Cisco Unified Computing System (Cisco UCS) is a next generation platform and solution for data centers. Cisco UCS Manager is embedded device management software that provides a view of a Cisco UCS domain as a single logical, highly-available, and end-to-end management service. Large data centers that include hundreds of deployed Cisco UCS domains must consolidate the device management of those Cisco UCS domains.
Cisco UCS Central delivers a common management solution across all Cisco UCS domains. Cisco UCS Central provides a centralized resource inventory and a repository of policies. Cisco UCS Central simplifies configuration, maintains policy uniformity, resolves contention on global identities, and effectively and consistently manages Cisco UCS domains.
Cisco UCS Central provides a global view of the entire data center through multiple Cisco UCS Manager sessions. Cisco UCS Central can manage Cisco UCS operations for an individual data center or for multiple data centers. Cisco UCS Central facilitates operational management for firmware management, catalog management, configuration backup and restore operations, monitor log, core files, and faults.
Cisco UCS Central is designed for aggregated management functions beyond what Cisco UCS Manager supports today. Cisco UCS Central includes the following features:
Provides simple and consistent Cisco UCS deployments such as the following:
Initial Cisco UCS configuration
Policy and service template definitions
Ensures the uniqueness of namespace such as the following:
MAC, WWN, UUID
Multiple Cisco UCS search
Provides inventory management such as the following:
Centralized view of physical and logical elements across Cisco UCS domains in a data center
Health of individual physical and logical elements
Simplifies routine operational tasks such as the following:
Backup and restore configurations
Provides centralized diagnostics for the following:
Correlation and impact
Root cause analysis
Cisco UCS Central is deployed as a single virtual machine (VM) that resides on an external server. Cisco UCS Central contains the following services:
The Service Registry provides a centralized registration repository that stores information from service providers such as Identifier Manager or Operation Manager, and the registered Cisco UCS domains. After a Cisco UCS domain is registered, the Service Registry distributes information about that domain to other service providers and registered Cisco UCS domains. Inter-service communications begin when this information is distributed.
The Service Registry is also responsible for distributing domain group structure changes.
Identifier Manager provides automatic and centralized management for UUIDs, MAC addresses, WWNs, IP addresses and IQN addresses across Cisco UCS domains. You can create pools of IDs in both Cisco UCS Manager and Cisco UCS Central, as follows:
Local pools are defined in Cisco UCS Manager and can only be used in that Cisco UCS domain. These pools are sometimes referred to as domain pools.
Global pools are defined in Cisco UCS Central and can be shared between Cisco UCS domains that are registered with Cisco UCS Central.
Identifier Manager tracks pool definitions and allows you to manage pools to avoid conflicts. When a domain pool ID is assigned from a Cisco UCS domain that is registered with Cisco UCS Central, Cisco UCS Manager reports the assignment to the Identifier Manager. When domain pools are absent or when domain pools are exhausted, Cisco UCS Manager requests IDs from the Cisco UCS Central global pools.
Conflicting pool assignments are reported as faults. Unallocated IDs that belong to overlapping pools are reported as warnings.
The Resource Manager provides a centralized and consolidated view of the physical and logical resources across all of the Cisco UCS domains registered with Cisco UCS Central.
When you register a Cisco UCS domain with Cisco UCS Central, the Resource Manager summarizes and displays basic inventory information about the fabric interconnects, chassis, FEXs, blade servers, integrated rack servers, and the service profiles and templates in that domain. The Resource Manager provides a quick view of the available memory, CPU, availability status, and the health status of resources in a Cisco UCS domain. This inventory enables you to use to provision a Cisco UCS domain according to your data center's requirements.
With the Resource Manager, you can cross-launch the Cisco UCS Manager GUI for all Cisco UCS domains registered with Cisco UCS Central and the KVM console to access the servers in a Cisco UCS domain.
The Resource Manager also provides a summarized view of faults from registered Cisco UCS domains. You can view fault information by severity level or by fault types. You can also view additional data center fault information in a single place or cross-launch the Cisco UCS Manager GUI for a Cisco UCS domain to see a detailed contextual view of a particular fault.
The Management Controller is the Cisco UCS Central virtual machine (VM) controller. Configuration operations are performed by the Management Controller. Cisco UCS Central inherits behaviors from the policies that are resolved from the operation-mgr root group. These policies include AAA, HTTP, HTTPS, Telnet, SSH, session limits, Date,Time, DNS, and NTP configurations. The core is also used to carry the operations that are triggered by the Operation Manager, such as backup, export, and import.
The Management Controller also collects technical support information for Cisco UCS Central. This data can be collected from all installed components or only from selected components.
The Policy Manager is an enhanced web server that you can use to configure all policies, pools, and templates. The organization structure that contains these objects is owned and managed by the policy server. ID pools, templates, and domain groups are also defined in the Policy Manager and then they are selectively distributed to the appropriate services. For example, ID pools are distributed to the Identifier Manager, while domain groups are distributed to the Resource Manager.
Policy resolution resolves policy configuration changes on the Policy Manager, which acts as a policy server. When a policy is changed, Cisco UCS Central notifies the registered Cisco UCS domains that use the changed policy immediately.
Cisco UCS Central creates a hierarchy of Cisco UCS domain groups for managing multiple Cisco UCS domains. You will have the following categories of domain groups in Cisco UCS Central:
Domain Group— A group that contains multiple Cisco UCS domains. You can group similar Cisco UCS domains under one domain group for simpler management.
Ungrouped Domains—When a new Cisco UCS domain is registered in Cisco UCS Central, it is added to the ungrouped domains. You can assign the ungrouped domain to any domain group.
If you have created a domain group policy, a new registered Cisco UCS domain meets the qualifiers defined in the policy, it will automatically be placed under the domain group specified in the policy. If not, it will be placed in the ungrouped domains category. You can assign this ungrouped domain to a domain group.
Each Cisco UCS domain can only be assigned to one domain group. You can assign or reassign membership of the Cisco UCS domains at any time. When you assign a Cisco UCS domain to a domain group, the Cisco UCS domain will automatically inherit all management policies specified for the domain group.
Before adding a Cisco UCS domain to a domain group, make sure to change the policy resolution controls to local in the Cisco UCS domain. This will avoid accidentally overwriting service profiles and maintenance policies specific to that Cisco UCS domain. Even when you have enabled auto discovery for the Cisco UCS domains, enabling local policy resolution will protect the Cisco UCS domain from accidentally overwriting policies.
After confirming the registration, if you want to manage all the member domains in a domain group with same operational policies, you can change the policy resolution to global on the Cisco UCS Manager GUI.
Policies configured at the domain group root will apply to all the domain groups under the root. Each domain group under the root group can have policies unique to the group. The domain group policies are resolved hierarchically in the member Cisco UCS domains.
Domain Group Management
Users with the following privileges can create and manage domain groups in Cisco UCS Central:
Admin privileges — Create new domain groups and assign ungrouped Cisco UCS domains to domain groups.
Domain group management privileges — Create and manage domain groups. But cannot assign ungrouped Cisco UCS domains to domain groups.
Global Concurrency Control
Global Concurrency Control allows you to control the number of concurrent operations in Cisco UCS Manager or Cisco UCS Central. You can associate a scheduler to trigger operations on objects that can control parallel tasks. If desired, you can set the scheduler to manually control the resumption of pending tasks. You can also choose to ignore or honor the concurrency limits for user-acknowledged schedules.
Cisco UCS Central acts as a global policy server for registered Cisco UCS domains. Configuring global Cisco UCS Central policies for remote Cisco UCS domains involves registering domains and assigning registered domains to domain groups. You can define the following global policies in Cisco UCS Central that are resolved by Cisco UCS Manager in a registered Cisco UCS domain:
Firmware Image Management—Cisco UCS uses firmware obtained from and certified by Cisco to support the endpoints in Cisco UCS domains. Each endpoint is a component in Cisco UCS domains that requires firmware to function. The upgrade order for the endpoints in Cisco UCS domains depends upon the upgrade path, and includes Cisco UCS Manager, I/O modules, fabric interconnects, endpoints physically located on adapters, and endpoints physically located on servers. Cisco delivers all firmware updates to Cisco UCS components in bundles of images. Cisco UCS firmware updates are available for download to fabric interconnects in Cisco UCS domains.
Host Firmware Package—This policy enables you to specify a set of firmware versions that make up the host firmware package (host firmware pack). The host firmware pack includes the firmware for server and adapter endpoints including adapters, BIOS, board controllers, Fibre Channel adapters, HBA option ROM, and storage controllers.
Capability Catalog—This policy is a set of tunable parameters, strings, and rules. Cisco UCS Manager uses the catalog to update the display and component configurations such as newly qualified DIMMs and disk drives for servers.
Fault Collection Policy—The fault collection policy controls the life cycle of a fault inCisco UCS domains, including when faults are cleared, the flapping interval (the length of time between the fault being raised and the condition being cleared), and the retention interval (the length of time a fault is retained in the system).
Core Files Export Policy—Cisco UCS Manager uses the Core File Exporter to export core files as soon as they occur to a specified location on the network through TFTP. This functionality allows you to export the tar file with the contents of the core file.
Syslog Policy—A syslog policy is a collection of four policy attributes including console, file, monitor, and remote destination attributes. The syslog policy includes creating, enabling, disabling, and setting attributes.
Role-Based Access Control (RBAC) and Remote Authentication Policies—RBAC is a method of restricting or authorizing system access for users based on user roles and locales. A role defines the privileges of a user in the system and the locale defines the organizations (domains) that a user is allowed access. Because users are not directly assigned privileges, management of individual user privileges is simply a matter of assigning the appropriate roles and locales.
Call Home Policy—Call Home provides an email-based notification for critical system policies. A range of message formats are available for compatibility with pager services or XML-based automated parsing applications. You can use this feature to page a network support engineer, email a Network Operations Center, or use Cisco Smart Call Home services to generate a case with the Technical Assistance Center.
Management Interface Monitoring Policy—This policy defines how the mgmt0 Ethernet interface on the fabric interconnect should be monitored. If Cisco UCS detects a management interface failure, a failure report is generated. If the configured number of failure reports is reached, the system assumes that the management interface is unavailable and generates a fault.
Time Zone and NTP Policies—Cisco UCS requires a domain-specific time zone setting and an NTP server to ensure the correct time display in Cisco UCS Manager. If you do not configure both of these settings in Cisco UCS domains, the time does not display correctly.
Simple Network Management Protocol (SNMP) Policy—SNMP is an application-layer protocol that provides a message format for communication between SNMP managers and agents. SNMP provides a standardized framework and a common language used for the monitoring and management of devices in a network.
Equipment—Cisco UCS Central supports global equipment policies defining the global power allocation policy (based on policy driven chassis group cap or manual blade level cap methods), power policy (based on grid, n+1 or non-redundant methods), and SEL policy. Registered Cisco UCS domains choosing to define power management and power supply units globally within that client's policy resolution control will defer power management and power supply units to its registration with Cisco UCS Central.
Full State Backup Policy—The full state backup policy allows you to schedule regular full-state backups of a snapshot of the entire system. You can choose whether to configure the full-state backup to occur on a daily, weekly, or bi-weekly basis.
All Configuration Export Policy—The all configuration backup policy allows you to schedule a regular backup and export of all system and logical configuration settings. This backup does not include passwords for locally authenticated users. You can choose whether to configure the all configuration backup to occur on a daily, weekly, or bi-weekly basis.
Cisco UCS Central acts as a global policy server for registered Cisco UCS domains. Configuring global Cisco UCS Central policies for remote Cisco UCS domains involves registering domains and assigning registered domains to domain groups.
Configuring global policies involves designating policies as global or local when registering the Cisco UCS domain, and assigning the registered domain to a Cisco UCS Central domain group. Upon assignment, global policies defined in that domain group are inherited by the registered domain assigned to that domain group.
Policies designated as Global in a registered Cisco UCS domain are inherited from Cisco UCS Central by that domain. Policies designated as Local in a Cisco UCS domain are based on local policy settings in that domain.
Pools are collections of identities, or physical or logical resources, that are available in the system. All pools increase the flexibility of service profiles and allow you to centrally manage your system resources. Pools that are defined in Cisco UCS Central are called Global Pools and can be shared between Cisco UCS domains. Global Pools allow centralized ID management across Cisco UCS domains that are registered with Cisco UCS Central. By allocating ID pools from Cisco UCS Central to Cisco UCS Manager, you can track how and where the IDs are used, prevent conflicts, and be notified if a conflict occurs. Pools that are defined locally in Cisco UCS Manager are called Domain Pools.
The same ID can exist in different pools, but can be assigned only once. Two blocks in the same pool cannot have the same ID.
You can pool identifying information, such as MAC addresses, to preassign ranges for servers that host specific applications. For example, you can configure all database servers across Cisco UCS domains within the same range of MAC addresses, UUIDs, and WWNs.