The documentation set for this product strives to use bias-free language. For the purposes of this documentation set, bias-free is defined as language that does not imply discrimination based on age, disability, gender, racial identity, ethnic identity, sexual orientation, socioeconomic status, and intersectionality. Exceptions may be present in the documentation due to language that is hardcoded in the user interfaces of the product software, language used based on RFP documentation, or language that is used by a referenced third-party product. Learn more about how Cisco is using Inclusive Language.
This chapter contains the following sections:
The Cisco Intercloud Fabric for Business software is available at Cisco.com.
The Cisco Intercloud Fabric for Business software contains the following zip image:
Name |
Description |
---|---|
icfb-k9-3.2.1-pkg.zip |
Software to install Intercloud Fabric in VMware environments. Use this file to install Intercloud Fabric. See Workflow for VMware Environments. |
icf-preInstallCheck-1.1.0-pkg.zip |
Software to run the Intercloud Fabric pre-installation check tool. See Running the Intercloud Fabric Pre-Installation Check Tool. |
The following tables identify the system requirements for installing Cisco Intercloud Fabric.
Requirement | Description |
---|---|
Intercloud Fabric |
|
CPUs | 8 vCPU (64-bit x86 CPU [VT-capable]) |
Network interface cards (vNICs) | 1 |
RAM |
16 GB |
Disk |
440 GB |
Intercloud Fabric Extender |
|
Memory | 2 GB |
CPU | 2 vCPU |
Disk | 3 GB |
Intercloud Fabric Component |
|
Memory | 2 GB |
CPU | 1 vCPU |
Disk | 3 GB |
Note | The virtual disk must be capable of at least 40 MBps bandwidth. We recommend that you use solid-state disk (SSD) hardware. |
Requirement | Description |
---|---|
VMware |
|
Version |
ESXi 5.1, 5.5, and 6.0 |
Operating System |
Operating System Version |
Supported Browser |
---|---|---|
Windows |
7 SP1 |
Internet Explorer 11 or later Firefox (latest version) Chrome (latest version) |
Mac OS |
X (EL Capitan) |
Safari (latest version) Firefox (latest version) Chrome (latest version) |
Important Notes
Provider/Model |
Device |
vCPU |
Memory |
Disk |
---|---|---|---|---|
AWS |
||||
c3.2xlarge |
Intercloud Fabric Switch |
8 |
15 GB |
20 GB |
For VMware environments, the Cisco Nexus 1000V for VMware vSphere, VMware vSwitch, or VDS is already installed in the private cloud. See Cisco Nexus 1000V for VMware for more information.
An Intercloud Fabric cloud link can support up to a maximum of 100 VMs.
Using a proxy on a private cloud is not supported when Intercloud Fabric is being used to connect to a public cloud.
When using AWS or Microsoft Azure as the provider, run the Intercloud Fabric pre-installation check tool to automatically verify that all prerequisites for deploying Intercloud Fabric are met.
Create a provider account in the cloud provider.
Certain ports must be open outbound in the firewall to allow the Intercloud Fabric appliance to communicate with the cloud provider.
Certain ports must be open outbound in the firewall to allow the Intercloud Fabric Extender to communicate with the Intercloud Fabric Switch.
Specify the tunnel protocol when configuring the tunnel profile. You can choose the tunnel profile when you configure an Intercloud Fabric link.
Intercloud Fabric uses port 443 to register the certificate in VMware vCenter. Ensure that port 443 is open. In addition, ensure that port 80 is open for Intercloud Fabric to communicate with vCenter.
Verify that all Intercloud Fabric cloud hosts are running a supported version of ESX or ESXi: 5.1, 5.5, or 6.0.
Intercloud Fabric requires administrative access to VMware vCenter.
Ensure that the hypervisor host and virtual switch are configured as per the "Virtual Switch Prerequisites" section.
Know the IP, subnet mask, and gateway information for Intercloud Fabric.
Verify that the date and time are set correctly to connect to the cloud provider.
Know the management port profile or management network name for the VM.
Note | The management port profile can be the same port profile that is used for the Cisco Nexus 1000V Virtual Supervisor Module (VSM). The port profile is configured in the VSM and is used for the Intercloud Fabric management interface. This requirement applies only if you are using a Cisco Nexus 1000V switch; it does not apply if you are using a VMware virtual switch. |
If you do not configure NAT and PAT policies correctly for cloud providers, incoming traffic will not reach the provider.
Optionally, obtain remote storage server details if you want to use remote storage for images.
Optionally, run the Intercloud Fabric pre-installation check tool to validate your environment before installing Intercloud Fabric. The tool performs private cloud checks, public cloud checks, and port checks to ensure that the requirements for installing the Intercloud Fabric OVA are complete.
VMware
For a security policy for the trunk port group on the VMware virtual switch, set the Promiscuous Mode, MAC Address Changes, and Forged Transmits to Accept in the VMware vSphere UI. This requirement applies only if you are using a VMware virtual switch or distributed switch; it does not apply if you are using a Cisco Nexus 1000V switch.
If the Intercloud Fabric Extender is hosted on a VMware vSwitch or distributed switch (VDS) and if the vSwitch or distributed switch is connected to multiple physical NICs, you must enable the setting Net.ReversePathFwdCheckPromisc=1 in the ESX host where the Intercloud Fabric Extender is hosted. This setting is found under in the VMware vSphere UI. If this setting is not enabled, you might experience traffic loss or duplicate packets between enterprise and cloud VM traffic or Intercloud Fabric Switch module flap at the Intercloud Fabric VSM. This requirement applies only if you are using a VMware virtual switch or distributed switch to host the Intercloud Fabric Extender; it does not apply if you are using a Cisco Nexus 1000V switch.
Note | If the Net.ReversePathFwdCheckPromisc changes while the ESXi host is running, you must toggle (disable then re-enable) the Promiscuous Mode check box in the Intercloud Fabric Extender trunk port group security settings for the change to take effect. |
For the VMware virtual switch, you must set the trunk port group to allow All VLAN IDs in the VMware vSphere UI.
Cisco Nexus 1000V switch—You must disable Unknown-Unicast-Flooding-Block (UUFB) if you are using a Cisco Nexus 1000V switch in the private cloud. Enter the command no uufb enable to disable UUFB. Enter the command show run | include uufb to verify that you disabled UUFB.
Installing Intercloud Fabric in VMware environments includes the following steps:
Step 1 | (Optional) Run the Intercloud Fabric pre-installation check tool. See Running the Intercloud Fabric Pre-Installation Check Tool. |
Step 2 | Install Intercloud Fabric in VMware environments using OVA. |
Step 3 | Install the Intercloud Fabric components. |
Step 4 | Upload an Intercloud Fabric license. |
Run the Intercloud Fabric pre-installation check tool to validate your environment before installing Intercloud Fabric. The tool performs the following checks to ensure that the requirements for installing the Intercloud Fabric OVA are complete:
Private cloud checks such as vCenter version, session locale, trunk, management network, and data network port group validation, and security group settings validation on the trunk port group.
Public cloud checks for AWS and Microsoft Azure such as connection validation, credential validation, API endpoint connectivity validation, account permission validation for EC2, and account permission and endpoint access validation for Amazon S3.
Port checks such as validation for TCP ports 22, 443, 6644, 6646, and UDP port 6644.
Use this procedure to install Intercloud Fabric in VMware environments using an OVA.
You need administrator privileges to connect to VMware vSphere or vCenter.
Confirm that the Intercloud Fabric OVA image is available from the VMware vSphere Client.
You have the hostname and static IP address for ICF.
Make sure you are connected to vCenter using a VMware vSphere Client; do not deploy the OVA directly on the ESX host. The following error message is displayed when you attempt to deploy the OVA directly on the ESX host: This OVF package uses features that are not supported when deploying directly to an ESX host.
Make sure that VMware HA is enabled. See VMware vSphere Documentation.
There are three types of networks in Intercloud Fabric:
Management network—Manages Intercloud Fabric components and services. In this network, Intercloud Fabric components and services are attached to the management network for connectivity.
Data network—Manages cloud virtual machine interfaces. In this network, VMs can be attached to one or more data networks for connectivity.
Transport network—Connects the Intercloud Fabric Routing Service back to the private cloud so that the cloud virtual machine can reach remote networks that are not extended to the public cloud. The transport network is used by the routing service in the public cloud to communicate with the private cloud. Traffic from VMs in the public cloud is routed to the enterprise gateway on the transport network, if the destination network is not in the public cloud.
Use the following guidelines to create networks in Intercloud Fabric:
During the installation of the Intercloud Fabric components, you must define the management network. The same network is used as the transport network.
Management and transport networks are always extended to the cloud. Cloud properties such as DHCP and L3 are not applicable.
During the installation of the Intercloud Fabric components, you can use the same network as your data network and enable DHCP for the network on the private cloud.
A network with IP addresses in the range 10.0.3.0/24 is reserved for internal communication. Do not assign IP addresses in this range for Intercloud Fabric or as IP pool addresses for the management network.
You can create additional networks later.
You can only have one management and one transport network. You can use the management network defined during the installation of the Intercloud Fabric components as the transport network. Alternatively, you can disable the transport network created during the installation of the Intercloud Fabric components and create a new transport network. You can also use the data network as the transport network.
IP pools
In Intercloud Fabric, IP pools are used for the following:
Intercloud Fabric components in the private cloud.
Intercloud Fabric link components, such as the Intercloud Fabric Extender or an Intercloud Fabric Switch, in the public cloud.
Virtual machine addresses in the cloud.
Use the following guidelines to create IP pools:
You can either use the same IP pool for the data and management networks, or create separate IP pools.
You must create at least one IP pool for the management network during the installation of Intercloud Fabric components and creation of the Intercloud Fabric cloud.
You can assign IP pools to resource pools and use them for the data network.
Use the following procedure to install the Intercloud Fabric components.
You have already installed Intercloud Fabric using the OVA.
Step 1 | Log in to Intercloud Fabric. | ||||||||||||||||||||
Step 2 | Click Specify VM Manager Credentials. | ||||||||||||||||||||
Step 3 | Complete the
following fields for
Specify
VM Manager Credentials:
| ||||||||||||||||||||
Step 4 | Click
Next.
The progress of the task is displayed under Service Request. | ||||||||||||||||||||
Step 5 | Click Define Management Network. | ||||||||||||||||||||
Step 6 | Complete the
following fields for
Define
Management Network:
See About Networks in Intercloud Fabric for guidelines for creating networks. A network with IP addresses in the range 10.0.3.0/24 is reserved for internal communication. Do not assign IP addresses in this range for Intercloud Fabric or as IP pool addresses for the management network.
| ||||||||||||||||||||
Step 7 | Click Submit. | ||||||||||||||||||||
Step 8 | Click Specify Installation Location. | ||||||||||||||||||||
Step 9 | Complete the following fields for Specify Installation
Location:
| ||||||||||||||||||||
Step 10 | Click
Submit to install.
The installation might take up to 15 minutes to complete. | ||||||||||||||||||||
Step 11 | To view the status of the task, see Managing Service Requests. | ||||||||||||||||||||
Step 12 | If the installation fails, click View Logs. |
After you install the Intercloud Fabric OVA, you might have to update the system settings if:
The preferred DNS server is not reachable.
The preferred or alternate NTP server is not configured or reachable.
Use this procedure to update the system settings before installing the Intercloud Fabric components.
You have installed the Intercloud Fabric OVA.
Use this procedure to change the password for Intercloud Fabric.
Step 1 | Log in to Intercloud Fabric. | ||||||||
Step 2 | Click username Change Password. | ||||||||
Step 3 | Complete the
following fields for
Change
Password.
| ||||||||
Step 4 | Click Save. |
In Intercloud Fabric, operations that take longer to complete are performed asynchronously to improve performance. These asynchronous workflows are called service requests.
Use this procedure to manage service requests.