HyperFlex Cluster Interfaces Overview
Each HyperFlex interface provides access to information about and a means to perform actions upon the HX Storage Cluster. The HX Storage Cluster interfaces include:
-
HX Connect―Monitoring, performance charts, and tasks for upgrade, encryption, replication, datastores, nodes, disks, and VM ready clones.
-
HX Data Platform Plug-in―Monitoring, performance charts, and tasks for datastores, hosts (nodes), and disks.
-
Storage Controller VM command line―Run HX Data Platform
stcli
commands. -
HyperFlex Systems RESTful APIs―Enabling authentication, replication, encryption, monitoring, and management of HyperFlex Systems through an on-demand stateless protocol.
Additional interfaces include:
-
Cisco HX Data Platform Installer―Installing HX Data Platform, deploying and expanding HX Storage Cluster cluster, deploying stretched cluster, and deploying Hyper-V clusters.
-
Cisco UCS Manager―Tasks for networking, storage and storage access, and managing resources in the HX Storage Cluster.
-
VMware vSphere Web Client and vSphere Client―Managing all the VMware ESXi servers in the vCenter cluster.
-
VMware ESXi ―Managing the individual ESXi host, providing host command line.
Guidelines for HX Data Platform Login Credentials
stcli
commands prompt for login credentials.
The storage controller VM password for the predefined users admin
and root
are specified during HX Data Platform installer. After installation you can change passwords through the stcli
command line.
When a user attempts to login with wrong credentials for 10 successive times, the account will be locked for two minutes. If the failed login attempts were made through SSH, the error message will not indicate that the account is locked. If the failed login attempts were made through HX Connect or REST API, the error message during the 10th attempt will indicate that the account is locked.
Component |
Permission Level |
Username |
Password |
Notes |
||
---|---|---|---|---|---|---|
HX Data Platform OVA |
root |
root |
Cisco123
|
|||
HX Data Platform Installer VM |
root |
root |
Cisco123
|
|||
HX Connect |
administrator or read-only |
User defined through vCenter. |
User defined through vCenter. |
|||
Predefined |
As specified during HX installation. |
|||||
HX Storage Controller VM |
root |
User defined during HX installation. User defined through vCenter. Predefined |
As specified during HX installation. Strong password required. |
Must match across all nodes in storage cluster. Use the |
||
vCenter |
admin |
administrator@vsphere.local default. SSO enabled. As configured, MYDOMAIN\name or name@mydomain.com |
SSO enabled. As configured. |
Ensure the vCenter credentials meet the vSphere 5.5 requirements if the ESX servers are at version 5.5. Read only users do not have access to HX Data Platform Plug-in. |
||
ESXi Server |
root |
SSO enabled. As configured. |
SSO enabled. As configured. |
Must match across all ESX servers in storage cluster. |
||
Hypervisor |
root |
root |
As specified during HX installation. |
Use vCenter or |
||
UCS Manager |
admin |
As configured. |
As configured. |
|||
Fabric Interconnect |
admin |
As configured. |
As configured. |
HX Data Platform Names, Passwords, and Characters
Most printable and extended ASCII characters are acceptable for use in names and passwords. Certain characters are not allowed in HX Data Platform user names, passwords, virtual machine names, storage controller VM names, and datastore names. Folders and resource pools do not have character exceptions.
However, to simplify names and passwords, consider not using these special characters, as they are frequently assigned special purposes.
ampersand (&), apostrophe ('), asterisk (*), at sign (@), back slash (\), colon (:), comma (,), dollar sign ($), exclamation (!), forward slash (/), less than sign (<), more than sign (>), percent (%), pipe (|), pound (#), question mark (?), semi-colon (;)
When entering special characters, consider the shell being used. Different shells have different sensitive characters. If you have special characters in your names or passwords, place them in a single quote, 'speci@lword!'. It is not required to place passwords within single quotes in the HyperFlex Installer password form field.
HX Storage Cluster Name
HX cluster names cannot exceed 50 characters.
HX Storage Cluster Host Names
HX cluster host names cannot exceed 80 characters.
Virtual Machine and Datastore Names
Most characters used to create a virtual machine name, controller VM name, or datastore name are acceptable. Escaped characters are acceptable for virtual machine, controller VM names, or datastore names.
Maximum characters―Virtual machine names can have up to 80 characters.
Excluded characters―Do not use the following character in any user virtual machine name or datastore name for which you want to enable snapshots.
-
accent grave (`)
Special characters―The following special characters are acceptable for user virtual machine or datastore names:
-
ampersand (&), apostrophe ('), asterisk (*), at sign (@), back slash (\), circumflex (^), colon (:), comma (,), dollar sign ($), dot (.), double quotation ("), equal sign (=), exclamation (!), forward slash (/), hyphen (-), left curly brace ({), left parentheses ((), left square bracket ([), less than sign (<), more than sign (>), percent (%), pipe (|), plus sign (+), pound (#), question mark (?), right curly brace (}), right parentheses ()), right square bracket (]), semi-colon (;), tilde (~), underscore (_)
Username Requirements
Usernames can be specific to the HX Data Platform component and must meet UCS Manager username requirements.
UCS Manager username requirements.
-
Number of characters: between 6 and 32 characters
-
Must be unique within Cisco UCS Manager.
-
Must start with an alphabetic character.
-
Must have: alphabetic characters (upper or lower case).
-
Can have: numeric characters. Cannot be all numeric characters.
-
Only special character allowed: underscore (_), dash (-), dot (.)
Controller VM Password Requirements
The following rules apply to controller VM root and admin user passwords.
Note |
General rule about passwords: Do not include them in a command string. Allow the command to prompt for the password. |
-
Minimum Length: 10
-
Minimum 1 Uppercase
-
Minimum 1 Lowercase
-
Minimum 1 Digit
-
Minimum 1 Special Character
-
A maximum of 3 retry to set the new password
To change a controller VM password, always use the stcli
command. Do not use another change password command, such as a Unix password command.
-
Login to the management controller VM.
-
Run the
stcli
command.stcli security password set [-h] [--user USER]
The change is propagated to all the controller VMs in the HX cluster.
UCS Manager and ESX Password Format and Character Requirements
The following is a summary of format and character requirements for UCS Manager and VMware ESXi passwords. See the Cisco UCS Manager and VMware ESX documentation for additional information.
-
Characters classes: lower case letters, upper case letters, numbers, special characters.
Passwords are case sensitive.
-
Character length: Minimum 6, maximum 80
Minimum 6 characters required, if characters from all four character classes.
Minimum 7 characters required, if characters from at least three character classes.
Minimum 8 characters required, if characters from only one or two character classes.
-
Start and end characters: An upper case letter at the beginning or a number at the end of the password do not count toward the total number of characters.
If password starts with uppercase letter, then 2 uppercase letters are required. If password ends with a digit, then 2 digits are required.
Examples that meet the requirements:
h#56Nu - 6 characters. 4 classes. No starting upper case letter. No ending number.
h5xj7Nu - 7 characters. 3 classes. No starting upper case letter. No ending number.
XhUwPcNu - 8 characters. 2 classes. No starting upper case letter. No ending number.
Xh#5*Nu - 6 characters counted. 4 characters classes. Starting upper case letter. No ending number.
h#5*Nu9 - 6 characters counted. 4 characters classes. No starting upper case letter. Ending number.
-
Consecutive characters: Maximum 2. For example, hhh###555 is not acceptable.
Through vSphere SSO policy, this value is configurable.
-
Excluded characters:
UCS Manager passwords cannot contain the escape (\) character.
ESX passwords cannot contain these characters.
-
Cannot be the username or the reverse of the username.
-
Cannot contain words found in the dictionary.
-
Cannot contain the characters escape (\), dollar sign ($), question mark (?), equal sign (=).
-
-
Dictionary words:
Do not use any words that can be found in the dictionary.
vSphere 5.5 Password Exceptions
Some characters, when processed by functions within vSphere are escaped. That is, the processing function applies an escape character prior to the special character before continuing to process the provided name.
Permitted special characters are specific to vSphere versions 5.5 or 6.0 and later. See VMware KB article, Installing vCenter Single Sign-On 5.5 fails if the password for administrator@vsphere.local contains certain special character (2060746), at https://kb.vmware.com/selfservice/microsites/search.do?language=en_US&cmd=displayKC&externalId=2060746.
Excluded characters: Do not use the following characters with vSphere 5.5.
-
Non-ASCII characters. Extended ASCII characters.
-
Letters with accents. For example the accent grave, accent acute, circumflex, umlaut, tilde and cedilla (é, à, â, å, ø, ü, ö, œ, ç, æ).
-
vSphere 5.5 and SSO: ampersand (&), apostrophe ('), back slash (\), circumflex (^), double quotation ("), exclamation (!), percent (%), semicolon (;), space ( )
VMware has vSphere SSO password policy setting options and upgrade considerations for user names. See VMware documentation for the topics: How vCenter Single Sign-On Affects Upgrades and Edit the vCenter Single Sign-On Password Policy.
-
Location based exception: at the beginning of a name, do not use an at sign (@), parenthesis (( ))