The CloudCenter platform allows you to define your own parameters or use the CloudCenter-supported parameters as identified in Parameters and Macros > Parameter Type. The webservice option is listed in the Parameter Type dropdown. If you configure this option, you must provide the Protocol (HTTP or HTTPS), Web Service URL, and the credentials (Username and Password) for the webservice.
To use the Arcus integration, verify the following requirements:
OS with BASH installed
Docker v1.12.0 or later installed and accessible to the user running the installer
If using SSL, the certificate chain (arcus.crt) and key (arcus.key) in PEM format – the self-signed certificates are available in the arcus/certs folder from the same authority as the CCM and thus, works by default when you install the CCM.
An Arcus API account
CloudCenter 4.9.0 or later releases
To configure an Arcus server, an Arcus administrator who is also a CloudCenter administrator must follow this procedure.
- Download package files:
SSH into the VM instance designated for this component by using the key pair that you used to launch the VM.
Along with the key pair, you may need to use your login credentials for sudo or root access based on your environment.
Download the following required files for this component from software.cisco.com. Be aware that the following files are contained in a file name that uses the following syntax:
Use the defaults or override defaults for the environment variables that the following table describes.
Environment Variable Default Description PRODUCTION_PASSWORD Randomly generated hex value Used to set the MariaDB password MYSQL_DATA_DIR /opt/arcus/data The location where Arcus should store the MariaDB files ARCUS_CERT_DIR /opt/arcus/certs If using SSL, the directory containing the certificate and key ARCUS_CERT_KEY ssl.key If using SSL, the name of the key file, relative to the directory ARCUS_CERT_DIR ARCUS_CERT_FILE ssl.cert If using SSL, the name of the cert chain file, relative to the directory ARCUS_CERT_DIR
Run the core installer to setup core system components using the following commands.
<ostype>= centos7, rhel7
<cloudtype>= amazon, azurerm, azurepack, azurestack, google, kubernetes, opsource, openstack, softlayer, vmware, or vcd
(run the ./core_installer.bin help command for a complete list)
Remove the core_installer.bin file.
Reboot the Arcus VM.
You have successfully installed the Arcus server! You must now configure the Arcus server to integrate with the CloudCenter platform.
Arcus API Account Access
The Arcus API Account is required to authorize access to the Arcus web service. The credentials for the Arcus API account must be set in Cisco CloudCenter when configuring a call through Arcus to gather information from your infrastructure device.
Create an Arcus API account.
Log in to Arcus. The following screenshot shows information for Arcus API accounts.
Select Arcus API Accounts from the left navigation menu to view a list of all Arcus API Accounts. From this list of devices, you can view, edit, or remove existing Arcus API Accounts.
Click the New Arcus API Account button.
Enter a descriptive name for the account.
Optionally, enter a longer description for the account.
Enter a Username.
Enter a Password and confirm the password.
If you change the Username or Password for an Arcus API Account, you will have to make the corresponding changes to the automation created in the CloudCenter platform.
Click the Create Arcus API Account button.
Installing a Trusted Certificate Authority
To integrate the CloudCenter platform with an Arcus server, your client must trust the HTTPS endpoint. If the client is not using an SSL certificate signed by the standard Java JRE's trusted CAs, you must add a trusted certificate.
Be sure to import the certificate from the CCM and update the certificates as specified in the Certificate Authentication > Update the certs.zip File on the Arcus Server section.
An Arcus user who is not an Arcus administrator is called a Member. Members cannot create additional Arcus users. Members can create and manage device types, devices, templates, and service accounts.
In addition to all of the capabilities of a Member, Admin users have the additional capability to create and manage Member users and other Admin users on the Arcus server. Only Admin users can create, modify, and remove other user accounts
To configure a Member or Admin user, follow this procedure:
Log in to the Arcus server as an Admin user.
Select Admin Users from the left navigation menu. The list of configured users is displayed! From this list of devices, you can view, edit, or remove existing users.
Click the New Admin User button to add a new user.
Enter the user’s email address.
Enter a password and confirm the password.
Choose either a Member or Admin for the role.
Click the Create Admin User button
Click the Edit button for a specific user to change the password: Changing the password of the user you are logged in as will require you to sign in again
Enter a new password and confirm the new password.
Click the Update Admin User button.
Click the Delete button for a specific user to delete this user: You cannot delete the user you are logged in as.
Verify the user name.
Confirm that you wish to delete the user.
Reset Admin Password from the Command Line
If any user has forgotten their password, then any Admin user can reset the user's password. If all admins have forgotten their passwords, you can reset the password for one of the Admins from the command line.
Log onto the host system for Arcus as a user who has Docker permission
Run the following command:
The system prompts you to enter the new password twice.
Once accepted, the system confirms that the password has been set and you can log in using the web interface.
Device Type Configuration
A Device Type represents the make and model of a brand or class of device existing in your infrastructure. As an example, if you have a number of F5 BIG-IP LTM 7050 load balancers in use, you would create a Device Type representing this type of infrastructure device. By creating this Device Type, you will be able to create individual devices for each of the 7050s deployed to your infrastructure and you will, further, be able to create templates that you can use to retrieve information from this Device Type.
Both Devices and Templates belong to a Device Type.
A Template returns data for any Device which shares its Device Type.
It is important to use the appropriate Device Type so Templates return meaningful data for all Devices belonging to the same Device Type.
To configure a Device Type, follow this procedure.
Login to the Arcus server as an Admin user. The following screenshot highlights the Device Types > New Device Type button.
Select Device Types from the left navigation menu. The list of configured devices is displayed! From this list of devices types, you can view, edit, or remove existing devices.
Click the New Device Type button to add a new device type:
Enter a unique name to describe the device type.
Click the Add New Step button.
Provide a step name that describes it.
If the device type should also apply the template settings to this step, check the Apply template box.
If different settings are configured in both the template setting and the step setting, be aware that the template setting overrides the step setting. The template's transformation is applied to the response body.
Configure the step to make the appropriate HTTP request.
If the device type should also include the basic authentication header using the device credentials in this step, check the Basic auth box.
Optional. Click Add New Step if you need to add another step.
Click the Create Device Type button to save all changes.
Click the Edit button for a specific device type: Changing the authentication details affects all devices associated with this device type
Click the Delete button for a specific device type: Device Types associated with one or more devices and/or templates cannot be removed. The Delete button will only be available for device types that are not associated with a device and/or template.
A Device represents an individual and uniquely addressable device from your infrastructure. For example, you could have a F5 BIG-IP LTM 7050 load balancer with the IP address 126.96.36.199 represented by a device in Arcus. The device contains the information required to send requests to the device and collect information from the device’s APIs, including the username and password for the device’s APIs and the base URL or IP address to use when contacting the device’s APIs. Using a combination of a unique device and a template for the appropriate device type, you can retrieve information from the device using APIs.
To configure a device, follow this procedure.
Login to the Arcus server as an Admin user. The following screenshot highlights the Device Types > New Device button.
Select Devices from the left navigation menu. The list of configured devices is displayed! From this list of devices, you can view, edit, or remove existing devices.
Click the New Device button to add a new device:
Select the appropriate device type for the device (If the appropriate device type does not exist for this device, create a new device type for this class of device).
Enter a unique name to describe the device.
Enter the base URL or IP address assigned to the device.
When available and required, enter the username and password necessary to authenticate to the device.
If the device allows or requires SSL validation, check the Ssl validation box.
Click the Create Device button.
Click the Edit button for a specific device: Changing the authentication details affects all devices associated with this device type
Click the Delete button for a specific device: Device Types associated with one or more devices and/or templates cannot be removed. The Delete button will only be available for device types that are not associated with a device and/or template.
Templates contain instructions specific to the detailed API endpoint you are trying to access. This includes the relative path to the endpoint, any payload that needs to be included with the request, and how to parse the data that is returned from the endpoint.
To configure a Device Type, follow this procedure.
Login to the Arcus server as an Admin user. The following screenshot highlights the Device Types > New Template button and a relative URL of the endpoint from which to access the data.
Select Templates from the left navigation menu.
Click the New Template button.
Select the appropriate Device Type for the device (If the appropriate device type does not exist for this device, create a new device type for this class of device).
Enter a unique name to describe the template.
Enter a description (optional). This is used to help other users of the system know the purpose of the template.
Enter the relative URL of the endpoint to from which to access the data.
Select the HTTP method to use to retrieve the data (get or post).
Enter the body that should be passed to the service during the request (mainly used when retrieving data with POST).
Add additional headers to pass the request, if needed.
Enter a valid XSLT in the Transformation section. For details on how to create a transformation, see the XSLT Transformation below.
Click the Create Template button.
The CloudCenter platform's XSLT format is as follows:
The components for the XSLT transformation is explained in the following table.
<?xml version="1.0" encoding="ISO-8859-1"?>
Declares the version and encoding for the transformation.
|Yes (in most cases)||No|
<xsl:stylesheet version="1.0" xmlns:xsl="http://www.w3.org/1999/XSL/Transform">
|Opens the transformation||Yes||No|
The first line of the transformation and opens the CloudCenter template. Use the value of the match attribute to dive into the returned data set to reduce repetition, or use “/” to indicate the root of the returned data.
Arcus uses this tag to identify the dataset location in the resulting XML document.
Declares the individual elements to loop over. The XML attribute select should be the relative path from match above to the individual elements.
By default, Arcus returns data in the same order provided by the source system. To enforce sorting using an alternate key, add this line and set the select attribute to the key location.
Arcus uses this tag to identify the individual results of the data set.
The internal name to use GUID or CIDR block, and so forth.
Each result should contain both a name and a displayName element. Set the select attribute as the relative location of the attribute to fetch.
The information displayed to the user.
Set the select attribute as the relative location to fetch the displayName data.
|Closes each element||Yes||No|
Arcus accepts structured data in both XML and JSON formats. The returned information is parsed and transformed based on the template.
Example 1 (XML Data)
Data returned as XML is available to be parsed using the existing structure with which the endpoint returns the data.
The following XSLT:
Returns this data:
Example 2 (JSON Data)
The JSON spec does not require a top-level key to be valid. Consequently, the CloudCenter platform wraps the JSON response in a root element before attempting to transform the data. Hence, the XSLT written to consume JSON data must contain root as the first part of the select participle.
Arcus converts underscores to dashes in keys (so account_id is converted to account-id).
The following XSLT:
Returns this data:
When converting arrays to XML, Arcus attempts to use the singular form of keys.
To loop over individual names, use the for-each string of root/data/items/item.
However, given this structure:
You would need to use the for-each string of root/data/host/host as host is already singular.
A key ending in “a” is a special case, as Arcus interprets the “a” ending as the plural form of the key.
To loop over the individual names, use the for-each string of root/data/imdata/imdatum.
- No labels