Add to collection(s) Add to saved
  1. No category

UCS Central 1.1(1a)

UCS Central
Best Practices
UCS
Jeff Silberman (jesilber@cisco.com)
© 2010 Cisco and/or its affiliates. All rights reserved.
Cisco Confidential
1
UCS Manager
Domain
Server
Single
Datacenter
Global
Datacenters
Chassis
© 2010 Cisco and/or its affiliates. All rights reserved.
Cisco Confidential
2
•
Administrative power is HIGHLY concentrated

Slightest changes can have broadest consequences
Everything is “Opt-In” and “Bottom-Up”
•
-
•
Registration is Bottom Up
Global Policy Resolution is not the default
UCS Central does not “take control”. Control is given
Migrate to Global Policies over time, as comfort increases
o
•
Global resolution can revert back to Local
Global Policy resolution promotes administrative scalability
UCS Central :
•
-
Depends on UCS Manager
Is an extension of UCS Manager and the UCS Management Model
Is NOT a replacement for UCS Manager
© 2010 Cisco and/or its affiliates. All rights reserved.
Cisco Confidential
3
• Global Policies and Global Service Profiles
• Cluster-mode High Availability
• Statistics with optional External Database Support
• Improved Graphics Display
Solid Fit For:
• Global Inventory Visibility, Global Faults,
• Global Operational Policies (Backups, TZ, DNS, …)
• Global Service Profiles for Net-new Workload
© 2010 Cisco and/or its affiliates. All rights reserved.
Cisco Confidential
4
• UCS Central 1.0(1a) works with UCSM 2.1.1 and above
• UCS Central 1.1(1a) works with UCSM 2.1.2 and above (UCSM 2.1.3 recommended)
• 4 vCPUs , 12GB Memory
• Licenses:
•L-UCS-CTR-INI=
•L-UCS-CTR-LIC=
© 2010 Cisco and/or its affiliates. All rights reserved.
Cisco Confidential
5
• Admin-defined grouping
• Any domain can only be in one DG at a time
• Domains are in “Ungrouped Domain Group” by
default
UCS Central
• Operational Policies resolve on DGs
• Domains can move between DG’s --- but it might
be disruptive
Domain Group
EUROPE
• Hierarchical Policy resolution allows local overrides
© 2010 Cisco and/or its affiliates. All rights reserved.
Sub
Domain
Group
NEW
YORK
DALLAS
Domain Group
• Domain Group Policy Qualifications allow for “auto-
join” in to a DG
Sub
Domain
Group
US
Domain Group
ASIA-PACIFIC
Sub
Domain
Group
LOS
ANGELES
Cisco Confidential
6
• UCS Central 1.1(1a) supports either Local or LDAP
• LDAP Attribute-based authentication requires a schema change
UCS Role to LDAP Group support is currently missing
• UCS Central uses “root” DG for authentication.
If using global authentication, then do not populate the “root” DG with UCS domains
© 2010 Cisco and/or its affiliates. All rights reserved.
Cisco Confidential
7
© 2010 Cisco and/or its affiliates. All rights reserved.
Cisco Confidential
8
© 2010 Cisco and/or its affiliates. All rights reserved.
Cisco Confidential
9
• Use “G-” prefix for Global Objects
• Avoid using “global-default” or “default”
© 2010 Cisco and/or its affiliates. All rights reserved.
Cisco Confidential
10
© 2010 Cisco and/or its affiliates. All rights reserved.
Cisco Confidential
11
© 2010 Cisco and/or its affiliates. All rights reserved.
Cisco Confidential
12
Best
Practice
• Maintain the default local policy resolution. Gain comfort and understanding, prior
to a broader adoption of global policies
• Use “Import” when possible
© 2010 Cisco and/or its affiliates. All rights reserved.
Cisco Confidential
13
Best
Practice
• Use the UCS Platform Emulator
• Use UCS Central with Global Objects for Net-New Workload deployments
• Leave existing workloads in Locally managed mode, until end of lifecycle
• Local Affinity exists for External IP Pools and Boot Policies
© 2010 Cisco and/or its affiliates. All rights reserved.
Cisco Confidential
14
Best
Practice
• Just Do It
UCS Central Objects can’t be automatically re-created from UCS backups

Domain Groups don’t’ exist in UCSM

Operational Policies terminate on Domain Groups
© 2010 Cisco and/or its affiliates. All rights reserved.
Cisco Confidential
15
o Global Objects visible from “drop-down” menus, or “pulled in” to UCSM when needed
upon deployment of Global Service Profiles --- but are not pushed upon creation
o Maintenance Policies
•
•
For user acknowledgement locally within UCSM, create and use Maintenance Policies
based on “user-ack”.
For acknowledgement within UCS Central, chose “timer-automatic”, and select a
Schedule that uses the “user-ack”option.
o Host OS version coverage.
Check release notes
o External Statistics Database is not backed up automatically
o UCSM may require a forced Time sync
o Avoid Hypervisor Resource Contention with other VMs
o Cluster HA Mode requires proper configuration of Shared Disk
© 2010 Cisco and/or its affiliates. All rights reserved.
Cisco Confidential
16
•
UCS Central Admin policies are in “root” DG
•
LDAP Authentication missing Group mappings
•
Adopting Global IDs causes service interruption in UCSM 2.1.1 and 2.1.2
•
Global UUID Pools can’t be easily adopted for existing workload
•
Domain Group Re-assignment based on DG Policy now requires “Re-evaluate Membership”
•
Server Pool members are not masked by RBAC
•
Fault Summary occasionally goes blank
•
Host FW and Maintenance Policies now under “Orgs” instead of DG’s (some backward compatibility issues exist)
•
VLANs can appear unreferenced
•
Default FCoE VLAN is “1” (VHBAs won’t configure, since VLAN conflicts with “default”)
•
VLANs and VSANs may persist locally, even if domain is de-registered
•
Local backups will not have global references
•
Moving objects from Local to Global mode (or back) is not supported
•
SDK programmability is a work in progress
© 2010 Cisco and/or its affiliates. All rights reserved.
Cisco Confidential
17
• The UCS Community Space
https://communities.cisco.com/ucs
• UCS Central Release Notes
http://www.cisco.com/en/US/products/ps12502/prod_installation_guides_list.html
• The UCS Central Best Practice Guide
https://communities.cisco.com/docs/DOC-35264
• The UCS Platform Emulator
http://developer.cisco.com/web/unifiedcomputing/ucsemulatordownload
© 2010 Cisco and/or its affiliates. All rights reserved.
Cisco Confidential
18
•
Be Conservative
•
Create a Test/Dev Sandbox, using PE’s to get comfortable
o PE’s can even be populated from live UCSM configs
•
UCS Central is the most important and ambitious product
since UCS Manager itself
With Great Power Comes Great Responsibility
Please Be Careful
© 2010 Cisco and/or its affiliates. All rights reserved.
Cisco Confidential
19
Thank you.
Related documents
WWW+Internet+networking - Edulink
WWW+Internet+networking - Edulink
IoT EBC Deck - Cisco Communities
IoT EBC Deck - Cisco Communities
7 Survival Skills - 21st Century Schools
7 Survival Skills - 21st Century Schools
AIR-CAP3702E-EK910
AIR-CAP3702E-EK910
SPN-5300-K9
SPN-5300-K9
Import-Module CiscoUcsPs
Import-Module CiscoUcsPs
Building Mission Critical Cloud Infrastructure: Lessons
Building Mission Critical Cloud Infrastructure: Lessons
if not using preferred method of corporate MPLS circuits
if not using preferred method of corporate MPLS circuits
Cisco and Qualcomm offer the latest in Carrier Grade Wi
Cisco and Qualcomm offer the latest in Carrier Grade Wi
Developer Sessions
Developer Sessions
What is the UCS differentiator
What is the UCS differentiator
Download