Cisco UCS Central CLI Configuration Guide, Release 1.0
Overview of Cisco UCS Central
Downloads: This chapterpdf (PDF - 249.0 KB) The complete bookPDF (PDF - 2.17 MB) | The complete bookePub (ePub - 408.0 KB) | Feedback

Overview of Cisco UCS Central

Overview of Cisco UCS Central

This chapter includes the following sections:

About Cisco UCS Central

Cisco UCS Central allows you to manage multiple Cisco UCS domains or Cisco UCS Manager domains through a single management point. Cisco UCS Central works with Cisco UCS Manager and provides a scalable management solution for a growing Cisco UCS environment.

Cisco UCS Central delivers a common management solution across all Cisco UCS domains. Cisco UCS Central provides a centralized resource inventory and a repository of policies. Cisco UCS Central simplifies configuration, maintains policy uniformity, resolves contention on global identities, and effectively and consistently manages Cisco UCS domains.

Cisco UCS Central provides a single point of management for many-to-one aggregation functions that allow you to view data that is distributed over a large number of individual domains. For example, you can view inventory, KVM, and Cisco UCS Manager cross-launch, faults, and audit and event logs. Cisco UCS Central also provides one-to-many control functions such as global ID pools, firmware management, and operations policies.

Cisco UCS Central includes the following features:
  • Provides simple and consistent Cisco UCS deployments such as the following:
    • Initial Cisco UCS configuration
    • Operational policy definitions
  • Ensures the uniqueness of namespace such as the following:
    • Global pools of MAC, WWN, UUID, iSCSI IQNs, and management IP addresses
    • Consolidated view of ID usage across all domains of both globally and locally allocated IDs
  • Provides inventory management such as the following:
    • Centralized view of physical and logical elements across Cisco UCS domains in a data center
    • Health of individual physical and logical elements
  • Simplifies routine operational tasks such as the following:
    • Firmware updates
    • Backup and restore configurations

Cisco UCS domains can be registered to Cisco UCS Central. This process allows the domains to be managed by Cisco UCS Central

Cisco UCS Central does not reduce or change any local management capabilities of Cisco UCS Manager including its API. This allows administrators to continue using Cisco UCS Manager the way they did before even in the presence of Cisco UCS Central and also allows all 3rd party integrations that they have to continue to operate without change. Selectively they can allow polices to be globalized providing them with an easy transition to centralized management.

There are many-to-one use cases such as the following:
  • Global inventory of all physical resources from the Cisco UCS domains
  • Logical inventory of all the service profiles that are defined locally within each of the Cisco UCS domains including their placement in the respective org structures.
  • Global fault summaries that are classified into fault types and their source domains.
    The summaries can then be subsequently expanded through cross launch with Cisco UCS Manager to the specific fault:
    • Cross launch capabilities for both KVM for the physical server and the service profile.
    • Cisco UCS Manager cross launch capability with single authentication.
    • Log and fault summaries.

Service Registry

The Service Registry provides a centralized registration repository that stores information from service providers such as Identifier Manager or Operation Manager, and the registered Cisco UCS domains. After a Cisco UCS domain is registered, the Service Registry distributes information about that domain to other service providers and registered Cisco UCS domains. Inter-service communications begin when this information is distributed.

The Service Registry is also responsible for distributing domain group structure changes.

Identifier Manager

Identifier Manager provides automatic and centralized management for UUIDs, MAC addresses, WWNs, IP addresses and IQN addresses across Cisco UCS domains. You can create pools of IDs in both Cisco UCS Manager and Cisco UCS Central, as follows:

  • Local pools are defined in Cisco UCS Manager and can only be used in that Cisco UCS domain. These pools are sometimes referred to as domain pools.
  • Global pools are defined in Cisco UCS Central and can be shared between Cisco UCS domains that are registered with Cisco UCS Central.

Identifier Manager tracks pool definitions and allows you to manage pools to avoid conflicts. When a domain pool ID is assigned from a Cisco UCS domain that is registered with Cisco UCS Central, Cisco UCS Manager reports the assignment to the Identifier Manager. When domain pools are absent or when domain pools are exhausted, Cisco UCS Manager requests IDs from the Cisco UCS Central global pools.

Conflicting pool assignments are reported as faults. Unallocated IDs that belong to overlapping pools are reported as warnings.

Resource Manager

The Resource Manager provides a centralized and consolidated view of the physical and logical resources across all of the Cisco UCS domains registered with Cisco UCS Central.

When you register a Cisco UCS domain with Cisco UCS Central, the Resource Manager summarizes and displays basic inventory information about the fabric interconnects, chassis, FEXs, blade servers, integrated rack servers, and the service profiles and templates in that domain. The Resource Manager provides a quick view of the available memory, CPU, availability status, and the health status of resources in a Cisco UCS domain. This inventory enables you to use to provision a Cisco UCS domain according to your data center's requirements.

With the Resource Manager, you can cross-launch the Cisco UCS Manager GUI for all Cisco UCS domains registered with Cisco UCS Central and the KVM console to access the servers in a Cisco UCS domain.

The Resource Manager also provides a summarized view of faults from registered Cisco UCS domains. You can view fault information by severity level or by fault types. You can also view additional data center fault information in a single place or cross-launch the Cisco UCS Manager GUI for a Cisco UCS domain to see a detailed contextual view of a particular fault.

Management Controller

The Management Controller is the Cisco UCS Central virtual machine (VM) controller. Configuration operations are performed by the Management Controller. Cisco UCS Central inherits behaviors from the policies that are resolved from the operation-mgr root group. These policies include AAA, HTTP, HTTPS, Telnet, SSH, session limits, Date,Time, DNS, and NTP configurations. The core is also used to carry the operations that are triggered by the Operation Manager, such as backup, export, and import.

The Management Controller also collects technical support information for Cisco UCS Central. This data can be collected from all installed components or only from selected components.

Policy Manager

The Policy Manager is an enhanced web server that you can use to configure all policies, pools, and templates. The organization structure that contains these objects is owned and managed by the policy server. ID pools, templates, and domain groups are also defined in the Policy Manager and then they are selectively distributed to the appropriate services. For example, ID pools are distributed to the Identifier Manager, while domain groups are distributed to the Resource Manager.

Policy Resolution

Policy resolution resolves policy configuration changes on the Policy Manager, which acts as a policy server. When a policy is changed, Cisco UCS Central notifies the registered Cisco UCS domains that use the changed policy immediately.

Domain Groups

Cisco UCS Central creates a hierarchy of Cisco UCS domain groups for managing multiple Cisco UCS domains. You will have the following categories of domain groups in Cisco UCS Central:

  • Domain Group— A group that contains multiple Cisco UCS domains. You can group similar Cisco UCS domains under one domain group for simpler management.
  • Ungrouped Domains—When a new Cisco UCS domain is registered in Cisco UCS Central, it is added to the ungrouped domains. You can assign the ungrouped domain to any domain group.

If you have created a domain group policy, a new registered Cisco UCS domain meets the qualifiers defined in the policy, it will automatically be placed under the domain group specified in the policy. If not, it will be placed in the ungrouped domains category. You can assign this ungrouped domain to a domain group.

Each Cisco UCS domain can only be assigned to one domain group. You can assign or reassign membership of the Cisco UCS domains at any time. When you assign a Cisco UCS domain to a domain group, the Cisco UCS domain will automatically inherit all management policies specified for the domain group.

Before adding a Cisco UCS domain to a domain group, make sure to change the policy resolution controls to local in the Cisco UCS domain. This will avoid accidentally overwriting service profiles and maintenance policies specific to that Cisco UCS domain. Even when you have enabled auto discovery for the Cisco UCS domains, enabling local policy resolution will protect the Cisco UCS domain from accidentally overwriting policies.


Cisco UCS Central acts as a global policy server for registered Cisco UCS domains. Configuring global Cisco UCS Central policies for remote Cisco UCS domains involves registering domains and assigning registered domains to domain groups. You can define the following global policies in Cisco UCS Central that are resolved by Cisco UCS Manager in a registered Cisco UCS domain:

  • Firmware Image Management—Cisco UCS uses firmware obtained from and certified by Cisco to support the endpoints in Cisco UCS domains. Each endpoint is a component in Cisco UCS domains that requires firmware to function. The upgrade order for the endpoints in Cisco UCS domains depends upon the upgrade path, and includes Cisco UCS Manager, I/O modules, fabric interconnects, endpoints physically located on adapters, and endpoints physically located on servers. Cisco delivers all firmware updates to Cisco UCS components in bundles of images. Cisco UCS firmware updates are available for download to fabric interconnects in Cisco UCS domains.
  • Host Firmware Package—This policy enables you to specify a set of firmware versions that make up the host firmware package (host firmware pack). The host firmware pack includes the firmware for server and adapter endpoints including adapters, BIOS, board controllers, Fibre Channel adapters, HBA option ROM, and storage controllers.
  • Capability Catalog—This policy is a set of tunable parameters, strings, and rules. Cisco UCS Manager uses the catalog to update the display and component configurations such as newly qualified DIMMs and disk drives for servers.
  • Fault Collection Policy—The fault collection policy controls the life cycle of a fault inCisco UCS domains, including when faults are cleared, the flapping interval (the length of time between the fault being raised and the condition being cleared), and the retention interval (the length of time a fault is retained in the system).
  • Core Files Export Policy—Cisco UCS Manager uses the Core File Exporter to export core files as soon as they occur to a specified location on the network through TFTP. This functionality allows you to export the tar file with the contents of the core file.
  • Syslog Policy—A syslog policy is a collection of four policy attributes including console, file, monitor, and remote destination attributes. The syslog policy includes creating, enabling, disabling, and setting attributes.
  • Role-Based Access Control (RBAC) and Remote Authentication Policies—RBAC is a method of restricting or authorizing system access for users based on user roles and locales. A role defines the privileges of a user in the system and the locale defines the organizations (domains) that a user is allowed access. Because users are not directly assigned privileges, management of individual user privileges is simply a matter of assigning the appropriate roles and locales.
  • Call Home Policy—Call Home provides an email-based notification for critical system policies. A range of message formats are available for compatibility with pager services or XML-based automated parsing applications. You can use this feature to page a network support engineer, email a Network Operations Center, or use Cisco Smart Call Home services to generate a case with the Technical Assistance Center.
  • Management Interface Monitoring Policy—This policy defines how the mgmt0 Ethernet interface on the fabric interconnect should be monitored. If Cisco UCS detects a management interface failure, a failure report is generated. If the configured number of failure reports is reached, the system assumes that the management interface is unavailable and generates a fault.
  • Time Zone and NTP Policies—Cisco UCS requires a domain-specific time zone setting and an NTP server to ensure the correct time display in Cisco UCS Manager. If you do not configure both of these settings in Cisco UCS domains, the time does not display correctly.
  • Simple Network Management Protocol (SNMP) Policy—SNMP is an application-layer protocol that provides a message format for communication between SNMP managers and agents. SNMP provides a standardized framework and a common language used for the monitoring and management of devices in a network.
  • Equipment—Cisco UCS Central supports global equipment policies defining the global power allocation policy (based on policy driven chassis group cap or manual blade level cap methods), power policy (based on grid, n+1 or non-redundant methods), and SEL policy. Registered Cisco UCS domains choosing to define power management and power supply units globally within that client's policy resolution control will defer power management and power supply units to its registration with Cisco UCS Central.
  • Full State Backup Policy—The full state backup policy allows you to schedule regular full-state backups of a snapshot of the entire system. You can choose whether to configure the full-state backup to occur on a daily, weekly, or bi-weekly basis.
  • All Configuration Export Policy—The all configuration backup policy allows you to schedule a regular backup and export of all system and logical configuration settings. This backup does not include passwords for locally authenticated users. You can choose whether to configure the all configuration backup to occur on a daily, weekly, or bi-weekly basis.
  • Policy Import Capability—The policy import capability allow a local policy to be globalized inside of Cisco UCS Central. These globalized policies can then be applied to other Cisco UCS domains as well.


Pools are collections of identities, or physical or logical resources, that are available in the system. All pools increase the flexibility of service profiles and allow you to centrally manage your system resources. Pools that are defined in Cisco UCS Central are called Global Pools and can be shared between Cisco UCS domains. Global Pools allow centralized ID management across Cisco UCS domains that are registered with Cisco UCS Central. By allocating ID pools from Cisco UCS Central to Cisco UCS Manager, you can track how and where the IDs are used, prevent conflicts, and be notified if a conflict occurs. Pools that are defined locally in Cisco UCS Manager are called Domain Pools.


The same ID can exist in different pools, but can be assigned only once. Two blocks in the same pool cannot have the same ID.

You can pool identifying information, such as MAC addresses, to preassign ranges for servers that host specific applications. For example, you can configure all database servers across Cisco UCS domains within the same range of MAC addresses, UUIDs, and WWNs.