Release Notes for Cisco Virtual Application Container Services, Release 5.2STV1.1
First Published: February 11, 2015
Last Updated: February 11, 2015
This document describes the features, limitations, and caveats for the Cisco Virtual Application Container Services (Cisco VACS) software solution. Use this document in combination with the documents listed in the Related Documentation.
Cisco Virtual Application Container Services (Cisco VACS) is a software solution that automates the coordinated licensing, installation, and deployment of multiple virtual services in your datacenter to enable an easy and efficient setup of virtualized applications. Cisco VACS provides a fully customizable extended application container abstraction to simplify deploying and provisioning the virtual services.
Cisco VACS allows you to define extended application container templates and to instantiate them through automated setup and provisioning of the underlying virtual components. Cisco UCS Director provides the management interface to deploy, provision, and monitor the Cisco VACS solution.
Cisco VACS leverages the features in the following virtual components to build a secure multi-tenant cloud and create application container templates:
Cisco Nexus 1000V
Cisco Prime Network Services Controller (PNSC)
Cisco Cloud Services Router (CSR) 1000V
Cisco Virtual Security Gateway (VSG)
Cisco VACS provides you with a choice of ready-to-use application container templates that define the rules for deploying a collection of virtual machines (VMs) within a private network secured by a firewall. An application container is a set of virtual services such as virtual switches, routers, firewalls, and other network devices configured in a consistent manner to deploy different workloads. When you create and instantiate an application container template, Cisco VACS deploys VMs, and configures networks, the firewall, and virtual switches, and enables quick provisioning of network and security at the virtual layer.
Key features and benefits of Cisco VACS include:
Single workflow automation to logically isolate virtual application workloads at the virtual layer.
VMware vSphere support for interoperability across private cloud environments.
Consistent provisioning and orchestration experience across physical and virtual assets through Cisco UCS Director.
New Features and Enhancements
This release of Cisco VACS contains the following new features and enhancements:
Support for VMware cluster
Support for UCS Director POD construct
Simplified licensing mechanism
Support for Cisco CSR 1000V XE Release 3.14
GUI enhancements for robustness of wizards
VMkernel NIC (vmknic) support when adding hosts to the Cisco Nexus 1000V DVS
Automatic inclusion of container data/management traffic VLANs to the uplink port profiles of all VEMs that are part of the Cisco Nexus 1000V DVS
Ability to report the Cisco CSR 1000V licensing state
Support for editing zone-based firewall policy ACL rules per container
Software Compatibility
The following table lists the compatibility information for Cisco VACS, Cisco UCS Director, and the relevant Cisco VACS components.
Table 1 Software Compatibility
Cisco VACS
UCS Director
Cisco VACS Components
Release 5.2STV1.1
Release 5.2
Note Apply the latest Cisco UCS Director maintenance patch (patch 1, which is cucsd_patch_5_2_0_1.zip) before installing or upgrading to Cisco VACS Release 5.2STV1.1.
Release 5.1
VMware vSphere 5.1 or later
Cisco Nexus 1000V 5.2(1)SV3(1.1)
Cisco Prime Network Services Controller 3.2.2.b
Cisco Virtual Security Gateway 5.2(1)VSG2(1.1)
Cisco Cloud Services Router 1000V XE 3.14.0
Release 5.1STV1.0
Release 5.1
VMware vSphere 5.1 or later
Cisco Nexus 1000V 5.2(1)SV3(1.1)
Cisco Prime Network Services Controller 3.2.2.b
Cisco Virtual Security Gateway 5.2(1)VSG2(1.1)
Cisco Cloud Services Router 1000V XE 3.12.0
Limitations and Restrictions
This section describes the limitations and restrictions of Cisco VACS.
General VACS limitations
Cisco VACS supports the following:
– ESX versions 5.0 and later
– vCenter versions 5.1 and later
The scope of Cisco VACS is limited to one virtual account, one PNSC, and one Cisco Nexus 1000V. One virtual account cannot have more than one PNSC mapped to it.
All VXLAN VTEPs added per host using the add host operation should be configured to be in the same subnet.
During the add host operation, do not migrate the VSM VMs to VEM.
License limitations
Each Cisco Nexus 1000V is licensed with 1024 licenses.
When upgrading from Cisco VACS evaluation license to Cisco VACS production licenses, note the following:
– After installing the UCS Director production licenses, the Cisco VACS evaluation licenses are invalid.
– After installing the UCS Director production licenses, only the Cisco VACS production licenses are accepted.
– After installing the Cisco VACS production licenses, the existing Cisco Nexus 1000V that was installed with the evaluation license does not get a permanent Cisco Nexus 1000V license.
After installing the Cisco VACS production licenses, you must deploy a new Cisco Nexus 1000V so that it gets a permanent license.
– A CSR 1000V deployed during the Cisco VACS evaluation licenses comes up with default licenses and a maximum throughput of 100 Kbps.
– After installing the Cisco VACS production licenses, the existing CSR 1000V of deployed containers is not automatically licensed with permanent licenses. If required, you must manually apply permanent licenses for the CSR 1000V.
– After installing the Cisco VACS production license and keying the CSR token ID, the CSR 1000V that belongs to the new container deployment has permanent licenses with a maximum throughput of 10 Gbps
Configuration limitations
IP pool limitations:
– The IP pools used for management and uplink pools should have mandatory VLAN and Gateway fields.
– The IP pools used for the port group-based VM networks in custom containers should not have the Gateway field.
– The broadcast and network IP addresses should not be used as the IP addresses in the pool.
IP subnet pool limitations:
– The IP addresses in the subnet cannot be less than 4 and more than 1024 addresses.
IP address limitations when an IP needs to be entered for install actions, IP pools, and ERSPAN:
– Do not use broadcast and network, Experimental/Use in research IP addresses.
Be careful to add the correct VLAN IDs to the Ethernet port profiles during the add host operation. If you do not add the correct VLAN IDs, you must add the VLAN IDs manually to the Ethernet port profiles mapped to the VEMs that are being used for container deployment.
Cisco VACS does not configure the upstream switches and routers in the physical infrastructure. Cisco VACS only configures the virtual infrastructure for PNSC, Cisco Nexus 1000V, and CSR.
You must configure the upstream devices such that the path MTU between the VEMs has an MTU of greater than or equal to 1600.
Container and container-related limitations
The container add-on operations such as add and delete VMs, configure SNAT and ERSPAN, and power on/off cannot be executed in parallel. You must wait for the current task to complete before you proceed with the next task.
Do not cancel the service request of any of the container add-on operations, such as add and delete VMs, configure SNAT and ERSPAN, and power on/off a container.
You cannot resubmit failed service requests for the container deployment or container add-on operations.
Rollback of container add-on operations is not supported. To roll back, you must use the UI for the add-on operation.
Scale limitations
Cisco VACS has the following scale limitations:
Number of containers: 50
Number of VMs per container: 20
Number of VMs per host: 50
Number of containers that can be deployed in parallel: 4
Using the Bug Search Tool
Use the Bug Search Tool to search for a specific bug or to search for all bugs in a release. This web-based tool provides you with access to the Cisco bug tracking system, which maintains information about bugs and vulnerabilities in this product and other Cisco hardware and software products.
Step 3 To search for a specific bug, enter the bug ID in the Search For field and press Return.
Step 4 To search for bugs in the current release:
a. In the Search For field, enter a problem, feature, or a product name and press Enter. (Leave the other fields empty.)
b. When the search results are displayed, use the filter tools to find the types of bugs you are looking for. You can search for bugs by status, severity, modified date, and so forth.
Tip To export the results to a spreadsheet, click the Export Results to Excel link.
Open Caveats
The following are descriptions of the open caveats in Cisco VACS. The bug ID links you to the Cisco Bug Search Tool.
If the container name and the VM includes blank spaces and special characters such as % and $, the container deployment fails because the Cisco Nexus 1000V does not create port profiles that include spaces or special characters.
When an Ubuntu version 14.04 template is used, correct IP address/hostname are not assigned to the IP address/host. This results in container deployment failure.
For a VMware cluster that is included in the UCS Director compute policy, if even one of the hosts in that VMware cluster is not part of the Cisco Nexus 1000V DVS, the container deployment fails.
If the existing VLAN(s) of the VMKNICs are not added as part of the uplink port profile that is mapped to the PNICs, the add host operation UI proceeds without errors, but fails with a VSUM error upon submission.
Subscribe to What’s New in Cisco Product Documentation, which lists all new and revised Cisco technical documentation as an RSS feed and delivers content directly to your desktop using a reader application. The RSS feeds are a free service.
This document is to be used in conjunction with the documents listed in the
“Related Documentation” section.
Cisco and the Cisco logo are trademarks or registered trademarks of Cisco and/or its affiliates in the U.S. and other countries. To view a list of Cisco trademarks, go to this URL: www.cisco.com/go/trademarks. Third-party trademarks mentioned are the property of their respective owners. The use of the word partner does not imply a partnership relationship between Cisco and any other company. (1110R)
Any Internet Protocol (IP) addresses and phone numbers used in this document are not intended to be actual addresses and phone numbers. Any examples, command display output, network topology diagrams, and other figures included in the document are shown for illustrative purposes only. Any use of actual IP addresses or phone numbers in illustrative content is unintentional and coincidental.