Table of Contents
Configuring Chrome for Use with Prime Network Services Controller
Cisco ASA Instances Do Not Register with Prime Network Services Controller
VM DNS Attributes Are Not Populated in Hyper-V Hypervisor
Migrating a Windows 2008 Server to Amazon Cloud Fails
Prerequisites for Migrating Windows VMs
Searching with Special Characters
Changing DNS Name Repeatedly Stops Cloud Provider Manager
User Account Password Expiration
Obtaining Documentation and Submitting a Service Request
Cisco Prime Network Services Controller 3.2 Release Notes
These release notes contain the following sections for the Cisco Prime Network Services Controller 3.2 (Prime Network Services Controller 3.2) release:
- New and Changed Information
- Introduction
- New Features and Enhancements
- Requirements
- Performance and Scalability
- Important Notes
- Open Bugs
- Using the Bug Search Tool
- Related Documentation
- Accessibility Features in Prime Network Services Controller 3.2
- Obtaining Documentation and Submitting a Service Request
New and Changed Information
The following table describes information that has been added or changed since the initial release of this document.
- Added Cisco ASA Instances Do Not Register with Prime Network Services Controller
- Updated the description for CSCum42101
Introduction
The dynamic nature of cloud environments requires organizations to apply and enforce frequent changes to networks. These networks can consist of thousands of virtual services elements, such as firewalls, load balancers, routers, and switches. Cisco Prime Network Services Controller simplifies operations with centralized, automated multi-device and policy management for Cisco network virtual services.
Prime Network Services Controller is the primary management element for Cisco Nexus 1000V (Nexus 1000V) Series Virtual Switches and Services. Working together, they enable a transparent, scalable, and automation-centric network management solution for virtualized data center and hybrid cloud environments. Nexus 1000V switches and services deliver a highly secure multi-tenant environment by adding virtualization intelligence to the data center network. These virtual switches are built to scale for cloud networks. Support for Virtual Extensible LAN (VXLAN) helps enable a highly scalable LAN segmentation and broader virtual machine (VM) mobility.
Prime Network Services Controller enables the centralized management of Cisco virtual services to be performed by an administrator through its GUI or programmatically through its XML API. Prime Network Services Controller is built on an information-model architecture in which each managed device is represented by its subcomponents (or objects), which are parametrically defined. This model-centric approach enables a flexible and simple mechanism for provisioning and securing virtualized infrastructure using Cisco VSG (VSG) and Cisco ASA 1000V (ASA 1000V) Cloud Firewall virtual security services.
New Features and Enhancements
Table 1 describes the new features and enhancements introduced in Prime Network Services Controller 3.2.
Table 1 New Features in Prime Network Services Controller 3.2
Additional feature support for Hyper-V Hypervisor:
- Ability to refresh Hyper-V Hypervisor status
- Additional ACL policy rule criteria support (match-any, match-all, service conditions, VM, and user defined)
- Additional object group attribute support (service name and VM type)
- Additional vZone criteria support (match-any and match-all)
- Supported VM attributes: Name, UUID, Tenant DN, Connection Status, VM DNS Name and OS
For VMware environments, the ability to instantiate a service device from a service device image.
Cisco Cloud Services 1000V Edge Router (CSR 1000V) version 3.11 support
- A virtual edge router that serves as a single-tenant WAN gateway in a multitenant cloud. It allows enterprises to extend their WANs into external provider-hosted clouds.
- Some of the supported features include:
– Routed (Gigabit Ethernet) and Loopback interfaces
– Static, OSPF, and BGP routing policies
– NAT, zone-based firewall, and interface security ACL policies
Citrix NetScaler 1000V and Citrix NetScaler VPX load balancer support
Cisco Intelligent Automation for Cloud (IAC) integration support
IAC is deployed as a solution that contains a set of preconfigured catalog services, service forms, portal pages, and portlets.
For more information on IAC, see http://www.cisco.com/en/US/products/ps11869/products_user_guide_list.html.
Cisco Prime Data Center Network Manager (DCNM) integration support
DCNM is a management system for the Cisco Unified Fabric and enables you to provision, monitor, and troubleshoot the data center network infrastructure.
For more information on DCNM, see
http://www.cisco.com/en/US/products/ps9369/tsd_products_support_series_home.html.
This configuration includes binding service paths to VSM port profiles.
- When Prime Network Services Controller is installed in Orchestrator mode, you cannot create tenants or virtual data centers in the Tenant Management tab. For more information, see the section “Integrating with DCNM” in the Cisco Prime Network Services Controller 3.2 User Guide.
- The Managed Resources screen (Resource Management > Managed Resources) has been redesigned and contains the following new tabs: Network Services, Port Profiles, VSG Pools, VMs, and Subnetworks.
- The Resources screen (Resource Management > Resources) has been reorganized and contains the following categories:
- Images—Imported service images
- InterCloud—Enterprise and cloud VMs
- ASA 1000V—ASA 1000V VMs registered with Prime Network Services Controller
- CSR 1000V—CSR 1000V VMs registered with Prime Network Services Controller
- VPX—Citrix NetScaler load balancer VMs registered with Prime Network Services Controller
- VSG—VSG VMs registered with Prime Network Services Controller
- VSM—VSM VMs registered with Prime Network Services Controller
- The Service Profiles navigation pane (Policy Management > Service Profiles) now includes Edge Router and Load Balancer entries.
- The Clients tab has been removed from Administration > Service Registry. All information for clients is available from Resource Management > Resources.
- The VM Managers tab has been removed from the Administration tab, but is still available from Resource Management and InterCloud Management > Enterprise.
Requirements
The following tables identify Prime Network Services Controller 3.2 requirements:
- Table 2 — Prime Network Services Controller System Requirements
- Table 3 — Hypervisor Requirements
- Table 4 — Web-Based GUI Client Requirements
- Table 5 — Prime Network Services Controller Firewall Ports Requiring Access
- Table 6 — Ports to Access Amazon AWS
Table 2 Prime Network Services Controller System Requirements
One of the following, depending on InterCloud functionality:
- With InterCloud functionality, 220 GB on shared network file storage (NFS) or storage area network (SAN) in the following configuration:
x86 Intel or AMD server with 64-bit processor listed in the VMware compatibility matrix
Prime Network Services Controller Device Adapter 1
Prime Network Services Controller is a multi-hypervisor virtual appliance that can be deployed on either VMware vSphere or Microsoft Hyper-V Server 2012 (Hyper-V Hypervisor):
- See the VMware Compatibility Guide to verify that VMware supports your hardware platform.
- See the Windows Server Catalog to verify that Microsoft Hyper-V supports your hardware platform.
- Internet Explorer 10.0 or higher
- Mozilla Firefox 26.0 or higher
- Google Chrome 32.0 or higher 2
2.Before you can use Chrome with Prime Network Services Controller, you must first disable the Adobe Flash Players that are installed by default with Chrome. For more information, see Configuring Chrome for Use with Prime Network Services Controller.
Table 6 lists the ports that must be enabled to access the Amazon Web Services (AWS) public IP address ranges listed at https://forums.aws.amazon.com/ann.jspa?annID=1701.
Configuring Chrome for Use with Prime Network Services Controller
To use Chrome with Prime Network Services Controller, you must disable the Adobe Flash Players that are installed by default with Chrome.
Note You must perform this procedure each time your client machine reboots. Chrome automatically enables the Adobe Flash Players when the system on which it is running reboots.
Step 1 In the Chrome URL field, enter chrome://plugins.
Step 3 Locate the Adobe Flash Player plug-ins, and disable each one.
Step 4 Download and install Adobe Flash Player version 12.
Step 5 Close and reopen Chrome before logging in to Prime Network Services Controller.
Performance and Scalability
Table 7 lists the performance and scalability data for Prime Network Services Controller.
Important Notes
The following topics provide important information for using Prime Network Services Controller:
- Cisco ASA Instances Do Not Register with Prime Network Services Controller
- VM DNS Attributes Are Not Populated in Hyper-V Hypervisor
- Migrating a Windows 2008 Server to Amazon Cloud Fails
- Cloned Linux Virtual Machines
- Creating Multiple Templates
- Editing Firewall Interfaces
- Prerequisites for Migrating Windows VMs
- Searching with Special Characters
- Changing DNS Name Repeatedly Stops Cloud Provider Manager
- User Account Password Expiration
Cisco ASA Instances Do Not Register with Prime Network Services Controller
If you instantiate an ASA 1000V service using the asa871-8.ova image, the service instance will not register with Prime Network Services Controller. Contact Cisco Technical Assistance Center (TAC) for help in addressing this issue.
You can contact the TAC over the phone or via the Web:
- Regional phone numbers are available at http://www.cisco.com/en/US/support/tsd_cisco_worldwide_contacts.html#numbers.
- To use the Web, go to http://www.cisco.com/cisco/web/support/index.html.
VM DNS Attributes Are Not Populated in Hyper-V Hypervisor
When using Hyper-V Hypervisor, some DNS attributes are not displayed in Prime Network Services Controller. This situation occurs due to recent changes in requirements for Linux VMs running in Hyper-V Hypervisor. For more information and the Microsoft services that must be installed for Prime Network Services Controller to fetch the VM DNS attributes from SCVMM, see http://technet.microsoft.com/en-us/library/jj860438.aspx.
Migrating a Windows 2008 Server to Amazon Cloud Fails
If you migrate a Windows 2008 server from an enterprise data center to the Amazon cloud, you might receive the following Amazon error message:
We have detected a problem with this task. A technician will take a look at the issue within 24 hours.This situation can be caused by the following circumstances:
- Security hardening on your operating system, which can prevent the importing of the required drivers.
- Using the Windows 2008 Server as a Domain Controller.
If you encounter this situation, you can do any of the following:
Cloned Linux Virtual Machines
When virtual machines are cloned, new MAC addresses are assigned. This causes a MAC address mismatch between the virtual machine settings and the Linux Guest OS. If you encounter this situation, the following message is displayed:
The Guest OS either does not contain interface configuration for the VM NICs or the interfaces are explicitly disabled.For information on how to resolve the MAC address mismatch, see the VMware Knowledge Base.
Creating Multiple Templates
We recommend that you create no more than three templates simultaneously. This limitation applies to creating templates using either of the following methods or a combination of these methods:
Editing Firewall Interfaces
We recommend that you do not edit the data interfaces of compute or edge firewalls. Changing the data interface via the Prime Network Services Controller GUI will stop communications between the Cisco Nexus 1000V VEM link and the firewall, and thereby stop vPath traffic.
If you change the data interfaces of compute or edge firewalls via the Prime Network Services Controller GUI, make the appropriate configuration changes on the Nexus 1000V.
Prerequisites for Migrating Windows VMs
This topic details the prerequisites that must be met before you perform either of the following procedures:
- Migrate an existing Windows VM from VMware vCenter to the cloud.
- Create an AMI image from a Windows VM and import it into Prime Network Services Controller.
Before migrating a Windows VM, do the following:
– Network interfaces are enabled.
– The DHCP client service is enabled and running.
– The Windows Firewall allows the following InterCloud ports: 22 (TCP), 3389 (TCP), and 6644 (TCP and UDP).
– There is no security software or firewall that can prevent network connectivity.
- Disable any service or application on the VM that uses port 22.
- If the Windows VM is joined to a domain, confirm the following:
– No domain policies exist that prohibit device driver installation for network interface devices.
– Trusted publisher policies do not prohibit installation of Cisco's certificate into the system.
Although it is rare for such policies to be set, check with the Windows Enterprise Domain Administrator if you are uncertain.
– Before using the Windows VM to create an AMI image, confirm that the Windows VM was shut down properly.
– If you are migrating a Windows VM to the cloud, Prime Network Services Controller will shut down the VM if VMware Tools is installed on the VM. If VMware Tools is not installed on the VM, power down the Windows VM before initiating the migration.
- Enable Remote Desktop Protocol (RDP) on the source machine.
- We recommend that you install the Windows hotfix available at http://support.microsoft.com/kb/2528507 for crash dump support in case the driver crashes.
Searching with Special Characters
Searching for organization names will not work if the organization names include special characters such as $.
Changing DNS Name Repeatedly Stops Cloud Provider Manager
If you change the DNS name four or more times, Cloud Provider Manager stops working. If this occurs, log in to the Prime Network Services Controller server via the CLI and enter the following commands:
User Account Password Expiration
When adding a user account, the administrator can choose to expire the account password and select the date on which it expires. When the expiration date is reached, the account is disabled and the user cannot log in to Prime Network Services Controller until a user with administrator privileges extends the expiration date.
Open Bugs
Table 8 lists open bugs in Prime Network Services Controller 3.2.
Using the Bug Search Tool
This section explains how to use the Bug Search Tool to search for a specific bug or to search for all bugs in a release.
Step 1 Go to http://tools.cisco.com/bugsearch.
Step 2 At the Log In screen, enter your registered Cisco.com username and password, and then click Log In. The Bug Search page opens.
Note If you do not have a Cisco.com username and password, you can register for them at http://tools.cisco.com/RPF/register/register.do.
Step 3 To search for a specific bug, enter the bug ID in the Search For field and press Enter.
Step 4 To search for bugs in the current release:
a. In the Search For field, enter Cisco Prime Network Services Controller 3.2 and press Enter. (Leave the other fields empty.)
b. When the search results are displayed, use the filter tools to find the types of bugs you are looking for. You can search for bugs by status, severity, modified date, and so forth.
Tip To export the results to a spreadsheet, click the Export Results to Excel link.
Related Documentation
See the Cisco Prime Network Services Controller 3.2 Documentation Roadmap for a list of Prime Network Services Controller guides.
Accessibility Features in Prime Network Services Controller 3.2
All product documents are accessible except for images, graphics, and some charts. If you would like to receive the product documentation in audio format, braille, or large print, contact accessibility@cisco.com.
Obtaining Documentation and Submitting a Service Request
For information on obtaining documentation, submitting a service request, and gathering additional information, see What’s New in Cisco Product Documentation at http://www.cisco.com/en/US/docs/general/whatsnew/whatsnew.html.
Subscribe to What’s New in Cisco Product Documentation, which lists all new and revised Cisco technical documentation, as an RSS feed and deliver content directly to your desktop using a reader application. The RSS feeds are a free service.
This document is to be used in conjunction with the documents listed in the “Related Documentation” section.
Cisco and the Cisco logo are trademarks or registered trademarks of Cisco and/or its affiliates in the U.S. and other countries. To view a list of Cisco trademarks, go to this URL: www.cisco.com/go/trademarks. Third-party trademarks mentioned are the property of their respective owners. The use of the word partner does not imply a partnership relationship between Cisco and any other company. (1110R)
Any Internet Protocol (IP) addresses used in this document are not intended to be actual addresses. Any examples, command display output, and figures included in the document are shown for illustrative purposes only. Any use of actual IP addresses in illustrative content is unintentional and coincidental.