The documentation set for this product strives to use bias-free language. For the purposes of this documentation set, bias-free is defined as language that does not imply discrimination based on age, disability, gender, racial identity, ethnic identity, sexual orientation, socioeconomic status, and intersectionality. Exceptions may be present in the documentation due to language that is hardcoded in the user interfaces of the product software, language used based on RFP documentation, or language that is used by a referenced third-party product. Learn more about how Cisco is using Inclusive Language.
This chapter provides basic information about Virtual Network Management Center (VNMC) and the VNMC CLI.
This chapter includes the following sections:
•Information About the VNMC CLI
This section contains information about the VNMC.
•VNMC
VNMC is a virtual appliance, based on Red Hat Enterprise Linux (RHEL), that provides centralized device and security policy management of the Cisco Virtual Security Gateway (VSG) and Cisco ASA 1000V Cloud Firewall.
VSG is a virtual firewall appliance for the Cisco Nexus 1000V Series switch. VSG provides trusted access to virtual data center and cloud environments. VSG enables a broad set of multi tenant workloads that have varied security profiles to share a common compute infrastructure in a virtual data center private cloud or in a public cloud. By associating one or more virtual machines (VMs) into distinct trust zones, VSG ensures that access to trust zones is controlled and monitored through established security policies.
ASA 1000V is a virtual appliance that was developed using the ASA infrastructure to secure the tenant edge in multi tenant environments with Nexus 1000V deployments. It provides edge features and functionality (including site-to-site VPN, NAT, and DHCP), acts as a default gateway, and secures the VMs within the tenant against any network-based attacks.
Designed for multi tenant operation, VNMC provides seamless, scalable, and automation-centric management for virtualized data center and cloud environments. With a web-based GUI, CLI, and XML APIs, VNMC allows you to manage VSGs and ASA 1000Vs that are deployed throughout the data center from a centralized location.
Multi tenancy refers to the architectural principle, where a single instance of the software runs on a Software-as-a-Service (SaaS) server, serving multiple client organizations or tenants. Multi tenancy is contrasted with a multi-instance architecture, where separate software instances are set up for different client organizations. With a multi tenant architecture, a software application is designed to virtually partition data and configurations, so that each tenant works with a customized virtual application instance.
VNMC is built on an information model-driven architecture, where each managed device is represented by its subcomponents. This architecture enables VNMC to provide greater agility and simplification for securing multi tenant infrastructure.
VNMC communicates with vCenter, VSM, ASA 1000V, and VSG over a management VLAN.
|
|
---|---|
|
|
One virtual CPU |
1.5 GHz |
Memory |
3 GB RAM |
Disk space |
25 GB on a shared network file storage (NFS) or a storage area network (SAN) if VNMC is deployed in a high availability (HA) cluster |
Management interface |
One management network interface |
Processor |
x86 Intel or AMD server with 64-bit processor listed in the VMware compatibility matrix |
|
|
VMware vSphere |
Release 4.1 or 5.0 with VMware ESX or ESXi (English only) |
VMware vCenter |
Release 4.1 or 5.0 (English only) |
|
|
HTTP/HTTPS |
— |
Lightweight Directory Access Protocol (LDAP) |
— |
|
|
Intel Virtualization Technology (VT) |
Enabled in the BIOS |
|
|
Browser |
Any of the following: •Internet Explorer 9.0 •Mozilla Firefox 11.01 •Chrome 18.02 |
Flash Player |
Adobe Flash Player plugin (version 11.2) |
|
|
80 |
HTTP |
443 |
HTTPS |
843 |
Adobe Flash |
1 We recommend Mozilla Firefox 11.0 with Adobe Flash Player 11.2. 2 Before you can use Chrome with VNMC 2.0, you must first disable the Adobe Flash Players that are installed by default with Chrome. For more information, see Configuring Chrome for Use with VNMC. |
Table 1 provides the list of requirements for Cisco VNMC.
To use Chrome with VNMC 2.0, you must disable the Adobe Flash Players that are installed by default with Chrome.
Note You must perform this procedure each time your client machine reboots. Chrome automatically enables the Adobe Flash Players when the system on which it is running reboots.
To disable default Adobe Flash Players in Chrome:
Step 1 In the Chrome URL field, enter chrome://plugins.
Step 2 Click Details.
Step 3 Locate the Flash player plugins, and disable each one.
Step 4 Download and install Adobe Flash player version 11.3.300.265.
Step 5 Close and reopen Chrome before logging into VNMC 2.0.
This section contains information about the VNMC CLIs.
This section includes the following topics:
You can access the CLI, using one of the following ways:
•Using the VSphere Client to Access the VNMC CLI
•Using SSH to Access the VNMC CLI
To access the VNMC CLI from within the vSphere Client:
Step 1 Choose Home > Inventory > Hosts and Clusters.
Step 2 From the pane on the left side, choose VNMC VM.
Step 3 Click the Console tab to access the VNMC CLI.
Step 4 Login as admin with the VNMC Password specified at VNMC installation time.
Example
hostname login: admin
Password: MyPassword
You can use SSH to access the VNMC CLI.
To access the VNMC CLI from SSH:
Step 1 Enter the command
ssh admin@VNMC-IP
where VNMC-IP is your VNMC IP address.
Step 2 When the following prompt appears, enter your VNMC administrator password.
admin@VNMC-IP's password:
Step 3 (Optional) If you are asked for confirmation to save your VNMC IP to ssh known_hosts, enter yes.
This example shows how to access the VNMC CLI using SSH:
$ ssh admin@172.25.97.246
admin@172.25.97.246's password:
Last login: Fri Aug 10 20:49:15 2012 from 171.69.222.221
Logged in from 171.69.154.246
Cisco Virtual Network Management Center
TAC support: http://www.cisco.com/tac
Copyright (c) 2002-2012, Cisco Systems, Inc. All rights reserved.
The copyrights to certain works contained in this software are
owned by other third parties and used and distributed under
license. Certain components of this software are licensed under
the GNU General Public License (GPL) version 2.0 or the GNU
Lesser General Public License (LGPL) Version 2.1. A copy of each
such license is available at
http://www.opensource.org/licenses/gpl-2.0.php and
http://www.opensource.org/licenses/lgpl-2.1.php
host-name#
An important component of the VNMC is the CLI. With it, you can perform the following tasks:
•Restore VNMC to full state of the VNMC without having to reinstall.
•Collect the technical support data and copy it to a file.
•Change the hostname.
•Change the management interface IP settings.
•Configure VNMC device profiles.
•Create VNMC system policies.
•Create backups and import/export services.
VNMC contains six sub-CLIs. You use all six sub-CLIs to manage VNMC. The CLIs are as follows:
•Management controller—This is the default CLI. The command prompt is host-name#. Use this CLI to perform the following tasks:
host-name#
commit-buffer Commit transaction buffer
connect Connect to another CLI
discard-buffer Discard transaction buffer
exit Exit from command interpreter
scope Changes the current mode
show Show system information
terminal Terminal
top Go to the top mode
where Show information about the current mode
host-name# show
cli CLI Information
clock Clock
configuration Configuration
network-interface VM IP interface
system Systems
version Version of installed applications
•Local management—This is the local management CLI. The command prompt is
host-name(local-mgmt)#. Use this CLI to perform the following tasks:
host-name(local-mgmt)#
connect Connect to another CLI
copy Copy a file
delete Delete a file
dir Show content of dir
exit Exit from command interpreter
modify Modify the shared secret on service registry
ping Ping
reboot Perform system reboot
restore Restore the VM
service Control services
show Show system information
terminal Terminal
top Go to the top mode
Update Update the system using the specified image
host-name(local-mgmt)# connect
local-mgmt Local-mgmt
policy-mgr Policy-mgr
resource-mgr Resource-mgr
service-reg Service-reg
vm-mgr Vm-mgr
host-name(local-mgmt)# show
cli CLI Information
clock Clock
tech-support Show tech support
update-history show update system image history
version Version of installed applications
•Policy manager—This is the policy manager CLI. The command prompt is host-name(policy-mgr)#. Use this CLI to perform the following tasks:
host-name(policy-mgr)#
commit-buffer Commit transaction buffer
connect Connect to Another CLI
discard-buffer Discard transaction buffer
exit Exit from command interpreter
scope Changes the current mode
show Show system information
terminal Terminal
top Go to the top mode
where Show information about the current mode
host-name(policy-mgr)# connect
policy-mgr Policy-mgr
resource-mgr Resource-mgr
service-reg Service-reg
vm-mgr Vm-mgr
host-name(policy-mgr)# scope
monitoring Monitor the system
org Organizations
host-name(policy-mgr)# show
cli CLI Information
configuration Configuration
org Organizations
timezone Set timezone
version Version of installed applications
•Resource manager—This is the resource manager CLI. The command prompt is host-name(resource-mgr)#. Use this CLI to perform the following tasks:
host-name(resource-mgr)#
commit-buffer Commit transaction buffer
connect Connect to Another CLI
discard-buffer Discard transaction buffer
exit Exit from command interpreter
scope Changes the current mode
show Show system information
terminal Terminal
top Go to the top mode
where Show information about the current mode
host-name(resource-mgr)# connect
policy-mgr Policy-mgr
resource-mgr Resource-mgr
service-reg Service-reg
vm-mgr Vm-mgr
host-name(resource-mgr)# scope
monitoring Monitor the system
host-name(resource-mgr)# show
cli CLI Information
configuration Configuration
version Version of installed applications
•Service registry—This is the service registry CLI. The command prompt is host-name(service-reg)#. Use this CLI to perform the following tasks:
host-name(service-reg)#
acknowledge Acknowledge
commit-buffer Commit transaction buffer
connect Connect to Another CLI
discard-buffer Discard transaction buffer
exit Exit from command interpreter
scope Changes the current mode
show Show system information
terminal Terminal
top Go to the top mode
where Show information about the current mode
host-name(service-reg)# connect
policy-mgr Policy-mgr
resource-mgr Resource-mgr
service-reg Service-reg
vm-mgr Vm-mgr
host-name(service-reg)# scope
monitoring Monitor the system
host-name(service-reg)# show
cli CLI Information
clients Show registered clients
configuration Configuration
controllers Show registered controllers
fault Fault
providers Show registered providers
version Version of installed applications
•Virtual machine manager—This is the virtual machine manager CLI. The command prompt is host-name(vm-mgr)#. Use this CLI to perform the following tasks:
host-name(vm-mgr)#
commit-buffer Commit transaction buffer
connect Connect to Another CLI
discard-buffer Discard transaction buffer
exit Exit from command interpreter
scope Changes the current mode
show Show system information
terminal Terminal
top Go to the top mode
where Show information about the current mode
host-name(vm-mgr)# connect
policy-mgr Policy-mgr
resource-mgr Resource-mgr
service-reg Service-reg
vm-mgr Vm-mgr
host-name(vm-mgr)# scope
monitoring Monitor the system
host-name(vm-mgr)# show
cli CLI Information
configuration Configuration
version Version of installed applications
The basic commands for the VNMC CLIs are as follows:
•commit-buffer—Saves the configuration.
commit-buffer can be used with the optional keyword verify-only. When you execute commit-buffer verify-only the configuration is not saved, just verified.
•connect—Connects to other CLIs.
•discard-buffer—Deletes the configuration.
•enter—Creates an object and places you in a mode.
•exit—Exits modes, CLIs, and the default CLI.
•scope—Places you in a mode.
•show—Displays information.
•top—Places you in management controller mode.
•where—Shows you where you are at in the VNMC CLI.
•?—Displays the commands available in the mode.
•>—Redirects show commands to a file.
•>>—Redirect show commands to a file in append mode.
•|—Pipes show command output to a filter.