ucs director admin guide
DESCRIPTION
UCS Director Admin GuideTRANSCRIPT
-
5/27/2018 Ucs Director Admin Guide
1/164
Cisco Systems, Inc.www.cisco.com
Cisco has more than 200 offices worldwide.
Addresses, phone numbers, and fax numbers
are listed on the Cisco website at
www.cisco.com/go/offices.
Cisco UCS Director Administration Guide,
Release 4.1
December 16, 2013
Text Part Number: OL-30729-01
http://www.cisco.com/http://www.cisco.com/go/officeshttp://www.cisco.com/go/officeshttp://www.cisco.com/go/officeshttp://www.cisco.com/go/officeshttp://www.cisco.com/go/officeshttp://www.cisco.com/ -
5/27/2018 Ucs Director Admin Guide
2/164
THE SPECIFICATIONS AND INFORMATION REGARDING THE PRODUCTS IN THIS MANUAL ARE SUBJECT TO CHANGE WITHOUT NOTICE .ALLSTATEMENTS, INFORMATION, AND RECOMMENDATIONS IN THIS MANUAL ARE BELIEVED TO BE ACCURATE BUT ARE PRESENTED WITHOUT
WARRANTY OF ANY KIND, EXPRESS OR IMPLIED.USERS MUST TAKE FULL RESPONSIBILITY FOR THEIR APPLICATION OF ANY PRODUCTS.
THE SOFTWARE LICENSE AND LIMITED WARRANTY FOR THE ACCOMPANYING PRODUCT ARE SET FORTH IN THE INFORMATION PACKET THAT
SHIPPED WITH THE PRODUCT AND ARE INCORPORATED HEREIN BY THIS REFERENCE.IF YOU ARE UNABLE TO LOCATE THE SOFTWARE LICENSEOR LIMITED WARRANTY, CONTACT YOUR CISCO REPRESENTATIVE FOR A COPY.
The Cisco implementation of TCP header compression is an adaptation of a program developed by the University of California, Berkeley (UCB) as part of UCBs public
domain version of the UNIX operating system.All rights reserved.Copyright 1981, Regents of the University of California.
NOTWITHSTANDING ANY OTHER WARRANTY HEREIN, ALL DOCUMENT FILES AND SOFTWARE OF THESE SUPPLIERS ARE PROVIDED AS IS WITH
ALL FAULTS.CISCO AND THE ABOVE-NAMED SUPPLIERS DISCLAIM ALL WARRANTIES, EXPRESSED OR IMPLIED, INCLUDING, WITHOUTLIMITATION, THOSE OF MERCHANTABILITY, FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT OR ARISING FROM A COURSE OF
DEALING, USAGE, OR TRADE PRACTICE.
IN NO EVENT SHALL CISCO OR ITS SUPPLIERS BE LIABLE FOR ANY INDIRECT, SPECIAL, CONSEQUENTIAL, OR INCIDENTAL DAMAGES, INCLUDING,
WITHOUT LIMITATION, LOST PROFITS OR LOSS OR DAMAGE TO D ATA ARISING OUT OF THE USE OR INABILITY TO USE THIS MANUAL, EVEN IF CISCO
OR ITS SUPPLIERS HAVE BEEN ADVISED OF THE POSSIBILITY OF SUCH DAMAGES.
Cisco and the Cisco logo are trademarks or registered trademarks of Cisco and/or its affiliates in the U.S. and other countries. To view a l ist of Cisco trademarks, go to this
URL: www.cisco.com/go/trademarks. Third-party trademarks mentioned are the property of their respective owners. The use of the word partner does not imply a partnership
relationship between Cisco and any other company. (1110R)
All other trademarks mentioned in this document or Website are the property of their respective owners. The use of t he word partner does not imply a partnership relationship
between Cisco and any other company. (0711R)
Any Internet Protocol (IP) addresses and phone numbers used in this document are not intended to be actual addresses and phone numbers.Any examples, command displayoutput, network topology diagrams, and other figures included in the document are shown for ill ustrative purposes only.Any use of actual IP addresses or phone numbers inillustrative content is unintentional and coincidental.
2013 Cisco Systems, Inc.All rights reserved.
http://www.cisco.com/go/trademarkshttp://www.cisco.com/go/trademarks -
5/27/2018 Ucs Director Admin Guide
3/164iii
Cisco UCS Director Administration Guide, Release 4.1
OL-30729-01
C O N T E N T S
Preface xi
Audience xi
Conventions xi
Related Documentation xiii
Documentation Feedback xiii
Obtaining Documentation and Submitting a Service Request xiii
New and Changed Information for this Release 1-1
New and Changed Information 1-1
Overview 2-1
About Cisco UCS Director 2-1
Features and Benefits 2-2
Physical and Virtual Management Features 2-4
Model-Based Orchestration 2-4
Initial Login 2-5
Recommended Order of System Setup 2-6
Managing Users and Groups 3-1
Managing User Types 3-1
User Types 3-1
Default User Permissions 3-2
Managing Groups 3-7
Creating a Group or Customer Organization 3-7
Password Policy 3-8
Group Budget Policy 3-9
Resource Limits 3-9
Configuring the Administration Profile 3-11
Creating the admin Profile 3-11
Changing the admin Password 3-12
Adding Users 3-12
Viewing Current Online Users 3-13
Managing User Access Profiles 3-14
Multi-Role Access Profiles 3-14
Creating a User Access Profile 3-14
-
5/27/2018 Ucs Director Admin Guide
4/164
Contents
iv
Cisco UCS Director Administration Guide, Release 4.1
OL-30729-01
Editing a User Access Profile 3-14
Deleting a User Access Profile 3-15
Logging in to a Profile 3-15
Default Profile 3-15
Authentication and LDAP Integration 3-16
Configuring Authentication Preferences 3-16
LDAP Integration 3-17
Single Sign-On 3-19
Branding 3-19
Branding Groups and Customer Organizations 3-19
Login Page Branding 3-20
Managing System Administration Settings 4-1
Setting Up the Outgoing Mail Server 4-1Configuring System Parameters (Optional) 4-2
Configuring System Parameters (Optional) 4-2
Configuring Infrastructure System Parameters (Optional) 4-3
Updating the License 4-3
Verifying License Utilization 4-4
Viewing License Utilization History 4-4
Viewing Resource Usage Data 4-4
Edit Application Categories 4-5
Customizing the Portal 4-6
Customizing the Login Page and Background Images 4-6
Customizing the Application Logo 4-6
Customizing Favicons 4-6
Customizing the Application Header 4-7
Customizing the Date Display 4-7
Customizing the Color Theme 4-8
Customizing Logout Redirect 4-8
Customizing Reports 4-8
Advanced Controls 4-8Enabling Advanced Controls 4-9
User Menus 4-9
Setting User Menus 4-10
User Permissions 4-10
Setting User Permissions 4-10
Managing System Tasks 4-10
-
5/27/2018 Ucs Director Admin Guide
5/164
Contents
v
Cisco UCS Director Administration Guide, Release 4.1
OL-30729-01
Creating a Node Pool 4-11
Creating a System Task Policy 4-11
Assigning a Node Pool to a System Task Policy 4-11
Creating a Service Node 4-12
Assigning a System Policy to a System Task 4-13
Executing System Tasks 4-13
Disabling a System Task 4-13
Managing Icons 4-14
Adding an Icon 4-14
Editing an Icon 4-14
Deleting an Icon 4-15
Previewing an Icon 4-15
Support Information 4-15
Viewing Support Information 4-15
Managing Integration Settings 5-1
Configuration Management Database Integration 5-1
Setting Up CMBD Integration 5-1
Metering Data Export 5-2
Setting Up Metering Data Export 5-2
Change Records 5-2
Viewing Change Records 5-2
System Logs 5-3
Setting up System Logs 5-3
Storage and OVF Upload 5-3
Multiple Language Support 5-4
Managing a Physical Infrastructure 6-1
About Managing a Physical Infrastructure 6-1
Adding a Site 6-1
Adding a Pod 6-2
Adding a Physical Account 6-2
Adding Multi-Domain Manager Account 6-4
Adding a Network Element 6-4
Enabling DHCP Logging 6-5
Testing Connectivity 6-5
Testing Connectivity of Managed Network Elements 6-5
Testing Connectivity of Physical Accounts 6-5
Enabling Device Discovery 6-6
-
5/27/2018 Ucs Director Admin Guide
6/164
Contents
vi
Cisco UCS Director Administration Guide, Release 4.1
OL-30729-01
Managing a Virtual Infrastructure 7-1
About Managing VMware 7-1
Creating a Cloud 7-1
Downloading the PowerShell Agent Installer 7-2
Creating a PowerShell Agent 7-3
Verifying Cloud Discovery and Connectivity 7-3
Testing the Connection 7-3
Viewing vCenter Plug-ins 7-4
Managing Policies 8-1
Policies 8-1
Computing Policies 8-1
Data Collection Policy 8-3
Configuring a Data Collection Policy for a Virtual Account 8-3Associating the Data Collection Policy for a Virtual Account 8-4
Storage Policies 8-4
Storage Policies for Multiple VM disks 8-4
Adding and Configuring a Storage Policy 8-5
Virtual Storage Catalogs 8-6
Network Policies 8-7
Adding a Static IP Pool Policy 8-7
Adding a Network Policy 8-8
Network Provisioning Policies 8-9VLAN Pool Policies 8-10
System Policies 8-11
Configuring a System Policy 8-11
OS Licenses 8-13
Managing Virtual Data Centers 9-1
About Managing Virtual Data Centers 9-1
VDC Actions 9-1
Adding a VDC 9-1
Viewing a VDC 9-3
Editing a VDC 9-3
Deleting a VDC 9-4
Cloning a VDC 9-4
Managing Application Categories in a VDC 9-4
VDC Service Profiles 9-5
Adding VDC Service Profiles 9-5
-
5/27/2018 Ucs Director Admin Guide
7/164
Contents
vi
Cisco UCS Director Administration Guide, Release 4.1
OL-30729-01
Managing Catalogs 10-1
About Managing Catalogs 10-1
Publishing a Catalog 10-1
Publishing Advanced Catalogs 10-4Publishing Advanced Catalogs 10-4
Viewing a Catalog 10-5
Editing a Catalog 10-5
Deleting a Catalog 10-6
Cloning Catalogs 10-6
Cloning a Catalog 10-6
Assessing Hosts for Deployment 10-6
Using Self-Service Provisioning 11-1
About Self-Service Provisioning 11-1
Service Requests 11-1
Creating a Service Request with Catalog TypeStandard 11-1
Service Request with Catalog TypeAdvanced 11-3
Service Request Workflow and Details 11-4
Service Request Workflow 11-4
Service Request Details 11-5
Viewing a Service Requests Workflow Status 11-6
Viewing a Service Requests Log 11-6
About Scheduling a Service Request 11-6
Scheduling Service Requests 11-6
About Resubmitting a Service Request 11-7
Resubmitting a Service Request 11-7
Other Service Request Functions 11-7
Canceling a Service Request 11-7
Rolling Back a Service Request 11-8
Viewing Service Requests for a Particular Group 11-8
Searching the Service Requests History for a Group 11-8
Exporting the Service Requests History for a Group 11-8
Reinstating an Archived Service Request 11-9
Service Request Approval Process 11-9
Approving a Service Request 11-9
Rejecting a Service Request 11-10
Viewing the Service Requests Approvals History 11-10
Searching the Service Request Approvals History 11-10
-
5/27/2018 Ucs Director Admin Guide
8/164
Contents
viii
Cisco UCS Director Administration Guide, Release 4.1
OL-30729-01
Exporting Service Request Approvals History 11-10
Service Request Budgeting 11-11
Viewing the Current Month Budget Availability 11-11
Viewing Budget Entries 11-11
Adding a Budget Entry 11-11
Editing a Budget Entry 11-12
Deleting a Budget Entry 11-12
Multiple Disk VM Provisioning 12-1
About Multiple Disk VM Provisioning 12-1
Workflow for Multiple Disk VM Provisioning 12-2
About Templates with Multiple Disks 12-2
Assigning Disk Categories 12-2
Defining the Storage Policies 12-2
Creating a Storage Policy 12-3
Creating a Catalog 12-4
Adding a Catalog 12-4
Creating a VM Disk 12-7
Using the Chargeback Module 13-1
About Chargeback Features 13-1
Budget Policies 13-2
Configuring a Budget Policy 13-2Cost Models 13-2
Creating a Cost Model 13-2
Modifying a VDC to Include a Cost Model 13-4
Adding a Cost Model to a VDC 13-4
Editing a VDC to Include a Cost Model 13-5
Package-Based Cost Models 13-6
Creating a Package-Based Cost Model 13-6
Storage Tier Cost Models 13-8
Assigning a Cost to a Tier13-8
Assigning a Datastore to Tiers 13-8
Assigning a Datastore to a Tier 13-9
Chargeback Reports 13-9
Viewing a Current Month Summary 13-10
Viewing the Previous Months Summary 13-10
Viewing the Monthly Resource Accounting 13-10
Viewing the VM Level Resource Accounting Details 13-10
-
5/27/2018 Ucs Director Admin Guide
9/164
Contents
ix
Cisco UCS Director Administration Guide, Release 4.1
OL-30729-01
Viewing the VM Level Chargeback Details 13-10
Exporting the Monthly Resource Accounting Details 13-11
Exporting the VM Level Resource Accounting Details 13-11
Exporting the VM Level Chargeback Details 13-11
Change Records 13-11
Accessing Change Records 13-12
Chargeback Calculations 13-12
System Monitoring and Reporting 14-1
Dashboard 14-1
Enabling the Dashboard 14-1
Adding Report Widgets 14-2
Refresh Widget Data 14-2
Summary 14-2Viewing Virtual Machine, Cloud and System Summary Information 14-2
Customizing Summary Report Widgets 14-2
Inventory Management 14-3
Accessing System Inventory Details 14-3
Resource Pools 14-3
Accessing Resource Details 14-3
Clusters 14-3
Accessing Clusters 14-3
Images 14-4Accessing Images 14-4
Host Nodes 14-4
Accessing Host Nodes 14-4
VMs 14-4
Accessing VMs 14-4
Accessing Group Level VMs 14-4
Topology 14-5
Accessing Topology Types 14-5
Assessment 14-5Accessing Assessments 14-5
Reports 14-5
Accessing Reports 14-6
Managing Life Cycles 15-1
Managing VM Power Settings 15-1
Resizing a VM 15-2
-
5/27/2018 Ucs Director Admin Guide
10/164
Contents
x
Cisco UCS Director Administration Guide, Release 4.1
OL-30729-01
Managing VM Snapshots 15-2
Creating VM Snapshots 15-3
Reverting to a Snapshot 15-3
Marking a Golden Snapshot 15-4
Deleting a Snapshot 15-4
Deleting All Snapshots 15-4
Configuring the Lease Time for a Virtual Machine 15-5
Managing VM Actions 15-5
Viewing VM Details 15-6
Using Stack View 15-6
Deleting a VM 15-7
Creating a VM Disk 15-7
Deleting a VM Disk 15-8
Adding vNICs 15-8
Replacing a vNIC 15-9
Deleting vNICs 15-10
Launching the VM Client 15-10
Enabling the VNC Console on a VM 15-10
Accessing the VNC Console Window for a VM 15-11
Assigning a VM 15-11
VM Credentials 15-12
Using the Inventory Collection Request for a VM 15-12
Testing VNC Connectivity 15-13
Cloning a VM 15-13
Moving a VM to VDC 15-16
Resynchronizing a VM 15-16
Managing CloudSense Analytics 16-1
About CloudSense Analytics 16-1
Generating a Report 16-2
Generating an Assessment 16-2
-
5/27/2018 Ucs Director Admin Guide
11/164
xi
Cisco UCS Director Administration Guide, Release 4.1
OL-30729-01
Preface
This preface contains the following sections:
Audience, page xi
Conventions, page xi
Related Documentation, page xiii Documentation Feedback, page xiii
Obtaining Documentation and Submitting a Service Request, page xiii
AudienceThis guide is intended primarily for pod administrators who use Cisco UCS Director and who have
responsibilities and expertise in one or more of the following:
Server administration
Storage administration
Network administration
Network security
Conventions
Table 1 Conventions Used in this Document
Text Type Indication
GUI Elements GUI elements such as tab titles, area names, and field labels appear i
this font.
Main titles such as window, dialog box, and wizard titles appear in th
font.
Document titles Document titles appear in this font.
TUI elements In a Text-based User Interface, text the system displays appears in th
font.
System output Terminal sessions and information that the system displays appear in
this font.
-
5/27/2018 Ucs Director Admin Guide
12/164
xii
Cisco UCS Director Administration Guide, Release 4.1
OL-30729-01
Note Means reader take note. Notes contain helpful suggestions or references to material not covered in the
document.
Tip Means the following information will help you solve a problem. The tips information might not be
troubleshooting or even an action, but could be useful information, similar to a Timesaver.
Caution Means reader be careful. In this situation, you might perform an action that could result in equipment
damage or loss of data.
Timesaver Means the described action saves time. You can save time by performing the action described in the
paragraph.
Warning IMPORTANT SAFETY INSTRUCTIONSThis warning symbol means danger. You are in a situation that could cause bodily injury. Before youwork on any equipment, be aware of the hazards involved with electrical circuitry and be familiar
with standard practices for preventing accidents. Use the statement number provided at the end of
each warning to locate its translation in the translated safety warnings that accompanied this device
SAVE THESE INSTRUCTIONS
CLI Commands CLI command keywords appear in this font.
Variables in a CLI command appear in this font.
[ ] Elements in square brackets are optional.
{x | y | z} Required alternative keywords are grouped in braces and separated by
vertical bars.
[x | y | z] Optional alternative keywords are grouped in brackets and separated by
vertical bars.
string A nonquoted set of characters. Do not use quotation marks around the
string or the string will include the quotation marks.
< > Nonprinting characters such as passwords are in angle brackets.
[ ] Default responses to system prompts are in square brackets.
!, # An exclamation point (!) or a pound sign (#) at the beginning of a line
of code indicates a comment line.
Table 1 Conventions Used in this Document
Text Type Indication
-
5/27/2018 Ucs Director Admin Guide
13/164
xii
Cisco UCS Director Administration Guide, Release 4.1
OL-30729-01
Related Documentation
Cisco UCS Director Documentation Roadmap
For a complete list of Cisco UCS Director documentation, see the Cisco UCS Director DocumentatRoadmapavailable at the following URL:
http://www.cisco.com/en/US/docs/unified_computing/ucs/ucs-director/doc-roadmap/b_UCSDirecto
ocRoadmap.html
Cisco UCS Documentation Roadmaps
For a complete list of all Cisco UCS B-Series documentation, see the Cisco UCS B-Series Servers
Documentation Roadmapavailable at the following URL:
http://www.cisco.com/en/US/docs/unified_computing/ucs/overview/guide/UCS_roadmap.html
For a complete list of all Cisco UCS C-Series documentation, see the Cisco UCS C-Series Servers
Documentation Roadmapavailable at the following URL:
http://www.cisco.com/en/US/docs/unified_computing/ucs/overview/guide/UCS_rack_roadmap.htm
Documentation FeedbackTo provide technical feedback on this document, or to report an error or omission, please send your
comments to [email protected]. We appreciate your feedback.
Obtaining Documentation and Submitting a Service Request
For information on obtaining documentation, submitting a service request, and gathering additionalinformation, see the monthly What's New in Cisco Product Documentation, which also lists all new
revised Cisco technical documentation.
Subscribe to the What's New in Cisco Product Documentationas a Really Simple Syndication (RSS) f
and set content to be delivered directly to your desktop using a reader application. The RSS feeds ar
free service and Cisco currently supports RSS version 2.0.
http://www.cisco.com/en/US/docs/unified_computing/ucs/ucs-director/doc-roadmap/b_UCSDirectorDocRoadmap.htmlhttp://www.cisco.com/en/US/docs/unified_computing/ucs/ucs-director/doc-roadmap/b_UCSDirectorDocRoadmap.htmlhttp://www.cisco.com/en/US/docs/unified_computing/ucs/overview/guide/UCS_roadmap.htmlhttp://www.cisco.com/en/US/docs/unified_computing/ucs/overview/guide/UCS_rack_roadmap.htmlmailto:[email protected]://www.cisco.com/en/US/docs/general/whatsnew/whatsnew.htmlhttp://www.cisco.com/en/US/docs/unified_computing/ucs/overview/guide/UCS_rack_roadmap.htmlhttp://www.cisco.com/en/US/docs/unified_computing/ucs/overview/guide/UCS_roadmap.htmlhttp://www.cisco.com/en/US/docs/unified_computing/ucs/ucs-director/doc-roadmap/b_UCSDirectorDocRoadmap.htmlmailto:[email protected]://www.cisco.com/en/US/docs/general/whatsnew/whatsnew.html -
5/27/2018 Ucs Director Admin Guide
14/164
xiv
Cisco UCS Director Administration Guide, Release 4.1
OL-30729-01
-
5/27/2018 Ucs Director Admin Guide
15/164
C H A P T E R
1-1
Cisco UCS Director Administration Guide, Release 4.1
OL-30729-01
1New and Changed Information for this Release
This chapter contains the following sections:
New and Changed Information, page 1-1
New and Changed InformationThe following table provides an overview of the significant changes to this guide for this current relea
The table does not provide an exhaustive list of all changes made to this guide or of all new features
this release.
Feature Description Where Documented
Advanced Controls The following features were
added:
System task remoting
enables the remoteexecution of system tasks in
a UCS Director scalability
deployment model.
Service providers can be
enabled in UCS Director.
Advanced Controls section on page 4-
Chargeback features Several changes were made to
the chargeback features in UCS
Director.
Chapter 13, Using the Chargeback
Module
CloudSense Analytics New reports were added while
others were removed.
About CloudSense Analytics section o
page 16-1
Infrastructure System
Parameters
Changes were made to the
infrastructure system
parameters.
Configuring System Parameters
(Optional) section on page 4-2
-
5/27/2018 Ucs Director Admin Guide
16/164
1-2
Cisco UCS Director Administration Guide, Release 4.1
OL-30729-01
Chapter 1 New and Changed Information for this Release
New and Changed Information
Inventory Management You can monitor the system
inventory using the dashboard.
Any changes to the physical
infrastructure are updated to the
dashboard. The dashboarddisplays the entire system level
infrastructure information for
administrative management.
Inventory Management section on
page 14-3
License Utilization
History
The number of licensed network
and storage controllers, servers,
server and desktop VMs, and
small and medium pods can be
tracked over time to see how
network resources are being
utilized.
Viewing License Utilization History
section on page 4-4
Multi-Domain
Manager Account
Cisco UCS Director Release
v4.1 supports multi-domains. Amulti-domain manager account
can be created for a newly
created physical account.
Adding Multi-Domain Manager Account
section on page 6-4
Multiple Disk VM
Provisioning
Cisco UCS Director Release
v4.1 supports VM provisioning
of multiple disks from a
template.
Chapter 12, Multiple Disk VM
Provisioning
Network Policy Network policy information has
changed.
Chapter 8, Managing Policies
Physical Infrastructure The Physical Infrastructure
chapter was added. Cisco UCS
Director discovers all
components in the newly created
physical account.
Chapter 6, Managing a Physical
Infrastructure
Self-Service
Provisioning
Several changes were made to
the way self-service
provisioning is done for VMs.
Chapter 11, Using Self-Service
Provisioning
Site Management A site can be created for a newly
created physical account.
Adding a Site section on page 6-1
System Tasks The processing of system tasks
such as data collection can be
delegated to VM service nodes.
Managing System Tasks section on
page 4-10
Updating the UCS
Director license
Updates the license using
Product Authorization Key
(PAK).
Updating the License section on page 4-3
Feature Description Where Documented
-
5/27/2018 Ucs Director Admin Guide
17/164
1-3
Cisco UCS Director Administration Guide, Release 4.1
OL-30729-01
Chapter 1 New and Changed Information for this Release
New and Changed Information
Virtual Machine (VM)
Lease Time
A user can configure a lease
expiration time for a selected
VM.
Configuring the Lease Time for a Virtu
Machine section on page 15-5
VM Tasks The following VM tasks were
added:
Test VNCYou can testing
VNC connectivity for
troubleshooting purposes.
CloneYou can clone or
make a copy of an existing
VM in order to make a new
VM with the same or similar
qualities.
Move a VM to VDCYou
can move a VM to a VDC so
that the rules of the VDCsystem policy are followed
in the VM.
VM ResyncYou can
choose to set the number of
minutes to have a VM
resynchronize its time
periodically with UCS
Director.
Managing VM Actions section on
page 15-5
Feature Description Where Documented
-
5/27/2018 Ucs Director Admin Guide
18/164
1-4
Cisco UCS Director Administration Guide, Release 4.1
OL-30729-01
Chapter 1 New and Changed Information for this Release
New and Changed Information
-
5/27/2018 Ucs Director Admin Guide
19/164
C H A P T E R
2-1
Cisco UCS Director Administration Guide, Release 4.1
OL-30729-01
2Overview
This chapter contains the following sections:
About Cisco UCS Director, page 2-1
Physical and Virtual Management Features, page 2-4
Physical and Virtual Management Features, page 2-4 Recommended Order of System Setup, page 2-6
About Cisco UCS DirectorCisco UCS Director is a 64-bit appliance that uses the standard Open Virtualization Format (OVF)
template.
Cisco UCS Director delivers unified, highly secure management for leading converged infrastructur
solutions, which are based on the Cisco UCS and Cisco Nexus platforms.
Cisco UCS Director extends the unification of computing and network layers through Cisco UCS to
provide pod administrators with comprehensive visibility and management capability. It supportsNetApp FlexPod and ExpressPOD, EMC VSPEX, and Virtual Computing Environment (VCE) Vblo
systems, based on the Cisco UCS and Cisco Nexus platforms.
Cisco UCS Director automates the provisioning of resource pools across physical, virtual, and barem
environments. It delivers native, automated monitoring for health, status, and resource usage data. F
example, you can do the following tasks using Cisco UCS Director:
Create, clone, and deploy service profiles and templates for all servers and applications
Monitor organizational usage, trends, and capacity across a converged infrastructure on a continu
basis, such as by viewing heat maps that show virtual machine (VM) utilization across all your p
Deploy and add capacity to ExpressPod and FlexPod infrastructure in a consistent, repeatable
manner
Manage, monitor, and report on Cisco UCS domains and their components
Extend virtual service catalogs to include physical infrastructure services
Manage secure multitenant environments to accommodate virtualized workloads that runs with
nonvirtualized workloads
-
5/27/2018 Ucs Director Admin Guide
20/164
2-2
Cisco UCS Director Administration Guide, Release 4.1
OL-30729-01
Chapter 2 Overview
About Cisco UCS Director
Features and Benefits
Features Benefits
Central management Single interface for administrators tomonitor, provision, and manage the system
across physical, virtual, and baremetal
environments
Unified dashboards, reports, and heat maps,
that reduce troubleshooting and performance
bottlenecks
Self-service catalog Self-service catalog that end users can order
from and deploy new infrastructure instances
following IT-prescribed policies and
governance.
Adaptive provisioning Real-time available capacity, internal
policies, and application workload
requirements that can be used to optimize the
availability of the right resources.
Dynamic capacity management Continuous monitoring that indicates
real-time infrastructure consumption to
improve capacity planning and management
Ability to identify underutilized and
overutilized resources.
Multiple hypervisor support Support for VMware ESX/ESXi, Microsoft
Hyper-V, and Red Hat hypervisors
Computing management Ability to monitor, manage, and provision
physical, virtual, baremetal servers, andblades.
Virtual machine (VM) life cycle management
and business continuance through snapshots
for end users.
Server utilization trending analysis.
Network management Policy-based provisioning of physical and
virtual switches and dynamic network
topologies
Ability to configure VLANs, virtual network
interface cards (vNICs), port groups and port
profiles, IP and Dynamic Host ControlProtocol (DHCP) allocation, and access
control lists (ACLs) across network devices
-
5/27/2018 Ucs Director Admin Guide
21/164
2-3
Cisco UCS Director Administration Guide, Release 4.1
OL-30729-01
Chapter 2 Overview
About Cisco UCS Director
Storage management Policy-based provisioning and management
of filers, virtual filers (vFilers), logical unit
numbers (LUNs), and volumes
Unified dashboards that give administrators
comprehensive visibility into organizationa
usage, trends, and capacity analysis details
Cisco CloudGenie Mobile management from Apple iPad and
iPhone and Android devices
Mobile self-service provisioning, virtual
machine management, and viewing of
administrative dashboards
Features Benefits
-
5/27/2018 Ucs Director Admin Guide
22/164
2-4
Cisco UCS Director Administration Guide, Release 4.1
OL-30729-01
Chapter 2 Overview
About Cisco UCS Director
Physical and Virtual Management Features
Model-Based Orchestration
Cisco UCS Director includes a task library containing over 400 tasks, and out-of-the-box workflows.
Model-based orchestration and a workflow designer enable you to customize and automate infrastructure
administrative and operational tasks. You can extend and customize the system to meet individual needs
Physical Server Management
Discover and collect configurations and
changes
Monitor and manage physical servers
Perform policy-based server provisioning
Manage blade power
Perform server use trending and capacity
analysis
Perform baremetal provisioning using
preboot execution environment (PXE) boot
management
Virtual Computing Management
Discover, collect, and monitor virtual
computing environments
Perform policy-based provisioning and
dynamic resource allocation
Manage the host server load and power
Manage the virtual machine (VM) life cycle
and snapshots
Perform analytics to assess VM capacity, and
sprawl, and host utilization
Physical Storage Management
Discover, collect, and monitor storage filers
Perform policy-based provisioning of vFilers
Provision and map volumes
Create and map logical unit number (LUN)
and iGroup instances
Perform SAN zone management
Monitor and manage network-attached
storage (NAS) and SAN-based storage
Implement storage best practices and
recommendations
Virtual Storage Management
Discover, collect, and monitor storage vFilers
and storage pools
Perform policy-based storage provisioning
for thick and thin clients
Create new data stores and map them to
virtual device contexts (VDCs)
Add and resize disks to VMs
Monitor and manage organizational storage
use
Perform virtual storage trend and capacity
analysis
Physical Network Management
Discover, collect, and monitor physical
network elements
Provision VLANs across multiple switches
Configure access control lists (ACLs) on
network devices
Implement dynamic network topologies
Virtual Network Management
Add networks to VMs
Perform policy-based provisioning with IP
and DHCP allocation
Configure and connect virtual network
interface cards (vNICs) to VLANs and
private VLANs
Create port groups and port profiles for VMs
Monitor organizational use of virtual
networks
-
5/27/2018 Ucs Director Admin Guide
23/164
2-5
Cisco UCS Director Administration Guide, Release 4.1
OL-30729-01
Chapter 2 Overview
Initial Login
Included in the task library are Day 1 through Day 3 maintenance and update activities, as shown in
following table:
Initial LoginLog in to Cisco UCS Director by hostname or IP address with the following credentials:
Username: admin Password: admin
Day-1 Day-2 Day-3
Add tenants Migrate or add applications
Integrate with enterprise
systems
Use self-service portal
Monitor performance Start metering and billing
Manage tenant changes
Self-service IaaS
Add/upgrade hardware Repurpose
-
5/27/2018 Ucs Director Admin Guide
24/164
2-6
Cisco UCS Director Administration Guide, Release 4.1
OL-30729-01
Chapter 2 Overview
Recommended Order of System Setup
Note We recommend that you delete the startup admin account after you create the first admin account or, at
least, change the default password. To access the self-service portal, you must have a valid email
address.
Recommended Order of System SetupName Chapter Description
Initial Set Up 2, 3, and 4 Describes how to apply a license, set up the Admin profile,
create groups, and create users. You will learn how to access
language support, apply portal customization, and system
settings.
Physical Infrastructure Describes how to optionally add a pod and physical account,
add network elements, test the connections, and verify account
discovery.
Note You can create the virtual infrastructure before thephysical infrastructure if you want.
Virtual Infrastructure 5 Describes how to create a cloud, verify cloud discovery and
connectivity, test the connections, and view vCenter plug ins.
Policies 6 Describes how to create and manage computing policies,
storage policies, network policies, and system policies. You
will learn how to add OS licenses for Microsoft Windows
catalogs.
Virtual Data Centers 7 Describes how to set up VDCs to manage specific
environments for groups. policies, and cost models, and how
resource limits are configured and managed at the VDC level.
Catalogs 8 Describes how to set up catalog items, attach groups with
access to a catalog, and publish catalog items.
Self-Service
Provisioning
9 Describes how you can create and manage provisioning
service requests.
Multi-Disk
Provisioning
10 Describes how to configure VM disk provisioning on a
preferred single datastore or multiple datastores. It also
provides instructions on how to configure individual disk
policies for each additional disk in a template.
Chargeback 11 Describes how to create chargeback summary reports, detailed
reports, and resource accounting reports. It shows how cost
models are defined and assigned to policies within
departments and organizations.
Cloud Management 12 Describes how you can get complete cloud visibility, monitorresource usage, and manage the cloud stackclouds, clusters,
host servers, and virtual machines.
Life Cycles 13 Describes how to perform post provisioning life cycle
management actions on VMs such as VM power management,
VM resizing, VM snapshot management, and other VM
actions.
-
5/27/2018 Ucs Director Admin Guide
25/164
2-7
Cisco UCS Director Administration Guide, Release 4.1
OL-30729-01
Chapter 2 Overview
Recommended Order of System Setup
CloudSense 14 Describes the analytical reports about the underlying physic
and virtual infrastructure that Cisco UCS Director can
generate.
Macros 15 Describes how to use the Macros feature to customize VM
names and VM hostnames using variables provided by theapplication.
Name Chapter Description
-
5/27/2018 Ucs Director Admin Guide
26/164
2-8
Cisco UCS Director Administration Guide, Release 4.1
OL-30729-01
Chapter 2 Overview
Recommended Order of System Setup
-
5/27/2018 Ucs Director Admin Guide
27/164
C H A P T E R
3-1
Cisco UCS Director Administration Guide, Release 4.1
OL-30729-01
3Managing Users and Groups
This chapter contains the following sections:
Managing User Types, page 3-1
Managing Groups, page 3-7
Configuring the Administration Profile, page 3-11 Managing User Access Profiles, page 3-14
Authentication and LDAP Integration, page 3-16
Branding, page 3-19
Note You must be logged in to the appliance before you can run any of the following procedures.
Managing User Types
As the system administrator, you have full privileges to manage Cisco UCS Director, including addusers, viewing users and user permissions, and modifying individual user read/write permissions fo
different system components.
Most users will view and use the Administrative Portal when they log in, which is described in this gui
User Types
Cisco UCS Director supports a number of user types:
All Policy Admin
Billing Admin
Computing Admin
Group AdminAn end user with the privilege of adding users. This user can use the Self-Servi
Portal
IS Admin
Network Admin
Operator
Service End UserThis user only views and uses the Self-Service Portal.
-
5/27/2018 Ucs Director Admin Guide
28/164
3-2
Cisco UCS Director Administration Guide, Release 4.1
OL-30729-01
Chapter 3 Managing Users and Groups
Managing User Types
Storage Admin
System Admin
Default User Permissions
Each user type has a default set of system permissions.
All Policy Admin
Billing Admin
Task Permission
Computing Clouds Read-only
Storage Clouds Read-only
Network Clouds Read-only
Group Service Request Read/write
Approver Service Request Read/write
Chargeback Read-only
Catalog Read-only
VDC Read-only
Computing Policy Read/write
Storage Policy Read/write
Network Policy Read/write
Service Delivery Policies Read/write
System Admin Read-only
Users and Groups Read-only
Budgeting Read-only
Cloud Accounts Read-only
Resource Accounting Read-only
Resource Limit Report Read-only
Group Users Read-only
Task Permission
Computing Clouds Read-only
Storage Clouds Read-only
Network Clouds Read-only
Group Service Request Read-only
Approver Service Request Read/write
Chargeback Read-only
Catalog Read-only
VDC Read-only
Computing Policy Read-only
-
5/27/2018 Ucs Director Admin Guide
29/164
3-3
Cisco UCS Director Administration Guide, Release 4.1
OL-30729-01
Chapter 3 Managing Users and Groups
Managing User Types
Computing Admin
Group Admin
Storage Policy Read-only
Network Policy Read/write
Service Delivery Policies Read-only
System Admin Read-onlyUsers and Groups Read-only
Budgeting Read-only
Cloud Accounts Read-only
Resource Accounting Read-only
Resource Limit Report Read-only
Group Users Read-only
Task Permission
Computing Clouds Read-only
Storage Clouds Read-only
Network Clouds Read-only
Computing Infrastructure Read/write
Group Service Request Read-only
Approver Service Request Read/write
Chargeback Read-only
Catalog Read-only
VDC Read-only
Computing Policy Read/write
Storage Policy Read-only
Network Policy Read-only
Service Delivery Policies Read-only
System Admin Read-only
Users and Groups Read-only
Budgeting Read-only
Cloud Accounts Read-only
Resource Accounting Read-only
Resource Limit Report Read-only
Group Users Read-only
Task Permission
Task Permission
Computing Cloud write only
Group Service Request Read/write
Approver Service Request Read/write
-
5/27/2018 Ucs Director Admin Guide
30/164
3-4
Cisco UCS Director Administration Guide, Release 4.1
OL-30729-01
Chapter 3 Managing Users and Groups
Managing User Types
IS Admin
Chargeback Read-only
Catalogs Read-only
VDC Read-only
Resource accounting Read-onlyResource limit report Read-only
VM label Write-only
Group users Read/write
Task Permission
Task Permission
Computing Clouds Read-only
Storage Clouds Read-only
Network Clouds Read-onlyComputing Infrastructure Read-only
Group Service Request Read-only
Approver Service Request Read/write
Chargeback Read-only
Catalog Read/write
VDC Read/write
Computing Policy Read-only
Storage Policy Read-only
Network Policy Read-only
Service Delivery Policies Read/writeSystem Admin Read-only
Users and Groups Read-only
Budgeting Read-only
Cloud Accounts Read-only
Resource Accounting Read-only
Resource Limit Report Read-only
Group Users Read-only
-
5/27/2018 Ucs Director Admin Guide
31/164
3-5
Cisco UCS Director Administration Guide, Release 4.1
OL-30729-01
Chapter 3 Managing Users and Groups
Managing User Types
Network Admin
Operator
Task Permission
Computing Clouds Read-only
Storage Clouds Read-only
Network Clouds Read-only
Group Service Request Read-only
Approver Service Request Read/write
Chargeback Read-only
Catalog Read-only
VDC Read-only
Computing Policy Read-only
Storage Policy Read-only
Network Policy Read/write
Service Delivery Policies Read-only
System Admin Read-only
Users and Groups Read-only
Budgeting Read-only
Cloud Accounts Read-only
Resource Accounting Read-only
Resource Limit Report Read-only
Group Users Read-only
Task Permission
Computing Clouds Read-only
Storage Clouds Read-only
Network Clouds Read-only
Group Service Request Read/write
Approver Service Request Read/write
Chargeback Read-only
Catalog Read-only
VDC Read-only
Computing Policy Read-only
Storage Policy Read-only
Network Policy Read-only
Service Delivery Policies Read-only
System Admin Read-only
Users and Groups Read-only
Budgeting Read-only
Cloud Accounts Read-only
-
5/27/2018 Ucs Director Admin Guide
32/164
3-6
Cisco UCS Director Administration Guide, Release 4.1
OL-30729-01
Chapter 3 Managing Users and Groups
Managing User Types
Service End User
Storage Admin
Resource Accounting Read-only
Resource Limit Report Read-only
Group Users Read-only
Task Permission
Computing Cloud Write-only
Group Service Request Read/write
Approver Service Request Read/write
Chargeback Read-only
Catalogs Read-only
VDC Read-only
Resource accounting Read-only
Resource limit report Read-only
Task Permission
Computing Clouds Read-only
Storage Clouds Read-only
Network Clouds Read-only
Group Service Request Read-only
Approver Service Request Read/write
Chargeback Read-only
Catalog Read-only
VDC Read-only
Computing Policy Read-only
Storage Policy Read/write
Network Policy Read-only
Service Delivery Policies Read-only
System Admin Read-only
Users and Groups Read-only
Budgeting Read-only
Cloud Accounts Read-only
Resource Accounting Read-only
Resource Limit Report Read-only
Group Users Read-only
Task Permission
-
5/27/2018 Ucs Director Admin Guide
33/164
3-7
Cisco UCS Director Administration Guide, Release 4.1
OL-30729-01
Chapter 3 Managing Users and Groups
Managing Groups
System Admin
Managing GroupsA group or customer organization must be created before a user can be added.
Creating a Group or Customer Organization
Step 1 On the menu bar, choose Administration> Users and Groups.
Step 2 Choose the User Groups tab.
Step 3 Click Add.
Step 4 In the Add Groupdialog box, complete the following fields:
Task Permission
Computing Clouds Read/write
Storage Clouds Read/write
Network Clouds Read/write
Group Service Request Read/write
Approver Service Request Read/write
Chargeback Read-only
Catalog Read/write
VDC Read/write
Computing Policy Read/write
Storage Policy Read/write
Network Policy Read/write
Service Delivery Policies Read/write
System Admin Read/write
Users and Groups Read/write
Budgeting Read/write
Cloud Accounts Read/write
Resource Accounting Read-only
Resource Limit Report Read-only
Resource Limit Write-only
Group Users Read-only
Name Description
Name field The name of the group/customer organization.
Description
field
The description of the group/customer organization if required.
Code field A shorter name or code name for the group. This name is used in VM and hostname template
-
5/27/2018 Ucs Director Admin Guide
34/164
3-8
Cisco UCS Director Administration Guide, Release 4.1
OL-30729-01
Chapter 3 Managing Users and Groups
Managing Groups
Step 5 Click Add.
What to Do Next
Repeat this procedure if you want to add more groups.
Password Policy
The password policy applies to all the users and is enforced when you add a user or change the password
for all user types. This policy enables the following password constraints:
Password length
Whether the password can be the same as the username
Whether a user can reset the current password as a new password
Regular expressions that are disallowed in a password
Creating a Password Policy
Step 1 On the menu bar, choose Administration> Users and Groups.
Step 2 Choose the Password Policytab.
Step 3 In the Password Policypane, complete the following fields:
Cost Center
field
(Optional) The cost center name or number if required. This name or number represents a cost
center that a group is associated with . This name can be used in a VMware System policy for
the VM naming convention.
Note For more information about using Cost Centerfor naming conventions, see Chapter
6, Managing Policies.
Contact Email
field
The contact email address. This email is used to notify the group owner about the status of
service requests and request approvals if necessary.
First Name
field
The contacts first name.
Last Name
field
The contacts last name.
Phone field The contacts phone number.
Address field The contacts address.
Name Description
Name Description
Minimum Password Length
drop-down list
Choose the minimum number of characters for the password.
Maximum Password Length
drop-down list
Choose the maximum number of characters for the password.
Minimum Character Classes
drop-down list
Choose the minimum number of character classes such as upper case, lower
case, numbers, and special characters.
-
5/27/2018 Ucs Director Admin Guide
35/164
3-9
Cisco UCS Director Administration Guide, Release 4.1
OL-30729-01
Chapter 3 Managing Users and Groups
Managing Groups
Step 4 Click Submit.
Group Budget Policy
Resources are accounted for by using the Chargeback feature. For resource usage by a group or custom
organization, you associate the entity with a budget policy.
You can configure a group or customer organization with a budget watch, and configure a group or
customer organization to stay within or exceed the provisioned budget.
Viewing and Editing a Group Budget Policy
Step 1 On the menu bar, choose Administration> Users and Groups.
Step 2 Choose the User Groups tab.
Step 3 Choose a group from the list.
Step 4 Click Budget Policy.
Step 5 In the Budget Policydialog box, complete the following fields:
Step 6 Click Save.
Resource Limits
You can configure resource limits for a group or customer organization to help manage group resou
utilization. You can specify limits on the following:
Disallow Login in Password
check box
Check the check box to disallow passwords, which are the same as the log
ID.
Disallow Previous Password
check box
Check the check box to disallow the previous password from being used an
the new password being the same as the old password.
Disallow Passwords that match
regular expression field
The regular expressions (one per line) that are not allowed for passwords.
For example, .*abc.* specifies that a given password cannot contain the
string abc.
Name Description
Enable Budget Watch
check box
Check the check box to monitor the groups budget usage. Uncheck the check box t
ignore all budget entries for this group.
Allow Over Budget
check box
Check if the group members are allowed over the provisioned budget. Uncheck the
check box to reject all requests, once the budget is exhausted, until a new budget i
added.
-
5/27/2018 Ucs Director Admin Guide
36/164
3-10
Cisco UCS Director Administration Guide, Release 4.1
OL-30729-01
Chapter 3 Managing Users and Groups
Managing Groups
Note Configuring operating system resources and physical resources limits are not supported for public
clouds.
Virtual resources
Operating system resources
Physical resources
Viewing Resource Limits
Step 1 On the menu bar, choose Organizations> Summary.
Step 2 Click a group to view.
Step 3 Choose the Resource Limitstab to view the current limit, usage, pending SR usage, and status of the
resources for the selected group.
Editing Resource Limits
Step 1 On the menu bar, choose Administration> Users and Groups.
Step 2 Choose the User Groupstab.
Step 3 Choose a group and click Edit Resource Limits. The Resource Limitdialog box appears.
Step 4 In the Resource Limitdialog box, check the Enable Resource Limitscheck box and complete the
following fields:
Name Description
Group display-only field The group name.
Enable Resource Limits check box Check the check box to enable the resource limits, or uncheck the
check box to disable the resource limits. If checked, the user is
provided with the option to set resource limits for a group and all
nonzero resource limits are applied.
Maximum Active VM Count field The maximum number of active VMs.
Maximum Total VM Count field The total number of VMs.
Provisioned vCPUs Limit field The maximum number of provisioned vCPUs.
Provisioned Memory (GB) Limit field The provisioned memory limit, in gigabytes.
Provisioned CPU (GHz) Limit field The provisioned CPU limit, in gigahertz.
Provisioned Disk (GB) Limit field The provisioned limit for disks, in gigabytes.
Reserved CPU (GHz) Limit field The reserved limit of CPUs, in gigahertz.
Reserved Memory (GB) Limit field The reserved memory limit, in gigabytes
Maximum Snapshot (GB) Limit field The maximum limit for snapshots, in gigabytes.
-
5/27/2018 Ucs Director Admin Guide
37/164
3-1
Cisco UCS Director Administration Guide, Release 4.1
OL-30729-01
Chapter 3 Managing Users and Groups
Configuring the Administration Profile
Step 5 Click Save.
Configuring the Administration Profile
You must first configure your system administrator profile before you can configure groups and theusers.
Creating the admin Profile
Step 1 On the menu bar, choose Administration> Users and Groups.
Step 2 Choose the Login Userstab.
Count CPU and Memory for Inactive
VMs check box
Check the check box to include the group's inactive VM CPU or
memory data in the computation of resource limits. Uncheck the
check box to exclude inactive VM CPU or memory data from the
computation of resource limits.
OS Resource LimitsNote The configuration of OS resource limits and physical resource limits are not supported for public
clouds.
CentOS field The maximum number of CentOS (Community Enterprise
Operating System) servers.
Windows Server 2003 field The maximum number of Windows 2003 servers.
Windows Server 2008 field The maximum number of Windows 2008 servers.
Windows 7 field The maximum number of Windows 7 machines.
Windows XP field The maximum number of Windows XP machines.
Red Hat field The maximum number of Red Hat machines.
Ubuntu field The maximum number of Ubuntu machines.
FreeBSD field The maximum number of FreeBSD machines.
Other Linux field The maximum number of other Linux OS.
Other field The maximum number of other OS.
Physical Resource Limits
Maximum Physical Server Count field The maximum number of servers.
Maximum Physical Server Memory (GB)
field
The maximum amount of server memory.
Maximum Physical Server CPU Count
field
The maximum number of server CPUs.
Maximum vFiler Count field The maximum number of vFilers.
Maximum Physical Storage Space (GB)
field
The maximum amount of storage space.
Name Description
-
5/27/2018 Ucs Director Admin Guide
38/164
3-12
Cisco UCS Director Administration Guide, Release 4.1
OL-30729-01
Chapter 3 Managing Users and Groups
Configuring the Administration Profile
Step 3 Click Add.
Step 4 In the Add Userdialog box, complete the following fields:
Step 5 Click Add.
Changing the admin Password
Step 1 On the menu bar, choose Administration> Users and Groups.
Step 2 Choose the Login Userstab.
Step 3 In the Login Namecolumn, choose admin.
Step 4 Click Change Password.
Step 5 In the Change Passworddialog box, enter a new password for the adminuser and confirm it.
Step 6 Click Save.
Adding Users
Before You Begin
Ensure that you have created a group to which the user can belong.
Step 1 On the menu bar, choose Administration> Users and Groups.
Step 2 Choose the Login Userstab.
Step 3 Click Add(+).
Name Description
User Type drop-down list Choose System Admin. The system administrator has full
privileges.Login Name field The login name. The default is admin.
Password field The admin password.
Confirm Password field The admin password that is entered again for confirmation.
User Contact Email field The administrators email address.
First Name field The administrators first name.
Last Name field The administrators last name.
Phone field The administrators phone number.
Address field The administrators address.
-
5/27/2018 Ucs Director Admin Guide
39/164
3-1
Cisco UCS Director Administration Guide, Release 4.1
OL-30729-01
Chapter 3 Managing Users and Groups
Configuring the Administration Profile
Step 4 In the Add Userdialog box, complete the following fields:
Step 5 Click Add.
What to Do Next
After choosing a user from the main window and then clicking Manage Profiles, you can optionallassign multiple roles for that user.
Viewing Current Online Users
Step 1 On the menu bar, choose Administration> Users and Groups.
Step 2 Choose the Current Online Users tab to view online user details.You can view the username, IP
address, session start time, last data access, and client.
Name Description
User Type drop-down list Choose the user type.
Note The Group Admin user type is the only administrator user role that can
be assigned to a user group.User Group drop-down list Choose the group or customer organization to which the user belongs.
Login Name field The user's login name.
Password field The user's password.
Note If the Lightweight Directory Access Protocol (LDAP) authentication is
configured for the user, the password is validated only at the LDAP
server, not at the local server.
Confirm Password field The user's password that is entered again for confirmation.
User Contact Email field The user's email address.
Note The email address is used to notify the group owner about service reques
status and to request approvals.First Name field The user's first name.
Last Name field The user's last name.
Phone field The user's phone number.
Address field The user's address.
-
5/27/2018 Ucs Director Admin Guide
40/164
3-14
Cisco UCS Director Administration Guide, Release 4.1
OL-30729-01
Chapter 3 Managing Users and Groups
Managing User Access Profiles
Managing User Access Profiles
Multi-Role Access Profiles
A user can be assigned to more than one role, which is reflected in the system as a user access profile.
For example, a user might log into Cisco UCS Director as a group administrator and an all-policy
administrator, if both types of access are appropriate.
Note One of the profiles can be set as the default user access profile.
Note The Manage Profiles feature enables you to add, log into, edit, or delete a user access profile.
Creating a User Access Profile
Step 1 On the menu bar, choose Administration> Users and Groups.
Step 2 Choose the Login Userstab.
Step 3 Choose a user from the list.
Step 4 Click Manage Profiles.
Step 5 In the Manage Profileswindow, click Add(+).
Step 6 In the Add Entry to Access Profilesdialog box, complete the following fields:
Step 7 Click Submit.
What to Do NextCreate additional user access profiles as needed.
Editing a User Access Profile
Step 1 On the menu bar, choose Administration> Users and Groups.
Step 2 Choose the Login Userstab.
Name Description
Name field The profile name.Description field The description of the profile .
Type drop-down list Choose the user role type.
Group drop-down list Choose the users group.
Default Profile check
box
Check the check box if this is the default user access profile. Uncheck the check box
if it is not the default.
-
5/27/2018 Ucs Director Admin Guide
41/164
3-1
Cisco UCS Director Administration Guide, Release 4.1
OL-30729-01
Chapter 3 Managing Users and Groups
Managing User Access Profiles
Step 3 Choose a user from the list.
Step 4 Click Manage Profiles.
Step 5 In the Manage Profileswindow, choose a user from the list.
Step 6 Click Edit.
Step 7 In the Edit Access Profiles Entrydialog box, edit the Name, Description, Type, Group, or the DefaProfilefields, as needed.
Step 8 Click Submit.
Deleting a User Access Profile
Step 1 On the menu bar, choose Administration> Users and Groups.
Step 2 Choose the Login Userstab.
Step 3 Choose a user from the list.
Step 4 Click Manage Profiles.
Step 5 In the Manage Profileswindow, choose a user from the list.
Step 6 In the Manage Profiles dialog box, click Delete.
Logging in to a Profile
Step 1 In the Cisco UCS Director logindialog box, in the Usernamefield, enter your username in the form
Username:Access Profile Name.
Note For example, Alex:GrpAdmin
Step 2 In the Passwordfield, enter your password.
Step 3 Click Login.
Default Profile
The default profile is the first profile that you created in the system. You can change the default to
another profile. Using the new default profile, you log in by entering the username and password.
Changing the Default Profile
Step 1 At the upper right of the window (to the left of logout), click the username.
Step 2 In the User Informationwindow, choose the Access Profilestab.
Step 3 Choose a user profile, and click Set as Default Profile.
-
5/27/2018 Ucs Director Admin Guide
42/164
3-16
Cisco UCS Director Administration Guide, Release 4.1
OL-30729-01
Chapter 3 Managing Users and Groups
Authentication and LDAP Integration
Note A profile can also be set as default while adding or editing a profile.
Authentication and LDAP IntegrationYou can configure a preference with or without a fallback choice for local authentication and a
preference with a fallback for the LDAP. You can also configure a preference with no fallback for
Verisign Identity Protection (VIP) authentication.
Configuring Authentication Preferences
Step 1 On the menu bar, choose Administration> Users and Groups.
Step 2 Choose the Authentication Preferencestab.
Step 3 In the Authentication Preferencespane, complete the following fields:
Name Description
Local Authentication Authentication is local only (Cisco UCS Director), and not through the
LDAP server.
Local First, fallback to LDAP
drop-down list option
Authentication is done first at the local server (Cisco UCS Director). If the
user is unavailable at the local server, the LDAP server is checked.
LDAP First, fallback to Local
drop-down list option
Authentication is done first at the LDAP server. If the user is unavailable at
the LDAP server, the local server is checked (Cisco UCS Director).
Verisign Identity Protection
drop-down list option
VIP Authentication Service (two-factor authentication) is enabled.
Name Description
Authentication Preferences
drop-down list
Choose the Authentication Preference.
If you chose Local Authentication, continue to Step 4.
If you chose VIP, continue to Step 5.
User Name field The username.
Password field The user password.
Port Number field The port number.
Server field The IP address of the server.
Domain Name field The domain name.
LDAP Sync Interval drop-downlist
Choose the LDAP synchronization interval.
Enable LDAP Sync check box Check the check box if you want to enable LDAP synchronization. Uncheck
the check box if you do not want LDAP synchronization.
Modify Existing Users and
Groups check box
Check the check box if you want to enable modification of existing users and
groups.
Test LDAP Check the check box if you want to test LDAP connectivity to Cisco UCS
Director.
-
5/27/2018 Ucs Director Admin Guide
43/164
3-1
Cisco UCS Director Administration Guide, Release 4.1
OL-30729-01
Chapter 3 Managing Users and Groups
Authentication and LDAP Integration
Step 4 (Optional) For local authentication, click Save.
Step 5 (Optional) In the VIP Certificatefield, browse to the VIP Certificate file and choose it.
Step 6 Enter the Password.
Step 7 Click Save.
What to Do Next
If you configured LDAP first as the authentication preference, you must configure the LDAP credenti
LDAP Integration
You can use LDAP integration to synchronize the LDAP servers groups and users with Cisco UCS
Director. LDAP authentication enables synchronized users to authenticate with the LDAP server. Y
can synchronize LDAP users and groups automatically or manually.
Note Users that do not belong to a group or a domain users group display in LDAP as Users with No Gro
These users are added under the domain users group in Cisco UCS Director.
You cannot choose users and groups that exist locally or are synchronized externally in Cisco UCS
Director.
LDAP Integration Rules and Limitations
Group Synchronization Rules
If a chosen LDAP group already exists in Cisco UCS Director and the source is type Local, the
group is ignored during synchronization.
If a chosen LDAP group already exists in Cisco UCS Director and the group source is type Extern
the groups description and email attributes are updated in the Cisco UCS Director.
A maximum of 1000 users (subject to availability) are displayed for selection in manual search w
you use the advanced search option. This option is available by clicking Request Manual LDA
Sync.
User Synchronization Rules
If a chosen LDAP user already exists in Cisco UCS Director and the source is type Local, the u
is ignored during synchronization.
If a chosen LDAP user already exists in Cisco UCS Director and the source type is External, thusers name, description, email, and other attributes are updated for the user.
User Synchronization Limitations
A user password cannot be retrieved from the LDAP server. Instead, a random password is genera
for the user during LDAP synchronization.
If a user has multiple group membership, that user has single group membership in Cisco UCS
Director.
-
5/27/2018 Ucs Director Admin Guide
44/164
3-18
Cisco UCS Director Administration Guide, Release 4.1
OL-30729-01
Chapter 3 Managing Users and Groups
Authentication and LDAP Integration
Note Be sure that the user is assigned to the correct group after the LDAP synchronization process.
Managing LDAP Integration
Step 1 On the menu bar, choose Administration > Users and Groups.
Step 2 Choose the LDAP Integrationtab to view the status of LDAP server synchronization.
Step 3 (Optional) Choose a server and click the following buttons, as needed, to manage LDAP integration:
Step 4 (Optional) For an LDAP synchronization request, verify the IP address/domain name, and click Submit
Step 5 (Optional) If you chose LDAP Manual Server Sync, complete the following fields:
Step 6 For basic search, click Select.
Step 7 Choose the distinguished name to search, and click Select.
Step 8 For advanced search, in the Select Users and Groupspane, add or edit attribute names for User Filters
and Group Filters.
Step 9 Click Next.
Step 10 Choose the LDAP Groupsand LDAP Users.
Name Description
Search BaseDN button Enables you to choose a distinguished domain name to search. All users and groups
from the chosen organization units are fetched into Cisco UCS Director when the
Enable LDAP Synccheck box is checked in the Authentication Preferencestab.
This action is also considered to be an automatic sync process.
Request LDAP Sync Enables on-demand synchronization of the LDAP server. This action syncs the
users/groups from the selected organization in Search Base DN. Groups and usersadded from LDAP appear as type External. Groups and users added by Cisco UCS
Director appear as type Local.
Click Submit to synchronize the server.
LDAP user changes are immediately reflected.
Note Make sure that the user is assigned to the correct group after the LDAP Sync
is processed.
Continue to Step 4.
Request Manual LDAP
Sync
Displays a dialog box that enables you to specify either basic or advanced search
criteria to fetch LDAP users and groups.
Continue with Step 6.
Name Description
Basic Search field Check the check box to enable Basic Searchby organization unit.
If checked, continue to Step 6.
Advanced Search field Check the check box to enable Advanced Search.
If checked, continue to Step 8.
-
5/27/2018 Ucs Director Admin Guide
45/164
3-1
Cisco UCS Director Administration Guide, Release 4.1
OL-30729-01
Chapter 3 Managing Users and Groups
Branding
Step 11 Click Submitto synchronize the LDAP server.
Single Sign-On
Cisco UCS Director provides a single sign-on using One Login. Single sign-on prevents a user from
having to enter a password multiple times to access the application.
When Single Login is enabled, a user can log into that portal to access Cisco UCS Director.
Note A single sign-on is available for Cisco UCS Director after you register a One Login certificate.
Enabling a Single Sign-On
Step 1 On the menu bar, choose Administration> Users and Groups.
Step 2 Choose the Single Sign-Ontab.
Step 3 In the Single Sign-Onpane, check the Enable Single Sign Oncheck box.
Step 4 In the Select a File for Uploadfield, browse to the One Login certificate file and choose it.
Step 5 Click Upload.
Step 6 When the upload is complete, click Submit.
BrandingFor a group or customer organization, the branding options are as follows:
Logo image in PNG, JPG, or GIF format
Customized application labels
URL to forward the Self-Service Portal to upon logout
Custom links with labels and URLs specified
Login page background and logo.
Branding Groups and Customer Organizations
Step 1 On the menu bar, choose Administration > Users and Groups.
Step 2 Choose the User Groups tab.
Step 3 Choose the group to brand.
Step 4 Click Branding.
-
5/27/2018 Ucs Director Admin Guide
46/164
3-20
Cisco UCS Director Administration Guide, Release 4.1
OL-30729-01
Chapter 3 Managing Users and Groups
Branding
Step 5 In the Group Brandingdialog box, complete the following fields:
Step 6 In the Select a File for Uploadfield, browse to the logo image file and choose it.
Note Make sure that the logo image is in PNG, JPG, or GIF format. The optimal image size is 200
pixels in width and 100 pixels in height. We recommend that you use a small file size to enable
faster download.
Step 7 Click Upload.
Step 8 (Optional) For application labels, enter at least one application label in the Label 1and Label 2 fields.
Step 9 (Optional) In the URLfield, enter the URL to direct the user to upon logout.
Step 10 (Optional) Complete at least the first two fields:
Step 11 Click Submit.
Login Page Branding
A login page can be configured to display a logo that is associated with a domain name. When the enduser logs in from that domain, the user sees the custom logo on the login page. The optimal image size
for a logo is 890 pixels wide and 470 pixels high, with 255 pixels allowed for white space. We
recommend that you keep the image size small to enable faster downloads.
Note The group or customer organization login page must first be configured (enabled) for branding.
Name Description
Logo image check box Check the check box to upload a logo image.
Continue to Step 6.
Application Labels check box Check the check box to customize an application labelto appear in the application header.
Continue to Step 8.
URL Forwarding on Logout check box Check the check box to forward to a specific URL
upon logout.
Continue to Step 9.
Custom Links check box Check the check box to brand custom links.
Continue to Step 10.
Name Description
Custom Link 1 Label field The label for custom link 1.
Custom Link 1 URL field The URL for custom link 1.
Custom Link 2 Label field The label for custom link 2.
Custom Link 2 URL field The URL for custom link 2.
-
5/27/2018 Ucs Director Admin Guide
47/164
3-2
Cisco UCS Director Administration Guide, Release 4.1
OL-30729-01
Chapter 3 Managing Users and Groups
Branding
Configuring a Custom Domain Logo
Step 1 On the menu bar, choose Administration> Users and Groups.
Step 2 Choose the Login Page Brandingtab.
Step 3 Click Add.
Step 4 In the Domain Brandingdialog box, complete the following fields:
Step 5 Click Submit.
Name Description
Domain Name field The domain name to brand.
Custom Domain Logo check box Check the check box to enable login page branding from a specified doma
name.
Select a fi le for upload field The logo file to upload.
Note The optimal image size for a logo is 890 pixels wide by 470 pixel
high, with 255 pixels for white space . We recommend that you kee
the image size small to enable faster downloads.
-
5/27/2018 Ucs Director Admin Guide
48/164
3-22
Cisco UCS Director Administration Guide, Release 4.1
OL-30729-01
Chapter 3 Managing Users and Groups
Branding
-
5/27/2018 Ucs Director Admin Guide
49/164
C H A P T E R
4-1
Cisco UCS Director Administration Guide, Release 4.1
OL-30729-01
4Managing System Administration Settings
This chapter contains the following sections:
Setting Up the Outgoing Mail Server, page 4-1
Configuring System Parameters (Optional), page 4-2
Updating the License, page 4-3 Verifying License Utilization, page 4-4
Viewing License Utilization History, page 4-4
Viewing Resource Usage Data, page 4-4
Edit Application Categories, page 4-5
Customizing the Portal, page 4-6
Customizing Reports, page 4-8
Advanced Controls, page 4-8
User Menus, page 4-9
User Permissions, page 4-10 Managing System Tasks, page 4-10
Managing Icons, page 4-14
Support Information, page 4-15
Note You must be logged in to the appliance before you can run any of the following procedures.
Setting Up the Outgoing Mail Server
All outgoing emails from Cisco UCS Director require an SMTP server.
Step 1 On the menu bar, choose Administration > System.
Step 2 Choose the Mail Setuptab.
-
5/27/2018 Ucs Director Admin Guide
50/164
4-2
Cisco UCS Director Administration Guide, Release 4.1
OL-30729-01
Chapter 4 Managing System Administration Settings
Configuring System Parameters (Optional)
Step 3 In the Mail Setuppane, complete the following fields:
Step 4 Click Save.
Configuring System Parameters (Optional)
Configuring System Parameters (Optional)
You should edit the system parameters only if you need to change the defaults.
Step 1 On the menu bar, choose Administration > System.
Step 2 Choose the System Parameterstab.
Step 3 In the System pane, complete the following fields:
Name Description
Outgoing Email Server (SMTP)
field
The outgoing SMTP server address.
Outgoing SMTP Port field The outgoing SMTP server port number.Outgoing SMTP User field The user ID.
Outgoing SMTP Password field The user password.
Outgoing Email Sender Email
Address field
The senders email address.
Cloupia Server IP address field The IP address or DNS name of the Cisco UCS Director virtual appliance.
This field is used to create proper links in emails for user workflow actions.
Send Test Email check box Check this check box to test the current email settings.
Name Description
Number of Days to
Keep Deleted VMs Data
field
The user-defined number of days that the system retains VM data.
Number of Days to
Keep Events field
The user-defined number of days that the system retains all events.
Note Events older than the mentioned time period are deleted.
Number of Days to
Keep Trend Data field
The user-defined number of days that the system retains trend data or historical data
of the inventory (such as CPU, storage, and memory usage).
Note This data is used for reporting.
Number of Days to
Keep Metering Data
drop-down list
Choose the number of days that the system retains VM metering records.
Note This data is specific to VMs and their resources.
Download VM Locking
Controls from URL
field
VM locking controls from the specified URL.
Note The file must be in XML format.
-
5/27/2018 Ucs Director Admin Guide
51/164
4-3
Cisco UCS Director Administration Guide, Release 4.1
OL-30729-01
Chapter 4 Managing System Administration Settings
Updating the License
Step 4 Click Save.
Configuring Infrastructure System Parameters (Optional)
You can set parameters for polling the virtual and physical system infrastructure resources.
Step 1 On the menu bar, choose Administration > System.
Step 2 Choose the Infrastructure System Parameterstab.
Step 3 In the entry box, enter the infrastructure polling interval in minutes. The default is 60 minutes.
Step 4 In the entry box, enter the number of days to keep trend data for the system infrastructure. The defa
is 30 days.
Step 5 Click Save.
Updating the LicenseYou can update the license using Product Authorization Key (PAK).
Step 1 On the menu bar, choose Administration > License.
Step 2 Choose the License Keystab.
Step 3 Click the Update Licenseoption. The Update PAK dialog box is displayed.
Step 4 Click Browseto navigate and choose the PAK license file.
Step 5 Click Uploadto upload the PAK license file.
Note If the license file does not upload, check the check box and copy and paste the license text into the lice
text field.
Step 6 Click Submit. The license is updated.
Currency drop-down
list
Choose the type of currency to use. Available currencies are US, EURO, GBP, KRW
CAD, CHF, CLP, NR, JPY, AUD, NZD, SGD, HKD, MYR, MXN, BRL, AED,
DKK, SEK, KWD, CYN, RUB, ZAR, and Other.
Other Currency field This field appears when Otheris chosen under Currency. Enter the currency nam
(one only).
Currency Precision
drop-down list
Choose the currency precision in decimal points. Available precision is from 0 to 5
decimal points.
Name Description
-
5/27/2018 Ucs Director Admin Guide
52/164
4-4
Cisco UCS Director Administration Guide, Release 4.1
OL-30729-01
Chapter 4 Managing System Administration Settings
Verifying License Utilization
Verifying License UtilizationThe License Utilizationpage shows the licenses in use and details about each license, including license
limit, available quantity, status, and remarks. License audits can also be run from this page.
Step 1 On the menu bar, choose Administration > License.
Step 2 Choose the License Utilizationtab.
Step 3 Choose a Cisco UCS Director appliance.
Step 4 (Optional) To run a license audit, click Run License Audit.
Step 5 In the Run License Audit dialog box, click Submit. This process takes several minutes to run.
Viewing License Utilization HistoryThe number of licensed network and storage controllers, servers, server and desktop VMs, and small and
medium pods can be tracked over time to see how network resources are being utilized.
Step 1 On the menu bar, choose Administration > License.
Step 2 Choose the License Utilization History tab.
The license utilization history is displayed for the following resource categories:
Network Controllers
Storage Controllers
Servers
Server VMs
Desktop VMs
Small pods
Medium pods
Viewing Resource Usage DataYou can view how resources are being utilized in your environment.
Step 1 On the menu bar, choose Administration > License.
Step 2 Choose the Resource Usage Data tab.
There are three report categories:
Report ContextShows the number of reports available for each resource.
Resource NameName of the available resources associated with Cisco UCS Director.
-
5/27/2018 Ucs Director Admin Guide
53/164
4-5
Cisco UCS Director Administration Guide, Release 4.1
OL-30729-01
Chapter 4 Managing System Administration Settings
Edit Application Categories
Resource CountNumber of each available resource.
Edit Application CategoriesAny VM provisioned using Cisco UCS Director is categorized based on its type. The VM type can b
web server, database, application server, or other. Cisco UCS Director also has a separate category
discovered VMs.
There are 12 application categories for you to use or edit:
Discovered VM
Generic VM
Web Server
Application Server
Database
AppCPU Intensive
AppMemory Intensive
AppDisk Intensive
AppNetwork Intensive
Other App 1
Other App 2
Other App 3
Step 1 On the menu bar, choose Administration > System.
Step 2 Choose the Application Categoriestab.
Step 3 Choose an Application Category.
Step 4 Click Edit.
Step 5 In the Edit Categorydialog box, complete the following fields:
Step 6 Click Submit.
Name Description
Category ID display-only field The numerical value given to the category by the system,
Category Label field The category type.
Category Code field The VM and host naming.
Description display-only field A description of the category.
Category Enabled display-only
check box
The check box default is checked.
Default Smart Allocation
Algorithm drop-down list
Choose an algorithm.
-
5/27/2018 Ucs Director Admin Guide
54/164
4-6
Cisco UCS Director Administration Guide, Release 4.1
OL-30729-01
Chapter 4 Managing System Administration Settings
Customizing the Portal
Customizing the PortalOrganizations can customize self-service portals. The logo, login page, home page, and so on can be
customized for branding and user interface-related changes.
Customizing the Login Page and Background Images
You can change the login page and background images by uploading custom images.
Step 1 On the menu bar, choose Administration > User Interface Settings.
Step 2 Click Login Page.
Step 3 Check the Use customizable Login page check box.
Step 4 In the Logo Imagesand Background Imagespane, choose an item from one or both panes.
Step 5 Click Submit.
Customizing the Application Logo
You can customize the application logo on the home page by uploading a custom image.
Step 1 On the menu bar, chooseAdministration > User Interface Settings .
Step 2 Choose the Application Logotab.
Step 3 In the Imagespane, choose the image, or click Addto add a new image that is not listed.
Step 4 Click Submit.
Customizing Favicons
You can customize a favorites icon (Favicon) that is displayed in the browsers address bar or next to the
page name if bookmarked.
Step 1 On the menu bar, chooseAdministration > User Interface Settings .
Step 2 Choose the Favicontab.
Step 3 In the Image Label column, choose the image, or click Addto add a new image not listed.
Step 4 Click Submit.
Note The Favicon image size must be 16 x 16 pixels and in PNG format.
-
5/27/2018 Ucs Director Admin Guide
55/164
4-7
Cisco UCS Director Administration Guide, Release 4.1
OL-30729-01
Chapter 4 Managing System Administration Settings
Customizing the Portal
Customizing the Application Header
You can customize the self-service portal labels, next to the customer logo, by modifying existing lab
Step 1 On the menu bar, chooseAdministration > User Interface Settings .
Step 2 Choose the Application Header tab.
Step 3 In the Application Headerpane, complete the following fields:
Step 4 Click Save.
Customizing the Date Display
Numerous data display formats are supported.
Step 1 On the menu bar, chooseAdministration > User Interface Settings .Step 2 Choose the Date Displaytab.
Step 3 Edit the date format.
Step 4 If required, click Hide Timezoneto hide the time zone display from the user interface.
Step 5 Click Save.
Name Description
Hide Entire Header check
box
Check the check box to hide the header section. If checked, the header that contain
the logo image, application name, and links, such as Logout, are hidden.
Product Name field The product name.
Product Name 2nd Line
field
Continuation of the product name.
Enable About Dialog
check box
Check the check box to enable the Aboutlink in the header. Uncheck the check bo
to disable the Aboutlink in the header.
Administrator Portal
Custom Link 1 Label field The custom link label 1 for the administrator portal.
Custom Link 1 URL field The custom link URL 1 for the administrator portal.
Custom Link 2 Label field The custom link label 2 for the administrator portal.
Custom Link 2 URL field The custom link URL 2 for the administrator portal.
End-user Portal
Custom Link 1 Label field The custom link label