Cisco Virtual Network Management Center CLI Configuration Guide, Release 2.0
Overview
Downloads: This chapterpdf (PDF - 144.0KB) The complete bookPDF (PDF - 4.7MB) | Feedback

Overview

Table Of Contents

Overview

Information About VNMC

VNMC

System Requirement

Configuring Chrome for Use with VNMC

Information About the VNMC CLI

Accessing the VNMC CLI

Using the VSphere Client to Access the VNMC CLI

Using SSH to Access the VNMC CLI

Overview of the VNMC CLIs

VNMC CLIs Basic Commands


Overview


This chapter provides basic information about Virtual Network Management Center (VNMC) and the VNMC CLI.

This chapter includes the following sections:

Information About VNMC

Information About the VNMC CLI

Information About VNMC

This section contains information about the VNMC.

VNMC

System Requirement

VNMC

VNMC is a virtual appliance, based on Red Hat Enterprise Linux (RHEL), that provides centralized device and security policy management of the Cisco Virtual Security Gateway (VSG) and Cisco ASA 1000V Cloud Firewall.

VSG is a virtual firewall appliance for the Cisco Nexus 1000V Series switch. VSG provides trusted access to virtual data center and cloud environments. VSG enables a broad set of multi tenant workloads that have varied security profiles to share a common compute infrastructure in a virtual data center private cloud or in a public cloud. By associating one or more virtual machines (VMs) into distinct trust zones, VSG ensures that access to trust zones is controlled and monitored through established security policies.

ASA 1000V is a virtual appliance that was developed using the ASA infrastructure to secure the tenant edge in multi tenant environments with Nexus 1000V deployments. It provides edge features and functionality (including site-to-site VPN, NAT, and DHCP), acts as a default gateway, and secures the VMs within the tenant against any network-based attacks.

Designed for multi tenant operation, VNMC provides seamless, scalable, and automation-centric management for virtualized data center and cloud environments. With a web-based GUI, CLI, and XML APIs, VNMC allows you to manage VSGs and ASA 1000Vs that are deployed throughout the data center from a centralized location.

Multi tenancy refers to the architectural principle, where a single instance of the software runs on a Software-as-a-Service (SaaS) server, serving multiple client organizations or tenants. Multi tenancy is contrasted with a multi-instance architecture, where separate software instances are set up for different client organizations. With a multi tenant architecture, a software application is designed to virtually partition data and configurations, so that each tenant works with a customized virtual application instance.

VNMC is built on an information model-driven architecture, where each managed device is represented by its subcomponents. This architecture enables VNMC to provide greater agility and simplification for securing multi tenant infrastructure.

VNMC communicates with vCenter, VSM, ASA 1000V, and VSG over a management VLAN.

System Requirement

Table 1 Cisco VNMC Requirements  

Requirement
Description
Virtual Appliance

One virtual CPU

1.5 GHz

Memory

3 GB RAM

Disk space

25 GB on a shared network file storage (NFS) or a storage area network (SAN) if VNMC is deployed in a high availability (HA) cluster

Management interface

One management network interface

Processor

x86 Intel or AMD server with 64-bit processor listed in the VMware compatibility matrix

VMware

VMware vSphere

Release 4.1 or 5.0 with VMware ESX or ESXi (English only)

VMware vCenter

Release 4.1 or 5.0 (English only)

Interfaces and Protocols

HTTP/HTTPS

Lightweight Directory Access Protocol (LDAP)

Intel VT

Intel Virtualization Technology (VT)

Enabled in the BIOS

Web-Based GUI Client Requirements

Browser

Any of the following:

Internet Explorer 9.0

Mozilla Firefox 11.01

Chrome 18.02

Flash Player

Adobe Flash Player plugin (version 11.2)

Firewall Ports Requiring Access

80

HTTP

443

HTTPS

843

Adobe Flash

1 We recommend Mozilla Firefox 11.0 with Adobe Flash Player 11.2.

2 Before you can use Chrome with VNMC 2.0, you must first disable the Adobe Flash Players that are installed by default with Chrome. For more information, see Configuring Chrome for Use with VNMC.


Table 1 provides the list of requirements for Cisco VNMC.

Configuring Chrome for Use with VNMC

To use Chrome with VNMC 2.0, you must disable the Adobe Flash Players that are installed by default with Chrome.


Note You must perform this procedure each time your client machine reboots. Chrome automatically enables the Adobe Flash Players when the system on which it is running reboots.


To disable default Adobe Flash Players in Chrome:


Step 1 In the Chrome URL field, enter chrome://plugins.

Step 2 Click Details.

Step 3 Locate the Flash player plugins, and disable each one.

Step 4 Download and install Adobe Flash player version 11.3.300.265.

Step 5 Close and reopen Chrome before logging into VNMC 2.0.


Information About the VNMC CLI

This section contains information about the VNMC CLIs.

This section includes the following topics:

Accessing the VNMC CLI

Overview of the VNMC CLIs

VNMC CLIs Basic Commands

Accessing the VNMC CLI

You can access the CLI, using one of the following ways:

Using the VSphere Client to Access the VNMC CLI

Using SSH to Access the VNMC CLI

Using the VSphere Client to Access the VNMC CLI

To access the VNMC CLI from within the vSphere Client:


Step 1 Choose Home > Inventory > Hosts and Clusters.

Step 2 From the pane on the left side, choose VNMC VM.

Step 3 Click the Console tab to access the VNMC CLI.

Step 4 Login as admin with the VNMC Password specified at VNMC installation time.

Example

hostname login: admin
Password: MyPassword

Using SSH to Access the VNMC CLI

You can use SSH to access the VNMC CLI.

To access the VNMC CLI from SSH:


Step 1 Enter the command

ssh admin@VNMC-IP
 
   

where VNMC-IP is your VNMC IP address.

Step 2 When the following prompt appears, enter your VNMC administrator password.

admin@VNMC-IP's password: 
 
   

Step 3 (Optional) If you are asked for confirmation to save your VNMC IP to ssh known_hosts, enter yes.


EXAMPLE

This example shows how to access the VNMC CLI using SSH:

$ ssh admin@172.25.97.246
admin@172.25.97.246's password: 
Last login: Fri Aug 10 20:49:15 2012 from 171.69.222.221
Logged in from 171.69.154.246
Cisco Virtual Network Management Center
TAC support: http://www.cisco.com/tac
Copyright (c) 2002-2012, Cisco Systems, Inc. All rights reserved.
The copyrights to certain works contained in this software are
owned by other third parties and used and distributed under
license. Certain components of this software are licensed under
the GNU General Public License (GPL) version 2.0 or the GNU
Lesser General Public License (LGPL) Version 2.1. A copy of each
such license is available at
http://www.opensource.org/licenses/gpl-2.0.php and
http://www.opensource.org/licenses/lgpl-2.1.php
 
   
host-name# 

Overview of the VNMC CLIs

An important component of the VNMC is the CLI. With it, you can perform the following tasks:

Restore VNMC to full state of the VNMC without having to reinstall.

Collect the technical support data and copy it to a file.

Change the hostname.

Change the management interface IP settings.

Configure VNMC device profiles.

Create VNMC system policies.

Create backups and import/export services.

VNMC contains six sub-CLIs. You use all six sub-CLIs to manage VNMC. The CLIs are as follows:

Management controller—This is the default CLI. The command prompt is host-name#. Use this CLI to perform the following tasks:

host-name# 
  commit-buffer   Commit transaction buffer 
  connect         Connect to another CLI 
  discard-buffer  Discard transaction buffer 
  exit            Exit from command interpreter 
  scope           Changes the current mode 
  show            Show system information 
  terminal        Terminal 
  top             Go to the top mode 
  where           Show information about the current mode 
 
   
host-name# show 
  cli                CLI Information 
  clock              Clock
  configuration      Configuration 
  network-interface  VM IP interface 
  system             Systems 
  version            Version of installed applications 
 
   

Local management—This is the local management CLI. The command prompt is
host-name(local-mgmt)#. Use this CLI to perform the following tasks:

host-name(local-mgmt)#
  connect      Connect to another CLI
  copy         Copy a file 
  delete       Delete a file 
  dir          Show content of dir
  exit         Exit from command interpreter
  modify       Modify the shared secret on service registry
  ping         Ping
  reboot       Perform system reboot
  restore      Restore the VM
  service      Control services
  show         Show system information
  terminal     Terminal
  top          Go to the top mode
  Update       Update the system using the specified image
 
   
host-name(local-mgmt)# connect 
  local-mgmt    Local-mgmt 
  policy-mgr    Policy-mgr 
  resource-mgr  Resource-mgr 
  service-reg   Service-reg 
  vm-mgr        Vm-mgr 
 
   
host-name(local-mgmt)# show 
  cli             CLI Information
  clock           Clock 
  tech-support    Show tech support
  update-history  show update system image history 
  version         Version of installed applications
 
   

Policy manager—This is the policy manager CLI. The command prompt is host-name(policy-mgr)#. Use this CLI to perform the following tasks:

host-name(policy-mgr)# 
  commit-buffer   Commit transaction buffer 
  connect         Connect to Another CLI 
  discard-buffer  Discard transaction buffer 
  exit            Exit from command interpreter 
  scope           Changes the current mode 
  show            Show system information 
  terminal        Terminal 
  top             Go to the top mode 
  where           Show information about the current mode 
 
   
host-name(policy-mgr)# connect 
  policy-mgr    Policy-mgr 
  resource-mgr  Resource-mgr 
  service-reg   Service-reg 
  vm-mgr        Vm-mgr 
 
   
host-name(policy-mgr)# scope 
  monitoring  Monitor the system 
  org         Organizations 
 
   
host-name(policy-mgr)# show 
  cli             CLI Information 
  configuration   Configuration 
  org             Organizations 
  timezone        Set timezone 
  version         Version of installed applications 
 
   

Resource manager—This is the resource manager CLI. The command prompt is host-name(resource-mgr)#. Use this CLI to perform the following tasks:

host-name(resource-mgr)# 
  commit-buffer   Commit transaction buffer 
  connect         Connect to Another CLI 
  discard-buffer  Discard transaction buffer 
  exit            Exit from command interpreter 
  scope           Changes the current mode 
  show            Show system information 
  terminal        Terminal 
  top             Go to the top mode 
  where           Show information about the current mode 
 
   
host-name(resource-mgr)# connect 
  policy-mgr    Policy-mgr 
  resource-mgr  Resource-mgr 
  service-reg   Service-reg 
  vm-mgr        Vm-mgr 
 
   
host-name(resource-mgr)# scope 
  monitoring  Monitor the system 
 
   
host-name(resource-mgr)# show 
  cli            CLI Information
  configuration  Configuration 
  version        Version of installed applications 
 
   

Service registry—This is the service registry CLI. The command prompt is host-name(service-reg)#. Use this CLI to perform the following tasks:

host-name(service-reg)# 
  acknowledge     Acknowledge 
  commit-buffer   Commit transaction buffer 
  connect         Connect to Another CLI 
  discard-buffer  Discard transaction buffer 
  exit            Exit from command interpreter 
  scope           Changes the current mode 
  show            Show system information 
  terminal        Terminal 
  top             Go to the top mode 
  where           Show information about the current mode 
 
   
host-name(service-reg)# connect 
  policy-mgr    Policy-mgr 
  resource-mgr  Resource-mgr 
  service-reg   Service-reg 
  vm-mgr        Vm-mgr 
 
   
host-name(service-reg)# scope 
  monitoring  Monitor the system 
 
   
host-name(service-reg)# show 
  cli            CLI Information 
  clients        Show registered clients 
  configuration  Configuration 
  controllers    Show registered controllers 
  fault          Fault 
  providers      Show registered providers 
  version        Version of installed applications 
 
   

Virtual machine manager—This is the virtual machine manager CLI. The command prompt is host-name(vm-mgr)#. Use this CLI to perform the following tasks:

host-name(vm-mgr)# 
  commit-buffer   Commit transaction buffer 
  connect         Connect to Another CLI 
  discard-buffer  Discard transaction buffer 
  exit            Exit from command interpreter 
  scope           Changes the current mode 
  show            Show system information 
  terminal        Terminal 
  top             Go to the top mode 
  where           Show information about the current mode 
 
   
host-name(vm-mgr)# connect 
  policy-mgr    Policy-mgr 
  resource-mgr  Resource-mgr 
  service-reg   Service-reg 
  vm-mgr        Vm-mgr 
 
   
host-name(vm-mgr)# scope 
  monitoring  Monitor the system 
 
   
host-name(vm-mgr)# show 
  cli           CLI Information 
  configuration Configuration 
  version       Version of installed applications 

VNMC CLIs Basic Commands

The basic commands for the VNMC CLIs are as follows:

commit-buffer—Saves the configuration.

commit-buffer can be used with the optional keyword verify-only. When you execute commit-buffer verify-only the configuration is not saved, just verified.

connect—Connects to other CLIs.

discard-buffer—Deletes the configuration.

enter—Creates an object and places you in a mode.

exit—Exits modes, CLIs, and the default CLI.

scope—Places you in a mode.

show—Displays information.

top—Places you in management controller mode.

where—Shows you where you are at in the VNMC CLI.

?—Displays the commands available in the mode.

>—Redirects show commands to a file.

>>—Redirect show commands to a file in append mode.

|—Pipes show command output to a filter.