Cisco Virtual Network Management Center GUI Configuration Guide, Release 2.0
Configuring Administrative Operations
Downloads: This chapterpdf (PDF - 564.0KB) The complete bookPDF (PDF - 3.96MB) | Feedback

Configuring Administrative Operations

Configuring Administrative Operations

This section includes the following topics:

Administrative Operation Conventions

The following conventions apply when performing the administrative operations described in this section:

  • The remote file location you specify must start with a slash (/) and include the full path and file name. Do not use relative paths.
  • The user name and password on the remote system must be correct, and the user specified must have read and write permissions on the remote system.
  • The file on the remote system must be a valid file, and the size cannot be zero.
  • For backup and export operations, if the Task tab contains a Remote Err Description of No such file, reboot the VNMC VM via vCenter.

Configuring Backup Operations

Creating a Backup Operation

Before You Begin

Obtain the backup server IP address or hostname and authentication credentials.

Procedure
    Step 1   Choose Administration > Operations > Backups.
    Step 2   Click Create Backup Operation.
    Step 3   In the Create Backup Operation dialog box, complete the following fields, then click OK:
    Field Description

    Admin State

    One of the following administrative states:

    • enabled—Backup is enabled. The system runs the backup operation when you click OK.
    • disabled—Backup is disabled. The system does not run the backup operation when you click OK. If you choose this option, all fields in the dialog box remain visible.

    Type

    Backup type.

    The backup creates a copy of the whole database file. You can use this file for disaster recovery if you need to recreate every configuration on your system. This field is not editable.

    Protocol

    Protocol used when communicating with the remote server:
    Note    Do not use TFTP for backup and restore operations.

    Hostname/IP Address

    Hostname or IP address of the device where the backup file is stored.

    This entry cannot be changed when editing the operation.

    Note    If you use a hostname instead of an IP address, you must configure a DNS server.

    User

    Username the system uses to log into the remote server.

    This field is not displayed if you select TFTP in the Protocol field.

    Password

    Password the system uses to log into the remote server.

    This field is displayed if you choose enabled in the Admin State field.

    This field is not displayed if you choose TFTP in the Protocol field.

    Note    VNMC does not store this password. You do not need to enter this password unless you intend to enable and run the backup operation immediately.

    Absolute Path Remote File

    Full path of the backup filename.

    This entry must start with a slash (/) and must not contain a relative path.


    Running a Backup Operation

    Procedure
      Step 1   Choose Administration > Operations > Backups > Backup-server where backup-server is the server on which the backup file is stored.
      Step 2   In the General tab, enter the following information:
      1. In the Admin State field, choose enabled.
      2. For all protocols except TFTP, in the Password field, enter the password for the identified user.
      3. (Optional) Change the content of the other available fields.
      Step 3   Click Save.

      VNMC takes a snapshot of the configuration type that you selected and exports the file to the network location.

      Step 4   (Optional) To view the progress of the backup operation, click the Task tab. The Task tab provides the information described in the following table. The operation continues to run until it is completed.
      Name Description

      Description

      Task description.

      Status

      Task status.

      Stage Descriptor

      Description of the current stage.

      Tries

      Number of times the task has been tried.

      Previous Status

      Previous task status.

      Remote Err Code

      Remote error code.

      Remote Err Description

      Description of the remote error code.

      Remote Inv Result

      Remote error result.

      Time Stamp

      Date and time when the task completed.

      Progress

      Progress of the current task.


      Editing a Backup Operation

      Before You Begin

      Obtain the backup server IP address or hostname and authentication credentials.

      Procedure
        Step 1   Choose Administration > Operations > Backups.
        Step 2   Select the backup operation you want to edit, then click Edit.
        Step 3   In the Edit Backup dialog box, modify the information as required, then click OK.
        Field Description

        Admin State

        One of the following administrative states:

        • enabled—Backup is enabled. The system runs the backup operation when you click OK.
        • disabled—Backup is disabled. The system does not run the backup operation when you click OK. If you choose this option, all fields in the dialog box remain visible.

        Type

        Backup type.

        The backup creates a copy of the whole database file. You can use this file for disaster recovery if you need to recreate every configuration on your system. This field is not editable.

        Protocol

        Protocol used when communicating with the remote server:
        Note    Do not use TFTP for backup and restore operations.

        Hostname/IP Address

        Hostname or IP address of the device where the backup file is stored.

        This entry cannot be changed when editing the operation.

        Note    If you use a hostname instead of an IP address, you must configure a DNS server.

        User

        Username the system uses to log into the remote server.

        This field is not displayed if you select TFTP in the Protocol field.

        Password

        Password the system uses to log into the remote server.

        This field is displayed if you choose enabled in the Admin State field.

        This field is not displayed if you choose TFTP in the Protocol field.

        Note    VNMC does not store this password. You do not need to enter this password unless you intend to enable and run the backup operation immediately.

        Absolute Path Remote File

        Full path of the backup filename.

        This entry must start with a slash (/) and must not contain a relative path.


        Deleting a Backup Operation

        Procedure
          Step 1   Choose Administration > Operations > Backups.
          Step 2   Select the backup operation you want to delete, then click Delete.
          Step 3   When prompted, confirm the deletion.

          Restoring a Backup Configuration

          Procedure
            Step 1   Install the VNMC virtual machine. For information, see the Cisco Virtual Network Management Center 2.0 Quick Start Guide.
            Step 2   Uninstall the VSG policy agents. Connect the Secure Shell to the VSG console for this task. This step does not cause a traffic disruption.

            Example:
            vsg# conf t
            vsg (config)# vnmc-policy-agent
            vsg (config-vnmc-policy-agent)# no policy-agent-image
            Note    Perform this step for all VSGs that are associated with the VNMC that you are restoring.
            Step 3   Disable the ASA 1000V policy agent.

            Example:
            ASA-154# conf t
            ASA-154(config)# no vnmc policy-agent

            Step 4   Uninstall the VSM policy agents. Connect the Secure Shell to the VSM console for this task. This step does not cause a traffic disruption.

            Example:
            vsm# conf t
            vsm (config)# vnmc-policy-agent
            vsm (config-vnmc-policy-agent)# no policy-agent-image

            Note    Perform this step for all VSMs that are associated with the VNMC you are restoring.
            Step 5   Restore the VNMC database. Connect the Secure Shell to the VNMC CLI for this task. Depending upon your VNMC backup location, restore using FTP, SCP, or SFTP.

            Example:
            vnmc# connect local-mgmt
            vnmc(local-mgmt)# restore scp://username@server/path

            Step 6   In the VNMC UI, choose Administration > Service Registry > Clients, and in the General tab, do the following:
            1. Wait until each registered VSM displays the operational status as lost-visibility.
            2. Choose each VSM, and click Delete Client.
            Step 7   In the VNMC UI, choose Resource Management > Resources > Virtual Supervisor Modules, and verify that the deleted VSMs are not visible.
            Step 8   Reregister the VSMs associated with VNMC by entering the following commands for each VSM:

            Example:
            VSM# conf t
            VSM (config)# vnmc-policy-agent
            VSM (config-vnmc-policy-agent)# registration-ip vsm-ip-address
            VSM (config-vnmc-policy-agent)# shared-secret password

            Step 9   Reinstall the VSM policy agents.
            Note    If the VSM policy agents must be upgraded, install the new software now.


            Example:
            VSM# conf t
            VSM (config)# vnmc-policy-agent
            VSM (config-vnmc-policy-agent)# policy-agent-image bootflash:vnmc-vsmpa.1.0.1g.bin

            Step 10   Wait until all the VSMs have registered in the Service Registry and are displayed under Resource Management > Resources > Virtual Supervisor Modules.
            Step 11   Reregister the VSGs associated with VNMC by entering the following commands for each VSG:

            Example:
            VSG# conf t
            VSG (config)# vnmc-policy-agent
            VSG (config-vnmc-policy-agent)# registration-ip vsg-ip-address
            VSG (config-vnmc-policy-agent)# shared-secret password

            Step 12   Reinstall the VSG policy agents.
            Note    If the VSG policy agents must be upgraded, install the new software now.


            Example:
            VSG# conf t
            VSG (config)# vnmc-policy-agent
            VSG (config-vnmc-policy-agent)# policy-agent-image bootflash:vnmc-vsgpa.1.0.1g.bin

            Step 13   Re-enable the ASA 1000V policy agent.

            Example:
            ASA-154# conf t
            ASA-154(config)# vnmc policy-agent
            ASA-154(config-vnmc-policy-agent)# shared-secret password
            ASA-154(config-vnmc-policy-agent)# registration host host-ip-address

            Step 14   Verify the following states after the restore process is complete:
            Note    The restore process could take a few minutes depending upon your setup environment.
            1. Using the VSG CLI, verify that your configurations are restored to their earlier state.
            2. Using the VNMC UI, verify that your objects and policies are restored to their earlier state.
            3. Using the ASA 1000V CLI, verify that your configurations are restored to their earlier state.

            Configuring Export Operations

            Creating an Export Operation

            Before You Begin

            Obtain the remote file server IP address or hostname and authentication credentials before performing an export.


            Note


            The associations of compute and edge firewalls with VSGs and ASA 1000Vs, respectively, are not included in export or import data. Only firewall definitions are included, such as device profiles and policies. If an imported firewall did not exist in the system, it will not be associated to a VSG or ASA 1000V after the import operation. If an imported firewall already existed in the system, the association state remains the same.
            Procedure
              Step 1   Choose Administration > Operations > Backups.
              Step 2   Click Create Export Operation.
              Step 3   In the Create Export Operation dialog box, provide the required information as described in the following table, then click OK:
              Field Description

              Admin State

              One of the following administrative states:

              • enabled—Export is enabled. The system runs the export operation when you click OK.
              • disabled—Export is disabled. The system does not run the export operation when you click OK. If you choose this option, all fields in the dialog box remain visible.

              Type

              One of the following export types:

              • config-all
              • config-logical
              • config-system

              Protocol

              Protocol used when communicating with the remote server:

              Hostname/IP Address

              Hostname or IP address of the device where the export file is stored.

              This entry cannot be changed when editing the operation.

              Note    If you use a hostname instead of an IP address, you must configure a DNS server.

              User

              Username the system uses to log into the remote server.

              This field is not displayed if you choose TFTP in the Protocol field.

              Password

              The password the system uses to log into the remote server.

              This field is displayed if you choose enabled in the Admin State field.

              This field is not displayed if you choose TFTP in the Protocol field.

              Note    VNMC does not store this password. You do not need to enter this password unless you intend to enable and run the export operation immediately.

              Absolute Path Remote File (.tgz)

              Full path of the .tgz filename.

              This entry must start with a slash (/) and must not contain a relative path.


              Editing an Export Operation

              Before You Begin

              Obtain the backup server IP address and authentication credentials.

              Procedure
                Step 1   In the Navigation pane, click the Administration tab.
                Step 2   In the Navigation pane, click the Operations subtab.
                Step 3   In the Navigation pane, click the Backups node.
                Step 4   In the Work pane, expand the items in the table, and select the export operation you want to edit.
                Step 5   Click Edit.
                Step 6   In the Edit dialog box, modify the fields as appropriate:
                Field Description

                Admin State

                One of the following administrative states:

                • enabled—Export is enabled. The system runs the export operation when you click OK.
                • disabled—Export is disabled. The system does not run the export operation when you click OK. If you choose this option, all fields in the dialog box remain visible.

                Type

                One of the following export types:

                • config-all
                • config-logical
                • config-system

                Protocol

                Protocol used when communicating with the remote server:

                Hostname/IP Address

                Hostname or IP address of the device where the export file is stored.

                This entry cannot be changed when editing the operation.

                Note    If you use a hostname instead of an IP address, you must configure a DNS server.

                User

                Username the system uses to log into the remote server.

                This field is not displayed if you choose TFTP in the Protocol field.

                Password

                The password the system uses to log into the remote server.

                This field is displayed if you choose enabled in the Admin State field.

                This field is not displayed if you choose TFTP in the Protocol field.

                Note    VNMC does not store this password. You do not need to enter this password unless you intend to enable and run the export operation immediately.

                Absolute Path Remote File (.tgz)

                Full path of the .tgz filename.

                This entry must start with a slash (/) and must not contain a relative path.

                Step 7   Click OK.

                Deleting an Export Operation

                Procedure
                  Step 1   In the Navigation pane, click the Administration tab.
                  Step 2   In the Navigation pane, click the Operations subtab.
                  Step 3   In the Navigation pane, click the Backups node.
                  Step 4   In the Work pane, click the export operation you want to delete.
                  Step 5   Click Delete.
                  Step 6   In the Confirm dialog box, click Yes.

                  Configuring Import Operations

                  Creating an Import Operation

                  Before You Begin

                  Obtain the remote file server IP address or hostname and authentication credentials.


                  Note


                  The association of compute and edge firewalls with VSGs and ASA 1000Vs, respectively, are not included in the export or import data. Only the compute and edge firewall definitions are included, such as device profiles and policies. Therefore, if an imported firewall did not exist in the system, it will not be associated to a VSG or ASA 1000V after the import operation. If an imported firewall already existed in the system, the association state remains the same.


                  Caution


                  When the configuration data is imported into the VNMC server, you might see an error message and get logged out, followed by the display of a new VNMC certificate. This error occurs because the VNMC hostname, domain name, or both have changed. The VM Manager Extension needs to be exported again and installed on vCenter. To continue with the import, accept the VNMC certificate and log into VNMC again.
                  Procedure
                    Step 1   Choose Administration > Operations > Backups.
                    Step 2   Click Create Import Operation.
                    Step 3   In the Create Import Operation dialog box, provide the following information as required, then click OK:
                    Field Description

                    Admin State

                    One of the following administrative states:

                    • enabled—Import is enabled. The system runs the import operation as soon as you click OK.
                    • disabled—Import is disabled. The system does not run the import operation when you click OK. If you choose this option, all fields in the dialog box remain visible.

                    Action

                    Action to be taken on a file: merge.

                    Protocol

                    Protocol used when communicating with the remote server:

                    Hostname/IP Address

                    Hostname or IP address of the device where the import file is stored.

                    This entry cannot be changed when editing the operation.

                    Note    If you use a hostname instead of an IP address, you must configure a DNS server.

                    User

                    Username the system uses to log into the remote server.

                    This field is displayed if you choose enabled in the Admin State field.

                    This field does not appear if you choose TFTP in the Protocol field.

                    Password

                    Password the system uses to log into the remote server.

                    This field does not appear if you choose TFTP in the Protocol field.

                    Note    VNMC does not store this password. You do not need to enter this password unless you intend to enable and run the import operation immediately.

                    Absolute Path Remote File (.tgz)

                    Full path of the .tgz filename.

                    This entry must start with a slash (/) and must not contain a relative path.


                    Editing an Import Operation

                    Before You Begin

                    Obtain the remote file server IP address or hostname and authentication credentials.

                    Procedure
                      Step 1   Choose Administration > Operations > Backups.
                      Step 2   Select the import operation that you want to edit, then click Edit.
                      Step 3   In the Edit dialog box, modify the fields as required, then click OK.
                      Field Description

                      Admin State

                      One of the following administrative states:

                      • enabled—Import is enabled. The system runs the import operation as soon as you click OK.
                      • disabled—Import is disabled. The system does not run the import operation when you click OK. If you choose this option, all fields in the dialog box remain visible.

                      Action

                      Action to be taken on a file: merge.

                      Protocol

                      Protocol used when communicating with the remote server:

                      Hostname/IP Address

                      Hostname or IP address of the device where the import file is stored.

                      This entry cannot be changed when editing the operation.

                      Note    If you use a hostname instead of an IP address, you must configure a DNS server.

                      User

                      Username the system uses to log into the remote server.

                      This field is displayed if you choose enabled in the Admin State field.

                      This field does not appear if you choose TFTP in the Protocol field.

                      Password

                      Password the system uses to log into the remote server.

                      This field does not appear if you choose TFTP in the Protocol field.

                      Note    VNMC does not store this password. You do not need to enter this password unless you intend to enable and run the import operation immediately.

                      Absolute Path Remote File (.tgz)

                      Full path of the .tgz filename.

                      This entry must start with a slash (/) and must not contain a relative path.


                      Deleting an Import Operation

                      Procedure
                        Step 1   Choose Administration > Operations > Backups.
                        Step 2   Select the import operation that you want to delete, then click Delete.
                        Step 3   When prompted, confirm the deletion.