2. Select the required Subnet in the NIC section.
      3. Add additional NICs, if required.

    •  Google - Cloud and Network Settings

       

      Google Cloud Settings

      The following fields are available for Google cloud regions.

      FieldDescription
      ZoneThe default and/or additional zone(s) to be launched for this region. See Availability Sets and Zones for additional context.
      Project

      The list of projects from which you can choose network.

      If using an XPN network, you have the following options:

      • Select the host project associated with your XPN.
      • Select the service or the host project associated with your XPN.

      The list of projects is shown for narrowing down the list of networks. The application instances will be deployed in the project associated with the cloud account.

      Network Mapping

      The name of the network that you created in the CloudCenter platform when you assigned the Google Network Settings (see the next section).

      Enable Resource ValidationToggle the switch to YES to Enable Resource Validation.
      Google Network Settings

      The NIC configuration and Simplified Networks configuration is available for both networks and sub-networks. The CloudCenter platform only supports a single NIC configuration.

      1. Select one of the configured networks retrieved from Google cloud:

        • Non-legacy Networks – Select the required network and then select the sub-network-based Google project (or the CloudCenter-specific XPN host project) contained within that network.
        • Legacy Networks – Select the legacy network and the sub-network selection is no longer available.
      2. Select the checkbox to indicate if a public IP in the NIC section. See IP Allocation Mode > Cloud-Specific Nuances > Google for additional context.

    •  Alibaba - Cloud and Network Settings

      Alibaba Cloud Settings

      As SSH key access is not allowed into Alibaba cloud environments, you must provide the instance password as follows:

      • Linux: Provide the root password.
      • Windows: Provide the administrative password.

      Alibaba Network Settings
      1. Configure the Instance Password
      2. Select the required Subnet in the NIC section.

  6. Click Done to save your new deployment environment.

Multi-Site, Multi-Account Limitations

Be aware that multi-site, multi-account deployments are NOT supported in the following scenarios:

  • When you migrate or promote deployments. See Deployment and VM States for additional context.
  • For single-tier application (for example, leaf and interactive applications).
  • When you use the Benchmark feature.

Multi-Site (Multi-Tier) Cloud Configuration

You can configure a multi-site deployment to enable users to deploy N-Tier applications with each tier being configure in a different cloud or in the same cloud in different segmented networks while ensuring SLA guaranty and data sovereignty. This feature allows you to use different clouds for different tiers.

While the multi-site feature is supported for all supported clouds (see What Is Supported? for a complete list), the Set Defaults functionality is only supported for AWS, OpenStack, and VMware clouds.


For example, in a 2-Tier application, the load balancer and app cluster can be in AWS or any other public cloud offering and the database can be in the private datacenter like VMware with/without ACI. This example is also applicable in cases where the two different datacenters (regions) of an enterprise is maintained as two different cloud families and the user wants the different tiers in the application to be deployed to these two datacenters or clouds.

If a deployment environment has more than one cloud selected in the Deployment page, you see a new option in the Cloud dropdown list called Hybrid. When you select this option, you can choose different instance types and provide Advanced cloud/network settings specific to the selected cloud for each tier. 

          

Multi-Account Cloud Configuration

You can also configure each application tier to be deployed in different cloud accounts (multi-account) within the same datacenter. The Hybrid option allows you to choose the same cloud and different cloud accounts for each tier.

For example, a datacenter admin maintains a single cloud (for example, VMware) for the entire datacenter but maintains different cloud accounts for different segments that are managed by different Cisco Application Policy Infrastructure Controllers (APICs). In this case, each tier for this application can be deployed to these different segments. The database can be deployed to the pod or segment that has stricter security policies enforced by APIC1 and the AppCluster tier can go into different pod that is managed by a different APIC2.

Migrate without Suspending Deployments

Suspension is an optional setting during the migration process. This change helps when testing your migration – without suspending your deployment.

If you check (unchecked by default) the  check box, the application is terminated and NOT suspended.

Restful JSON for APIs

If using the Submit Job (v2) API, you have the added advantage of completing the forms associated with the New Deployment workflow and retrieving the corresponding JSON request body for use with the API(s).

The Restful JSON button (or the restful.json link) becomes available when you complete the General Cloud Settings details (with the required selection for the clouds and network settings) and you are able to proceed without any errors or missing fields in this workflow. This button generates the contents of the job deploy page before a submit operation.

This button currently displays for N-tier deployments. When you click the Restful JSON button (or the restful.json link), a popup responds with the corresponding JSON request body. You can copy the entire REST payload and paste it in your RESTClient application to issue the API call.