The Cisco Cloud Architecture for Microsoft Cloud Platform (CCA for MCP) solution delivers IaaS, PaaS, and SaaS with integrated management software. The data center infrastructure is built with Cisco Application Centric Infrastructure (ACI) for the Data Center Fabric and Cisco UCS-based compute, Cisco Adaptive Security Appliance (ASA) firewall for security, and Cisco Aggregation Services Routers (Cisco ASR 9000 and Cisco ASR1000) data center edge routers. Additionally, Cisco virtualized network functions such as Cisco Cloud Services Router 1000V (CSR 1000V) are used to implement tenant services.
Microsoft Hyper-V Hypervisor is used as the virtualizing layer for compute to run tenant workloads. The Management Stack is based on Microsoft Windows Azure Pack (WAP), which allows service providers to create plans and tenant administrators to subscribe to those plans.
CCA for MCP enables service providers to offer network management services on top of a Cisco network infrastructure through Microsoft WAP. A Microsoft WAP administrator can use the Cisco Cloud Network Automation Provisioner (CNAP) for MCP Admin Portal to configure, manage, and administer Cisco Data Center Network resources. Cisco CNAP provides the capability to create tenant containers with sophisticated network services such as tenant edge routing, multiple security zones, firewalling, NAT, MPLS VPN access, and Server Load Balancing. The administrator uses the portal to define and set up the available plans that will be visible in the Tenant Portal and that can be consumed by tenants. Tenants consume resources by using the Tenant Portal to subscribe to an available plan. This allows service providers to offer differentiated plans that provide more value to tenants and generate more revenue for service providers, with the convenience of automation to deploy sophisticated containers for tenants.
For more information, see: http://www.cisco.com/go/cloud.
Tasks You Can Perform in the Tenant Portal
You can use the Tenant Portal to:
- Subscribe to plans
- Create containers for subscriptions
- View and modify information about containers, including:
– View summary information about a container.
– Delete a container.
– View gateway information about a container, including remove a WAN gateway.
– View and modify Shared Services information about a container.
– View and modify firewall information about a container, including add and modify a policy map for a service policy, modify and remove a class map instance, and modify and remove an access group (you can also add a rule to an Access Control List [ACL]).
– View and modify tier information about a container, including add a tier, change a tier (and update a segment), remove a tier, and remove a segment.
– View and modify load balancer information about a container, including View information about an existing load balancer, add a Citrix NetScaler VPX, add a load balancer, add a server, change a load balancer, change a server, remove a load balancer, remove a server, and remove a Citrix NetScaler VPX.
Understanding the Interrelationship of Tasks Performed in the Tenant Portal and by the Cloud Provider
Certain tasks performed in the Tenant Portal and by the cloud provider are interdependent in that tasks must be completed by one user before other tasks can be accomplished by the other user. For example:
- Base container plans must be created by the cloud provider before you can use the Tenant Portal to subscribe to them and create containers.
- In the Tenant Portal, after you subscribe to a plan and create a container, then the cloud provider can confirm that the newly-created tenant container is Active and configure the following for it:
– WAN Gateway—When you are creating a container for a plan to which you have subscribed, you see a screen indicating whether the plan includes entitlement for a WAN Gateway (e.g., MPLS VPN). If it does, you see a message to contact your cloud provider. Once your container is active, the cloud provider can then configure the WAN Gateway.
– Firewall—When you are creating a container for a plan to which you have subscribed, you specify the number of Workload Tiers for the container. Cisco CNAP will automatically set up a perimeter around each of the zones in the container, however the Tenant Firewall tab will not display any information until the WAN Gateway has been provisioned by the cloud provider. The firewall is automatically created with a base configuration during container creation. When the WAN gateway is created, another firewall zone is created for the WAN edge. You can configure a firewall in the Tenant Portal, however it can only be configured after you have created a container and the cloud provider has created a WAN Gateway.
– Load Balancer—The cloud provider must acknowledge that the Citrix NetScaler VPX is licensed before you can set up a software load balancer (SLB).
Accessing the Tenant Portal
You access the Tenant Portal from the WAP Tenant Site.
To access the Tenant Portal:
Step 1 Access WAP.
For information on accessing WAP, see the WAP documentation.
Step 2 You see the WAP Tenant Portal login scree, shown in the following screen.
Figure 1-1 WAP Tenant Portal Login Screen
Step 3 Enter your login credentials (email address and password) and click submit.
You see the main Tenant Portal screen, shown in the following screen.
Figure 1-2 Main Tenant Portal Screen
Subscribing to a Plan
To subscribe to a plan:
Step 1 On the main Tenant Portal screen, at the bottom, click + New in the lower left corner, click My Account, then click Add Subscription, as shown in the following screen.
Figure 1-3 Add Subscription Screen
You see the Choose a Plan screen, as shown in the following screen.
Figure 1-4 Choose a Plan Screen
Step 2 Click the plan to which you want to subscribe (in this example IaaS Plan8), then click the check mark.
You see the following screen while the subscription is being created.
Figure 1-5 Subscription Being Created Screen
Next you see a screen showing the plan to which you subscribed with a Status of Syncing, as shown in the following screen.
Figure 1-6 Plan Subscription Syncing
When the synchronization is complete, the subscription will show as Active, as shown in the following screen.
Figure 1-7 Plan Subscription Active
Creating a Container
To create a container:
Step 1 On the main Tenant Portal screen, click + New in the lower left corner, then click Cisco Datacenter Network, then Create Container, as shown in the following screen.
Figure 1-8 Create New Container Screen
You see the following screen.
Figure 1-9 Container Creation Screen
Step 2 Some values are prepopulated based on what your cloud provider has defined. Complete the fields to create a network container:
– Subscription:—Select the subscription for which you want to create a container.
– Admin:—Preselected and cannot be changed.
– Cloud:—Preselected and cannot be changed.
– Bring Your Own IP Space—Not supported in the current release.
– Name:—Enter a name for the container.
– Type:—Zinc is preselected.
– MPLS is preselected (Site-to-Site, Remote Access, and Internet are not supported in the current release).
– Workload:—Number of tiers.
– Workload SLB—Preselected based on plan.
– DMZ:—Not supported in the current release.
– DMZ SLB—Not supported in the current release.
– Shared Svcs:—The Shared Services, such as Database as a Service (DBaaS), Disaster Recovery as a Service (DRaaS), etc., for the plan to which you have subscribed.
When you are finished, at the bottom of the screen, click the right arrow (−>).
You see the following screen.
Figure 1-10 WAN Gateway Screen
Step 3 Click the right arrow (−>).
You see the following screen.
Figure 1-11 Tiers and Layer 2 Segments Screen
On the Container Creation screen we specified a Workload of 3 under Tiers, so this screen shows those structures already created.
This screen displays the following information:
– Type—Only Workload is supported in this release.
– Name—Name of the tier.
– Description—Description of the tier.
– Name—Name of the segment.
– Subnet—Subnet the segment is in.
– Description—Description of the segment.
Step 4 Click check box for Modification Enabled if you want to modify the names and descriptions of the tiers and segments. Click the check box and then click the tier you want to modify.
Figure 1-12 Modification Enabled Checked Screen
Step 5 Click the check mark.
Step 6 Click Cisco Datacenter Network.
The container you created should be available in the Containers: pull-down menu at the top of the screen, as shown in the following screen.
Figure 1-13 Container Pull-down Menu Screen