ucs director admin guide

5/27/2018 Ucs Director Admin Guide

1/164

Cisco Systems, Inc.www.cisco.com

Cisco has more than 200 offices worldwide.

Addresses, phone numbers, and fax numbers

are listed on the Cisco website at

www.cisco.com/go/offices.

Cisco UCS Director Administration Guide,

Release 4.1

December 16, 2013

Text Part Number: OL-30729-01
http://www.cisco.com/http://www.cisco.com/go/officeshttp://www.cisco.com/go/officeshttp://www.cisco.com/go/officeshttp://www.cisco.com/go/officeshttp://www.cisco.com/go/officeshttp://www.cisco.com/


2/164

THE SPECIFICATIONS AND INFORMATION REGARDING THE PRODUCTS IN THIS MANUAL ARE SUBJECT TO CHANGE WITHOUT NOTICE .ALLSTATEMENTS, INFORMATION, AND RECOMMENDATIONS IN THIS MANUAL ARE BELIEVED TO BE ACCURATE BUT ARE PRESENTED WITHOUT

WARRANTY OF ANY KIND, EXPRESS OR IMPLIED.USERS MUST TAKE FULL RESPONSIBILITY FOR THEIR APPLICATION OF ANY PRODUCTS.

THE SOFTWARE LICENSE AND LIMITED WARRANTY FOR THE ACCOMPANYING PRODUCT ARE SET FORTH IN THE INFORMATION PACKET THAT

SHIPPED WITH THE PRODUCT AND ARE INCORPORATED HEREIN BY THIS REFERENCE.IF YOU ARE UNABLE TO LOCATE THE SOFTWARE LICENSEOR LIMITED WARRANTY, CONTACT YOUR CISCO REPRESENTATIVE FOR A COPY.

The Cisco implementation of TCP header compression is an adaptation of a program developed by the University of California, Berkeley (UCB) as part of UCBs public

domain version of the UNIX operating system.All rights reserved.Copyright 1981, Regents of the University of California.

NOTWITHSTANDING ANY OTHER WARRANTY HEREIN, ALL DOCUMENT FILES AND SOFTWARE OF THESE SUPPLIERS ARE PROVIDED AS IS WITH

ALL FAULTS.CISCO AND THE ABOVE-NAMED SUPPLIERS DISCLAIM ALL WARRANTIES, EXPRESSED OR IMPLIED, INCLUDING, WITHOUTLIMITATION, THOSE OF MERCHANTABILITY, FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT OR ARISING FROM A COURSE OF

DEALING, USAGE, OR TRADE PRACTICE.

IN NO EVENT SHALL CISCO OR ITS SUPPLIERS BE LIABLE FOR ANY INDIRECT, SPECIAL, CONSEQUENTIAL, OR INCIDENTAL DAMAGES, INCLUDING,

WITHOUT LIMITATION, LOST PROFITS OR LOSS OR DAMAGE TO D ATA ARISING OUT OF THE USE OR INABILITY TO USE THIS MANUAL, EVEN IF CISCO

OR ITS SUPPLIERS HAVE BEEN ADVISED OF THE POSSIBILITY OF SUCH DAMAGES.

Cisco and the Cisco logo are trademarks or registered trademarks of Cisco and/or its affiliates in the U.S. and other countries. To view a l ist of Cisco trademarks, go to this

URL: www.cisco.com/go/trademarks. Third-party trademarks mentioned are the property of their respective owners. The use of the word partner does not imply a partnership

relationship between Cisco and any other company. (1110R)

All other trademarks mentioned in this document or Website are the property of their respective owners. The use of t he word partner does not imply a partnership relationship

between Cisco and any other company. (0711R)

Any Internet Protocol (IP) addresses and phone numbers used in this document are not intended to be actual addresses and phone numbers.Any examples, command displayoutput, network topology diagrams, and other figures included in the document are shown for ill ustrative purposes only.Any use of actual IP addresses or phone numbers inillustrative content is unintentional and coincidental.

2013 Cisco Systems, Inc.All rights reserved.
http://www.cisco.com/go/trademarkshttp://www.cisco.com/go/trademarks


3/164iii

Cisco UCS Director Administration Guide, Release 4.1

OL-30729-01

C O N T E N T S

Preface xi

Audience xi

Conventions xi

Related Documentation xiii

Documentation Feedback xiii

Obtaining Documentation and Submitting a Service Request xiii

New and Changed Information for this Release 1-1

New and Changed Information 1-1

Overview 2-1

About Cisco UCS Director 2-1

Features and Benefits 2-2

Physical and Virtual Management Features 2-4

Model-Based Orchestration 2-4

Initial Login 2-5

Recommended Order of System Setup 2-6

Managing Users and Groups 3-1

Managing User Types 3-1

User Types 3-1

Default User Permissions 3-2

Managing Groups 3-7

Creating a Group or Customer Organization 3-7

Password Policy 3-8

Group Budget Policy 3-9

Resource Limits 3-9

Configuring the Administration Profile 3-11

Creating the admin Profile 3-11

Changing the admin Password 3-12

Adding Users 3-12

Viewing Current Online Users 3-13

Managing User Access Profiles 3-14

Multi-Role Access Profiles 3-14

Creating a User Access Profile 3-14


4/164

Contents

iv


OL-30729-01

Editing a User Access Profile 3-14

Deleting a User Access Profile 3-15

Logging in to a Profile 3-15

Default Profile 3-15

Authentication and LDAP Integration 3-16

Configuring Authentication Preferences 3-16

LDAP Integration 3-17

Single Sign-On 3-19

Branding 3-19

Branding Groups and Customer Organizations 3-19

Login Page Branding 3-20

Managing System Administration Settings 4-1

Setting Up the Outgoing Mail Server 4-1Configuring System Parameters (Optional) 4-2

Configuring System Parameters (Optional) 4-2

Configuring Infrastructure System Parameters (Optional) 4-3

Updating the License 4-3

Verifying License Utilization 4-4

Viewing License Utilization History 4-4

Viewing Resource Usage Data 4-4

Edit Application Categories 4-5

Customizing the Portal 4-6

Customizing the Login Page and Background Images 4-6

Customizing the Application Logo 4-6

Customizing Favicons 4-6

Customizing the Application Header 4-7

Customizing the Date Display 4-7

Customizing the Color Theme 4-8

Customizing Logout Redirect 4-8

Customizing Reports 4-8

Advanced Controls 4-8Enabling Advanced Controls 4-9

User Menus 4-9

Setting User Menus 4-10

User Permissions 4-10

Setting User Permissions 4-10

Managing System Tasks 4-10


5/164

Contents

v


OL-30729-01

Creating a Node Pool 4-11

Creating a System Task Policy 4-11

Assigning a Node Pool to a System Task Policy 4-11

Creating a Service Node 4-12

Assigning a System Policy to a System Task 4-13

Executing System Tasks 4-13

Disabling a System Task 4-13

Managing Icons 4-14

Adding an Icon 4-14

Editing an Icon 4-14

Deleting an Icon 4-15

Previewing an Icon 4-15

Support Information 4-15

Viewing Support Information 4-15

Managing Integration Settings 5-1

Configuration Management Database Integration 5-1

Setting Up CMBD Integration 5-1

Metering Data Export 5-2

Setting Up Metering Data Export 5-2

Change Records 5-2

Viewing Change Records 5-2

System Logs 5-3

Setting up System Logs 5-3

Storage and OVF Upload 5-3

Multiple Language Support 5-4

Managing a Physical Infrastructure 6-1

About Managing a Physical Infrastructure 6-1

Adding a Site 6-1

Adding a Pod 6-2

Adding a Physical Account 6-2

Adding Multi-Domain Manager Account 6-4

Adding a Network Element 6-4

Enabling DHCP Logging 6-5

Testing Connectivity 6-5

Testing Connectivity of Managed Network Elements 6-5

Testing Connectivity of Physical Accounts 6-5

Enabling Device Discovery 6-6


6/164

Contents

vi


OL-30729-01

Managing a Virtual Infrastructure 7-1

About Managing VMware 7-1

Creating a Cloud 7-1

Downloading the PowerShell Agent Installer 7-2

Creating a PowerShell Agent 7-3

Verifying Cloud Discovery and Connectivity 7-3

Testing the Connection 7-3

Viewing vCenter Plug-ins 7-4

Managing Policies 8-1

Policies 8-1

Computing Policies 8-1

Data Collection Policy 8-3

Configuring a Data Collection Policy for a Virtual Account 8-3Associating the Data Collection Policy for a Virtual Account 8-4

Storage Policies 8-4

Storage Policies for Multiple VM disks 8-4

Adding and Configuring a Storage Policy 8-5

Virtual Storage Catalogs 8-6

Network Policies 8-7

Adding a Static IP Pool Policy 8-7

Adding a Network Policy 8-8

Network Provisioning Policies 8-9VLAN Pool Policies 8-10

System Policies 8-11

Configuring a System Policy 8-11

OS Licenses 8-13

Managing Virtual Data Centers 9-1

About Managing Virtual Data Centers 9-1

VDC Actions 9-1

Adding a VDC 9-1

Viewing a VDC 9-3

Editing a VDC 9-3

Deleting a VDC 9-4

Cloning a VDC 9-4

Managing Application Categories in a VDC 9-4

VDC Service Profiles 9-5

Adding VDC Service Profiles 9-5


7/164

Contents

vi


OL-30729-01

Managing Catalogs 10-1

About Managing Catalogs 10-1

Publishing a Catalog 10-1

Publishing Advanced Catalogs 10-4Publishing Advanced Catalogs 10-4

Viewing a Catalog 10-5

Editing a Catalog 10-5

Deleting a Catalog 10-6

Cloning Catalogs 10-6

Cloning a Catalog 10-6

Assessing Hosts for Deployment 10-6

Using Self-Service Provisioning 11-1

About Self-Service Provisioning 11-1

Service Requests 11-1

Creating a Service Request with Catalog TypeStandard 11-1

Service Request with Catalog TypeAdvanced 11-3

Service Request Workflow and Details 11-4

Service Request Workflow 11-4

Service Request Details 11-5

Viewing a Service Requests Workflow Status 11-6

Viewing a Service Requests Log 11-6

About Scheduling a Service Request 11-6

Scheduling Service Requests 11-6

About Resubmitting a Service Request 11-7

Resubmitting a Service Request 11-7

Other Service Request Functions 11-7

Canceling a Service Request 11-7

Rolling Back a Service Request 11-8

Viewing Service Requests for a Particular Group 11-8

Searching the Service Requests History for a Group 11-8

Exporting the Service Requests History for a Group 11-8

Reinstating an Archived Service Request 11-9

Service Request Approval Process 11-9

Approving a Service Request 11-9

Rejecting a Service Request 11-10

Viewing the Service Requests Approvals History 11-10

Searching the Service Request Approvals History 11-10


8/164

Contents

viii


OL-30729-01

Exporting Service Request Approvals History 11-10

Service Request Budgeting 11-11

Viewing the Current Month Budget Availability 11-11

Viewing Budget Entries 11-11

Adding a Budget Entry 11-11

Editing a Budget Entry 11-12

Deleting a Budget Entry 11-12

Multiple Disk VM Provisioning 12-1

About Multiple Disk VM Provisioning 12-1

Workflow for Multiple Disk VM Provisioning 12-2

About Templates with Multiple Disks 12-2

Assigning Disk Categories 12-2

Defining the Storage Policies 12-2

Creating a Storage Policy 12-3

Creating a Catalog 12-4

Adding a Catalog 12-4

Creating a VM Disk 12-7

Using the Chargeback Module 13-1

About Chargeback Features 13-1

Budget Policies 13-2

Configuring a Budget Policy 13-2Cost Models 13-2

Creating a Cost Model 13-2

Modifying a VDC to Include a Cost Model 13-4

Adding a Cost Model to a VDC 13-4

Editing a VDC to Include a Cost Model 13-5

Package-Based Cost Models 13-6

Creating a Package-Based Cost Model 13-6

Storage Tier Cost Models 13-8

Assigning a Cost to a Tier13-8

Assigning a Datastore to Tiers 13-8

Assigning a Datastore to a Tier 13-9

Chargeback Reports 13-9

Viewing a Current Month Summary 13-10

Viewing the Previous Months Summary 13-10

Viewing the Monthly Resource Accounting 13-10

Viewing the VM Level Resource Accounting Details 13-10


9/164

Contents

ix


OL-30729-01

Viewing the VM Level Chargeback Details 13-10

Exporting the Monthly Resource Accounting Details 13-11

Exporting the VM Level Resource Accounting Details 13-11

Exporting the VM Level Chargeback Details 13-11

Change Records 13-11

Accessing Change Records 13-12

Chargeback Calculations 13-12

System Monitoring and Reporting 14-1

Dashboard 14-1

Enabling the Dashboard 14-1

Adding Report Widgets 14-2

Refresh Widget Data 14-2

Summary 14-2Viewing Virtual Machine, Cloud and System Summary Information 14-2

Customizing Summary Report Widgets 14-2

Inventory Management 14-3

Accessing System Inventory Details 14-3

Resource Pools 14-3

Accessing Resource Details 14-3

Clusters 14-3

Accessing Clusters 14-3

Images 14-4Accessing Images 14-4

Host Nodes 14-4

Accessing Host Nodes 14-4

VMs 14-4

Accessing VMs 14-4

Accessing Group Level VMs 14-4

Topology 14-5

Accessing Topology Types 14-5

Assessment 14-5Accessing Assessments 14-5

Reports 14-5

Accessing Reports 14-6

Managing Life Cycles 15-1

Managing VM Power Settings 15-1

Resizing a VM 15-2


10/164

Contents

x


OL-30729-01

Managing VM Snapshots 15-2

Creating VM Snapshots 15-3

Reverting to a Snapshot 15-3

Marking a Golden Snapshot 15-4

Deleting a Snapshot 15-4

Deleting All Snapshots 15-4

Configuring the Lease Time for a Virtual Machine 15-5

Managing VM Actions 15-5

Viewing VM Details 15-6

Using Stack View 15-6

Deleting a VM 15-7

Creating a VM Disk 15-7

Deleting a VM Disk 15-8

Adding vNICs 15-8

Replacing a vNIC 15-9

Deleting vNICs 15-10

Launching the VM Client 15-10

Enabling the VNC Console on a VM 15-10

Accessing the VNC Console Window for a VM 15-11

Assigning a VM 15-11

VM Credentials 15-12

Using the Inventory Collection Request for a VM 15-12

Testing VNC Connectivity 15-13

Cloning a VM 15-13

Moving a VM to VDC 15-16

Resynchronizing a VM 15-16

Managing CloudSense Analytics 16-1

About CloudSense Analytics 16-1

Generating a Report 16-2

Generating an Assessment 16-2


11/164

xi


OL-30729-01

Preface

This preface contains the following sections:

Audience, page xi

Conventions, page xi

Related Documentation, page xiii Documentation Feedback, page xiii

Obtaining Documentation and Submitting a Service Request, page xiii

AudienceThis guide is intended primarily for pod administrators who use Cisco UCS Director and who have

responsibilities and expertise in one or more of the following:

Server administration

Storage administration

Network administration

Network security

Conventions

Table 1 Conventions Used in this Document

Text Type Indication

GUI Elements GUI elements such as tab titles, area names, and field labels appear i

this font.

Main titles such as window, dialog box, and wizard titles appear in th

font.

Document titles Document titles appear in this font.

TUI elements In a Text-based User Interface, text the system displays appears in th

font.

System output Terminal sessions and information that the system displays appear in

this font.


12/164

xii


OL-30729-01

Note Means reader take note. Notes contain helpful suggestions or references to material not covered in the

document.

Tip Means the following information will help you solve a problem. The tips information might not be

troubleshooting or even an action, but could be useful information, similar to a Timesaver.

Caution Means reader be careful. In this situation, you might perform an action that could result in equipment

damage or loss of data.

Timesaver Means the described action saves time. You can save time by performing the action described in the

paragraph.

Warning IMPORTANT SAFETY INSTRUCTIONSThis warning symbol means danger. You are in a situation that could cause bodily injury. Before youwork on any equipment, be aware of the hazards involved with electrical circuitry and be familiar

with standard practices for preventing accidents. Use the statement number provided at the end of

each warning to locate its translation in the translated safety warnings that accompanied this device

SAVE THESE INSTRUCTIONS

CLI Commands CLI command keywords appear in this font.

Variables in a CLI command appear in this font.

[ ] Elements in square brackets are optional.

{x | y | z} Required alternative keywords are grouped in braces and separated by

vertical bars.

[x | y | z] Optional alternative keywords are grouped in brackets and separated by

vertical bars.

string A nonquoted set of characters. Do not use quotation marks around the

string or the string will include the quotation marks.

< > Nonprinting characters such as passwords are in angle brackets.

[ ] Default responses to system prompts are in square brackets.

!, # An exclamation point (!) or a pound sign (#) at the beginning of a line

of code indicates a comment line.

Table 1 Conventions Used in this Document

Text Type Indication


13/164

xii


OL-30729-01

Related Documentation

Cisco UCS Director Documentation Roadmap

For a complete list of Cisco UCS Director documentation, see the Cisco UCS Director DocumentatRoadmapavailable at the following URL:

http://www.cisco.com/en/US/docs/unified_computing/ucs/ucs-director/doc-roadmap/b_UCSDirecto

ocRoadmap.html

Cisco UCS Documentation Roadmaps

For a complete list of all Cisco UCS B-Series documentation, see the Cisco UCS B-Series Servers

Documentation Roadmapavailable at the following URL:

http://www.cisco.com/en/US/docs/unified_computing/ucs/overview/guide/UCS_roadmap.html

For a complete list of all Cisco UCS C-Series documentation, see the Cisco UCS C-Series Servers

Documentation Roadmapavailable at the following URL:

http://www.cisco.com/en/US/docs/unified_computing/ucs/overview/guide/UCS_rack_roadmap.htm

Documentation FeedbackTo provide technical feedback on this document, or to report an error or omission, please send your

comments to [email protected]. We appreciate your feedback.

Obtaining Documentation and Submitting a Service Request

For information on obtaining documentation, submitting a service request, and gathering additionalinformation, see the monthly What's New in Cisco Product Documentation, which also lists all new

revised Cisco technical documentation.

Subscribe to the What's New in Cisco Product Documentationas a Really Simple Syndication (RSS) f

and set content to be delivered directly to your desktop using a reader application. The RSS feeds ar

free service and Cisco currently supports RSS version 2.0.
http://www.cisco.com/en/US/docs/unified_computing/ucs/ucs-director/doc-roadmap/b_UCSDirectorDocRoadmap.htmlhttp://www.cisco.com/en/US/docs/unified_computing/ucs/ucs-director/doc-roadmap/b_UCSDirectorDocRoadmap.htmlhttp://www.cisco.com/en/US/docs/unified_computing/ucs/overview/guide/UCS_roadmap.htmlhttp://www.cisco.com/en/US/docs/unified_computing/ucs/overview/guide/UCS_rack_roadmap.htmlmailto:[email protected]://www.cisco.com/en/US/docs/general/whatsnew/whatsnew.htmlhttp://www.cisco.com/en/US/docs/unified_computing/ucs/overview/guide/UCS_rack_roadmap.htmlhttp://www.cisco.com/en/US/docs/unified_computing/ucs/overview/guide/UCS_roadmap.htmlhttp://www.cisco.com/en/US/docs/unified_computing/ucs/ucs-director/doc-roadmap/b_UCSDirectorDocRoadmap.htmlmailto:[email protected]://www.cisco.com/en/US/docs/general/whatsnew/whatsnew.html


14/164

xiv


OL-30729-01


15/164

C H A P T E R

1-1


OL-30729-01

1New and Changed Information for this Release

This chapter contains the following sections:

New and Changed Information, page 1-1

New and Changed InformationThe following table provides an overview of the significant changes to this guide for this current relea

The table does not provide an exhaustive list of all changes made to this guide or of all new features

this release.

Feature Description Where Documented

Advanced Controls The following features were

added:

System task remoting

enables the remoteexecution of system tasks in

a UCS Director scalability

deployment model.

Service providers can be

enabled in UCS Director.

Advanced Controls section on page 4-

Chargeback features Several changes were made to

the chargeback features in UCS

Director.

Chapter 13, Using the Chargeback

Module

CloudSense Analytics New reports were added while

others were removed.

About CloudSense Analytics section o

page 16-1

Infrastructure System

Parameters

Changes were made to the

infrastructure system

parameters.

Configuring System Parameters

(Optional) section on page 4-2


16/164

1-2


OL-30729-01

Chapter 1 New and Changed Information for this Release

New and Changed Information

Inventory Management You can monitor the system

inventory using the dashboard.

Any changes to the physical

infrastructure are updated to the

dashboard. The dashboarddisplays the entire system level

infrastructure information for

administrative management.

Inventory Management section on

page 14-3

License Utilization

History

The number of licensed network

and storage controllers, servers,

server and desktop VMs, and

small and medium pods can be

tracked over time to see how

network resources are being

utilized.

Viewing License Utilization History

section on page 4-4

Multi-Domain

Manager Account

Cisco UCS Director Release

v4.1 supports multi-domains. Amulti-domain manager account

can be created for a newly

created physical account.

Adding Multi-Domain Manager Account

section on page 6-4

Multiple Disk VM

Provisioning

Cisco UCS Director Release

v4.1 supports VM provisioning

of multiple disks from a

template.

Chapter 12, Multiple Disk VM

Provisioning

Network Policy Network policy information has

changed.

Chapter 8, Managing Policies

Physical Infrastructure The Physical Infrastructure

chapter was added. Cisco UCS

Director discovers all

components in the newly created

physical account.

Chapter 6, Managing a Physical

Infrastructure

Self-Service

Provisioning

Several changes were made to

the way self-service

provisioning is done for VMs.

Chapter 11, Using Self-Service

Provisioning

Site Management A site can be created for a newly

created physical account.

Adding a Site section on page 6-1

System Tasks The processing of system tasks

such as data collection can be

delegated to VM service nodes.

Managing System Tasks section on

page 4-10

Updating the UCS

Director license

Updates the license using

Product Authorization Key

(PAK).

Updating the License section on page 4-3



17/164

1-3


OL-30729-01



Virtual Machine (VM)

Lease Time

A user can configure a lease

expiration time for a selected

VM.

Configuring the Lease Time for a Virtu

Machine section on page 15-5

VM Tasks The following VM tasks were

added:

Test VNCYou can testing

VNC connectivity for

troubleshooting purposes.

CloneYou can clone or

make a copy of an existing

VM in order to make a new

VM with the same or similar

qualities.

Move a VM to VDCYou

can move a VM to a VDC so

that the rules of the VDCsystem policy are followed

in the VM.

VM ResyncYou can

choose to set the number of

minutes to have a VM

resynchronize its time

periodically with UCS

Director.

Managing VM Actions section on

page 15-5



18/164

1-4


OL-30729-01




19/164

C H A P T E R

2-1


OL-30729-01

2Overview


About Cisco UCS Director, page 2-1

Physical and Virtual Management Features, page 2-4

Physical and Virtual Management Features, page 2-4 Recommended Order of System Setup, page 2-6

About Cisco UCS DirectorCisco UCS Director is a 64-bit appliance that uses the standard Open Virtualization Format (OVF)

template.

Cisco UCS Director delivers unified, highly secure management for leading converged infrastructur

solutions, which are based on the Cisco UCS and Cisco Nexus platforms.

Cisco UCS Director extends the unification of computing and network layers through Cisco UCS to

provide pod administrators with comprehensive visibility and management capability. It supportsNetApp FlexPod and ExpressPOD, EMC VSPEX, and Virtual Computing Environment (VCE) Vblo

systems, based on the Cisco UCS and Cisco Nexus platforms.

Cisco UCS Director automates the provisioning of resource pools across physical, virtual, and barem

environments. It delivers native, automated monitoring for health, status, and resource usage data. F

example, you can do the following tasks using Cisco UCS Director:

Create, clone, and deploy service profiles and templates for all servers and applications

Monitor organizational usage, trends, and capacity across a converged infrastructure on a continu

basis, such as by viewing heat maps that show virtual machine (VM) utilization across all your p

Deploy and add capacity to ExpressPod and FlexPod infrastructure in a consistent, repeatable

manner

Manage, monitor, and report on Cisco UCS domains and their components

Extend virtual service catalogs to include physical infrastructure services

Manage secure multitenant environments to accommodate virtualized workloads that runs with

nonvirtualized workloads


20/164

2-2


OL-30729-01

Chapter 2 Overview

About Cisco UCS Director

Features and Benefits

Features Benefits

Central management Single interface for administrators tomonitor, provision, and manage the system

across physical, virtual, and baremetal

environments

Unified dashboards, reports, and heat maps,

that reduce troubleshooting and performance

bottlenecks

Self-service catalog Self-service catalog that end users can order

from and deploy new infrastructure instances

following IT-prescribed policies and

governance.

Adaptive provisioning Real-time available capacity, internal

policies, and application workload

requirements that can be used to optimize the

availability of the right resources.

Dynamic capacity management Continuous monitoring that indicates

real-time infrastructure consumption to

improve capacity planning and management

Ability to identify underutilized and

overutilized resources.

Multiple hypervisor support Support for VMware ESX/ESXi, Microsoft

Hyper-V, and Red Hat hypervisors

Computing management Ability to monitor, manage, and provision

physical, virtual, baremetal servers, andblades.

Virtual machine (VM) life cycle management

and business continuance through snapshots

for end users.

Server utilization trending analysis.

Network management Policy-based provisioning of physical and

virtual switches and dynamic network

topologies

Ability to configure VLANs, virtual network

interface cards (vNICs), port groups and port

profiles, IP and Dynamic Host ControlProtocol (DHCP) allocation, and access

control lists (ACLs) across network devices


21/164

2-3


OL-30729-01

Chapter 2 Overview


Storage management Policy-based provisioning and management

of filers, virtual filers (vFilers), logical unit

numbers (LUNs), and volumes

Unified dashboards that give administrators

comprehensive visibility into organizationa

usage, trends, and capacity analysis details

Cisco CloudGenie Mobile management from Apple iPad and

iPhone and Android devices

Mobile self-service provisioning, virtual

machine management, and viewing of

administrative dashboards

Features Benefits


22/164

2-4


OL-30729-01

Chapter 2 Overview


Physical and Virtual Management Features

Model-Based Orchestration

Cisco UCS Director includes a task library containing over 400 tasks, and out-of-the-box workflows.

Model-based orchestration and a workflow designer enable you to customize and automate infrastructure

administrative and operational tasks. You can extend and customize the system to meet individual needs

Physical Server Management

Discover and collect configurations and

changes

Monitor and manage physical servers

Perform policy-based server provisioning

Manage blade power

Perform server use trending and capacity

analysis

Perform baremetal provisioning using

preboot execution environment (PXE) boot

management

Virtual Computing Management

Discover, collect, and monitor virtual

computing environments

Perform policy-based provisioning and

dynamic resource allocation

Manage the host server load and power

Manage the virtual machine (VM) life cycle

and snapshots

Perform analytics to assess VM capacity, and

sprawl, and host utilization

Physical Storage Management

Discover, collect, and monitor storage filers

Perform policy-based provisioning of vFilers

Provision and map volumes

Create and map logical unit number (LUN)

and iGroup instances

Perform SAN zone management

Monitor and manage network-attached

storage (NAS) and SAN-based storage

Implement storage best practices and

recommendations

Virtual Storage Management

Discover, collect, and monitor storage vFilers

and storage pools

Perform policy-based storage provisioning

for thick and thin clients

Create new data stores and map them to

virtual device contexts (VDCs)

Add and resize disks to VMs

Monitor and manage organizational storage

use

Perform virtual storage trend and capacity

analysis

Physical Network Management

Discover, collect, and monitor physical

network elements

Provision VLANs across multiple switches

Configure access control lists (ACLs) on

network devices

Implement dynamic network topologies

Virtual Network Management

Add networks to VMs

Perform policy-based provisioning with IP

and DHCP allocation

Configure and connect virtual network

interface cards (vNICs) to VLANs and

private VLANs

Create port groups and port profiles for VMs

Monitor organizational use of virtual

networks


23/164

2-5


OL-30729-01

Chapter 2 Overview

Initial Login

Included in the task library are Day 1 through Day 3 maintenance and update activities, as shown in

following table:

Initial LoginLog in to Cisco UCS Director by hostname or IP address with the following credentials:

Username: admin Password: admin

Day-1 Day-2 Day-3

Add tenants Migrate or add applications

Integrate with enterprise

systems

Use self-service portal

Monitor performance Start metering and billing

Manage tenant changes

Self-service IaaS

Add/upgrade hardware Repurpose


24/164

2-6


OL-30729-01

Chapter 2 Overview

Recommended Order of System Setup

Note We recommend that you delete the startup admin account after you create the first admin account or, at

least, change the default password. To access the self-service portal, you must have a valid email

address.

Recommended Order of System SetupName Chapter Description

Initial Set Up 2, 3, and 4 Describes how to apply a license, set up the Admin profile,

create groups, and create users. You will learn how to access

language support, apply portal customization, and system

settings.

Physical Infrastructure Describes how to optionally add a pod and physical account,

add network elements, test the connections, and verify account

discovery.

Note You can create the virtual infrastructure before thephysical infrastructure if you want.

Virtual Infrastructure 5 Describes how to create a cloud, verify cloud discovery and

connectivity, test the connections, and view vCenter plug ins.

Policies 6 Describes how to create and manage computing policies,

storage policies, network policies, and system policies. You

will learn how to add OS licenses for Microsoft Windows

catalogs.

Virtual Data Centers 7 Describes how to set up VDCs to manage specific

environments for groups. policies, and cost models, and how

resource limits are configured and managed at the VDC level.

Catalogs 8 Describes how to set up catalog items, attach groups with

access to a catalog, and publish catalog items.

Self-Service

Provisioning

9 Describes how you can create and manage provisioning

service requests.

Multi-Disk

Provisioning

10 Describes how to configure VM disk provisioning on a

preferred single datastore or multiple datastores. It also

provides instructions on how to configure individual disk

policies for each additional disk in a template.

Chargeback 11 Describes how to create chargeback summary reports, detailed

reports, and resource accounting reports. It shows how cost

models are defined and assigned to policies within

departments and organizations.

Cloud Management 12 Describes how you can get complete cloud visibility, monitorresource usage, and manage the cloud stackclouds, clusters,

host servers, and virtual machines.

Life Cycles 13 Describes how to perform post provisioning life cycle

management actions on VMs such as VM power management,

VM resizing, VM snapshot management, and other VM

actions.


25/164

2-7


OL-30729-01

Chapter 2 Overview


CloudSense 14 Describes the analytical reports about the underlying physic

and virtual infrastructure that Cisco UCS Director can

generate.

Macros 15 Describes how to use the Macros feature to customize VM

names and VM hostnames using variables provided by theapplication.

Name Chapter Description


26/164

2-8


OL-30729-01

Chapter 2 Overview



27/164

C H A P T E R

3-1


OL-30729-01

3Managing Users and Groups


Managing User Types, page 3-1

Managing Groups, page 3-7

Configuring the Administration Profile, page 3-11 Managing User Access Profiles, page 3-14

Authentication and LDAP Integration, page 3-16

Branding, page 3-19

Note You must be logged in to the appliance before you can run any of the following procedures.

Managing User Types

As the system administrator, you have full privileges to manage Cisco UCS Director, including addusers, viewing users and user permissions, and modifying individual user read/write permissions fo

different system components.

Most users will view and use the Administrative Portal when they log in, which is described in this gui

User Types

Cisco UCS Director supports a number of user types:

All Policy Admin

Billing Admin

Computing Admin

Group AdminAn end user with the privilege of adding users. This user can use the Self-Servi

Portal

IS Admin

Network Admin

Operator

Service End UserThis user only views and uses the Self-Service Portal.


28/164

3-2


OL-30729-01

Chapter 3 Managing Users and Groups

Managing User Types

Storage Admin

System Admin

Default User Permissions

Each user type has a default set of system permissions.

All Policy Admin

Billing Admin

Task Permission

Computing Clouds Read-only

Storage Clouds Read-only

Network Clouds Read-only

Group Service Request Read/write

Approver Service Request Read/write

Chargeback Read-only

Catalog Read-only

VDC Read-only

Computing Policy Read/write

Storage Policy Read/write

Network Policy Read/write

Service Delivery Policies Read/write

System Admin Read-only

Users and Groups Read-only

Budgeting Read-only

Cloud Accounts Read-only

Resource Accounting Read-only

Resource Limit Report Read-only

Group Users Read-only

Task Permission




Group Service Request Read-only



Catalog Read-only

VDC Read-only

Computing Policy Read-only


29/164

3-3


OL-30729-01


Managing User Types

Computing Admin

Group Admin

Storage Policy Read-only


Service Delivery Policies Read-only

System Admin Read-onlyUsers and Groups Read-only

Budgeting Read-only





Task Permission




Computing Infrastructure Read/write




Catalog Read-only

VDC Read-only



Network Policy Read-only




Budgeting Read-only





Task Permission

Task Permission

Computing Cloud write only




30/164

3-4


OL-30729-01


Managing User Types

IS Admin


Catalogs Read-only

VDC Read-only

Resource accounting Read-onlyResource limit report Read-only

VM label Write-only

Group users Read/write

Task Permission

Task Permission



Network Clouds Read-onlyComputing Infrastructure Read-only




Catalog Read/write

VDC Read/write




Service Delivery Policies Read/writeSystem Admin Read-only


Budgeting Read-only






31/164

3-5


OL-30729-01


Managing User Types

Network Admin

Operator

Task Permission







Catalog Read-only

VDC Read-only







Budgeting Read-only





Task Permission







Catalog Read-only

VDC Read-only







Budgeting Read-only



32/164

3-6


OL-30729-01


Managing User Types

Service End User

Storage Admin




Task Permission

Computing Cloud Write-only




Catalogs Read-only

VDC Read-only

Resource accounting Read-only

Resource limit report Read-only

Task Permission







Catalog Read-only

VDC Read-only







Budgeting Read-only





Task Permission


33/164

3-7


OL-30729-01


Managing Groups

System Admin

Managing GroupsA group or customer organization must be created before a user can be added.

Creating a Group or Customer Organization

Step 1 On the menu bar, choose Administration> Users and Groups.

Step 2 Choose the User Groups tab.

Step 3 Click Add.

Step 4 In the Add Groupdialog box, complete the following fields:

Task Permission

Computing Clouds Read/write

Storage Clouds Read/write

Network Clouds Read/write




Catalog Read/write

VDC Read/write




Service Delivery Policies Read/write

System Admin Read/write

Users and Groups Read/write

Budgeting Read/write

Cloud Accounts Read/write



Resource Limit Write-only


Name Description

Name field The name of the group/customer organization.

Description

field

The description of the group/customer organization if required.

Code field A shorter name or code name for the group. This name is used in VM and hostname template


34/164

3-8


OL-30729-01


Managing Groups

Step 5 Click Add.

What to Do Next

Repeat this procedure if you want to add more groups.

Password Policy

The password policy applies to all the users and is enforced when you add a user or change the password

for all user types. This policy enables the following password constraints:

Password length

Whether the password can be the same as the username

Whether a user can reset the current password as a new password

Regular expressions that are disallowed in a password

Creating a Password Policy


Step 2 Choose the Password Policytab.

Step 3 In the Password Policypane, complete the following fields:

Cost Center

field

(Optional) The cost center name or number if required. This name or number represents a cost

center that a group is associated with . This name can be used in a VMware System policy for

the VM naming convention.

Note For more information about using Cost Centerfor naming conventions, see Chapter

6, Managing Policies.

Contact Email

field

The contact email address. This email is used to notify the group owner about the status of

service requests and request approvals if necessary.

First Name

field

The contacts first name.

Last Name

field

The contacts last name.

Phone field The contacts phone number.

Address field The contacts address.

Name Description

Name Description

Minimum Password Length

drop-down list

Choose the minimum number of characters for the password.

Maximum Password Length

drop-down list

Choose the maximum number of characters for the password.

Minimum Character Classes

drop-down list

Choose the minimum number of character classes such as upper case, lower

case, numbers, and special characters.


35/164

3-9


OL-30729-01


Managing Groups

Step 4 Click Submit.

Group Budget Policy

Resources are accounted for by using the Chargeback feature. For resource usage by a group or custom

organization, you associate the entity with a budget policy.

You can configure a group or customer organization with a budget watch, and configure a group or

customer organization to stay within or exceed the provisioned budget.

Viewing and Editing a Group Budget Policy



Step 3 Choose a group from the list.

Step 4 Click Budget Policy.

Step 5 In the Budget Policydialog box, complete the following fields:

Step 6 Click Save.

Resource Limits

You can configure resource limits for a group or customer organization to help manage group resou

utilization. You can specify limits on the following:

Disallow Login in Password

check box

Check the check box to disallow passwords, which are the same as the log

ID.

Disallow Previous Password

check box

Check the check box to disallow the previous password from being used an

the new password being the same as the old password.

Disallow Passwords that match

regular expression field

The regular expressions (one per line) that are not allowed for passwords.

For example, .*abc.* specifies that a given password cannot contain the

string abc.

Name Description

Enable Budget Watch

check box

Check the check box to monitor the groups budget usage. Uncheck the check box t

ignore all budget entries for this group.

Allow Over Budget

check box

Check if the group members are allowed over the provisioned budget. Uncheck the

check box to reject all requests, once the budget is exhausted, until a new budget i

added.


36/164

3-10


OL-30729-01


Managing Groups

Note Configuring operating system resources and physical resources limits are not supported for public

clouds.

Virtual resources

Operating system resources

Physical resources

Viewing Resource Limits

Step 1 On the menu bar, choose Organizations> Summary.

Step 2 Click a group to view.

Step 3 Choose the Resource Limitstab to view the current limit, usage, pending SR usage, and status of the

resources for the selected group.

Editing Resource Limits


Step 2 Choose the User Groupstab.

Step 3 Choose a group and click Edit Resource Limits. The Resource Limitdialog box appears.

Step 4 In the Resource Limitdialog box, check the Enable Resource Limitscheck box and complete the

following fields:

Name Description

Group display-only field The group name.

Enable Resource Limits check box Check the check box to enable the resource limits, or uncheck the

check box to disable the resource limits. If checked, the user is

provided with the option to set resource limits for a group and all

nonzero resource limits are applied.

Maximum Active VM Count field The maximum number of active VMs.

Maximum Total VM Count field The total number of VMs.

Provisioned vCPUs Limit field The maximum number of provisioned vCPUs.

Provisioned Memory (GB) Limit field The provisioned memory limit, in gigabytes.

Provisioned CPU (GHz) Limit field The provisioned CPU limit, in gigahertz.

Provisioned Disk (GB) Limit field The provisioned limit for disks, in gigabytes.

Reserved CPU (GHz) Limit field The reserved limit of CPUs, in gigahertz.

Reserved Memory (GB) Limit field The reserved memory limit, in gigabytes

Maximum Snapshot (GB) Limit field The maximum limit for snapshots, in gigabytes.


37/164

3-1


OL-30729-01


Configuring the Administration Profile

Step 5 Click Save.


You must first configure your system administrator profile before you can configure groups and theusers.

Creating the admin Profile


Step 2 Choose the Login Userstab.

Count CPU and Memory for Inactive

VMs check box

Check the check box to include the group's inactive VM CPU or

memory data in the computation of resource limits. Uncheck the

check box to exclude inactive VM CPU or memory data from the

computation of resource limits.

OS Resource LimitsNote The configuration of OS resource limits and physical resource limits are not supported for public

clouds.

CentOS field The maximum number of CentOS (Community Enterprise

Operating System) servers.

Windows Server 2003 field The maximum number of Windows 2003 servers.

Windows Server 2008 field The maximum number of Windows 2008 servers.

Windows 7 field The maximum number of Windows 7 machines.

Windows XP field The maximum number of Windows XP machines.

Red Hat field The maximum number of Red Hat machines.

Ubuntu field The maximum number of Ubuntu machines.

FreeBSD field The maximum number of FreeBSD machines.

Other Linux field The maximum number of other Linux OS.

Other field The maximum number of other OS.

Physical Resource Limits

Maximum Physical Server Count field The maximum number of servers.

Maximum Physical Server Memory (GB)

field

The maximum amount of server memory.

Maximum Physical Server CPU Count

field

The maximum number of server CPUs.

Maximum vFiler Count field The maximum number of vFilers.

Maximum Physical Storage Space (GB)

field

The maximum amount of storage space.

Name Description


38/164

3-12


OL-30729-01



Step 3 Click Add.

Step 4 In the Add Userdialog box, complete the following fields:

Step 5 Click Add.

Changing the admin Password



Step 3 In the Login Namecolumn, choose admin.

Step 4 Click Change Password.

Step 5 In the Change Passworddialog box, enter a new password for the adminuser and confirm it.

Step 6 Click Save.

Adding Users

Before You Begin

Ensure that you have created a group to which the user can belong.



Step 3 Click Add(+).

Name Description

User Type drop-down list Choose System Admin. The system administrator has full

privileges.Login Name field The login name. The default is admin.

Password field The admin password.

Confirm Password field The admin password that is entered again for confirmation.

User Contact Email field The administrators email address.

First Name field The administrators first name.

Last Name field The administrators last name.

Phone field The administrators phone number.

Address field The administrators address.


39/164

3-1


OL-30729-01



Step 4 In the Add Userdialog box, complete the following fields:

Step 5 Click Add.

What to Do Next

After choosing a user from the main window and then clicking Manage Profiles, you can optionallassign multiple roles for that user.

Viewing Current Online Users


Step 2 Choose the Current Online Users tab to view online user details.You can view the username, IP

address, session start time, last data access, and client.

Name Description

User Type drop-down list Choose the user type.

Note The Group Admin user type is the only administrator user role that can

be assigned to a user group.User Group drop-down list Choose the group or customer organization to which the user belongs.

Login Name field The user's login name.

Password field The user's password.

Note If the Lightweight Directory Access Protocol (LDAP) authentication is

configured for the user, the password is validated only at the LDAP

server, not at the local server.

Confirm Password field The user's password that is entered again for confirmation.

User Contact Email field The user's email address.

Note The email address is used to notify the group owner about service reques

status and to request approvals.First Name field The user's first name.

Last Name field The user's last name.

Phone field The user's phone number.

Address field The user's address.


40/164

3-14


OL-30729-01


Managing User Access Profiles


Multi-Role Access Profiles

A user can be assigned to more than one role, which is reflected in the system as a user access profile.

For example, a user might log into Cisco UCS Director as a group administrator and an all-policy

administrator, if both types of access are appropriate.

Note One of the profiles can be set as the default user access profile.

Note The Manage Profiles feature enables you to add, log into, edit, or delete a user access profile.

Creating a User Access Profile



Step 3 Choose a user from the list.

Step 4 Click Manage Profiles.

Step 5 In the Manage Profileswindow, click Add(+).

Step 6 In the Add Entry to Access Profilesdialog box, complete the following fields:


What to Do NextCreate additional user access profiles as needed.

Editing a User Access Profile



Name Description

Name field The profile name.Description field The description of the profile .

Type drop-down list Choose the user role type.

Group drop-down list Choose the users group.

Default Profile check

box

Check the check box if this is the default user access profile. Uncheck the check box

if it is not the default.


41/164

3-1


OL-30729-01





Step 5 In the Manage Profileswindow, choose a user from the list.

Step 6 Click Edit.

Step 7 In the Edit Access Profiles Entrydialog box, edit the Name, Description, Type, Group, or the DefaProfilefields, as needed.


Deleting a User Access Profile





Step 5 In the Manage Profileswindow, choose a user from the list.

Step 6 In the Manage Profiles dialog box, click Delete.

Logging in to a Profile

Step 1 In the Cisco UCS Director logindialog box, in the Usernamefield, enter your username in the form

Username:Access Profile Name.

Note For example, Alex:GrpAdmin

Step 2 In the Passwordfield, enter your password.

Step 3 Click Login.

Default Profile

The default profile is the first profile that you created in the system. You can change the default to

another profile. Using the new default profile, you log in by entering the username and password.

Changing the Default Profile

Step 1 At the upper right of the window (to the left of logout), click the username.

Step 2 In the User Informationwindow, choose the Access Profilestab.

Step 3 Choose a user profile, and click Set as Default Profile.


42/164

3-16


OL-30729-01


Authentication and LDAP Integration

Note A profile can also be set as default while adding or editing a profile.

Authentication and LDAP IntegrationYou can configure a preference with or without a fallback choice for local authentication and a

preference with a fallback for the LDAP. You can also configure a preference with no fallback for

Verisign Identity Protection (VIP) authentication.

Configuring Authentication Preferences


Step 2 Choose the Authentication Preferencestab.

Step 3 In the Authentication Preferencespane, complete the following fields:

Name Description

Local Authentication Authentication is local only (Cisco UCS Director), and not through the

LDAP server.

Local First, fallback to LDAP

drop-down list option

Authentication is done first at the local server (Cisco UCS Director). If the

user is unavailable at the local server, the LDAP server is checked.

LDAP First, fallback to Local


Authentication is done first at the LDAP server. If the user is unavailable at

the LDAP server, the local server is checked (Cisco UCS Director).

Verisign Identity Protection


VIP Authentication Service (two-factor authentication) is enabled.

Name Description

Authentication Preferences

drop-down list

Choose the Authentication Preference.

If you chose Local Authentication, continue to Step 4.

If you chose VIP, continue to Step 5.

User Name field The username.

Password field The user password.

Port Number field The port number.

Server field The IP address of the server.

Domain Name field The domain name.

LDAP Sync Interval drop-downlist

Choose the LDAP synchronization interval.

Enable LDAP Sync check box Check the check box if you want to enable LDAP synchronization. Uncheck

the check box if you do not want LDAP synchronization.

Modify Existing Users and

Groups check box

Check the check box if you want to enable modification of existing users and

groups.

Test LDAP Check the check box if you want to test LDAP connectivity to Cisco UCS

Director.


43/164

3-1


OL-30729-01



Step 4 (Optional) For local authentication, click Save.

Step 5 (Optional) In the VIP Certificatefield, browse to the VIP Certificate file and choose it.

Step 6 Enter the Password.

Step 7 Click Save.

What to Do Next

If you configured LDAP first as the authentication preference, you must configure the LDAP credenti

LDAP Integration

You can use LDAP integration to synchronize the LDAP servers groups and users with Cisco UCS

Director. LDAP authentication enables synchronized users to authenticate with the LDAP server. Y

can synchronize LDAP users and groups automatically or manually.

Note Users that do not belong to a group or a domain users group display in LDAP as Users with No Gro

These users are added under the domain users group in Cisco UCS Director.

You cannot choose users and groups that exist locally or are synchronized externally in Cisco UCS

Director.

LDAP Integration Rules and Limitations

Group Synchronization Rules

If a chosen LDAP group already exists in Cisco UCS Director and the source is type Local, the

group is ignored during synchronization.

If a chosen LDAP group already exists in Cisco UCS Director and the group source is type Extern

the groups description and email attributes are updated in the Cisco UCS Director.

A maximum of 1000 users (subject to availability) are displayed for selection in manual search w

you use the advanced search option. This option is available by clicking Request Manual LDA

Sync.

User Synchronization Rules

If a chosen LDAP user already exists in Cisco UCS Director and the source is type Local, the u

is ignored during synchronization.

If a chosen LDAP user already exists in Cisco UCS Director and the source type is External, thusers name, description, email, and other attributes are updated for the user.

User Synchronization Limitations

A user password cannot be retrieved from the LDAP server. Instead, a random password is genera

for the user during LDAP synchronization.

If a user has multiple group membership, that user has single group membership in Cisco UCS

Director.


44/164

3-18


OL-30729-01



Note Be sure that the user is assigned to the correct group after the LDAP synchronization process.

Managing LDAP Integration

Step 1 On the menu bar, choose Administration > Users and Groups.

Step 2 Choose the LDAP Integrationtab to view the status of LDAP server synchronization.

Step 3 (Optional) Choose a server and click the following buttons, as needed, to manage LDAP integration:

Step 4 (Optional) For an LDAP synchronization request, verify the IP address/domain name, and click Submit

Step 5 (Optional) If you chose LDAP Manual Server Sync, complete the following fields:

Step 6 For basic search, click Select.

Step 7 Choose the distinguished name to search, and click Select.

Step 8 For advanced search, in the Select Users and Groupspane, add or edit attribute names for User Filters

and Group Filters.

Step 9 Click Next.

Step 10 Choose the LDAP Groupsand LDAP Users.

Name Description

Search BaseDN button Enables you to choose a distinguished domain name to search. All users and groups

from the chosen organization units are fetched into Cisco UCS Director when the

Enable LDAP Synccheck box is checked in the Authentication Preferencestab.

This action is also considered to be an automatic sync process.

Request LDAP Sync Enables on-demand synchronization of the LDAP server. This action syncs the

users/groups from the selected organization in Search Base DN. Groups and usersadded from LDAP appear as type External. Groups and users added by Cisco UCS

Director appear as type Local.

Click Submit to synchronize the server.

LDAP user changes are immediately reflected.

Note Make sure that the user is assigned to the correct group after the LDAP Sync

is processed.

Continue to Step 4.

Request Manual LDAP

Sync

Displays a dialog box that enables you to specify either basic or advanced search

criteria to fetch LDAP users and groups.

Continue with Step 6.

Name Description

Basic Search field Check the check box to enable Basic Searchby organization unit.

If checked, continue to Step 6.

Advanced Search field Check the check box to enable Advanced Search.

If checked, continue to Step 8.


45/164

3-1


OL-30729-01


Branding

Step 11 Click Submitto synchronize the LDAP server.

Single Sign-On

Cisco UCS Director provides a single sign-on using One Login. Single sign-on prevents a user from

having to enter a password multiple times to access the application.

When Single Login is enabled, a user can log into that portal to access Cisco UCS Director.

Note A single sign-on is available for Cisco UCS Director after you register a One Login certificate.

Enabling a Single Sign-On


Step 2 Choose the Single Sign-Ontab.

Step 3 In the Single Sign-Onpane, check the Enable Single Sign Oncheck box.

Step 4 In the Select a File for Uploadfield, browse to the One Login certificate file and choose it.

Step 5 Click Upload.

Step 6 When the upload is complete, click Submit.

BrandingFor a group or customer organization, the branding options are as follows:

Logo image in PNG, JPG, or GIF format

Customized application labels

URL to forward the Self-Service Portal to upon logout

Custom links with labels and URLs specified

Login page background and logo.

Branding Groups and Customer Organizations

Step 1 On the menu bar, choose Administration > Users and Groups.


Step 3 Choose the group to brand.

Step 4 Click Branding.


46/164

3-20


OL-30729-01


Branding

Step 5 In the Group Brandingdialog box, complete the following fields:

Step 6 In the Select a File for Uploadfield, browse to the logo image file and choose it.

Note Make sure that the logo image is in PNG, JPG, or GIF format. The optimal image size is 200

pixels in width and 100 pixels in height. We recommend that you use a small file size to enable

faster download.

Step 7 Click Upload.

Step 8 (Optional) For application labels, enter at least one application label in the Label 1and Label 2 fields.

Step 9 (Optional) In the URLfield, enter the URL to direct the user to upon logout.

Step 10 (Optional) Complete at least the first two fields:


Login Page Branding

A login page can be configured to display a logo that is associated with a domain name. When the enduser logs in from that domain, the user sees the custom logo on the login page. The optimal image size

for a logo is 890 pixels wide and 470 pixels high, with 255 pixels allowed for white space. We

recommend that you keep the image size small to enable faster downloads.

Note The group or customer organization login page must first be configured (enabled) for branding.

Name Description

Logo image check box Check the check box to upload a logo image.

Continue to Step 6.

Application Labels check box Check the check box to customize an application labelto appear in the application header.

Continue to Step 8.

URL Forwarding on Logout check box Check the check box to forward to a specific URL

upon logout.

Continue to Step 9.

Custom Links check box Check the check box to brand custom links.

Continue to Step 10.

Name Description

Custom Link 1 Label field The label for custom link 1.

Custom Link 1 URL field The URL for custom link 1.

Custom Link 2 Label field The label for custom link 2.

Custom Link 2 URL field The URL for custom link 2.


47/164

3-2


OL-30729-01


Branding

Configuring a Custom Domain Logo


Step 2 Choose the Login Page Brandingtab.

Step 3 Click Add.

Step 4 In the Domain Brandingdialog box, complete the following fields:


Name Description

Domain Name field The domain name to brand.

Custom Domain Logo check box Check the check box to enable login page branding from a specified doma

name.

Select a fi le for upload field The logo file to upload.

Note The optimal image size for a logo is 890 pixels wide by 470 pixel

high, with 255 pixels for white space . We recommend that you kee

the image size small to enable faster downloads.


48/164

3-22


OL-30729-01


Branding


49/164

C H A P T E R

4-1


OL-30729-01

4Managing System Administration Settings


Setting Up the Outgoing Mail Server, page 4-1

Configuring System Parameters (Optional), page 4-2

Updating the License, page 4-3 Verifying License Utilization, page 4-4

Viewing License Utilization History, page 4-4

Viewing Resource Usage Data, page 4-4

Edit Application Categories, page 4-5

Customizing the Portal, page 4-6

Customizing Reports, page 4-8

Advanced Controls, page 4-8

User Menus, page 4-9

User Permissions, page 4-10 Managing System Tasks, page 4-10

Managing Icons, page 4-14

Support Information, page 4-15

Note You must be logged in to the appliance before you can run any of the following procedures.

Setting Up the Outgoing Mail Server

All outgoing emails from Cisco UCS Director require an SMTP server.

Step 1 On the menu bar, choose Administration > System.

Step 2 Choose the Mail Setuptab.


50/164

4-2


OL-30729-01

Chapter 4 Managing System Administration Settings

Configuring System Parameters (Optional)

Step 3 In the Mail Setuppane, complete the following fields:

Step 4 Click Save.



You should edit the system parameters only if you need to change the defaults.


Step 2 Choose the System Parameterstab.

Step 3 In the System pane, complete the following fields:

Name Description

Outgoing Email Server (SMTP)

field

The outgoing SMTP server address.

Outgoing SMTP Port field The outgoing SMTP server port number.Outgoing SMTP User field The user ID.

Outgoing SMTP Password field The user password.

Outgoing Email Sender Email

Address field

The senders email address.

Cloupia Server IP address field The IP address or DNS name of the Cisco UCS Director virtual appliance.

This field is used to create proper links in emails for user workflow actions.

Send Test Email check box Check this check box to test the current email settings.

Name Description

Number of Days to

Keep Deleted VMs Data

field

The user-defined number of days that the system retains VM data.

Number of Days to

Keep Events field

The user-defined number of days that the system retains all events.

Note Events older than the mentioned time period are deleted.

Number of Days to

Keep Trend Data field

The user-defined number of days that the system retains trend data or historical data

of the inventory (such as CPU, storage, and memory usage).

Note This data is used for reporting.

Number of Days to

Keep Metering Data

drop-down list

Choose the number of days that the system retains VM metering records.

Note This data is specific to VMs and their resources.

Download VM Locking

Controls from URL

field

VM locking controls from the specified URL.

Note The file must be in XML format.


51/164

4-3


OL-30729-01


Updating the License

Step 4 Click Save.

Configuring Infrastructure System Parameters (Optional)

You can set parameters for polling the virtual and physical system infrastructure resources.


Step 2 Choose the Infrastructure System Parameterstab.

Step 3 In the entry box, enter the infrastructure polling interval in minutes. The default is 60 minutes.

Step 4 In the entry box, enter the number of days to keep trend data for the system infrastructure. The defa

is 30 days.

Step 5 Click Save.

Updating the LicenseYou can update the license using Product Authorization Key (PAK).

Step 1 On the menu bar, choose Administration > License.

Step 2 Choose the License Keystab.

Step 3 Click the Update Licenseoption. The Update PAK dialog box is displayed.

Step 4 Click Browseto navigate and choose the PAK license file.

Step 5 Click Uploadto upload the PAK license file.

Note If the license file does not upload, check the check box and copy and paste the license text into the lice

text field.

Step 6 Click Submit. The license is updated.

Currency drop-down

list

Choose the type of currency to use. Available currencies are US, EURO, GBP, KRW

CAD, CHF, CLP, NR, JPY, AUD, NZD, SGD, HKD, MYR, MXN, BRL, AED,

DKK, SEK, KWD, CYN, RUB, ZAR, and Other.

Other Currency field This field appears when Otheris chosen under Currency. Enter the currency nam

(one only).

Currency Precision

drop-down list

Choose the currency precision in decimal points. Available precision is from 0 to 5

decimal points.

Name Description


52/164

4-4


OL-30729-01


Verifying License Utilization

Verifying License UtilizationThe License Utilizationpage shows the licenses in use and details about each license, including license

limit, available quantity, status, and remarks. License audits can also be run from this page.


Step 2 Choose the License Utilizationtab.

Step 3 Choose a Cisco UCS Director appliance.

Step 4 (Optional) To run a license audit, click Run License Audit.

Step 5 In the Run License Audit dialog box, click Submit. This process takes several minutes to run.

Viewing License Utilization HistoryThe number of licensed network and storage controllers, servers, server and desktop VMs, and small and

medium pods can be tracked over time to see how network resources are being utilized.


Step 2 Choose the License Utilization History tab.

The license utilization history is displayed for the following resource categories:

Network Controllers

Storage Controllers

Servers

Server VMs

Desktop VMs

Small pods

Medium pods

Viewing Resource Usage DataYou can view how resources are being utilized in your environment.


Step 2 Choose the Resource Usage Data tab.

There are three report categories:

Report ContextShows the number of reports available for each resource.

Resource NameName of the available resources associated with Cisco UCS Director.


53/164

4-5


OL-30729-01


Edit Application Categories

Resource CountNumber of each available resource.

Edit Application CategoriesAny VM provisioned using Cisco UCS Director is categorized based on its type. The VM type can b

web server, database, application server, or other. Cisco UCS Director also has a separate category

discovered VMs.

There are 12 application categories for you to use or edit:

Discovered VM

Generic VM

Web Server

Application Server

Database

AppCPU Intensive

AppMemory Intensive

AppDisk Intensive

AppNetwork Intensive

Other App 1

Other App 2

Other App 3


Step 2 Choose the Application Categoriestab.

Step 3 Choose an Application Category.

Step 4 Click Edit.

Step 5 In the Edit Categorydialog box, complete the following fields:


Name Description

Category ID display-only field The numerical value given to the category by the system,

Category Label field The category type.

Category Code field The VM and host naming.

Description display-only field A description of the category.

Category Enabled display-only

check box

The check box default is checked.

Default Smart Allocation

Algorithm drop-down list

Choose an algorithm.


54/164

4-6


OL-30729-01


Customizing the Portal

Customizing the PortalOrganizations can customize self-service portals. The logo, login page, home page, and so on can be

customized for branding and user interface-related changes.

Customizing the Login Page and Background Images

You can change the login page and background images by uploading custom images.

Step 1 On the menu bar, choose Administration > User Interface Settings.

Step 2 Click Login Page.

Step 3 Check the Use customizable Login page check box.

Step 4 In the Logo Imagesand Background Imagespane, choose an item from one or both panes.


Customizing the Application Logo

You can customize the application logo on the home page by uploading a custom image.

Step 1 On the menu bar, chooseAdministration > User Interface Settings .

Step 2 Choose the Application Logotab.

Step 3 In the Imagespane, choose the image, or click Addto add a new image that is not listed.


Customizing Favicons

You can customize a favorites icon (Favicon) that is displayed in the browsers address bar or next to the

page name if bookmarked.


Step 2 Choose the Favicontab.

Step 3 In the Image Label column, choose the image, or click Addto add a new image not listed.


Note The Favicon image size must be 16 x 16 pixels and in PNG format.


55/164

4-7


OL-30729-01


Customizing the Portal

Customizing the Application Header

You can customize the self-service portal labels, next to the customer logo, by modifying existing lab


Step 2 Choose the Application Header tab.

Step 3 In the Application Headerpane, complete the following fields:

Step 4 Click Save.

Customizing the Date Display

Numerous data display formats are supported.

Step 1 On the menu bar, chooseAdministration > User Interface Settings .Step 2 Choose the Date Displaytab.

Step 3 Edit the date format.

Step 4 If required, click Hide Timezoneto hide the time zone display from the user interface.

Step 5 Click Save.

Name Description

Hide Entire Header check

box

Check the check box to hide the header section. If checked, the header that contain

the logo image, application name, and links, such as Logout, are hidden.

Product Name field The product name.

Product Name 2nd Line

field

Continuation of the product name.

Enable About Dialog

check box

Check the check box to enable the Aboutlink in the header. Uncheck the check bo

to disable the Aboutlink in the header.

Administrator Portal

Custom Link 1 Label field The custom link label 1 for the administrator portal.

Custom Link 1 URL field The custom link URL 1 for the administrator portal.

Custom Link 2 Label field The custom link label 2 for the administrator portal.

Custom Link 2 URL field The custom link URL 2 for the administrator portal.

End-user Portal

Custom Link 1 Label field The custom link label

ucs director admin guide

Documents

cisco systems

cisco logo

cisco representative

ist of cisco trademarks

cisco website atwww

use of actual ip addresses

actual addresses

thirdparty trademarks