Prime Central Integration Overview
Cisco Prime Central is the presentation tier for the Cisco Prime Carrier Management suite, which includes Cisco Prime Performance Manager, Cisco Prime Network, Cisco Prime Optical, and other domain managers. Prime Central provides a number of centralized features and functions including:
- A single point of access (single sign-on) to the Prime Central domain managers.
- Central access to the experience lifecycle tasks.
- Support for LDAP, TACACS+, and RADIUS authentication plug-ins.
- Virtualization on VMware configurations.
- Common user management with role-based access control (RBAC).
- Grouping-to-domain manager mapping.
- Common adopted installation framework.
- Database and application monitoring.
- Common physical inventory management
- Dynamic inventory updates: when Prime Central receives physical device change notifications from domain managers, it sends notifications to all subscribing domain managers, including Prime Performance Manager, so the Prime Performance Manager device inventory is kept synchronized with the Prime Central inventory.
Integrating Prime Performance Manager with Prime Central involves the following general tasks:
- Running the Prime Central integration (required)
- Creating users (required)
- Importing trap destinations (optional)
Procedures are provided in the following topics:
Integrating Prime Performance Manager with Prime Central
Prime Performance Manager can be integrated with Prime Central during Prime Performance Manager installation. If you did not integrate Prime Central with Prime Performance Manager during installation, you can run the integration from the Prime Performance Manager GUI or CLI.
Before You Begin
- Verify that Prime Central is installed and running on a server to which you have access.
- Verify that you have the Prime Central server database IP address or hostname, port, username, system ID, and password.
- Because you must restart the Prime Central integration layer and Prime Performance Manager after the integration, make sure you perform the procedure at a time when restarts can occur.
After you integrate Prime Performance Manager with Prime Central, the following Prime Performance Manager changes occur:
- Users and user logins—Prime Performance Manager users are removed. All logins and user management operations are performed in Prime Central. The Prime Performance Manager User Management window is visible with reduced functionality. For information about logins and user management, see the Cisco Prime Central 1.4 User Guide. Should you decide to remove Prime Performance Manager integration with Prime Central, SSL and user access are disabled. To enable users, see Setting Up User Access and Security.
- Alarm management—The following alarm actions are available and synchronized between Prime Performance Manager and Prime Central:
– Acknowledge/Unacknowledge
– Clear
– Delete
– Clear/Delete
– Change Severity
Assign Owner is not available, however.
Note You can only integrate one Prime Performance Manager gateway with Prime Central.
Step 1 Log in as the root user or user enabled with ppm superuser. (See Logging In as the Root User.)
Step 2 Start Prime Performance Manager. (See Starting Gateways and Units.)
Step 3 Launch the Prime Central integration from one of the following:
- GUI—From the Administration menu, choose Prime Central Integration.
- CLI—Enter the following command:
ppm primecentralintegration
Step 4 In the Prime Central Integration window, or at the command prompts, enter the Prime Central server information:
- Database Host—Enter the Prime Central database hostname or IP address.
- Database Port—Enter the Prime Central database port number. The default port, 1521, is recommended.
- Database User—(HA only) Enter the Prime Central database username, which is primedba by default.
- Database Password—(HA only) Enter the Prime Central database user password.
- Database SID—Enter the Prime Central database service name, which is primedb by default.
- Enable Default Reports—Check (or enter y) if you want the default reports enabled following the integration.
Step 5 Perform one of the following:
- GUI—Click the Submit Prime Central Integration tool on the System Prime Central Integration window toolbar.
If the integration information you entered is valid, you are prompted to restart the Prime Central Integration Layer. If not, an error is returned.
Step 6 Restart the Prime Performance Manager gateway and unit(s). For information, see Restarting Gateways and Units.
Step 7 Log into the Prime Central server and stop the Prime Central Integration Layer:
Step 8 Wait two minutes, then start the Prime Central integration layer:
Step 9 If you want to run Prime Performance Manager as a non-root user:
ppm superuser nonRootUser
Step 10 Verify the integration,
a. Log into Prime Central. (For Prime Central login procedures, see the Cisco Prime Central 1.4 User Guide.)
b. From the Prime Central Administration menu, choose Suite Monitoring.
c. Verify that Prime Performance Manager is listed under Applications and has an Up state.
If Prime Performance Manager is not shown, complete the steps in “Prime Performance Manager Does not Appear in Prime Central” in Table 4-1.
If Prime Performance Manager is shown, but its state is Down, complete the steps in“Prime Performance Manager is Displayed in Prime Central with a Down State” in Table 4-1.
d. From the Prime Central Assure menu, verify that Prime Performance Manager is listed. If not, complete the steps in “Prime Performance Manager Menu Option is Missing” in Table 4-1.
e. From the Prime Central Assure menu, choose Prime Performance Manager. Prime Performance Manager should be cross launched. If not, complete the steps in “Cannot Launch Prime Performance Manager from Prime Central” in Table 4-1.
Step 11 If remote units are connected to the gateway, complete the Enabling SSL on Remote Units to enable SSL on the remote units.
Step 12 After Prime Performance Manager is integrated with Prime Central, use the Prime Central portal to create new users, even if they already existed in Prime Performance Manager. See the Cisco Prime Central 1.4 User Guide for procedures.
Note When you create a user who previously existed in Prime Performance Manager, Prime Central advises you that the user already exists in Prime Performance Manager, retrieves the user properties, and applies them to the new Prime Central user. For more information, see Managing Users and User Security.
In the Administration Prime Central Integration window, the Submit Prime Central Integration tool changes to Import inventory after Prime Performance Manager is integrated with Prime Central. The inventory is imported about fifteen minutes after you complete the integration and restart Prime Performance Manager. You can update the inventory after the Prime Central Integration Layer is restarted.
Note If you try to import the inventory while the Prime Central Integration Layer is down, the import will fail.
Table 4-1 lists Prime Central integration issues and resolutions.
Table 4-1 Prime Central Integration Issues and Resolutions
|
|
Prime Performance Manager Does not Appear in Prime Central |
1. Log into the Prime Performance Manager gateway as the root user. (See Logging In as the Root User.) 2. Display the DMIntegrator log:
/opt/CSCOppm-gw/prime-integrator/DMIntegrator.log
3. In the log, check to see: – Whether Prime Performance Manager registration status, either succeeded or failed. – If registration was successful, whether the Prime Central database server hostname or IP address located in the log [SERVER:] property is correct. 4. If the Prime Central Suite Monitoring table contains a Prime Performance Manager instance, select the row and press the Remove. 5. Wait a few minutes for Prime Central to delete the Prime Performance Manager instance, then complete the Integrating Prime Performance Manager with Prime Central, making sure to enter the correct Prime Central database server information. 6. If this does not resolve the problem, call Cisco TAC. |
Prime Performance Manager is Displayed in Prime Central with a Down State |
1. Restart the Prime Performance Manager gateway and all remote units that are connected to it. See the Restarting Gateways and Units. 2. Check the Prime Performance Manager operational status. See the Displaying Gateway and Unit Status. 3. Log into the Prime Central workstation as the primeusr UNIX OS user. 4. Stop the Prime Central Integration Layer by entering:
5. Wait around two minutes, then start the integration layer:
6. After a few minutes, check to see if the Prime Performance Manager state changes to Up in the Suite Monitoring > Applications window. 7. If this does not resolve the problem, call Cisco TAC. |
Prime Performance Manager Menu Option is Missing |
1. From the Prime Central Administration menu, choose Users. 2. Verify that the logged-in user has Prime Performance Manager in the domain manager access privileges. 3. If not, select the user, click Edit and add Prime Performance Manager to the user’s domain privileges. For detailed procedures, see “Edit a User” in the Cisco Prime Central 1.4 User Guide. 4. Log out and then log back in |
Cannot Launch Prime Performance Manager from Prime Central |
1. Verify that the Prime Performance Manager gateway is up and running. See the Displaying Gateway and Unit Status. All services should be running. 2. If not, restart the gateway. See the Displaying Gateway and Unit Status. 3. If the problem persists, contact the Cisco TAC. |
Prime Central Integration Considerations and Next Steps
After you integrate Prime Performance Manager with Prime Central, keep in mind that all user logins and management—adding, editing, removing—are performed from Prime Central. See the Cisco Prime Central 1.4 User Guide for login and user management procedures, as well as general information about using Prime Performance Manager in the Cisco Prime Carrier Management Suite.
When Prime Performance Manager is integrated with Prime Central, Prime Fault Management is imported as a trap destination (if it exists.) If you want to send traps to Prime Network instead, you can use the ppm setpctrapdestination command to send traps to Prime Network instead of Prime Fault Management.
After you integrate Prime Performance Manager with Prime Central, you can launch Prime Performance Manager from the Prime Central menu, from selected devices and interfaces in the Prime Central inventory view, and from selected alarms in the Fault Management window.
Following integration, you will likely want to perform other procedures, for example, import devices and begin generating reports.
Table 4-2 Post Integration Commands and Procedures
|
|
Remove Prime Performance Manager from the Prime Central Suite Monitoring table and return it to standalone domain manager. |
ppm primecentralintegration remove Note The command switches Prime Performance Manager from suite to standalone mode. You must remove Prime Performance Manager from the Prime Central Suite Monitoring table manually using the Prime Central GUI. |
Change Prime Performance Manager trap destination from Prime Fault Management to Prime Network. |
ppm setpctrapdestination See ppm setpctrapdestination, for command options. |
Update the device inventory from Prime Central. The inventory is automatically imported several minutes after integration, if the Integration Layer is running. |
Using the GUI: 1. From the Administration menu, choose Prime Central Integration. 2. From the Prime Central Integration toolbar, choose Import Inventory. Note The Prime Central Integration Layer must be running. If not, the import will fail. Using the CLI: ppm inventoryimport command. See ppm inventoryimport, for command options. |
Adds cross-launch capability to Cisco Prime Network. Cross launches are automatically installed in each Prime Network instance registered with Prime Central. |
ppm crosslaunch See ppm crosslaunch, for command options. |
Importing Devices From Prime Network
To integrate Prime Performance Manager with Prime Network you generally integrate with Cisco Prime Central, the Cisco Carrier Management parent application. However, you can integrate Prime Performance Manager with Cisco Prime Network separately. To import a Prime Network device inventory, Prime Performance Manager connects to the Prime Network gateway and retrieves the Prime Network device IP addresses and the following device credentials:
- SNMP
- Telnet
- SSHv1
- SSHv2
- HTTP
- HTTPs
- VCENTER_HTTPs
If the Prime Network device has multiple credentials, for example, SNMP credentials and Telnet and HTTP credentials, those credentials are downloaded. Prime Network devices are retrieved except devices whose Prime Network VNEs:
- Are in Maintenance investigation state.
- Are ICMP or cloud VNEs.
- Have a down admin status.
Note Prime Performance Manager can integrate with Prime Network 5.3, 5.2, 5.1, 5.0, 4.3.2, 4.3.1, 4.3, 4.2.3, 4.2.2, 4.2.1, 4.2, 4.1, 4.0, 3.11, and 3.10.
Prime Performance Manager then connects to the devices and probes them for supported polling parameters. After the device connections are established and MIB profiles created, Prime Performance Manager maintains communication with the Prime Network gateway. If new Prime Network devices are added, Prime Performance Manager adds those devices. If a Prime Network device VNE goes into Maintenance state, Prime Performance Manager changes the device to unmanaged and stops polling. When the VNE state changes, Prime Performance Manager changes the device state back to managed and begins polling.
Strict Synchronization
Strict synchronization is a Prime Network import option that restricts Prime Performance Manager to Prime Network devices only. If strict synchronization is enabled, you cannot discover or manage devices that reside outside of Prime Network. Additionally, you cannot edit SNMP, Telnet, or SSH entries and you cannot edit device names. If strict synchronization is not enabled, all device discovery and credential editing capabilities remain enabled. Strict synchronization is useful when you want a tight relationship between Prime Performance Manager and Prime Network to ensure all reports are Prime Network device reports.
Device Integration Notes
If you are importing Cisco Carrier Packet Transport (CPT) devices, Prime Performance Manager considers every CPT Packet Transport Fabric (PTF) card as a separate device. Prime Performance Manager synchronizes the device status of the CPT and PTF devices according to the CPT device status changes received from Prime Network.
To import Prime Network devices, you need the following Prime Network gateway information:
- IP address or hostname
- Port
- Prime Network administrator or configurator username and password. The user must have a device scope set for all network elements.
Complete the following steps to import the device inventory from Cisco Prime Network using the Prime Performance Manager GUI. (For information on importing Prime Network devices using the CLI, see ppm inventoryimport.) This procedure requires a Level 5 (administrator) user level.
Note If the Prime Network gateway to which you are integrating Prime Performance Manager is in a high availability (HA) configuration, complete the following steps whenever a Prime Network gateway HA switchover occurs. Prime Performance Manager does not automatically switch to the new active Prime Network gateway.
Step 1 Log into the Prime Performance Manager GUI as a System Administrator user.
Step 2 From the Administration menu, choose Prime Network Integration.
Step 3 In the Prime Network window, enter the following information:
- Host Name or IP Address—Enter the Prime Network gateway hostname or IP address.
- Port—Enter the Prime Network gateway port. The default Cisco Prime Network web services port is 9003. The Port field accepts values from 1 to 65535.
- Unsecured Port—Indicates the port entered in the Port field is an unsecure port intended for BQL debugging.
- User Name (Admin User Level)—Enter the Prime Network gateway administrator or configurator username. This user must have an assigned scope of All Managed Elements.
- Password—Enter the Prime Network user password.
- Strict Sync—Check this box if you want Prime Performance Manager to monitor only Prime Network devices. If you check Strict Sync, Prime Performance Manager cannot connect to devices that have not been added to Prime Network first, and certain functionality is disabled, including the Network menu Discovery option and the ability to edit SNMP, Telnet, and SSH entries.
- Automatically Remove Devices From PPM When Removed From Prime Network—If checked, Prime Network devices are automatically removed from Prime Performance Manager when they are removed from Prime Network. If not checked, devices removed from Prime Network are retained in Prime Performance Manager but changed to an unmanaged state.
Step 4 From the Prime Network Integration toolbar, click the Prime Network Integration Setup tool.
The Prime Network device inventory import proceeds.
Note If Prime Performance Manager finds duplicate device custom names, an error is issued.
Step 5 After it completes, from the Network menu, choose Devices to review the devices that were added. For information about the displayed device properties, see Displaying Device Properties at the Network Level.
Step 6 To display information about the last Prime Network inventory synchronization, on the Administration Prime Network Integration window toolbar, click Last Inventory Import Info.
The date and time and status of the last inventory import is displayed.
Updating the Prime Network Device Inventory
Complete the following steps to update the Prime Network device inventory after you complete the Importing Devices From Prime Network.
Step 1 Log into the Prime Performance Manager GUI as a System Administrator user.
Step 2 From the Administration menu, choose Prime Network Integration.
Step 3 In the Administration Prime Network Integration window, choose Import Inventory on the toolbar.
The device inventory is updated.
Note Should Prime Network VNE IP addresses change from the first discovery to the next, Prime Performance Manager will update the device IP address with no loss of report information.
Prime Network Services Controller Integration Overview
Prime Network Services Controller is the management application for Cisco Nexus 1000V (Nexus 1000V) switches and services that can enable transparent, scalable, and automation-centric network management for virtual data center and hybrid cloud environments. Nexus 1000V switches and services deliver a highly secure multitenant environment by adding virtual intelligence to the data center network. The virtual switches are built to scale for cloud networks. Virtual Extensible LAN (VXLAN) support enables scalable LAN segmentation and virtual machine (VM) mobility.
Prime Network Services Controller allows administrators to manage Cisco virtual services through its GUI or XML API. Its model-centric architecture provides a flexible mechanism for provisioning and securing virtual infrastructure using Cisco Virtual Security Gateway (Cisco VSG) and Cisco Adaptive Security Appliance 1000V (ASA 1000V) Cloud Firewall virtual security services.
General integration flow:
- Initiation—Prime Performance Manager initiates integration with Prime Network Services Controller. It sends the Prime Performance Manager information (IP address) to Prime Network Services Controller through the Prime Network Services Controller API.
- One-to-one integration—One Prime Performance Manager gateway is connected to one Prime Network Services Controller gateway.
- Integration removal—To remove the Prime Network Services Controller integration, you must remove from both the Prime Performance Manager and Prime Network Services Controller GUIs.
Integrating Prime Performance Manager with Prime Network Services Controller provides the following capabilities:
- System level cross launch—Prime Performance Manager can be launched from Prime Network Services Controller. This capability is largely for administrators to access Prime Performance Manager to manage devices and users, and to set up performance reporting configurations such as thresholds. The cross-launch process steps include:
– Prime Performance Manager initiates integration with Prime Network Services Controller. It sends the Prime Performance Manager information (IP address) to Prime Network Services Controller through the Prime Network Services Controller API.
– A Prime Performance Manager cross launch menu item is added to the Prime Network Services Controller dashboard.
– One-to-one integration—One Prime Performance Manager gateway is connected to one Prime Network Services Controller gateway.
– Integration removal—To remove the Prime Network Services Controller integration, you must remove from both the Prime Performance Manager and Prime Network Services Controller GUIs.
- Device level cross launch—Prime Network Services Controller users can launch Prime Performance Manager reports from Prime Network Services Controller devices. Prime Performance Manager supports vDevices managed by Prime Network Services Controller in the private cloud. It gets device IP addresses or hostnames from Prime Network Services Controller through its North Bound API (NBAPI in XML). Prime Performance Manager uses the default account for device cross launch. No user information is needed for a device cross launch. Prime Performance Manager is launched as a separate application.
- Device import—Prime Network Services Controller devices are imported into Prime Performance Manager in an unmanaged state. You must add the Prime Network Services Controller credentials to Prime Performance Manager, then change the device state to managed. Additional notes:
– Prime Performance Manager needs an IP or hostname and login credentials to access devices.
– Prime Network Services Controller only has IP or hostname information.
- User management—Prime Network Services Controller and Prime Performance Manager have their own authentication and credential management. Users must log into Prime Performance Manager for administrator cross launch. Report cross launch to Prime Performance Manager does not require user log in. Separate user accounts must be independently created and maintained in both Prime Performance Manager and Prime Network Services Controller.
- TCA alarm integration—Prime Performance Manager passes TCA events (performance thresholds, etc) to Prime Network Services Controller, which displays the alarms and events in the device alarm table. Prime Performance Manager sends the alarm ID, message text, device name, and severity. Prime Network Services Controller adds a time stamp based on the local system time. Alarms deleted in Prime Performance Manager are cleared in Prime Network Services Controller.
- Prime Network Services Controller host—The Prime Network Services Controller host is displayed in the Prime Performance Manager Administration Alarms/Events Editor Upstream OSS Hosts table. Table fields and the Delete button are disabled. Filter and Resend are enabled.
- The Prime Network Services Controller host is removed from the Prime Performance Manager Upstream OSS Hosts table when Prime Network Services Controller integration is removed on the Prime Network Services Controller Integration page.
Integrating Prime Performance Manager With Prime Network Services Controller
To integrate Prime Performance Manager with Prime Network Services Controller:
Step 1 Log into the Prime Performance Manager GUI as a System Administrator user.
Step 2 From the Administration menu, choose Prime Network Services Controller Integration.
Step 3 In the Administration Prime Network Services Controller Integration window, enter the following:
Prime Network Services Controller Integration Setup
- Host—Enter the Prime Network Services Controller hostname or IP address.
- Admin User Name—Enter the Prime Network Services Controller administrator user name.
- Admin User Password—Enter the Prime Network Services Controller Integration administrator user password.
Prime Performance Manager User Setup
- Admin User Name (New)—Allows you to enter a new Prime Performance Manager new administrator username.
Note If user security is enabled, you can use an existing Prime Performance Manager user. If user security is not enabled, the user and password will be added as a new user expressly for Prime Network Services Controller access.
- Admin User Password(New)—If you entered a new Prime Performance Manager administrator user, enter the new administrator user password.
Step 4 On the toolbar, click Submit Prime Network Services Controller Integration.
Wait a few minutes for the integration to complete.
Step 5 From the Network menu, choose Devices.
Step 6 In the Network Devices window, verify the Prime Network Services Controller devices are added. These include:
- Cisco Virtual Security Gateway
- Cisco Adaptive Security Appliance 1000V Cloud Firewall
- Cisco Cloud Services Router 1000V Series
- Citrix NetScaler VPX load balancers Application Delivery Controller
Because device credentials have not been added, Prime Network Services Controller devices have an unmanaged status.
Step 7 Complete the Adding SNMP Device Credentials to add the Prime Network Services Controller SNMP credentials.
Step 8 Complete the Adding Device Credentials for Other Protocols to add the Prime Network Services Controller Telnet and SSH credentials.
Step 9 From the Administration menu, choose Prime Network Services Controller Integration.
Step 10 If you want Prime Performance Manager to manage only Prime Network Services Controller devices, check the Strict Sync checkbox. If not, continue with the next step.
Note If strict sync is not enabled, devices removed from Prime Network Services Controller are deleted from Prime Performance Manager. Prime Performance Manager listens for inventory notifications from Prime Network Services Controller so devices added or deleted in Prime Network Services Controller are reflected immediately in Prime Performance Manager.
Note A Prime Performance Manager cron job runs a full synchronization four times a day.
Step 11 On the Administration Prime Network Services Controller Integration window, click Import Inventory.
Step 12 From the Network menu, choose Devices.
Step 13 In the Network Devices window, verify the Prime Network Services Controller devices are added and their status is Active.
Step 14 Open Prime Network Services Controller.
Step 15 Verify that you can open Prime Performance Manager with the user and password entered in Step 3.
Note You can also perform Prime Network Services Controller integration using the ppm pnscintegration command. For information, see ppm pnscintegration.
Removing Prime Network Services Controller Integration
To remove Prime Network Services Controller integration with Prime Performance Manager:
Step 1 Log into the Prime Performance Manager GUI as a System Administrator user.
Step 2 From the Administration menu, choose Prime Network Services Controller Integration.
Step 3 On the Administration Prime Network Services Controller Integration window, click the Remove Integration tool.
Step 4 To complete the removal, log into Prime Network Services Controller and remove Prime Performance Manager through the Prime Network Services Controller GUI.