Managing Cisco VIM through Insight

Cisco VIM Insight provides two types of views:

  • UI Admin

  • Pod Admin

This design brings in clear separation of roles. It does not store any pod related details obtained directly through Rest API from the pods locally, except for RBAC information.

UI Administrators Privileges and Responsibilities

The Insight UI Admin has the following privileges and responsibilities:

  1. Insight UI Admin(s) can only add Pod Admin.

  2. Insight UI Admin can manage all the users in Insight from Manage Pod Users.

    • UI Admin can revoke permission of Users: If UI Admin wants to revoke a user from a Pod, click Revoke permission icon under Action column.

    • UI Admin can also Delete a User: If UI Admin wants to delete a user from the Insight, Click Delete icon under Action column. If there is only one user associated with a Pod then UI Admin needs to delete the pod and then delete or revoke the user permission.

  3. Insight UI Admin can manage Pod Admin(s) from Manage Pod Admin.

    • UI Admin can add a new Pod Admin in Insight.

    • UI Admin can revoke permission of a user from being a Pod Admin.

  4. Insight UI Admin can manage Pods from Manage Pods.

    • UI Admin can delete a Pod from Insight.

    • UI Admin can also update password for the REST incase there was a system update on the pod and REST password was changed in that process.

  5. Insight UI Admin can manage other UI Admin(s) from Manage UI Admin Users.

    • Insight UI Admin can add another UI Admin.

    • Insight UI Admin can revoke permission of the user from being an UI Admin.


    Note

    If there is only one UI Admin for Insight then revoke permission icon will be disabled for the user.

Pod UI Privileges and Responsibilities

As Cisco VIM is Rest API based, one can manage a pod through CLI, Rest API or UI. Users can always bring in a partial or fully functional Pod and register with VIM Insight. Insight will query the pod status through Rest API and reflect the same. Despite the flexibility in design, it is recommended that the admin chooses to manage the pod one way, to avoid confusion. For steps to bootstrap VIM Insight, users are requested to refer to the VIM 2.2 Install guide. Post bootstrap of VIM Insight, listed below are the steps one can take to add Cisco VIM Pod.

Adding Cisco VIM Pod

Before You Begin

Complete the following pre-requisites to add a Cisco VIM Pod:

  • Bootstrap of VIM Insight is complete and successful as per the install guide.

  • At minimum, a UI and Pod Admin exists as per the install guide.

Procedure
    Step 1   Navigate to https://br_api:9000
    Step 2   Click Register Management Node link.

    • Enter the Endpoint IP which is the br_api of your Pod.

      Note   

      Run time validation to check if the Endpoint IP is already registered to Insight.

    • Give a name or tag for the pod you are registering.

    • Enter the REST API password for the Pod.

      • You can locate the REST API password on the Pod you are registering.

      • The path to locate REST API password is : /opt/cisco/ui_config.json.

    • A brief description about management node. Description field is optional and can be left blank.

    • Enter the Email ID of the Pod Admin.

      • Run time validation to check if the Email ID is Pod admin or not.

      • If False, the Insight will throw an error "User is not registered as Pod Admin".

      • If True, the User Name is auto-populated and the Register button will be enabled.

    Step 3   Click Browse to upload restapi server CA Certificate. This is enabled once the POD Admin validation is successful.

    • Navigate to /var/www/mercury/mercury-ca.crt of the management node.

    • Download the Certificate to the local machine and upload the certificate using Insight.

    Note   

    Validation check for file size and extension is done as a part of upload and in case of failure the Certificate is deleted and you need to upload the valid certificate again.

    If the Certificate is uploaded successfully then Register button is enabled. To do a management node health check click Register.

    • If the REST API service is down on the management node then a failure message will be displayed as : Installer REST API service not available. The certificate will not be deleted.
    • If the Certificate is invalid and there is a SSL connection problem with the management node then certificate is deleted and message is displayed to upload the certificate again.
    • If the Certificate is valid user is redirected to the login page with a message- management node registered successfully.
    Step 4   Click Register to redirect the user to the landing or login page. Pod Admin receives the notification mail that the management node is registered successfully.

    Deleting Pod from Cisco VIM insight

    When you delete a Pod from Cisco VIM Insight, you are ensuring that Cisco VIM Insight cannot manage that Cisco VIM Pod. You are not deleting the Pod from your OpenStack deployment.

    Before You Begin

    Following assumption should be covered to delete a Cisco VIM Pod:

    • Bootstrap of VIM Insight is complete and successful as per the install guide.

    • At least one UI and Pod Admin exists as per the install guide.

    • The targeted Pod is being managed by Insight.

    Procedure
      Step 1   Login as the Insight UI Admin.
      Step 2   In the Navigation pane, click Manage Pods.
      Step 3   Choose the pod that you want to delete in the Action column and click Delete.
      Step 4   Click Proceed, to confirm the deletion.

      Context Switching within Insight

      There are two ways a user can switch to another pod.

      • Context Switching Icon: Context Switching Icon is situated on the top right corner and is the third icon from the right tool tip of the UI. Click Context Switching Icon to view all the pods that you can access. Pod with a red dot indicates that the REST Password entered during registration of Management node does not match with the current REST Password for that of particular node. In such a situation the Pod admin or User should reach out to UI admin to update the password for that Node. UI admin updates the password from Manage Pods in Insight UI admin Portal.

      • Switch Between Management Nodes: Switch Between Management Nodes is available in the Dashboard. The user can see all the pods in the table and can navigate to any Pod using a single click. If mouse pointer changes from hand or cursor to a red dot sign it indicates that the REST Password entered during registration of Management node does not match with the current REST Password for that particular node.