Large PoD Data Center Installation
This section provides information about installing the Service Provider Cisco HCS data center in a Large PoD deployment. It describes a typical Cisco HCS Large PoD deployment, general installation steps for each component, and the installation tasks performed for each component.
This section does not provide detailed instructions for installing individual components. You can find detailed installation information in the installation documents for the components.
Install the Data Center for Large PoD Deployments
Procedure
| Step 1 |
Install and configure the Nexus 7000 Series switch (Aggregation) and, optionally, the Nexus 5500 Series switch (Access) hardware and software. |
| Step 2 |
Install and configure the SAN storage. |
| Step 3 |
Install and configure the MDS Series switch. |
| Step 4 |
Install and configure the Cisco UCS server and Cisco UCS Manager. |
| Step 5 |
Install and configure the vCenter. |
| Step 6 |
Install and configure vSphere Distributed Switch. |
| Step 7 |
Install and configure the ASA 5500 Series Adaptive Security Appliance. |
| Step 8 |
Install a Session Border Controller. |
| Step 9 |
(Optional) Install the ASR-100x as a Site-To-Site VPN Concentrator. |
| Step 10 |
(Optional) Install and configure Cisco Expressway. |
| Step 11 |
Install and configure Cisco Prime Network Registrar for DNS and DHCP. |
Install the Nexus 7000 and Nexus 5500 Series Switches
Before you begin
See End-of-Sale and End-of-Life Announcement for the Cisco Nexus 5500 Series Switches at https://www.cisco.com/c/en/us/products/switches/nexus-5000-series-switches/eos-eol-notice-listing.html.
See End-of-Sale and End-of-Life Announcement for the Cisco Nexus 7000 Series Switches at https://www.cisco.com/c/en/us/products/switches/nexus-7000-series-switches/eos-eol-notice-listing.html.
For site, environment, and power requirements for the Nexus 7000 Series switches, see the Cisco Nexus 7000 Series Site Preparation Guide at: http://www.cisco.com/c/en/us/support/switches/nexus-7000-series-switches/products-installation-guides-list.html.
 Note |
The NX-OS software might require the upgrade of electronic programmable logic devices (EPLDs) or field programmable gate arrays (FPGAs). For details on required updates, see the latest release notes here: http://www.cisco.com/c/en/us/support/switches/nexus-7000-series-switches/products-release-notes-list.html. |
The following Nexus switches are supported:
-
Nexus 7004
-
Nexus 7010
-
Nexus 7018
-
Nexus 5500 series (for Micro Node and Small PoD deployments, use Nexus 5548 or 5600 switches)
Confirm the version to download from the Cisco Hosted Collaboration Solution Compatibility Matrix at http://www.cisco.com/c/en/us/support/unified-communications/hosted-collaboration-solution-hcs/products-device-support-tables-list.html.
-
Software for the Nexus 7000 Series switch is available from http://software.cisco.com/download/navigator.html?mdfid=281787278&i=rm.
-
Software for the Nexus 5500 Series switch is available from http://software.cisco.com/download/navigator.html?mdfid=282076290&i=rm.
Procedure
| Step 1 |
Install the Nexus 7004, Nexus 7010, or Nexus 7018 switch hardware. |
| Step 2 |
Install the Cisco Nexus 7004, Nexus 7010, or Nexus 7018 switch software. |
| Step 3 |
Install the Nexus 5500 switch hardware. (Install Nexus 5548 or 5600 hardware for a Micro Node and Small PoD deployments.) |
| Step 4 |
Install the Nexus 5500 switch software. (Install Nexus 5548 or 5600 software for a Micro Node and Small PoD deployments.) |
| Step 5 |
For Small PoD and Micro Node deployments, install the Layer 3 IO module in the Nexus 5500. |
What to do next
-
Complete cabling and physical connectivity. For more information, see the product documentation for Cisco Nexus 7000 Series Switches at http://www.cisco.com/c/en/us/support/switches/nexus-7000-series-switches/products-installation-guides-list.html.
-
Configure the management interface and network.
Install the Cisco Unified Computing System Server
The UCS Manager software is installed at the factory. For information about upgrading to the latest HCS-supported version of UCS Manager, see the Cisco UCS Manager Upgrade Guides at http://www.cisco.com/en/US/products/ps10281/prod_installation_guides_list.html.
For UCS server site, environment, and power requirements, see the Cisco UCS Site Preparation Guide:
The following UCS server hardware is supported:
- UCS 5100 Series Blade Server Chassis
- B Series Blades
- UCS 2200 Series Fabric Extenders
- UCS 6200 Series Fabric Interconnect
The UCS Server software is available at http://software.cisco.com/download/navigator.html?mdfid=282558030&i=rs.
Procedure
| Step 1 |
Install the UCS 5108 hardware. |
| Step 2 |
Install the UCS B Series Blade hardware. |
| Step 3 |
Install the UCS 6200 Series Fabric Interconnect hardware. |
What to do next
For more information on setting up the UCS server in an HCS environment, see the Cisco Hosted Collaboration Solution Solution Reference Network Design Guide.
For more information about the following post-installation tasks, see the appropriate Cisco UCS Manager GUI Configuration Guide at http://www.cisco.com/c/en/us/support/servers-unified-computing/ucs-manager/products-installation-and-configuration-guides-list.html.
-
Fabric Interconnect configuration
-
Network configuration
-
Storage configuration
-
Server configuration
For information about provisioning customers in Cisco Hosted Collaboration Solution, see the Cisco Hosted Collaboration Solution Customer Onboarding Guide.
Install ESXi on B2xx blades. For more information, see Install VMware ESXi and vCenter Server.
Installing SAN Storage
Contact your SAN storage vendor for information about installing SAN storage.
Install Cisco MDS 9000 Series Switches
The list outlines the supported MDS Seriec Switches.
-
MDS 9500. The software is available from http://software.cisco.com/download/navigator.html?mdfid=279293129&i=rs.
-
MDS 9200. The sofware is available from http://software.cisco.com/download/navigator.html?mdfid=279293128&i=rm.
-
MDS 9100. The software is available from http://software.cisco.com/download/navigator.html?mdfid=279293127&i=rs.
Note |
Confirm the version to download from the Cisco Hosted Collaboration Solution Compatibility Matrix at http://www.cisco.com/c/en/us/support/unified-communications/hosted-collaboration-solution-hcs/products-device-support-tables-list.html. |
Before you begin
Complete the following before the SAN implementation:
-
All UCS and ESXi installation
-
Storage Array physical setup and basic cabling
-
MDS switch physical setup and basic configuration according to the recommendations in the Cisco Hosted Collaboration Solution Solution Reference Network Design Guide.
-
See End-of-Sale and End-of-Life Announcement for the Cisco MDS 9148 Multilayer Fabric Switch at
Gather the following information about the SAN to configure the MDS 9000 series switch:
-
WWNs of SAN Storage Ports
-
VSANs used on UCS
-
ESXi host multipath mode
Note |
Follow your storage vendor's best practices to determine the most appropriate setup for your system. |
Procedure
|
Install the software as described in the Cisco MDS 9000 NX-OS Software Upgrade and Downgrade guides: http://www.cisco.com/c/en/us/support/storage-networking/mds-9000-nx-os-san-os-software/products-installation-guides-list.html. |
What to do next
Post-installation tasks are as follows:
-
Create VSAN, Zoneset, and Zone on MDS.
-
Create RAID Group, LUN, Host association, and storage group in SAN.
-
Configure the VWware datastore on vSphere.
Install VMware ESXi and vCenter Server
The VMware ESXi and vCenter software is available from https://my.vmware.com/web/vmware/downloads.
For information about troubleshooting VMware, search the VMware Knowledge Base: http://kb.vmware.com/selfservice/microsites/microsite.do;jsessionid=244B2447C3E0D4B4C6BECD871EA62EEC.
For information about virtualization requirements, see Cisco HCS Virtual Machine Requirements and Virtualization Software Requirements.
Before you begin
-
Configure and deploy the UCS chassis and UCS blades.
-
Configure and deploy the SAN.
-
Purchase your VMware license. For the correct VMware version, see the Cisco Hosted Collaboration Solution Compatibility Matrix at http://www.cisco.com/c/en/us/support/unified-communications/hosted-collaboration-solution-hcs/products-device-support-tables-list.html.
-
Ensure that one of the following is available:
-
Microsoft Windows Server operating system software and its license for vCenter
-
VMware vCenter Server
Note
Cisco recommends VMware vCenter Server Appliance (vCSA) for the vCenter device as it doesn't require additional Microsoft Windows Server or Microsoft SQL Server licensing.
-
Procedure
| Step 1 |
Install VMware ESXi and vCenter server. For instructions, see the vSphere Installation and Setup Guide at https://www.vmware.com/support/pubs/vsphere-esxi-vcenter-server-pubs.html. |
| Step 2 |
Apply the VMware license. For instructions, see the VMware vSphere Documentation at https://docs.vmware.com/en/VMware-vSphere/index.html. |
Deploy vSphere Distributed Switch
For complete information on deploying vSphere Distributed Switch, see Configure Distributed Switch for vSAN on docs.vmware.com.
Install a Session Boarder Controller
It is recommended that you install the Session Border Controller (SBC). Select and install the SBC that meets your specific requirements.
Install the Cisco ASA 5500 Series Next-Generation Firewall
This section outlines the list of Cisco ASA 5500 Series Next-Generation Firewall products that are supported:
-
ASA 5585-X
-
ASA 5555-X for Micro Node deployments
-
ASA 5580. This product is EoS. For more information, see http://www.cisco.com/c/en/us/products/security/asa-5500-series-next-generation-firewalls/eos-eol-notice-listing.html.
-
Cisco ASA with the FirePOWER module. For more information, see Installing the ASA FirePOWER Services Module.
The Cisco ASA 5500 Series Next-Generation Firewall software is available from http://software.cisco.com/download/navigator.html?mdfid=279513386&flowid=4378.
To verify the correct version to download, see the Cisco Hosted Collaboration Solution Compatibility Matrix at http://www.cisco.com/c/en/us/support/unified-communications/hosted-collaboration-solution-hcs/products-device-support-tables-list.html.
Before you begin
Ensure that you have the following:
-
Physical and network connectivity to the aggregation network
-
Cisco ASA firewall and failover licenses
-
See End-of-Sale and End-of-Life Announcement for the Cisco ASA 5585-X with FirePOWER Services Modules and Subscriptions available at https://www.cisco.com/c/en/us/products/collateral/security/asa-5500-x-series-next-generation-firewalls/eos-eol-notice-c51-738643.html.
Procedure
| Step 1 |
Install the hardware. For more information, see http://www.cisco.com/c/en/us/support/security/asa-5500-series-next-generation-firewalls/products-installation-guides-list.html. |
| Step 2 |
Upgrade the software to the recommended version. |
| Step 3 |
Enable failover on the Cisco ASA. For more information, see 'Failover for High Availability' in the Cisco ASA Series General Operations Configuration Guide for your version of the ASA: http://www.cisco.com/c/en/us/support/security/asa-5500-series-next-generation-firewalls/products-installation-and-configuration-guides-list.html. |
What to do next
Post-installation tasks are as follows:
-
Configure management, internal, and external interfaces.
-
Apply the ASA licenses. For more information, see Cisco Hosted Collaboration Solution License Management at https://www.cisco.com/c/en/us/support/unified-communications/hosted-collaboration-solution-hcs/tsd-products-support-series-home.html.
Installing the ASA FirePOWER Services Module
Cisco Hosted Collaboration Solution supports the Cisco ASA FirePOWER Services module deployed on Cisco ASA devices. The module helps your network handle traffic in a way that complies with your organization's security guidelines. For product information, see https://www.cisco.com/c/en/us/support/security/firepower-4100-series/tsd-products-support-series-home.html.
Installing Cisco FirePOWER
For information about installing the FirePOWER Services module, see https://www.cisco.com/c/en/us/support/security/firepower-4100-series/tsd-products-support-series-home.html.
We recommend configuring the FirePOWER Services module in Inline tap, monitor-only mode (ASA inline). With this configuration, a copy of the traffic is sent to the module, but is not returned to the ASA. Inline tap mode lets you see how the FirePOWER module handles traffic, and lets you evaluate the content of the traffic, without impacting your network.
We validated Cisco HCS support for FirePOWER in Inline tap, monitor-only mode.
-
Cisco ASA FirePOWER Module Quick Start Guide: http://www.cisco.com/c/en/us/support/security/asa-5500-series-next-generation-firewalls/products-installation-guides-list.html
-
ASA FirePOWER Module User Guide: http://www.cisco.com/c/en/us/support/security/asa-5500-series-next-generation-firewalls/products-installation-and-configuration-guides-list.html
-
Install and Configure a FirePOWER Services Module on an ASA Platform: http://www.cisco.com/c/en/us/support/security/asa-firepower-services/products-configuration-examples-list.html
Installing Cisco FireSIGHT
For information about installing and configuring Cisco FireSIGHT, the management center for the FirePOWER Services module, see the Cisco Firepower Management Center documentation available at https://www.cisco.com/c/en/us/support/security/defense-center/tsd-products-support-series-home.html
Troubleshooting the Installation
Unable to open file: /var/sf/fwcfg/interfaces.conf.
Solution: Perform the workaround as described in article 829127, Device Configuration Policy apply failure with error message "Unable to Open file /var/sf/fwcfg/interfaces.conf", in the Cisco Tech Zone:.
Database integrity check failed.
Solution: Perform the workaround as described in article 854306, Script for partition_key_caches issue on ASA devices, in the Cisco Tech Zone.
You can find all articles in the Cisco Tech Zone here: https://techzone.cisco.com.
Note |
For information Troubleshoot and Alerts on Cisco FireSIGHT, the management center for the FirePOWER Services module, see the Cisco Firepower Management Center documentation available at https://www.cisco.com/c/en/us/support/security/defense-center/tsd-products-support-series-home.html |
Install Cisco Expressway
-
Installing Cisco Expressway for Cisco HCS OTT Business-to-Business
-
Endpoint access for Cisco Expressway for Cisco HCS OTT
Install and Configure Cisco Prime Network Registrar
Note |
See End-of-Sale and End-of-Life Announcement for the Cisco Prime Network Registrar. |
Feedback