Cisco Prime Optical Quick Start Guide, 10.6

Assumptions and Limitations of This Guide

If your Prime Optical deployment differs from what is described in these assumptions, see the Cisco Prime Optical 10.6 Installation Guide or contact your Cisco account representative for assistance with planning and installing Prime Optical.

The guide assumes the following:

• This is a new Prime Optical Linux installation, not an upgrade from a previous version.
• The Prime Optical server and database will be installed on one workstation.
• The Prime Optical embedded database, not an external database, will be used.
• You are familiar with the following products and topics:

– Basic internetworking terminology and concepts

– Network topology and protocols

– Microsoft Windows 7 and Windows 8

– Red Hat Enterprise Linux (RHEL) administration

– UNIX environment

– Oracle database administration

– Telecommunications Management Network (TMN) architecture model

This guide does not cover the following:

• Integration
• Customization
• Package download
• Advanced configuration (for example, polling)
• High availability
• External database
• GateWay/CORBA installation

System Requirements

Table 1 lists the platforms that are supported in Prime Optical.

Note The Prime Optical server must run on a dedicated workstation. Any application that is not explicitly listed in Table 1 as being required or supported by Prime Optical cannot be installed on the dedicated Prime Optical server workstation.

Note the following:

• Prime Optical is not validated against required file systems (/oracle, /db01, /db02, /db03, /db04, /db05) of the Network File System (NFS) type.
• If you are installing Prime Optical with Prime Central, Domain Name System (DNS) must be enabled on the Prime Optical server.
• To install Prime Optical on the RHEL server, the yum command must be properly configured and the yum repository must be available. See, RHEL Documentation for more information. Ensure that the system is registered on the Red Hat Network (RHN), or the RHEL DVD must be available to configure the yum repository properly.

Table 2 lists the items required to install the Prime Optical server.

Server Requirements

The following tables list hardware requirements for installing the Prime Optical server.

Table 3 lists the minimum processor requirements.

Note It is possible to use and configure disk arrays for database storage with any type of Redundant Array of Inexpensive Disks (RAID) layout. You can do so only if the disk throughput is equal to or higher than the throughput calculated for internal disks.

Cisco tests the simulated network configurations using the Enterprise Edition Oracle database type listed in Table 4. Your setup and performance might vary depending on the size of your network and the usage pattern of management tasks.

¹

The following list describes the server configuration parameters and the effect of changes in each parameter on the maximum number of NEs the server can manage:

• Network Size—If the network size increases, more resources are reserved for the higher number of NEs to be managed.
• RAM—The server can manage more NEs as the RAM increases. The server can manage fewer NEs as the RAM decreases.
• Number of Network Partitions—For each network partition, the server reserves resources for the higher number of NEs to be managed. The server can manage more NEs as the number of network partitions increases. The server can manage fewer NEs as the number of network partitions decreases.

Disk Space and Partition Requirements

Table 5 and Table 6 show disk space and partition requirements for NEs based on network size and performance management (PM) data collection status:

• The minimum disk space is the total space required for /, swap, /cisco, /oracle, /db01, /db02, /db03, /db04, and /db05. (The minimum disk space does not include /ctm_backup or the optional partitions /db01_rd and /db02_rd.)
• The maximum disk space is the total space required for /, swap, /cisco, /oracle, /db01, /db02, /db03, /db04, /db05, /db01_rd, /db02_rd, and /ctm_backup.

Caution Prime Optical performance degrades if you do not use the recommended partition sizes. We recommend that you use the partition sizes described here.

• To improve database performance and maximize data input/output, configure a dedicated disk array with the following setup:

– Dynamic multipathing (DMP) to parallelize the file system access.

– Raid 0 (striping) to optimize the disk input data.

• Prime Optical is a high-transaction application that causes high I/O throughput for Oracle redo logs. We recommend that you reserve dedicated system controllers for file systems—including the optional /db01_rd and /db02_rd file systems—that manage redo logs.

Caution For large and high-end networks, if you do not follow the preceding disk striping recommendations, the I/O might create a critical bottleneck and cause an unexpected Prime Optical shutdown.

Note the following PM assumptions for optical NEs:

• In a small network, PM data collection assumes 30 days of storage for PM data collected across 200 NEs, assuming an average of 200 interfaces per NE, up to a maximum of 40,000 interfaces (includes logical and physical interfaces).
• In a medium network, PM data collection assumes 30 days of storage for PM data collected across 500 NEs, assuming an average of 100 interfaces per NE, up to a maximum of 40,000 interfaces (includes logical and physical interfaces).
• In a large network, PM data collection assumes 30 days of storage for PM data collected across 2000 NEs, assuming an average of 100 interfaces per NE, up to a maximum of 200,000 interfaces (includes logical and physical interfaces).
• In a high-end network, PM data collection assumes 30 days of storage for PM data collected across 5000 NEs, assuming an average of 100 interfaces per NE, up to a maximum of 500,000 interfaces (includes logical and physical interfaces).

ctm_backup Directory Size

The ctm_backup directory is a repository used by the Oracle user to back up the following main categories of information:

• Prime Optical database backup and export dump
• Configuration files
• Database ARCHIVELOG files

The Oracle user must have read/write permissions or the database backup will fail. The database could be blocked if the ARCHIVELOG files cannot be moved to the /ctm_backup directory.

We recommend that the /ctm_backup size be equivalent to the sum of the single database partitions (that is, the sum of /oracle, /db01, /db02, /db03, /db04, /db05, and—if configured—/db01_rd and /db02_rd).

The /ctm_backup directory can be a symbolic link to a user-defined directory and must have read/write permissions.

Ports and Protocols

For more information on Ports and Protocols, see chapter 2 of the Cisco Prime Optical 10.6 installation guide.

Client-Server Communication Ports and Protocols

Inbound ports are for operations initiated by the Prime Optical client and then directed to the Prime Optical server. Outbound ports are for operations initiated by the Prime Optical server and then directed to the Prime Optical client.

See Table 7 for client-server port and protocol information.

Client-Database Communication Ports and Protocols

The Prime Optical client uses Java Database Connectivity (JDBC) to communicate directly with the Prime Optical database, independently from the Prime Optical server.

See Table 8 for client-database port and protocol information.

Client-NE Communication Ports and Protocols

The Prime Optical client can launch Cisco Transport Controller (CTC) and CEC as external applications. The ports and protocols used by these application are detailed in their end-user documentation.

OSS CORBA Client Communication (Northbound) Ports and Protocols

Table 9 lists the ports and protocols used for communication between the Prime Optical server workstation and the Operations Support System (OSS) CORBA client workstation.

Server-Database Communication Ports and Protocols

Table 10 lists the ports and protocols used for communication between the Prime Optical server and database.

Loopback Connections (Server to Server) Ports and Protocols

The Prime Optical server establishes the internal connections listed in the following table. Although operating system commands (for example, netstat) show services listening on these ports, they do not need to be opened on a firewall because there is no incoming connection on these ports from other hosts.

Table 11 lists the ports and protocols used for loopback connections.

Southbound Communication Ports and Protocols

The following tables list the ports that the Prime Optical server uses to communicate with NEs.

• CTC-Based NE Ports (without ML cards)
• CTC-Based NE Ports (with ML cards)
• Cisco ONS 15216 Ports
• Cisco ONS 15305 Ports (non-CTC-Based)
• Cisco CTC-Based ONS 15305 R3.0 Ports

Table 12 lists CTC-based NE ports without Multi-Layer (ML) cards.

Table 13 lists CTC-based NE ports with ML cards.

Note The ports and protocols listed in Table 13 are used in addition to the ones listed in the previous table.

Table 14 lists Cisco ONS 15216 ports.

Table 15 lists Cisco ONS 15305 (non-CTC-based) ports.

Table 16 lists Cisco ONS 15305(CTC-based) ports.

TCP Ports for SOCKS Proxy Server

Table 17 lists the TCP ports to use in a sockets network proxy protocol (SOCKS) server configuration. This information is helpful when setting up a firewall routing table.

Client Requirements

To install the Prime Optical client, you must have a Linux or Windows PC. Memory, CPU, and disk requirements are listed in Table 18.

The delta RAM and delta CPU must be counted for each additional launched client.

Caution Installing the Prime Optical client and server on the same workstation consumes server resources and could degrade performance. We strongly recommend that you install the Prime Optical client on a workstation separate from the Prime Optical server.

Table 19 shows the maximum number of simultaneous Prime Optical client sessions by network size.

Enabling SSH on the Prime Optical Server and Database Workstation

To enable you to install Prime Optical, the Prime Optical server must be able to use secure shell (SSH) to run commands on the database workstation.

To enable SSH:

Step 1 As the root user, enter the following command to start the SSH service:

Step 2 Edit the /etc/ssh/sshd_config file on the Prime Optical workstation and change the PermitRootLogin value to yes.

Step 3 Enter the following command on the Prime Optical workstation to make the changes take effect:

Step 4 If you are installing the Prime Optical server and database on two different workstations, repeat the preceding steps on the Prime Optical database workstation.

Make sure that the file /etc/hosts contains the following row:

ipaddress hostname

where ipaddress and hostname are the IP address and the hostname of the local servers.

Configuring yum

To install the required Red Hat Package Manager (RPM) utility for the Linux server and database, you must enable yum commands.

Before You Begin

Ensure that the yum command is properly configured and that the yum repository is available. Enter the following command to verify that at least one valid repository is configured:

If yum is not configured, you can register your system on Red Hat Network (RHN) or configure the yum command on a local repository.

Note If yum is configured on RHEL registration, ensure that the system has access to the external network.

To configure yum commands on a local repository:

Create a local.repo file in /etc/yum.repos.d directory and configure the local.repo file to the RHEL DVD.

Step 1 Copy the proper local.repo file template from DVD-mount-point/Disk1 to /etc/yum.repos.d directory.

You can find a local.repo template for RHEL5.x, RHEL6.x and RHEL7.x in Disk1 of the Prime Optical installation DVD.

For RHEL 5.x installation, use the following command:

For RHEL 6.x installation, use the following command:

Step 2 Open your /etc/yum.repos.d/local.repo file and follow instructions to mount RHEL DVD and configure yum local repository on RHEL DVD.

Preparing the Environment for a Single-Server Installation

You must prepare the environment for Prime Optical server and Oracle database installation on the same server.

Before You Begin

Verify the following:

• The ping command is included in your path environment variable.
• You have identified users and related UNIX groups to run Prime Optical UNIX commands.

Note This feature is available only if you choose root user instead of optusr as the Prime Optical user during installation.

Step 1 Log in as the root user.

Step 2 Enter the following command to verify that the disk directories shown in Table 20 exist:

Step 3 Check the content of the /etc/sysconfig/selinux file.

If the file contains SELINUX=enforcing, do the following:

a. Change the entry to SELINUX=disabled or SELINUX=permissive.

b. Reboot the server.

c. Disable the server by running one of the following commands:

chkconfig iptables off
or
service iptables stop

ISO Image or OVA Package Verification

Before installing Cisco Prime Optical, you need to verify the ISO image or OVA package.

Download the product installation file (OVA or ISO), its signature, and the certificate file to a separate Unix/Linux system and perform the following steps:

Step 1 If you do not have openssl installed, download and install it (see http://www.openssl.org).

Step 2 Place the following files in a temporary directory:

• The product file to be verified (*.iso or *.ova).
• The signature file (*.signature) that is packaged with the product file.
• The certificate files (*.pem).

Step 3 Move to the temporary directory and execute the following command:

Where:

cert-file is the Cisco Prime Optical certificate file

sig-file is the Cisco Prime Optical signature file

product-file is the Cisco Prime Optical ISO file or OVA image to be verified

Step 4 If the result is Verified OK :

• For a product ISO file, proceed with the installation (you do not have to perform any more steps as part of this validation procedure).
• For an OVA package, proceed to Step 5.

Step 5 (OVA package only) Verify the publisher and certificate chain using the VMware vSphere client.

a. Verify that Cisco Systems is the publisher.

– In the vSphere client, choose File > Deploy OVF Template.

– Browse to the OVA installation file (*.ova) and select it, then click Next.

– Check whether the Publisher field in the OVF Template Details window displays Cisco Systems, Inc with a green check mark next to it.

Note Do not validate the image using the information in the Vendor field as this field does not authenticate Cisco Systems as the publisher.

Note Do not proceed if the Publisher field displays No certificate present. This indicate that the image is not signed or the file is not from Cisco Systems or it has been tampered with. Contact your Cisco representative.

b. Check the certificate chain.

– In the OVF Template Details window, click the Cisco Systems, Inc. hyperlink in the Publisher field.

– In the Certificate window, click the Certification Path tab.

– In the Certification Path tab (which lists the certificate chain), ensure that the Certification Path area displays Cisco Systems, Inc. and the Certificate Status displays The certificate is OK.

Note The ISO Image or OVA Package Verification is valid only if the OVA/OVF file is obtained as a BU Digital download through cisco.com.

Preparing the Server for Prime Optical Installation

Before you install Prime Optical, you must first connect to the server and, if using X server, verify the display settings.

To prepare the server for Prime Optical installation:

Step 1 As the root user, launch a terminal on the server where you want to install Prime Optical. (If you logged in as a nonroot user, enter the su - command to become the root user.)

Step 2 Enter the following command to set the DISPLAY variable:

Step 3 Enter the following command to verify that the display is set correctly:

In the command output, you should see:

Step 4 If you are using an xterm window or a remote host, enter the following command to enable the xterm connection from the clients:

The default path is /usr/bin

Installing Prime Optical on the Server

As part of your Prime Optical installation, you will install the Prime Optical server and Oracle 12c database on the same RHEL server.

To install Prime Optical, do the following:

Step 1 Log in as a root user.

Step 2 Enter the following command to set the DISPLAY variable:

Step 3 Enter the following command to verify that the display is set correctly:

In the command output, you should see:

Step 4 If you are using an xterm window or a remote host, enter the following command to enable the xterm connection from the clients:

Step 5 Insert the Cisco Prime Optical Server installation DVD - Linux into the DVD drive.

Step 6 If you have the Cisco Prime Optical server installation ISO image instead of the DVD media, enter the following commands to mount it:

Step 7 Navigate to the Disk1 directory and enter the following command to start the installation:

Make sure that the /tmp directory has at least 10 GB of free space. If not, use a different directory.

This command begins the installation. The following happens:

The setup program searches for Sun Microsystems JDK version 1.7.0_101 on your workstation.

The Cisco Prime Optical Server Installation wizard appears. Wait for up to 90 seconds while the following message appears:

Step 8 In the Introduction window, click Next.

Step 9 In the License Agreement window, read the license agreement and click the I accept the terms of the license agreement radio button. Click Next.

Step 10 In the Configure the Server and Database window, do the following:

a. From the list of Prime Optical installation types, choose the Prime Optical server and database radio button to install the Prime Optical server along with the database.

b. Verify that the correct hostname or IP address is shown for the Prime Optical server, then click Next. For proper configuration, a fully qualified domain name must be provided.

Note The Database field is disabled when the server and database are installed on the same workstation. Prime Optical automatically uses the server hostname or IP address.

Step 11 In the Configure the Database window, choose Embedded. If a previous version of Oracle is detected on your system, click Continue to delete it and continue the installation.

Step 12 In the Operating System User window, select a user type, and then click Next. (For field descriptions, see Table 21 .)

Step 13 In the Select Network Configuration window, specify the size of your network, and then click Next.

Step 14 Review the preinstallation checks, and then click Next.

A warning message appears during the preinstallation checks. If the installation continues, you can ignore the message; if the installation quits, see the topic on downloading and installing Oracle packages.

Step 15 In the Optional Features window, choose additional features, and then click Next. (For field descriptions, see Table 21 .)

Step 16 In the Destination Folder window, specify where you want to install the Prime Optical server, and then click Next.

If the destination directory that you specified is a new directory, you will receive the message, “The specified directory does not exist. Do you want to create it?” Click Yes.

Caution Do not specify a mount point as the target installation directory for the Prime Optical server installation, or the installation data will be lost when the workstation restarts. You must create a dedicated Prime Optical subdirectory. For example, if /cisco is the mount point for the disk partition /dev/dsk/c0t0d0s5, you cannot specify /cisco as the Prime Optical installation directory. Instead, specify a dedicated subdirectory such as/cisco/PrimeOpticalServer.

Note Do not delete any instances of /opt/CiscoTransportManagerServer from your Prime Optical file structure. Prime Optical checks for the /opt/CiscoTransportManagerServer directory or a symbolic link to it. If Prime Optical cannot find either, it automatically creates a symbolic link.

Step 17 In the Pre-Installation Summary window, click Install. If you get a message telling you that SSH is not configured, verify that PermitRootLogin is set to Yes in the /etc/ssh/sshd_config file, and then click Continue.

Step 18 Enter the root password and follow the prompts to configure the SSH connection and continue the installation.

Step 19 In the Web Server Installation Summary window, click Next,

Step 20 In the Install Complete window, click Done.

Caution Do not close the terminal or reboot the host before the following message is displayed:
Prime Optical installation is complete.

Step 21 As the root user, enter the following command to reboot the system and automatically start the Prime Optical server:

After the server reboot, it might take up to 20 minutes for the Prime Optical server to come up.

Explanations of Fields in the Installation Wizard

Table 21 describes the required information for your Prime Optical embedded database installation.

Verifying the Installation

To verify that Prime Optical was installed correctly:

Step 1 Enter the opticalctl status command after the server reboots to verify that the server is running.

The opticalctl status command displays the Prime Optical server version running as 10.6, followed by the build number. In the command output, you must see two instances of “Prime Optical Server,” “SnmpTrapService,” “SMService,” “Apache Web Server,” “TOMCAT,” and “OrchestrationService.” This indicates that the server is running.

Step 2 Verify that the client launches. See Launching the Client.

Launching the Client

The Prime Optical client uses Java Web Start technology. When the Prime Optical administrator updates or patches the server, the client is updated automatically.

To launch the Prime Optical client:

Step 1 Open a Prime Optical-supported web browser and enter the following URL:

https:// server-hostname

where server-hostname is the hostname of Prime Optical.

Step 2 Accept the self-signed, untrusted security certificates. (If your browser is Internet Explorer, place the security certificates in the trusted certificate store; otherwise, they will reappear upon subsequent logins.)

Step 3 The first time you log in, enter the case-sensitive username and password defaults:

• Username: SysAdmin
• Password: Ctm123!

Step 4 When prompted, change the password, and then click OK. (For password complexity rules, see Password Complexity Rules.)

Step 5 From the Prime Optical Home page menu, choose Start and select a Domain Explorer.

If you choose the SOCKS option, you must configure a SOCKS v5 proxy server address and port value. If a SOCKS server is not configured, you will connect to the Prime Optical server directly. See Configuring a SOCKS Server for information on how to configure a SOCKS server.

Note When Prime Optical is installed with Prime Central, you can launch the Domain Explorer from the Prime Central portal only.

Step 6 Click OK at the advisory message.

After the Java Web Start window appears and downloads the Domain Explorer, one of the following may occur:

• If you are using Internet Explorer, the Prime Optical client is installed automatically.
• If you are using Mozilla Firefox, you are prompted to open the PrimeOptical.jnlp file or save it to your desktop. After you open and run the.jnlp file, the Prime Optical client is installed automatically.

If the client does not start, check that Java Runtime Engine (JRE) 1.7 (version less than 100) or 1.8 (version less than 100) is installed on the machine, and that Java Web Start is associated to the browser with the correct javaws.

Password Complexity Rules

Password complexity is configurable through the Prime Optical UI (Control Panel > Security Properties pane). By default, the password must:

• Contain at least six characters, but not more than 15 characters.
• Contain at least two alphabetic characters (A–Z, a–z). Of the alphabetic characters, at least one must be uppercase and one must be lowercase.
• Contain at least one numeric character (0–9).
• Contain at least one special character (+ # %,. ; & !). The default special character set is TL1+UNIX.
• Allow a special character as the first or last character.
• Allow a numeric character as the first or last character.
• Not contain the username or any circular shift of the username. An uppercase letter and its corresponding lowercase letter are considered equivalent. For example, if the username is Arthur, the password cannot contain the string arthur, rthura, thurar, hurart, urarth, or rarthu.
• Differ from the old password by at least three characters. For example, if the old password is MikeBrady5!, the new password cannot be mikebrady5% because only the last character is different. However, the new password MikeBrady2!99 is acceptable because it differs from MikeBrady5! by three characters.

Configuring a SOCKS Server

To configure a SOCKS v5 proxy server address and port value to manage connectivity through network firewalls:

Step 1 From the Home page, choose Administration > SOCKS Table.

Step 2 Click Add Row, and then enter the hostname or IP address and the TCP port number for the SOCKS host.

Step 3 Click Save.

Step 4 Click the radio button next to the row with the SOCKS server settings you want to use the next time you log in, and click Save as Default. (Each user must select a default SOCKS server.)

Getting Started with Prime Optical

These procedures will get you started quickly with using Prime Optical. These procedures are high-level and do not include field descriptions.

Table 22 lists high-level tasks and the related topic in the Cisco Prime Optical 10.6 user guide where you can find more information.

Creating a Prime Optical User Account

Note This functionality is disabled when Prime Optical is installed as part of Prime Central.

You must create a SuperUser account to start Prime Optical configuration.

To create a SuperUser account:

Step 1 In the Domain Explorer window, choose Administration > Users.

Step 2 In the Prime Optical Users table, choose Edit > Create.

Step 3 In the Create New User wizard, fill in the appropriate fields.

Step 4 Click Next. When you are finished adding new user accounts, click Finish.

Configuring a User for Server-to-NE Connection

To configure a user for the Prime Optical server to use to connect with NEs:

Step 1 In the Domain Explorer window, choose Administration > Control Panel.

Step 2 Click Security Properties and set the appropriate parameters. (If many tabs are displayed in the properties pane, click the arrow or Show List icons to view all available tabs.)

Step 3 Click Save.

(Optional) Configuring Automatic Alarm Acknowledgement

Step 1 In the Domain Explorer window, choose Administration > Control Panel.

Step 2 In the Control Panel window, click UI Properties to open the UI Properties pane.

Step 3 After making your selections, click Save.

Enabling Automatic NE Backup

Automatic backup is not available for all NEs.

To enable NE automatic backup:

Step 1 In the Domain Explorer window, choose Administration > Control Panel.

Step 2 In the Control Panel window, click NE Service to open the NE Service pane.

Step 3 Click the NE Auto Backup tab.

Step 4 Enter the necessary information.

Step 5 Click Save.

Changes take effect immediately; however, the backup already scheduled for the next 24 hours remains in effect. A backup with the new parameters will occur after the previously scheduled backup runs.

Verifying NE Automatic Backup

To verify that Prime Optical is automatically backing up the NE, go to the Job Monitor table (Administration > Job Monitor), verify that the task is listed, and check its status.

If automatic backup for an NE failed, the task status will be “Failed.” This failure is logged in the Audit Log, and an alarm is generated.

Verifying NE Support

To verify that an NE software version exists in the Supported Devices table, from the client, choose Domain Explorer > Administration > Supported NE table.

Cisco and the Cisco logo are trademarks or registered trademarks of Cisco and/or its affiliates in the U.S. and other countries. To view a list of Cisco trademarks, go to this URL: www.cisco.com/go/trademarks. Third-party trademarks mentioned are the property of their respective owners. The use of the word partner does not imply a partnership relationship between Cisco and any other company. (1110R)

Any Internet Protocol (IP) addresses used in this document are not intended to be actual addresses. Any examples, command display output, and figures included in the document are shown for illustrative purposes only. Any use of actual IP addresses in illustrative content is unintentional and coincidental.

© 1999–2016 Cisco Systems, Inc. All rights reserved.