Virtual Appliance Setup Process

Supported Virtual Appliances

Major CloudCenter releases include appliances for the following components and cloud providers. Cisco builds these appliances on CentOS 7.x base images. See Virtual Appliances for additional details.

Cloud

Image Type

Amazon

Shared image (AMI)
Azure RMVHD

OpenStack

QCOW2

VMware

OVA

Google

Shared image
SoftLayerShared image

General Virtual Appliance Approach

To prepare infrastructure for the appliance approach, follow this process.

  1. Review the Hardware Requirements for each CloudCenter component and ensure that you have met the requirement for each component.
  2. Prepare the JSON descriptor that must be used in to verify your installation scenarios (see CloudCenter Descriptor JSON File later in this section).
  3. Configure Firewall Rules.
  4. Download Images – see Virtual Appliances to verify which images can be downloaded and which images need to be shared. For example:

    Cloud-Specific Appliances

    Details

    Amazon

    Obtain launch permissions for the AWS account by sending an email to the cloudcenter-ami-request mailer list.

    OpenStack

    Import the QCOW2 image file for each component.

    VMware

    Create a folder named CliqrTemplates and import the OVA file for each component.

    Google

    Obtain launch permissions for the Google account by sending an email to the cloudcenter-ami-request mailer list.

    SoftLayer (Bluemix)

    Obtain launch permissions for the Bluemix account by sending an email to the cloudcenter-ami-request mailer list.

    Azure RMDownload the VHD files for each component.
  5. Create instances for each component using the imported/shared appliance images.
    1. One CCM, Monitor, and Repo (conditional on a dedicated server) is required for each CloudCenter setup.

      As a worker image is defined in the CCM, you do not need to launch an instance for this component.

    2. One AMQP and CCO are required for each cloud region.
  6. Setup the hostname for all launched virtual machines and update the hostname. This step is required if you prefer to use DNS names instead of IP addresses for each CloudCenter component. If you prefer to use IP addresses, you can skip this step.

    1. Choose a hostname that matches the Role. For example:

      Example
      CCM.mydomain.com

      Changing the hostname after you install and configure the VMs may cause unknown issues.

    2. Once you setup the hostname, ensure that the VM hostname is resolvable by running the following command:
      1. hostname
      2. If the VM name is not resolvable, edit the file /etc/hosts and add your VM’s hostname.
        For example:

        Example
        <hostname> 12.10.12.1
      3. Ensure that the hostname is resolvable in the /etc/hosts file:

        • Add a hostname and the IP address for the component(s) in the /etc/hosts file.

        • The hostname cannot contain any special characters, including underscore, hyphen, or space for the database servers as it causes the authentication to fail.

        • The hostname cannot be on the same line as the localhost – add the hostname on a separate line in the /etc/hosts file.


  7. Network routing loopback:
    • Refers to deployed CCMs that are running behind the Network Address Translation (NAT).
    • This setup places a restriction on machines from internal networks to ensure that they do not use an external IP to access the CCM.
    • To address this restriction, you must add a line to the CCO and AMQP server's /etc/hosts file and include the internal private IP of the CCM. For example: If the CCM DNS name is ccm.example.com and it is behind a NAT, and the internal private IP address is 192.168.20.5 and its external public IP address is 54.16.20.5, then enter the following line in the local /etc/hosts file:

      Example
      192.168.20.5 ccm.example.com

      When configuring the CCM, the hostname used above (ccm.example.com) must match what you configure as the Public DNS while configuring CCM.

Cloud-Specific Setup Details

  •  VMware Appliance Setup

    VMware Appliance Setup

    To prepare infrastructure using CloudCenter appliances for VMware clouds, follow this process.

    1. In the VMware Console, create a folder named CliqrTemplates and import the OVA file for each component.

    2. Prepare to launch the image for each component:

    3. Launch the instance for each component using the imported images.
    4. After you launch the instance for each image:

      1. Power on the image.

      2. Log into the image as the root user:

        Username: root
        Password: welcome2cliqr
        sudo -i


        Before you proceed

        This authentication uses generic credentials – be sure to change the email address and password for the admin account after your first login.

    5. Setup hostname – For all launched VMs, update the hostname. Choose a hostname that matches the Virtual Appliance Overview > Role. For example:
      1. hostname – For all launched VMs, update the hostname.

        Don't change the hostname after you install and configure a component as it may cause unknown issues.

        Choose a hostname that matches the Role. For example:

        Example
        CCM.mydomain.com
      2. Setup the hostname resolution – Once you update the hostname, ensure that the VM host name is resolvable by running the following command

        1. hostname -i
        2. If the VM name is not resolvable, edit the file /etc/hosts and add your VM’s hostname.
          For example:

          Example
          <hostname> 127.0.0.1
      3. Network routing loopback:
        1. Refers to deployed CCMs that are running behind the Network Address Translation (NAT).
        2. This setup places a restriction on machines from internal networks to ensure that they do not use an external IP to access the CCM.
        3. To address this restriction, you must add a line to the CCO and AMQP server's /etc/hosts file and include the internal private IP of the CCM. For example: If the CCM DNS name is ccm.example.com and it is behind a NAT, and the internal private IP address is 192.168.20.5 and its external public IP address is 54.16.20.5, then enter the following line in the local /etc/hosts file:

          Example
          192.168.20.5 ccm.example.com

          When configuring the CCM, the hostname used above (ccm.example.com) must match what you configure as the Public DNS.

      4. Create the CloudCenter Descriptor JSON file:
        Once infrastructure has been setup for all the CloudCenter components (Phase 1 and Phase 2), create a CloudCenter Descriptor JSON file (Phase 3) that lists all the CloudCenter components with their modes and the IP address that correspond to infrastructure elements for each mode and role. This descriptor file will be used for network compliance check (Step #3). Following are a few sample descriptor files based on some common combination of component modes.

        The overall file structure will depend on factors like modes of various components, number of cloud regions, use of conditional/optional components and repos etc. Also, the region names used in the file should be unique, but do not need to match up with any cloud or datacenter names. These strings are merely used to perform network compliance checks and report results.

    Sample JSON File

    {
        "CloudCenterComponents": {
            "CCM": {
                "CCM_IP": "CCM.Company1.com",
                "mode": "NON-HA "
            },
            "CloudRegions": [{
                "components": {
                    "AMQP": {
                        "AMQP_IP": "AMQP.Company1.com",
                        "mode": "NON-HA"
                    },
                    "CCO": {
                        "CCO_IP": "CCO.Company1.com",
                        "mode": "NON-HA"
                    }
                },
                "name": "AWSEast"
            }],
            "REPOS": {
                "BUNDLE_STORE": "http://cdn.cliqr.com",
                "DOCKER_REGISTRY": "http://repo.cliqrtech.com:5000",
                "PACKAGE_STORE": "http://repo.cliqrtech.com"
            }
        }
    }


  •  OpenStack Appliance Setup


    OpenStack Appliance Setup

    To prepare infrastructure using CloudCenter appliances for OpenStack clouds, follow this process.

    1. Import the CloudCenter QCOW2 images into the OpenStack Console.
    2. Launch the instance for each component using the imported images:
    3. Configure the security groups to associate with each VM and enable communication across various components.

      The network settings in this page provide the minimal port requirements for inter-component communication. In environments where all the components can communicate with each other via any port (typically POC environments or private datacenters), you can skip this phase.

      Production environments typically are secured by only allowing communication through the ports specified in this section.

      The tables in Phase 2: Configure Firewall Rules list the networking requirements for each Component Role.

    4. Select a new or existing key pair to log into each instance – if multiple key pairs are available, you must select one to be used for the CloudCenter instance.

      If you do not select a key pair, you will not be able to log into the component VM!


      • Select an existing key pair from your OpenStack console.

      • Import a new key pair – use the following authentication details to access the key pair information:

        • Username: centos

        • Key: The key used to launch the instance in the OpenStack console – use the following command to retrieve the key pair from your server and paste it in the OpenStack cloud console:

          $ cat my-public-key.pub 
          ssh-rsa AAAAB3NzaC1yc2EAAAADAQABAAABAQC4x93DDQBAwT5D54aQrKdUHQNaakuddaWZxpcYfQCTL
          ...
          ...
          /fHJlDYDjFqrCILgvZqQ76J

          After adding a Private Network to the instance, be sure to inject the key-pair correctly.

    5. Setup hostname – For all launched VMs, update the hostname. Choose a hostname that matches the Virtual Appliance Overview > Role. For example:
      1. hostname – For all launched VMs, update the hostname.

        Don't change the hostname after you install and configure a component as it may cause unknown issues.

        Choose a hostname that matches the Role. For example:

        Example
        CCM.mydomain.com
      2. Setup the hostname resolution – Once you update the hostname, ensure that the VM host name is resolvable by running the following command
        1. hostname
        2. If the VM name is not resolvable, edit the file /etc/hosts and add your VM’s hostname.
          For example:

          Example
          12.168.20.5 ccm.example.com
        3. In addition, for OpenStack you must make sure that the hostname doesn't change in case of a server restart. Add the hostname entry in the /etc/sysconfig/network file, on each server that requires a DNS name instead of the IP address:

          Required for OpenStack Deployments!
          HOSTNAME=<hostname>
      3. Network routing loopback:
        1. Refers to deployed CCMs that are running behind the Network Address Translation (NAT).
        2. This setup places a restriction on machines from internal networks to ensure that they do not use an external IP to access the CCM.
        3. To address this restriction, you must add a line to the CCO and AMQP server's /etc/hosts file and include the internal private IP of the CCM. For example: If the CCM DNS name is ccm.example.com and it is behind a NAT, and the internal private IP address is 192.168.20.5 and its external public IP address is 54.16.20.5, then enter the following line in the local /etc/hosts file:

          Example
          192.168.20.5 ccm.example.com

          When configuring the CCM, the hostname used above (ccm.example.com) must match what you configure as the Public DNS while configuring CCM.

      4. Create the CloudCenter Descriptor JSON file:
        Once infrastructure has been setup for all the CloudCenter components, create a CloudCenter Descriptor JSON file that lists all the CloudCenter components with their modes and the IP address that correspond to infrastructure elements for each mode and role. This descriptor file will be used for network compliance check (Step #3). Following are a few sample descriptor files based on some common combination of component modes.

        The overall file structure will depend on factors like modes of various components, number of cloud regions, use of conditional/optional components and repos etc. Also, the region names used in the file should be unique, but do not need to match up with any cloud or datacenter names. These strings are merely used to perform network compliance checks and report results.

    Sample JSON File

    {
        "CloudCenterComponents": {
            "CCM": {
                "CCM_IP": "CCM.Company1.com",
                "mode": "NON-HA "
            },
            "CloudRegions": [{
                "components": {
                    "AMQP": {
                        "AMQP_IP": "AMQP.Company1.com",
                        "mode": "NON-HA"
                    },
                    "CCO": {
                        "CCO_IP": "CCO.Company1.com",
                        "mode": "NON-HA"
                    }
                },
                "name": "AWSEast"
            }],
            "REPOS": {
                "BUNDLE_STORE": "http://cdn.cliqr.com",
                "DOCKER_REGISTRY": "http://repo.cliqrtech.com:5000",
                "PACKAGE_STORE": "http://repo.cliqrtech.com"
            }
        }
    }


  •  Amazon Appliance Setup

    AWS Appliance Setup

    To prepare infrastructure using CloudCenter appliances for AWS clouds, follow this process.

    1. Request image sharing for the AWS account by opening a CloudCenter Support case (https://mycase.cloudapps.cisco.com/case or http://www.cisco.com/c/en/us/support/index.html). In your request, specify the following details:

      1. AWS account number
      2. CloudCenter version

      3. Customer ID (CID)

      4. Customer name

      5. Production or POC setup
      6. Contact email

    2. After you open a case, your support case is updated with the share AMI IDs. Proceed to the next step only after your support case is updated with the AMI IDs.
    3. Go to the AWS cloud console and select:
      1. Region: US East (North Virginia)
      2. Compute: EC2

        Cisco Provided AWS Images

        By default, Cisco only provides images for US East (North Virginia) region.

        If you prefer to use any other region, follow this procedure:

        1. Follow the rest of the process to set up CloudCenter Appliances to launch each CloudCenter component using the AMI provided by Cisco.
        2. Save each component as a new AMI (refer to the AWS documentation for details).
        3. Copy the AMI to the required AWS region (refer to the AWS documentation for details).
        4. Then follow the remainder of this process to set up CloudCenter appliances in the new AWS region.
    4. Locate the AMI ID for each component:
      1. Search for Private Images in the search bar.
      2. Ensure that the selected private image is the same as listed in the AMI ID that was emailed to you.
    5. Launch the instance for each component using the AMI ID:

      1. Choose an instance type (see Phase 1: Prepare Infrastructure > Hardware Requirements for additional context)
      2. Configure the instance details as required by your environment.
      3. Add the storage of your choice.
      4. Tag instance using a descriptive name. See Virtual Appliance Overview > Modes and Roles for CloudCenter names.
      5. Configure the security groups to associate with each VM. See Phase 2: Configure Firewall Rules for additional context. The next section in this process Configure Network Rules provides the minimum required network settings.

        Ensure that Port 22 is open to allow SSH access into the component VM.


      6. Review and update the instance launch settings as required by your environment.
      7. Click Launch and the Select an existing key pair or create a new key pair screen displays. Refer to your AWS documentation for information on key pairs.

        If you do not select a key pair, you will not be able to log into the component VM!

      8. Click Launch Instance to launch the component VM. Check the AWS console for completion of the VM launch process has successfully completed.
    6. Setup hostname – For all launched VMs, update the hostname. Choose a hostname that matches the Virtual Appliance Overview > Role. For example:
      1. hostname – For all launched VMs, update the hostname.

        Don't change the hostname after you install and configure a component as it may cause unknown issues.

        Choose a hostname that matches the Role. For example:

        Example
        CCM.mydomain.com
      2. Setup the hostname resolution – Once you update the hostname, ensure that the VM host name is resolvable by running the following command
        1. hostname
        2. If the VM name is not resolvable, edit the file /etc/hosts and add your VM’s hostname.
          For example:

          Example
          19.168.20.5 ccm.example.com
        3. In addition, for AWS you must make sure that the /etc/cloud/cloud.cfg file contains the following entry to ensure that the hostname persists even after the server is rebooted:

          Required for AWS Deployments!
          preserve_hostname: true
      3. Network routing loopback:

        1. Refers to deployed CCMs that are running behind the Network Address Translation (NAT).

        2. This setup places a restriction on machines from internal networks to ensure that they do not use an external IP to access the CCM.

        3. To address this restriction, you must add a line to the CCO and AMQP server's /etc/hosts file and include the internal private IP of the CCM. For example: If the CCM DNS name is ccm.example.com and it is behind a NAT, and the internal private IP address is 192.168.20.5 and its external public IP address is 54.16.20.5, then enter the following line in the local /etc/hosts file:

          Example
          192.168.20.5 ccm.example.com

          When configuring the CCM, the hostname used above (ccm.example.com) must match what you configure as the Public DNS while configuring CCM.

    7. Create the CloudCenter Descriptor JSON file:
      Once infrastructure has been setup for all the CloudCenter components, create a CloudCenter Descriptor JSON file that lists all the CloudCenter components with their modes and the IP address that correspond to infrastructure elements for each mode and role. This descriptor file will be used for network compliance check (Step #3). Following are a few sample descriptor files based on some common combination of component modes.

      The overall file structure will depend on factors like modes of various components, number of cloud regions, use of conditional/optional components and repos etc. Also, the region names used in the file should be unique, but do not need to match up with any cloud or datacenter names. These strings are merely used to perform network compliance checks and report results.

    Sample JSON File

    {
        "CloudCenterComponents": {
            "CCM": {
                "CCM_IP": "CCM.Company1.com",
                "mode": "NON-HA "
            },
            "CloudRegions": [{
                "components": {
                    "AMQP": {
                        "AMQP_IP": "AMQP.Company1.com",
                        "mode": "NON-HA"
                    },
                    "CCO": {
                        "CCO_IP": "CCO.Company1.com",
                        "mode": "NON-HA"
                    }
                },
                "name": "AWSEast"
            }],
            "REPOS": {
                "BUNDLE_STORE": "http://cdn.cliqr.com",
                "DOCKER_REGISTRY": "http://repo.cliqrtech.com:5000",
                "PACKAGE_STORE": "http://repo.cliqrtech.com"
            }
        }
    }