Installing the Plug-in OVA and Registering the VMware vCenter Servers

User Privileges

Cisco UCS Manager Plug-In for vSphere HTML client enables you to register and manage VMware vCenter servers. When you install Cisco UCS Manager plug-in, register the VMware vCenter servers individually using UCS Manager user account. Depending on the UCS Manager user privileges, you used while registering the VMware vCenter servers you can perform the actions. Also, each plug-in action supports the same privileges as Cisco UCS Manager.

For example, if you registered a VMware vCenter servers with admin privileges, you can perform actions on that server using the plug-in. You can perform various actions on the servers, firmware, service profiles, and service profile templates.

When you log in to the Cisco UCS Manager plug-in, you can view the VMware vCenter servers that you have registered. You cannot edit or unregister the VMware vCenter servers registered by users with different vCenter roles or by the users who registered theVMware vCenter server. Only a user with same vCenter role and also has registered the VMware vCenter server, has the privilege to edit or unregister the plug-in.

Importing the IdenTrust Certificate Chain

The Cisco UCSM Plugin OVA file is signed with an IdenTrust CA certificate, which is not included in VMware's default truststore. As a result, the Review details page in the Deploy OVF Template wizard indicates that you are using an invalid certificate while completing the wizard.

You can prevent this by importing the IdenTrust certificate chain to the host or cluster on which you want to deploy the OVA file.

Procedure

Step 1

On the VMware ESXi host or cluster where your virtual appliance will reside, download trustidevcodesigning4.tar.gz from the same location that Cisco specified to download the Cisco UCSM Plugin OVA file.

Step 2

Unzip this file.

Step 3

Log in to the vSphere Web Client.

Step 4

Select Administration > Certificates > Certificate Management.

Step 5

In the Trusted Root Certificates field, click Add.

Step 6

In the Add Trusted Root dialog box, click Browse.

Step 7

Navigate to and select the certificate chain you downloaded in Step 1 (trustidevcodesigning4.pem). Click Open.

Step 8

Check the Start Root certificate push to vCenter Hosts check box. Click Add.

A message indicates that the certificate chain was successfully imported.

When you complete the Deploy OVF Template wizard, the Publisher field in theReview details page indicates that you are using a trusted certificate.

Deploying and Installing the Plug-in OVA Package

Before you begin

  • Plug-in OVA package is hosted on HTTP or HTTPS server. Ensure that the HTTP or HTTPS URL of the plug-in OVA package is reachable from the vCenter server.

  • Ensure that you have imported the IdenTrust Certificate Chain before you install the OVA package.

  • Close all the HTML client browser sessions.

  • The default username is admin.

Procedure

Step 1

On the Cisco.com download site for Cisco UCS Management Partner Ecosystem Software, download the Cisco UCS Manager plug-in OVA package.

The files are stored in your local download folder.

Step 2

Log in to the vCenter server and right-click on any inventory object and select Deploy OVF Template.

Inventory object is a valid parent object of a virtual machine, such as:

  • Data center

  • Folder

  • Cluster

  • Resource pool or host

The Deploy OVF Template wizard is displayed.

Step 3

Specify the location of the OVA template on the Select an OVF template page and click Next.

Step 4

Enter a unique name for the virtual machine and select a deployment location on the next page. Click Next.

Step 5

Select a resource to run the deployed OVA template. Click Next.

Step 6

Verify the OVA template details.

In the Review details window, the following message is displayed:

The certificate is not trusted.

You can choose to validate the certificate or ignore the message.

To validate the certificate, see Importing the IdenTrust Certificate Chain.

To ignore the certificate, click the Ignore link, next to the above message.

Step 7

Select a storage location. Click Next.

Step 8

Select a source network and map it to a destination network. Click Next.

Customize template page is displayed.

Step 9

Enter the networking information and the user credentials.

  1. Enter the required details for the following fields:

    • IP address

    • Netmask

    • Gateway

    • DNS Server

    • NTP Server

    • Hostname

  2. Enter the username as admin and password to access the Cisco UCS Manager plug-in appliance.

  3. Click Next.

Step 10

Review the information on the Ready to complete page and click Finish.

After the OVA package is deployed on the vCenter server, reboot the server to complete the configuration and enable access to the plug-in.

What to do next

Access the Cisco UCS Manager plug-in appliance using the https://<fqdn> or https://<server-IP> URL.

Provide the admin credentials configured in the OVA package and register the VMware vCenter servers.

Adding and Registering the VMware vCenter Servers

Before you begin

  • The default username is admin.

Procedure

Step 1

Login to Cisco UCS Manager Plug-in Appliance Web UI as admin user and enter the password.

Step 2

Click Register.

The Add VMware vCenter Servers pop-up window is displayed.

Step 3

Enter the required information in the Add VMware vCenter Servers pop-up window.

  1. Enter the following details:

    Field

    Description

    FQDN/Server IP

    FQDN or Server IP of the VMware vCenter server.

    Port

    The port to use for communication.

    The default is 443.

    Username

    		 Enter the user name for the VMware vCenter server.

    Password

    Enter the password for the VMware vCenter server.

  2. (Optional) Select the Proactive HA checkbox to enable Proactive HA in the server.

  3. (Optional) Enable the Use same credentials for all vCenter Servers checkbox to apply the same user credentials for all the VMware vCenter servers.

  4. (Optional) Click Add to add the details of another VMware vCenter server.

Step 4

Click Next.

Step 5

Review the VMware vCenter server details displayed in the Summary page. Click Register.

On successful registration, the VMware vCenter server details are displayed in the Registered VMware vCenter Servers table.

The list of registerd VMware vCenter servers is displayed in the Registered VMware vCenter Servers table.

Viewing the Registered VMware vCenter Servers

Before you begin

  • The default username is admin.

Procedure

Step 1

Login to Cisco UCS Manager Plug-in Appliance Web UI as admin user and enter the password.

Step 2

The list of registerd VMware vCenter servers is displayed in the Registered VMware vCenter Servers table.

The following details are displayed for the VMware vCenter servers.

Field

Description

FQDN/Server IP

Server IP / FQDN of the VMware vCenter server.

Port

The port used for communication. The default value is 443.

Username

User name that is used to access the VMware vCenter server.

Version

VMware vCenter release version.

Plug-in Version

UCS Manager plug-in release version.

Plug-in Status

Connection status of the VMware vCenter server with the UCS Manager plug-in.

ProactiveHA Status

Status of the Proactive HA feature for the VMware vCenter server.

By default, the ProactiveHA feature is disabled.

Configuring the Registered VMware vCenter Servers

  1. Login to the Cisco UCS Manager Plug-in Appliance Web UI and enter your user credentials.

  2. Identify the VMware vCenter server in the Registered VMware vCenter Servers table.

  3. Click on the 3 dots displayed near the respective VMware vCenter server in the table.

  4. You can perform the following actions on the VMware vCenter server:

    Option Description
    Unregister

    Note

     

    Before you unregister, perform the following step if Proactive HA Provider is enabled:

    • Disable the HA provider and turn off Proactive HA from vSphere Availability in the vCenter Cluster Configure page.

    The Unregister option allows you to unregister the plug-in.

    The Unregister Plug-in pop-up window is displayed with the message Are you sure you want to unregister?

    Click Yes to unregister the plug-in.

    vCenter Log

    Allows you to view the logs of the VMware vCenter server.

    The support bundle window is displayed as a new tab on your web browser.

    Enter the VMware vCenter server root credentials in the support bundle window to authenticate and view the logs.

    Update Password

    Allows you to update the password of the vCenter server in the plug-in.

    The Update vCenter server password pop-up window is displayed with the following fields:

    • Username

    • Password

    Enter the username and new password. Click Update.

Downloading the Appliance Logs

Perform the following steps to download the appliance logs.

  1. In the UCS Manager Plug-in Appliance home page, click the Settings icon.

  2. Select Appliance Log from the drop-down list.

    The UCS Manager plug-in appliance support bundle is downloaded on a new tab on your web browser. The support bundle is in tar.gz format.

Changing Appliance IP

Before you begin

You must log in with admin privileges to perform this task. Log in as admin.

Procedure

Step 1

Login to the Cisco UCS Manager Plug-in Appliance Web UI and enter your user credentials.

Step 2

In the UCS Manager Plug-in Appliance home page, click the Settings icon.

Step 3

Select Change Appliance IP from the drop-down list.

The Change Appliance IP window is displayed.

Step 4

Enter the new appliance IP.

Step 5

Click Submit.

Adding Certification

Perform the following steps to change the certificate for the plug-in.

Before you begin

  • You must log in with admin privileges to perform this task. Log in as admin.

  • The following certificate format is supported:

    .pem

Procedure

Step 1

Login to the Cisco UCS Manager Plug-in Appliance Web UI and enter your user credentials.

Step 2

In the UCS Manager Plug-in Appliance home page, click the Settings icon.

Step 3

Select Add Certification from the drop-down list.

Step 4

Click Upload Certificate Key to upload the certificate key.

Browse and upload the certificate key.

Step 5

Click Add.

Step 6

Click Upload Certificate File to upload the certificate file.

Browse and upload the certificate file.

Step 7

Click Add.

Changing Appliance Password

Before you begin

You must log in with admin privileges to perform this task. Log in as admin.

Procedure

Step 1

Login to the Cisco UCS Manager Plug-in Appliance Web UI and enter your user credentials.

Step 2

In the UCS Manager Plug-in Appliance home page, click the Settings icon.

Step 3

Select Change Appliance Password from the drop-down list.

The Change Appliance Password window is displayed.

Step 4

Enter the current password.

Step 5

Enter the new password.

Step 6

Confirm the new password.

Step 7

Click Change.

Upgrading Cisco UCS Manager Plug-In Appliance for VMware vCenter - Using CLI

Perform the following steps in the CLI to upgrade Cisco UCS Manager Plug-In Appliance for VMware vCenter.

Before you begin

Use an SSH client to access the UCS Manager plug-in appliance virtual machine (VM).

Procedure

Step 1

Download the ucsm-vcenter-plugin-4.0.1.xyz_signed.tar.gz upgrade package.

Step 2

Copy the upgrade package to the /home/admin/ folder of the plug-in appliance VM.

Step 3

SSH to the appliance VM and run the below commands:

  1. tar -xvf ucsm-vcenter-plugin-4.0.1.xyz_signed.tar.gz

  2. Run the signature verification program from the folder in which you have extracted the downloaded content: sh cisco_verify_release.sh

  3. Review the output and ensure that the verification has succeeded.

    Example:

    Retrieving CA certificate  
https://www.cisco.com/security/pki/codesign/identrustcommercialrootca1.pem
Retrieving SubCA certificate  
https://www.cisco.com/security/pki/codesign/trustidevcodesigning4.pem
trustidevcodesigning4.pem: OK
ucsm-vcenter-plugin-signing.pem: OK
Successfully verified root, subca and end-entity certificate chain.
Successfully fetched a public key from  ucsm-vcenter-plugin-signing.pem
Verified OK
Successfully verified the signature of ucsm-vcenter-upgrade-plugin-4.0.1.xyz.tar.gz 
using ucsm-vcenter-plugin-signing.pem

  4. tar -xvf ucsm-vcenter-upgrade-plugin-4.0.1.xyz.tar.gz

  5. To upgrade the plug-in, run the command:

    sh run-upgrade.sh

Step 4

Enter y to continue the upgrade when the following message is displayed:

Are you sure you want to continue?(y/n):

Step 5

Enter the admin password when the following message is displayed:

[sudo] password for admin:

What to do next

After the upgrade is completed and the VM is rebooted, refresh the browser and login to the plug-in appliance UI.

Upgrading Cisco UCS Manager Plug-In Appliance for VMware vCenter - Using the Web UI

Perfom the below steps to upgrade to Cisco UCS Manager plug-in appliance using the Web UI.


Note

You cannot use the Web UI to upgrade from the release version 4.0.0 to 4.0.1. See Upgrading Cisco UCS Manager Plug-In Appliance for VMware vCenter - Using CLI to perform the upgrade using the CLI.

Before you begin

  • Use an SSH client to access the UCS Manager plugin appliance virtual machine (VM).

  • We recommend that you take a snapshot of the appliance VM before you choose to upgrade.

Procedure

Step 1

Download the ucsm-vcenter-plugin-4.0.1.xyz_signed.tar.gz upgrade package.

Step 2

In the UCS Manager Plug-in Appliance home page, click the Settings icon.

Step 3

Select Plug-in Upgrade.

Step 4

Click Upload tar.gz file to Upgrade Plug-in.

The upload window is displayed.

Step 5

Navigate to the location from where you want to upload the upgrade package.

Step 6

Click Upgrade.

Step 7

After the upgrade is completed, log into the UCS Manager plug-in appliance using the following link:

https://<UCSMpluginIP>:443

Log into the UCS Manager plug-in appliance Web UI and view the home page.

Note

 

To update the plug-in version for a specific vCenter server, see Configuring the Registered VMware vCenter Servers.

Registering the UCS Domains

Using the vSphere HTML client, you can register the UCS domains. You can edit the details, unregister, and reregister the previously registered UCS domains.


Note

If a UCS domain is registered with read-only privileges, you cannot perform actions related to the service profiles, service profile templates, and firmware management using the plug-in. Also, you cannot view or edit UCS domains registered by a different user unless you have admin privileges.

Procedure

Step 1

Launch the vSphere HTML client.

Step 2

In the Shortcuts tab, double-click Cisco UCS Manager Plug-in.

Cisco UCS Management Center view appears.

Step 3

Click Register.

Register UCS Domain dialog box appears.

Step 4

Enter the following:

  • UCS Hostname/IP—IP address or the hostname of the UCS domain.

  • Username—UCS domain username.

    Note

     

    • For LDAP authentication, enter the username in the ucs-domainname\username format.

    • RBAC supports LDAP, TACACS, RADIUS users.

  • Password—UCS domain password.

  • Visible to All Users—Whether to make this domain visible to all users

Step 5

Click OK.

Note

 
You may be prompted to accept a certificate. Accept to continue registration.
UCS domain is registered and appears on the list of Registered UCS Domains.

Cisco UCS Management Center also provides the following options:

Button Description
Unregister Allows you to unregister a UCS domain.
Edit Allows you to edit a UCS domain.