Cisco WebEx Meetings Server Administration Guide Release 2.0
Deploying a System Manually
Downloads: This chapterpdf (PDF - 1.3MB) The complete bookPDF (PDF - 3.85MB) | The complete bookePub (ePub - 1.48MB) | Feedback

Deploying a System Manually

Contents

Deploying a System Manually

General Concepts for System Deployment

System Sizes

Systems are identified by the number of concurrent users supported:

  • 50 concurrent users (also known as a micro system)

    • Typically supports a company between 500 and 1000 employees

    • Primary system [(without High Availability (HA)] comprises an Admin virtual machine and an optional Internet Reverse Proxy (for public access)

  • 250 concurrent users (also known as a small system)

    • Typically supports a company between 2500 and 5000 employees

    • Primary system (without HA) comprises an Admin virtual machine, a Media virtual machine, and an optional Internet Reverse Proxy (for public access)

  • 800 concurrent users (also known as a medium system)

    • Typically supports a company between 8000 and 16,000 employees

    • Primary system (without HA) comprises an Admin virtual machine, a Media virtual machine, and an optional Internet Reverse Proxy (for public access)

  • 2000 concurrent users (also known as a large system)

    • Typically supports a company between 20,000 and 40,000 employees

    • Primary system (without HA) comprises an Admin virtual machine, 3 Media virtual machines, 2 Web machines, and an optional Internet Reverse Proxy (for public access)

Terms Used During the Deployment

WebEx Site URL—a secure http URL for users to host and attend meetings in a single-data center environment.

WebEx Administration URL—Secure http URL for administrators to configure, monitor, and manage the system in a single-data center environment.

Public VIP—virtual IP address for the WebEx site URL.

Private VIP—virtual IP address for the Administration site URL or the virtual IP address for the WebEx site URL (for internal users only, if you have a split-horizon DNS).

WebEx Common URL—used by the DNS to redirect the user to the data center where the user performs meeting-related tasks, such as scheduling or hosting meetings. Which data center DNS chooses is transparent to the user. The WebEx Common URL is simply a convenient location for a user to enter the system. If a data center goes down, nothing changes for the user, including the URL used to access meetings, because the DNS will redirect the user to the surviving data center.

Administration Common URL—is often referenced as simply the Administration URL. It is used by the DNS to redirect an administrator to the management data center to where the administrator logs into the system. Which data center the DNS chooses is transparent to the administrator (however, the string in the URL bar changes depending on which data center the administrator is using to access the system). The Administration Common URL is simply a convenient target an administrator uses to enter the system.

Local URLs that are specific to each data center.

Installation Checklist

Restriction:

You must use VMware vCenter to manage the ESXi hosts on which the Cisco WebEx Meetings Server system is deployed.

Networking Changes

See the appropriate networking checklist for your deployment. Consider the following:
  • Public access: whether or not users external to your firewall, can host and access meetings from the Internet or mobile devices.

    Cisco recommends public access as it results in a better user experience for your mobile workforce.

  • Type of DNS setup at your company: split-horizon DNS or a non-split horizon DNS (most common DNS configuration). For more information about DNS setup, see the Cisco WebEx Meetings Server Planning Guide.

  • Open port 10200 from the administrator desktop to the Admin virtual machine. Port 10200 is used by the web browser during the deployment.

Select the appropriate checklist for your deployment:

Required Information

The required information varies if you are doing an automatic deployment (supported for 50 concurrent users, 250 concurrent users, and 800 concurrent users) systems or manual deployment (supported for all system sizes). We recommend that you select an automatic deployment unless you are deploying a 2000-user system that always requires a manual deployment.

Select the appropriate checklist for your deployment type:

Required Information For a Manual Deployment

In a manual deployment, you create all the virtual machines for your system using the OVA wizard from your vSphere client. You then install your system using a manual deployment.

You must choose a manual deployment if you are deploying a 2000 user system.


Note


Be sure to add the virtual machine FQDNs, IP addresses, WebEx and Administration site URLs, and VIP addresses to your DNS servers before you start the system deployment. We will use this information to check network connectivity at the end of the deployment.

To avoid any DNS issues, you may want to test these URLs and IP addresses before you start the OVA deployment. Otherwise, the system deployment will fail until you correct these errors.


This is the information required for your system, in order.

Field Name Description Value For Your System

Public VIP

IP address for the WebEx site URL (site users access to host and attend meetings)

 

Private VIP

  • IP address for the Administration site URL (for administrators to configure, monitor, and manage the system)

  • IP address for the WebEx site URL (for internal users only, if you have a split-horizon DNS).

 

WebEx Site URL

Secure http URL (all lowercase characters) for users to host and attend meetings.

 

WebEx Administration URL

Secure http URL (all lowercase characters) for administrators to configure, monitor, and manage the system.

 
FQDN for the internal virtual machines

Depending on the system size you selected, the fully qualified domain name (all lowercase characters) of the media and web virtual machines.

 

(Public access only)

FQDN of the Internet Reverse Proxy

If you plan to add public access, then you need to enter the fully qualified domain name (all lowercase characters) of the Internet Reverse Proxy virtual machine.

 

What To Do Next

With this information, start the system deployment by entering the deployment URL in a browser window. (The deployment URL is written in the console window for the Admin virtual machine.)


Note


If the system is rebooted before the configuration is complete, a new passcode is generated and you must use the deployment URL with the new passcode.


Deploying the OVA File From the VMware vSphere Client

Before deploying your system, you must use the VMware vSphere client to deploy the Admin virtual machine for your system.


Note


The following procedure is provided as a general guidance. The exact screens you see during the OVA deployment depends upon your vCenter, storage, and networking configuration, and might be slightly different from this procedure. See your VMware vSphere documentation for complete information on the OVA wizard.


Before You Begin

Obtain the Cisco WebEx Meetings Server OVA file for your system and place it in a location that is accessible from VMware vSphere.

You must use VMware vCenter to manage the ESXi hosts on which the Cisco WebEx Meetings Server system is deployed. Using the vSphere client, sign in to vCenter and deploy the OVA file for the Admin virtual machine.

Procedure
    Step 1   Sign in to your VMware vSphere client.

    Be sure to sign in as a user that includes administrator privileges: to deploy, configure, power on or off, and delete virtual machines.

    Step 2   Select File > Deploy OVF Template...
    Step 3   Select Browse to navigate to the location of the OVA file. Select Next.

    You can select the Cisco WebEx Meetings Server link to go to a Web page with detailed information about this system.

    Step 4   Read the End User License Agreement and select Accept, then select Next.
    Step 5   Navigate to and select the location in the vCenter inventory where you want to place the Admin virtual machine.
    Step 6   Enter the name of the virtual machine for your system size and select Next. For more information on selecting the correct size for your company, see System Sizes.

    You must deploy the Admin virtual machine before deploying any other virtual machines. If you select automatic deployment (recommended), we deploy the other virtual machines for you. If you choose manual deployment (required for a 2000 concurrent users system), then after deploying the Admin virtual machine, you must deploy the other virtual machines by using this same wizard.

    Cisco recommends you include the type in the virtual machine name; for example, include "Admin" in your Admin virtual machine name to easily identify it in your vCenter inventory.

    All the internal virtual machines for your system must be in the same subnet as the Admin virtual machine. (Depending on the system size you select, you might need one or more media and web internal virtual machines.)

    Step 7   From the drop-down list, select the virtual machine for your system size and select Next.

    Be sure to deploy the Admin virtual machine before any other virtual machines in your system.

    Step 8   Navigate through the vCenter inventory and select the ESXi host or cluster where you want to deploy the virtual machines for your system. Select Next.
    Step 9   If the cluster contains a resource pool, select the resource pool where you want to deploy the OVA template and select Next.

    Resource pools share CPU and memory resources or to work with VMware features such as DRS or vMotion. Resource pools must be dedicated to a single ESXi Host. VMware resource pools are not recommended for use with Cisco WebEx Meetings Server.

    Step 10   Select the datastore for your virtual machine and the kind of provisioning for your virtual machine.

    You must select Thick Provisioning and create the maximum virtual disk space required for your system. With Thin Provisioning, VMware allocates the file system space on an as-needed basis that can result in poor performance. Lazy zero is sufficient and eager zero is acceptable, but eager zero will take more time to complete.

    Step 11   Set up network mapping. For each source network, select a destination network from the drop-down list in the Destination Networks column. Select Next.
    Note   

    Both the VM Network and the VIP Network must be mapped to the same value in the Destination Network column. You can ignore the warning message about multiple source networks mapped to the same host network.

    Step 12   Enter the following information for the virtual machine, then select Next:
    • Hostname of the virtual machine (do not include the domain here)

    • Domain for the virtual machine

    • IPv4 address (Eth0) of the virtual machine

    • Subnet mask of the virtual machine

    • Gateway IP address

    • Primary DNS server that contains entries for the hostname and IP address of this virtual machine

    • Secondary DNS server that contains entries for the hostname and IP address of this virtual machine (A system with only one DNS server configured is at risk, because it creates a single point-of-failure. We recommend that you configure a secondary DNS server to create network redundancy.)

    • Language displayed during the install process, following the power on of this virtual machine

    Note   

    To avoid DNS issues, you can test the URLs and IP addresses before you start the OVA deployment. The deployment will fail if there are errors.

    Step 13   Confirm the information that you have entered. If there are any mistakes, select Back and change the values.
    Step 14   If you are manually upgrading a system, select Finish, skip the balance of this procedure and continue with the next step in Upgrading the System Manually. (Copying data from the original system to the upgrade system by using manual deployment should be performed after the upgraded system is deployed, but not yet powered on.) Otherwise, check Power on after deployment and select Finish.
    Step 15   If you are deploying an Admin virtual machine, go to vCenter and open a console window for the virtual machine. Once it powers on, we will check the networking information you entered during the OVA deployment.

    If we are able to confirm connectivity, a green checkmark appears.

    If there is a problem, a red X appears. Fix the error and re-attempt the OVA deployment.

    Step 16   Write down the case-sensitive URL displayed in the console window.

    An administrator uses this URL to continue the system deployment.

    If the system is re-booted before the configuration is complete, a new passcode is generated and you must use the URL with the new passcode.


    What to Do Next

    If you are performing a manual deployment, we recommend that you deploy the rest of the virtual machines for your system at this time. This avoids any issues such as time outs when powering on virtual machines.

    If the deployment is successful, continue with system deployment in a browser window.

    If the deployment failed, see Checking Your Networking Configuration After a Failed OVA Deployment.

    Checking Your Networking Configuration After a Failed OVA Deployment

    Confirm the networking entries for the virtual machine.

    Important:

    Do not use Edit Settings... for any of the virtual machines in your system, other than after a failed deployment. Once the system is up and running, you must use the WebEx Administration site to make any further edits to virtual machine settings. If you use your vSphere client, those changes will not be accepted by the system.


    Note


    For detailed steps, see your VMware vSphere documentation.


    Procedure
      Step 1   In the vSphere client, select Power > Shut Down Guest on the virtual machine.
      Step 2   Find the virtual machine in the Inventory and right-click Edit settings....
      Step 3   Select the Options tab.
      Step 4   Select Properties and confirm that all the networking information has been entered correctly. If any changes are required, redeploy the OVA with the correct settings.

      One possible networking issue is that the VLAN routing is not set up correctly for the ESXi host. Because the virtual machine is on that VLAN, the virtual machine won't have network connectivity. From the network where the ESXi host resides, you should be able to ping the default gateway IP address of the VLAN you will be using for the virtual machines in your system.


      Selecting Your Language for Setup

      Determine your preferred language for setting up the system.


      Note


      Do not close this browser window until the system deployment is complete. If you close the browser early, it might be necessary to restart the deployment.

      CWMS System is the default name of the data center after an upgrade to version 2.5; it is not translated from English in any of the other languages.


      Before You Begin

      Be sure you have deployed the Admin virtual machine from VMware vCenter. See Deploying the OVA File From the VMware vSphere Client

      Procedure
        Step 1   Select the language from the drop-down menu.
        Step 2   Select Next.

        Confirming the Deployment

        To confirm that you are deploying a new system or expanding an existing system, select Next.

        Confirming the Size of Your System

        You selected the size of your system when you deployed the Admin virtual machine by using the OVA file.

        • Confirm that the system size you selected during the OVA deployment is correct.

          • If the system size you selected is correct, then select Next.
          • If the system size you selected is incorrect, then select I want to change System Size.
          1. Using your VMware vSphere client, select Power > Shut Down Guest for the Admin virtual machine with the incorrect system size.
          2. Right-click the virtual machine and select Delete from Disk.
          3. Redeploy the OVA file and select the Admin virtual machine for the correct system size.

        Choosing What System to Install

        Procedure
          Step 1   Determine the type of installation.
          • If you are installing this system for the first time, then choose Install a primary system.
          • If you have installed a primary system are adding a redundant High Availability (HA) system, then choose Create a High Availability (HA) redundant system.

          Do not attempt install a HA system before installing the primary system, as you cannot use the HA system unless the primary system has first been installed.

          Step 2   Select Next.

          Choosing the Type of Deployment

          You can choose automatic or manual deployment of the system virtual machines. Your choice of automatic or manual deployment depends upon the following:

          • If you have time constraints, an automatic deployment is faster than a manual deployment.

          • If you prefer step-by-step guidance, this guidance is provided during an automatic deployment.

          • If you are familiar with VMware vCenter and do not want to provide us your vCenter credentials, select manual deployment.

          We recommend that you select Automatic unless you are deploying a 2000-user system that always requires a manual deployment.

          Procedure
            Step 1   Select automatic or manual deployment:
            • Automatic: We deploy all the virtual machines required for your system.

            • Manual: You manually deploy each virtual machine by using VMware vCenter. After answering a few questions about your system, you are provided with a list of the virtual machines required for your system.

            Step 2   Select Next.

            Adding Public Access

            If you add public access by using IRP, users outside the firewall can host or attend meetings from the Internet or mobile devices. IRP virtual machines can be added to a system at any time. To prevent external access, all IRP virtual machines must be removed from a system.

            For security reasons, we recommend that you locate the Internet Reverse Proxy on a subnet different from the subnet occupied by the Administration virtual machine. This ensures network level isolation between the Internet Reverse Proxy and your internal (Admin and media, if applicable) virtual machines.

            Before You Begin

            It is not necessary to connect your storage server to an Internet Reverse Proxy (IRP) server.

            If there is a firewall between the Administration virtual machines and the IRP virtual machines, the temporary IP address must be allowed through the firewall.

            Procedure
              Step 1   Choose whether or not external users can host or attend meetings.
              • If you want to add public access, confirm that Create an Internet Reverse Proxy virtual machine is selected.
              • If you want only internal users (those behind the company firewall) to host or attend meetings, then deselect Create an Internet Reverse Proxy virtual machine.
              Step 2   Select Next.

              What to Do Next

              Choosing vCenter Settings for Internet Reverse Proxy (IRP)

              Before You Begin

              Verify that the firewall ports required by VMware vCenter are open so that vCenter can deploy the Internet Reverse Proxy (IRP) virtual machine. For more information on the required firewall ports, see the Cisco WebEx Meetings Server Planning Guide.

              Procedure
                Step 1   From the drop-down list, choose the ESXi host for the IRP virtual machine.
                Step 2   Choose the datastore for the IRP.
                Step 3   Choose the virtual machine port group.
                Step 4   Select Next.

                Entering Networking Information for the Internet Reverse Proxy (IRP)

                Procedure
                  Step 1   Enter the hostname and IP address of Internet Reverse Proxy (IRP) servers in your DNS to enable lookup from an external network. If you have DNS servers that enable look up from internal networks, add the hostname and the IP address of the IRP servers into these DNS servers as well. This enables a secure connection between your internal virtual machines and the IRP servers.
                  Step 2   Enter the following:

                  If you entered the hostname and IP address of the Internet Reverse Proxy virtual machine in your DNS servers, then we will look up and populate the Ipv4 Address field.

                  • Fully qualified domain name (FQDN)
                  • IPv4 gateway

                  • IPv4 subnet mask

                  • Primary DNS server IPv4 address

                  • (Optional) Secondary DNS server IPv4 address

                  Step 3   Select Next.

                  Entering the Public VIP Address

                  • This public VIP address must be visible from both the Internet and the internal network (split-horizon DNS only).

                  • This public VIP address must be on the same subnet as the Internet Reverse proxy.

                  • If you do not have a split-horizon DNS, then all users use the Public VIP address to host and attend meetings.

                  • If you have a split-horizon DNS, and added public access, then external users use the Public VIP address to host and attend meetings.

                  For more information on non-split horizon and split-horizon DNS, and public access, see the Cisco WebEx Meetings Server Planning Guide.


                  Note


                  If you are creating a High Availability (HA) system, you do not need to reenter this information, as we will use the information you entered for the primary system.


                  • Enter the public VIP IPv4 address and select Next.

                  Entering the Private VIP Address

                  Administrators configure, monitor, and maintain the system from the Administration site URL that maps to the private VIP address.

                  If you have a split-horizon DNS, then internal users also use the Private VIP address to host and attend meetings.

                  If you are adding a High Availability (HA) system, you do not need to reenter this information; we will use the information you entered for the primary system.

                  Before You Begin

                  The private virtual IP (VIP) address must be on the same subnet as your internal (Admin and Media, if applicable) virtual machines.

                  • Enter the IPv4 private VIP address and select Next.

                  WebEx Site and WebEx Administration URLs

                  WebEx Site URL

                  Users access the WebEx site URL to schedule, host, or attend meetings. This URL resolves to either the private VIP address or the public VIP address, depending on whether or not you are using a split-horizon DNS.

                  • Resolves to the public VIP address for all users, when you do not have split-horizon DNS.

                  • Resolves to the public VIP address for external users when you have split-horizon DNS.

                  • Resolves to the private VIP address for internal users when you have split-horizon DNS.


                  Note


                  Ports 80 and 443 must be open for the WebEx site URL.


                  WebEx Administration URL

                  Administrators access the WebEx Administration URL to configure, manage, and monitor the system. This URL resolves to the private VIP address.


                  Note


                  Ports 80 and 443 must be open for the WebEx Administration URL.


                  Names for the WebEx Site and WebEx Administration URLs

                  You may choose almost any names for these URLs, comprising all lowercase characters. However, you cannot use the following as the hostname in the URLs:

                  • the same name as the hostnames for any of the virtual machines in the system

                  • authentication

                  • client

                  • companylogo

                  • dispatcher

                  • docs

                  • elm-admin

                  • elm-client-services

                  • emails

                  • maintenance

                  • manager

                  • orion

                  • oriondata

                  • oriontemp

                  • nbr

                  • npp

                  • probe

                  • reminder

                  • ROOT

                  • solr

                  • TomcatROOT

                  • upgradeserver

                  • url0107ld

                  • version

                  • WBXService

                  • webex

                  Entering the WebEx Common Site and Administration Site URLs

                  The Common Site URL allows users to schedule and host meetings, and access meeting recordings. The Administration Site URL provides management of the system. If you are adding a High Availability (HA) system, it is not necessary to reenter this information; the primary system URLs should match the HA system URLs. (See General Concepts for System Deployment for descriptions of the URLs.)

                  Procedure
                    Step 1   Enter the WebEx Common Site and WebEx Administration Site secure (https) URLs.

                    The WebEx Common Site URL must be different from the WebEx Administration URL.

                    Do not reuse the hostnames of the virtual machines in the hostname portion of the WebEx URLs.

                    Step 2   Select Next.

                    Confirming that the Network is Configured Correctly

                    This screen provides links to online help for the networking changes required for your system. The online help provides details on DNS server changes as well as firewall settings.

                    You must make the DNS server and firewall changes that allow us to test network connectivity.

                    If you have not done so already, complete the networking configuration and select Next.

                    If you are testing an automatic deployment, we deploy the virtual machines required for your system when you select Next.

                    If you are testing a manual deployment, enter the hostnames for your virtual machines and deploy them (if you have not deployed them already).

                    When the deployment is complete, test them by powering them on and verifying that all the virtual machines powered on successfully.

                    Deploying Virtual Machines

                    After providing information about the virtual machines in the system, we will attempt to connect to each of the virtual machines deployed for your system.

                    Note


                    Do not leave this page until the system has connected to all the virtual machines, or the connection failed with error messages indicating the problem.


                    Procedure
                      Step 1   Enter the fully qualified domain names (FQDNs) for any additional virtual machines required for your system. (You entered the Admin virtual machine FQDN earlier, when you deployed it from the OVA file.)
                      Step 2   If you have not done so already, using VMware vCenter, deploy all the additional virtual machines required for the system.
                      Step 3   Power on all these virtual machines and verify that they powered on successfully. Then select Detect virtual machines.

                      We establish connections to these virtual machines. This might take several minutes.

                      Step 4   Wait until a Connected status is displayed for each the virtual machine, then complete one of the following:
                      • If there are no errors, the status shows all green checks. If you are satisfied with the configuration so far, select Next. Otherwise, you can change the FQDNs of the virtual machines by again selecting Detect virtual machines.
                      • If you see errors, fix the errors and select Next to continue.
                        Note   

                        You can select Download log file to obtain the log file for this deployment, providing a record that can be used to troubleshoot a failed deployment.

                      • If there are other problems with one or more of the virtual machines, from the VMware vCenter power off the virtual machines with errors and manually delete them. (If you do not delete them, you might see error messages regarding these virtual machines.) After fixing the problems, redeploy the virtual machines from the OVA file and select Detect virtual machines.

                      Checking the System

                      The system check verifies the configuration parameters of your system. This includes confirming that the virtual machines have the required minimum configuration, and validating the WebEx site and WebEx Administration URLs.

                      The system check takes several minutes to complete. Do not leave this page until all the checks have been completed successfully, or the system check fails and shows error messages indicating the problem.

                      If you reload the page before the checks are complete, you are returned to the first page of this system deployment. When the checks are completed successfully, the first page of configuration utility appears.

                      The Administration site URL used during the deployment process is the Administration virtual machine hostname. During basic configuration, the hostname is replaced with the Administration site URL. As a result, the first time you sign in to the Administration site, the system might prompt you to accept the certificate exception.

                      • Complete one of the following:

                        • If there are no errors and the status shows all green checks, select Next and continue with Configuring an Email (SMTP) Server. In rare cases, you might see Not tested. This does not mean that there are any problems with your virtual machines. It simply states that system checks were not completed; for example, the entry might display because there was a temporary loss of network connectivity. Once you complete the deployment, you can sign in to the Administration site and check these resources.
                        • If there is a problem with network connectivity, verify that the WebEx Site URL, Administration URL, and IP addresses are entered correctly. Verify that these sites are in the same subnet, and the parameters have been correctly entered in the DNS servers.
                        • If there are problems with your system meeting the minimum system capacity, you have two options:
                          • Power down all the virtual machines from VMware vCenter and manually delete them. Then retry the system deployment on a system with resources that meet or exceed the minimum requirements.

                          • Proceed with your current installation. If you do, you must acknowledge that you forgo the right to request technical support from Cisco. Confirm by checking the error message check box and select Next.

                        • If there are any problems with one or more of your virtual machines, power off the virtual machines with errors and manually delete them by using the VMware vCenter. Fix the issues and retry the system deployment.

                      • Select Continue to go to the basic configuration where you begin by setting up the mail server (Configuring an Email (SMTP) Server) and identifying an administrator (Creating Administrator Accounts). If another administrator will complete the basic configuration, send this URL to that administrator.