Service Fulfillment Installation

Service Fulfillment Components

Service fulfillment is a service provider's ability to set up a new enterprise customer (including subscribers and endpoints) with voice, video, and other collaboration and mobility services.

The service fulfillment system consists of functional and architectural layers within Cisco HCS:

  • Cisco Hosted Collaboration Mediation Fulfillment (HCM-F)

  • Cisco Unified Communications Domain Manager

    • Install Cisco HCM-F before installing Cisco Unified Communications Domain Manager 10.x+.

  • Cisco Unified Contact Center Domain Manager (if Cisco HCS for Contact Center is supported)

  • Install and configure Cisco Prime License Manageror Cisco Smart Licensing as per your requirement.


    Note

    Prime License Manager (PLM) doesn't support UC apps version 12.x and above from the HCS 12.5 release. If you plan to use 12.x and above UC apps version, configure Smart Licensing. For more details on smart licensing configuration, refer Cisco Hosted Collaboration Solution Customer Onboarding Guide.


Note

Cisco HCM-F will deprecate the support of Cisco Unified Communications Domain Manager in the upcoming releases with limited support for existing integration, Cisco HCS partners and customers are advised to take necessary steps to align their requirements.

Install Hosted Collaboration Mediation Fulfillment

Before installing an HCM-F Application node, consider the requirements and recommendations provided in this section.

  • Cisco HCM-F 11.5(2) and above provides an enhanced autovacuum functionality. The autovacuum frequently runs in background and cleans up the old deleted rows (dead tuples) from the database tables.

  • Install HCM-F in the same domain as Cisco Unified Communications Domain Manager.

  • Enable the Network Time Protocol (NTP) on the Cisco HCM-F server. To verify the NTP status, log in to the Cisco HCM-F command line interface, and enter utils ntp status.

  • If you're installing multiple HCM-F nodes:
    • Ensure that all nodes point to the same NTP server.
    • Consistently use either Domain Network Server (DNS) or non-DNS across all nodes.

  • Understand that when you install on an existing server, the hard drive is formatted and all data on the drive is overwritten.

  • Install Cisco HCM-F using static IP addressing to ensure that the Cisco HCM-F obtains a fixed IP address.

  • Don't perform configuration tasks during the installation.

  • Don't install Cisco-verified applications until you complete the installation.

  • To support the HCS Intelligent Reporting feature, install HCM-F version 10.1(2) or later.


Note

For more information about installing HCM-F, including system requirements and pre-installation tasks, see the Cisco Hosted Collaboration Mediation Fulfillment Install and Configure Guide on the Component Documentation tab: http://www.cisco.com/c/en/us/support/unified-communications/hosted-collaboration-solution-hcs/tsd-products-support-series-home.html.

Navigating the Installation Wizard

Table 1. Installation Wizard Navigation

To Do This

Press This

Move to the next field

Tab

Move to the previous field

Alt-Tab

Choose an option

Space bar or Enter

Scroll up or down in a list

Up Arrow or Down Arrow key

Go to the previous window

Space bar or Enter to choose Back (when available)

Get help information for a window

Space bar or Enter to choose Help (when available)

Install the HCM-F Application Node

Procedure

Step 1

Insert the Cisco HCM-F ISO disk into the DVD drive of the virtual machine.

Step 2

Reboot and start the virtual machine.

The HCM-F installation wizard opens.
Step 3

On the Media Check screen, select OK to perform a check of the media, or select Skip to proceed to the installation.

Step 4

On the Product Deployment Selection screen, select HCS Application Suite and then select OK.

Step 5

On the Proceed with Install screen, verify that you are installing the version you want, and select Yes to overwrite the hard drive.

Step 6

On the Platform Installation Wizard screen, select Proceed.

Step 7

On the Basic Install screen, select Continue.

Step 8

On the Timezone Configuration screen, select your time zone from the menu, and then select OK.

Step 9

On the Auto Negotiation Configuration screen, select Continue.

Step 10

On the MTU Configuration screen, select No to leave the MTU size at the OS default, or select Yes and enter new values.

Step 11

On the DHCP Configuration screen, select No to use a static IP address.

Step 12

On the Static Network Configuration screen, specify the Hostname, IP Address, IP Mask, and GW Address for the App Node, and select OK.

The virtual machine must be able to reach the gateway that is entered for the static configuration, or else the installation will give an error and not proceed.
Step 13

On the DNS Client Configuration screen:

  • Select Yes to use DNS. Enter values for the Primary DNS, Secondary DNS (optional), and Domain.
  • Select No to not use DNS.

If the virtual machine cannot reach the DNS server, then the installation gives an error and does not proceed.

Step 14

On the Administrator Login Configuration screen, set up the Administrator ID and Password for the App Node. Then select OK.

Step 15

On the Certificate Information screen, enter values for Organization, Unit, Location, and State. Select Country from the menu. Then select OK.

Step 16

On the Network Time Protocol Client Configuration screen, enter the hostname or IP address for one to five NTP Servers. Then select OK.

Step 17

On the Security Configuration screen set the system security password for the App Node. Then select OK.

Step 18

On the Platform Configuration Confirmation screen, select OK.

After the application node is installed, the virtual machine is rebooted. The following message appears, and you are prompted to log in to the Application Node: The installation of HCS Application Suite has completed successfully.

What to do next

Set the minimum version of the Transport Layer Security (TLS) protocol for the application node from the command line with set tls min-version <version>. This command disables all the lower version of TLS than the set version. For example, if you set the minimum version as TLSv1.2, then the TLSv1.1 and the below version is disabled.


Note

  • Ensure that your web browser supports the TLS version you have set.

  • Ensure that any client application using HCMF NBI APIs also support the minimum TLS version you have set.

Install HCM-F Real Time Monitoring Tool

The Cisco HCM-F installation consists of one HCM-F application server. One copy of RTMT installed on your computer lets you monitor one HCM-F server at a time. To monitor HCM-F on a different server, you must log out of the RTMT session on the first server before you can log in to the other HCM-F server.

Before you install RTMT, consider the basics on HCM-F RTMT.

  • HCM-F RTMT monitors only HCM-F Servers.

  • HCM-F RTMT can be the only version of RTMT run on a client computer.

Procedure

Step 1

From the command line, run the utils service list command to verify that the Cisco AMC Service is running.

The Cisco AMC Service allows RTMT to retrieve real-time information from the HCM-F server.

Step 2

Log in to HCM-F on the application server.

Step 3

In HCM-F, click the Infrastructure Manager tab.

Step 4

Navigate to Administration > HCM-F RTMT Installers.

The HCM-F RTMT Installers page opens.

Step 5

Perform one of the following steps:

  • To download RTMT for a client computer that is running the Microsoft Windows operating system, click HCM-F RTMT Windows Installer.

  • To download RTMT for a client computer that is running the Linux operating system, click HCM-F RTMT Linux Installer.

Step 6

Save the executable in the preferred location on your computer.

Step 7

Perform one of the following steps to install RTMT:

  • To install the Windows version, double-click the RTMT icon that appears on the desktop or locate the directory to which you downloaded the file and run the RTMT installation file. The extraction process begins, and then the RTMT Introduction window appears.
    Note 

    If you are installing RTMT on a Windows Vista computer, the following User Account Control popup message appears: "An unidentified program wants to access your computer." To continue, click Allow.

  • To install the Linux version, ensure that the file has execute privileges. For example, enter the following command, which is case sensitive: chmod +x CcmServRtmtPlugin.bin. The RTMT Introduction window opens.
Step 8

Click Next.

Step 9

To accept the license agreement, click I accept the terms of the License Agreement and then click Next.

Step 10

Perform one of the following steps:

  • Click Next to accept the default folder.

    The default installation paths are:

    • Windows: C:/Program Files/Cisco/HCS/JRtmt

    • Windows 7 32 bit: C:/Program Files/Cisco/HCS/JRtmt

    • Windows 7 64 bit: C:/Program Files (x86)/Cisco/HCS/JRtmt

    • Linux: /opt/Cisco/HCS/JRtmt

  • If you do not want to use the default folder, click Choose and navigate to a different folder. Then click Next.

The selected folder must be empty. If the selected folder is not empty, a warning dialog appears and you cannot proceed unless you select or create an empty folder.

If the installer detects that RTMT is already installed on the computer, a warning dialog appears. You cannot have more than one copy of RTMT installed on the same computer. Click Continue. The uninstaller starts and the Uninstall Real-Time Monitoring Tool window appears. Click Uninstall, allow the uninstallation to finish, and then click Done. You may be prompted to restart the computer.

Step 11

On the Pre-Installation Summary page, review the information, and then click Install.

The installation begins. Do not click Cancel.

Step 12

To close the installer, click Done.

Uninstall RTMT for Windows

User preferences and the module jar files for RTMT (the cache) are saved locally on the client computer. When you uninstall RTMT, you can delete or save the cache.

Procedure

Select Start > Settings > Control Panel > Add/Remove Program and follow the instructions.

Note 

If you are uninstalling RTMT in Windows Vista, the following User Account Control message appears: An unidentified program wants to access your computer. To continue, click Allow.

Uninstall RTMT for Red Hat Linux

You can uninstall RTMT on Red Hat Linux with KDE or a Gnome client.

Procedure

Select Start > Accessories > Uninstall Real-Time Monitoring Tool from the task bar and follow the instructions.

Note 

Alternatively, you can run /opt/Cisco/HCS/JRtmt/Uninstall_Real-Time Monitoring Tool X.X/Uninstall Real-Time Monitoring Tool X.X.

Periodic Maintenance of HCM-F Disk Space

To optimize the performance of HCM-F system, jobs are scheduled internally for routine maintenance of the HCM-F disk space (for example, clearing dead tuples in database tables).

If you've either fresh installed or upgraded to HCM-F 11.5(2) or later version, the enhanced autovacuum functionality of the HCM-F database performs a better maintenance of disk space in HCM-F. It frees up the disk space frequently by automatically cleaning the old deleted rows (dead tuples) from the database tables. However, on rare occasions, if HCM-F still runs into disk space issue then the partner can run the disk cleanup script through CLI to clean up the disk space up by themselves.

If you're on HCM-F 11.5(2) or later, a job is scheduled to run first day of every month. In the Jobs table, the scheduled job appears with the Job Type as System and the Entity Type as Application. The scheduled job triggers a job cleanup script that cleans up the data older than three months from the jobs table (Infrastructure Manager > Administrations > Jobs). It also runs at the time of HCM-F upgrade to version 11.5(2) or later. The status of the scheduled job can be viewed in Infrastructure Manager > Administrations > Jobs. Depending upon the execution results, the Status Information field in the Jobs table shows the following statuses of scheduled jobs:

Scenario

Status Information

When job is successful and deleted some records.

Cleanup of <number> old jobs is completed successfully.

When job is successful with no older records found.

There are no jobs older than 90 days to cleanup.

When job is failed.

Cleanup of old jobs failed; cleanup will run again on the first day of next month.

The Jobs table shows the following information for the cleanup of scheduled jobs:

Field

Description

Job Type

System

Entity Type

Application

Status

Displays the status of the scheduled job: succeeded or failed.

Description

Cleanup of jobs older than 90 days from Job table.

Status Information

Cleanup of <number> old jobs is completed successfully.

Recommended Action

Displays the required action to be taken.

We recommend using the following instructions once in three month for verifying the HCM-f disk space utilization:

Procedure

Step 1

From the admin CLI, run the show status command to verify the disk usages. This command displays basic platform status. If the disk space utilization is considered higher (for example, more than 50% disk space utlilization in one of the drives), manually execute the disk cleanup script described in the step 2.

Step 2

In HCM-F 11.5(2) or later, log in to the CLI as an administrator on the Cisco HCM-F platform, and then run the utils hcs disk cleanup command from the admin CLI.

Note 

  • During this operation some of the HCM-F services would be down and the database access would be restricted. Ensure that you run the utils hcs disk cleanup command during the maintenance window.

  • When executed the utils hcs disk cleanup command runs the disk cleanup script (./disk_clean.sh).

  • The disk cleanup script needs a maintenance window of 30 min to run.
The script ./disk_clean.sh runs full vacuum on the database and cleans up the dead tuples to free disk space. It shows the used and available disk space and cleans up the .MSI files older than one month. It clears the entries from the job table and the cnf table from the database.

Install Service Fulfillment Components with Cisco Unified CDM 10.x+

Install and configure the service fulfillment components in this general order.

Procedure

Step 1

Install Cisco Hosted Collaboration Mediation Fulfillment.

For more information, see Install Hosted Collaboration Mediation Fulfillment.
Step 2

Install and configure Cisco Unified Communications Domain Manager (Cisco Unified CDM) 10.x+.

For more information, see Installation Workflow.
Step 3

Install Cisco Unified Contact Center Domain Manager (Cisco Unified CCDM).

Install Unified CCDM only if your deployment contains HCS for Contact Center. For more information, see Install Cisco Unified Contact Center Domain Manager.
Step 4

Install and configure Cisco Prime License Manageror Cisco Smart Licensing as per your requirement.

Note 

Prime License Manager (PLM) doesn't support UC apps version 12.x and above from the HCS 12.5 release. If you plan to use 12.x and above UC apps version, configure Smart Licensing. For more details on smart licensing configuration, refer Cisco Hosted Collaboration Solution Customer Onboarding Guide.

For more information, see License Management
Note 

Cisco HCM-F will deprecate the support of Cisco Unified Communications Domain Manager in the upcoming releases with limited support for existing integration, Cisco HCS partners and customers are advised to take necessary steps to align their requirements.

Installation Prerequisites

Install Cisco Unified Communications Domain Manager (Unified CDM) in the same domain as Cisco Hosted Collaboration Mediation Fulfillment.

Before installation, consider the prerequisites described in this section.

  • HCM-F services are activated and running.

  • Network connectivity is available between Unified CDM nodes and the HCM-F, UC application servers, and Cisco Webex Meetings servers.

Reducing the Disk Size of a Web Proxy Node

Use this procedure to reduce the disk size of your Web Proxy nodes.

Procedure
Step 1

Sign in to the VMware user interface.

Step 2

Right-click the applicable Web Proxy node.

Step 3

Perform the following steps if you have installed the system (in other words, you installed the OVA, booted it, and ran the wizard):

  1. Select Edit Settings.

  2. On the Hardware tab, click Hard disk 4.

  3. Click Remove, and then click OK to confirm.

Step 4

Perform the following steps if you have not installed the system (in other words, you installed the OVA, but have not booted it):

  1. Select Edit Settings.

  2. On the Hardware tab, click Hard disk 3.

  3. Click Remove, and then click OK to confirm.

  4. On the Hardware tab, click Hard disk 4.

  5. Click Remove, and then click OK to confirm.

Clustering Considerations

The cluster contains multiple nodes that can be contained in separate firewalled networks.

Open network ports on firewalls to allow internode communication. Port requirements are described in the Platform Guide.

All communication between nodes is encrypted.

Node type

Ports

WebProxy

22 (SSH and SFTP), 80 (HTTP), 161 and 162 (SNMP), 443 and 8443 (HTTPS)

Unified

22 (SSH and SFTP), 80 (HTTP), 161 and 162 (SNMP), 443 and 8443 (HTTPS), 27019, 27020, and 27030 (database)

  • 22/SSH is used for remote administration.

  • 80 and 443 are used for the web server.

  • 161 and 162 are used for sending and receiving SNMP.

  • 8443 is used for intercluster communication.

  • 27019, 27020, and 27030 are used for database queries and replication.

Capacity Considerations

For capacity considerations, see the Cisco Hosted Collaboration Solution Capacity Planning Guide.

Multinode Installation

Install a multinode consisting of either four or six Unified instances of Cisco Unified Communications Domain Manager (Unified CDM) 10.x+Cisco HCM-Core and two WebProxy instances.

  • A WebProxy node installs only the front-end web server, with the ability to distribute load among multiple middleware nodes.

  • A Unified node consists of the Application and Database roles on one node. For geo-redundancy, there are two or four Unified nodes in the Primary Site and two Unified nodes in the Disaster Recovery (DR) Site in active-active setup.

    Cisco Hosted Collaboration Solution supports three configurations of Cisco Unified Communications Domain Manager 10.x+. These configurations provide the service provider with options for scale and Geo-Redundancy support.

    Configuration

    Number of Unified Nodes

    Number of Proxy Nodes

    Supported Scale (# Subscribers)

    Geo-Redundancy (Y/N)

    Standalone CUCDM

    1

    0

    20,000

    NA

    Multi-Node CUCDM (across Data Centers)

    4

    2

    200,000

    Yes (Active-Active)

    6

    2

    		200,000 Yes (Active-Passive)

    Multi-Node CUCDM (One Data Center)

    4

    2

    200,000

    No


Note

  • For geo-redundant Multinode Cluster deployment with six Unified Nodes, there are four Unified nodes in the Primary Site and two Unified nodes in the Disaster Recovery (DR) Site in active-standby setup.

  • Installation of the template and upgrade takes approximately two hours. You can follow the progress on the GUI transaction list.

  • Do not configure customer end-users to have the similar administrator access as the restricted groups of provider, and customer administrators. Use both the Self-service web proxies and Administrator web proxies to configure

    Use the Self-service web proxies where the system is customer facing and the customer is not administering the system.

Before you begin

If you received the product on DVD, extract the Unified CDM ISO to get the platform-install ISO and the Unified CDM template file.

If you selected electronic software delivery, use the link that you received to download the product ISO file. Mount the Unified CDM ISO to get the platform-install ISO and the Unified CDM template file.

Optionally, download or extract language pack template files to support languages other than English.

Procedure

Step 1

Install the WebProxy instances.

For each WebProxy instance, create a new VM using the platform-install OVA. Use the instructions shown in Create Virtual Machines from OVA Files. For role, select (3) WebProxy. Specify the appropriate data center (Primary/DR site) for each WebProxy instance.

Step 2

Install the Unified instances.

For each Unified instance, create a new VM using the platform-install OVA. Use the instructions shown in Create Virtual Machines from OVA Files. For role, select (2) Unified. Specify the appropriate data center (Primary/DR Site) for each Unified instance.

The following Unified nodes are required in the cluster:

  • One Unified node as the Primary node at the Primary site

  • One Unified node as the Secondary node at the Primary site

Note 

For six Unified Node Multi Cluster deployment there are three Unified node as the Secondary node at the Primary site

  • Two Unified nodes as the Secondary nodes at the DR site

Step 3

Install VMware tools on each node.

  1. In vSphere, right-click the name of the appropriate VM.

  2. Select Guest > Install/Upgrade VMware Tools.

    If you are prompted to disconnect the mounted CD-ROM, click Yes.

  3. Log in to each node and run the app install vmware command.

  4. Verify by executing the app list command.

Step 4

Prepare each node to be added to the cluster. On each WebProxy and Unified node, except for the primary Unified node, run the cluster prepnode command.

Step 5

Add nodes to the cluster.

  1. Log in to the primary Unified node.

  2. Add the Unified and WebProxy nodes to the cluster with the cluster add <ip_addr> command.

  3. Verify the list of nodes in the cluster with the cluster list command.

Step 6

Add the network domain.

  1. Configure the domain with the cluster run all network domain <domain_name> command.

  2. Verify the configured network domain with the cluster run all network domain command.

    Each node shows the domain that you configured.

  3. Verify the DNS configuration with the cluster run all network dns command.

    Each node responds with the DNS server address.

  4. Attempt to contact each node in the cluster with the cluster run all diag ping <hostname> command.

  5. (Optional) Shut down all the nodes with the cluster run all system shutdown command. Take a snapshot of each node. Restart each node.

Step 7

Configure the cluster.

  1. Provide a weight for each database server with the database weight add <database_ip> <priority> command.

    Use weights of 40, 30, 20, and 10 for the four Unified nodes and weights of 60, 50, 40, 30, 20, and 10 for the six Unified nodes. The higher the value, the more priority.

    For Multinode Cluster deployment with four Unified Nodes in a geo-redundant system containing two data center infrastructures in two physical locations the following weights are used:

    • Specify a weight of 40 for the Primary node at the Primary site

    • Specify a weight of 30 for the Secondary node at the Primary site

    • Specify weights of 20 and 10 for the Secondary nodes at the DR site

    For Multinode Cluster deployment with six Unified Nodes in a geo-redundant system containing two data center infrastructures in two physical locations the following weights are used:

    • Specify a weight of 60 for the Primary node at the Primary site

    • Specify a weight of 50 for the Secondary node at the Primary site

    • Specify a weight of 40 for the Secondary node at the Primary site

    • Specify a weight of 30 for the Secondary node at the Primary site

    • Specify weights of 20 and 10 for the Secondary nodes at the DR site

    Note 

    For information on web weight used for Web Proxy node, refer Cisco Unified Communications Domain Manager Best Practices Guide.

  2. Select a Primary Unified node and set it up as the Primary Unified node with the following command: cluster provision primary <IP address of primary database node>.

    Allow approximately 2 hours for the operation to complete for two WebProxy and four Unified nodes.

    If no primary node exists, you are prompted to select a node to be the primary node.

  3. When provisioning is complete, verify the status of the cluster with the cluster status command.

    If a service is down, run the cluster run <node_ip> app start command to restart the service.

  4. (Optional) If required, set the web weights configurations (Active-Active, Active-Standby, Standalone). From the primary Unified node, run the required web weight commands for the Web Proxy nodes. See Multi Data Center Deployments in the Cisco Unified Communications Domain Manager Best Practices Guide for detailed information.

  5. (Optional) Shut down all the nodes gracefully, snapshot and restart:

    1. From the selected primary Unified node, run cluster run notme system shutdown.

    2. From the selected primary Unified node, run system shutdown.

    3. Take a VMWare snapshot of each node and then remove any previous snapshot.

    4. Restart each node.
Step 8

Initialize the database and clear all data with the voss cleardown command on the primary database node.

Step 9

Import the template.

  1. Copy the template file to the primary Unified node with the scp <template_file> platform@<unified_node_ip_address>:media command.

  2. Log in to the primary Unified node and import the template with the app template media/<template_file> command.

    The following message appears: Services have been restarted. Please ignore any other messages to restart services. The template upgrade automatically restarts necessary applications.

  3. When prompted to set the sysadmin password, provide and confirm a password.

  4. When prompted to set the hcsadmin password, provide and confirm a password.

Step 10

Review the output from the app template command and confirm that the message Script /opt/platform/admin/home/template_xxxxxx/install_script completed successfully appears.

  • If there are no errors indicated, make a backup or snapshot.
  • If there was an error, the install script has stopped with a failure message listing the problem. Resolve the problem and retry the installation.
Step 11

(For Cisco Unified CDM 10.6(1) only) Install the Macro_Update.template file on secondary Unified nodes.

  1. Upload the new Macro_Update.template file to the media directory on the Unified CDM server via SFTP.

    1. From the VM console, enter sftp platform@<cucdm10 hostname>.

    2. Enter cd media.

    3. Enter put Macro_Update_xx.template.

  2. Enter the following command: app template media/Macro_Update_xx.template.

    The template installs on each secondary node in less than a minute.
Step 12

Check for needed security updates by running the cluster run all security check command on the primary node.

If at least one update is required for any node, run the cluster run all security update command on the primary node.

After the security update is successful, reboot the cluster with the cluster run all system reboot command. If a node does not properly reboot but the console shows that all processes have terminated, you can manually reboot the node without any system corruption.

Step 13

(Optional) Install language templates for languages other than English.

  1. Copy the language template file to any Unified node with the scp <language_template_file> platform@<unified_node_ip_address>:./media command.

  2. Log in to the Unified node and install the template with the app template media/<language_template_file> command.

    Example:

    For example, to install French, app template media/CUCDMLanguagePack_fr-fr.template.

What to do next

See the Cisco HCS Integrator Edition, Release 10.6(1) Maintain and Operate Guide to perform the following required steps:

  1. Create the HCM-F device.

  2. Create a provider.

Standalone Installation

Before you begin

If you received the product on DVD, extract the platform-install OVA and template files from the ISO file.

If you selected electronic software delivery, use the link that you received to download the product ISO file. Mount the ISO and extract the platform-install OVA and the template file.


Note

Installation of the template and upgrade takes approximately two hours. You can follow the progress on the GUI transaction list.

Procedure

Step 1

Create a new VM using the platform-install OVA.

Use the instructions shown in Create Virtual Machines from OVA Files. When prompted for a role, select Standalone.
Step 2

After the system has rebooted, sign-in as the platform user.

Step 3

Issue the system provision command.

Step 4

Initialize the database and clear all data with the voss cleardown command.

Step 5

Issue the network domain <your_domain> command.

Step 6

Issue the security update command.

Step 7

Issue the system reboot command.

Step 8

Import the Unified CDMHCM_CORE template.

  1. Use SFTP to transfer the template file to the platform user's media directory server.

    1. Execute the sftp command to access the platform account on the Unified CDM server, e.g., sftp platform@<CUCDMserver>/password
    2. Navigate to the media directory and transfer the template file using the put command: 
      sftp> cd media
sftp> put CUCDM.template

  2. Install the template with the app template media/<template_file> command.

    The following message appears: Services have been restarted. Please ignore any other messages to restart services. The template upgrade automatically restarts necessary applications.

  3. When prompted to set the sysadmin password, provide and confirm a password.

  4. When prompted to set the hcsadmin password, provide and confirm a password.

Step 9

Review the output from the app template command and confirm that the message Script /opt/platform/admin/home/template_xxxxxx/install_script completed successfully appears.

  • If there are no errors indicated, make a backup or snapshot.
  • If there was an error, the install script has stopped with a failure message listing the problem. Resolve the problem and retry the installation.
Step 10

Issue the system reboot command.

Step 11

Install VMware tools:

  1. In vSphere, right-click the name of the appropriate VM.

  2. Select Guest > Install/Upgrade VMware Tools.

    If you are prompted to disconnect the mounted CD-ROM, click Yes.

  3. Log in to the node and run the app install vmware command.

What to do next

See the Cisco HCS Integrator Edition, Release 10.6(1) Maintain and Operate Guide to perform the following required steps:

  1. Create the HCM-F device.

  2. Create a provider.

Create Virtual Machines from OVA Files

You can import the OVA file into VMware vCenter Server. One OVA file is used to deploy all the functional roles. You choose the specific role when the installation wizard is run.

Procedure

Step 1

Sign in to vSphere to access the ESXi Host.

Step 2

Choose File > Deploy OVF Template.

Step 3

Choose Source, browse to the location of the .ova file, and click Next.

Step 4

On the Name and Location page, enter a Name for this server.

Step 5

On the Deployment Configuration page, select the appropriate node type.

Step 6

Choose the resource pool in which to locate the VM.

Step 7

Choose the data store you want to use to deploy the new VM.

Step 8

On the Disk Format page, choose Thick provisioned Eager Zeroed format for the virtual disk format.

Note 
In production environments, "thick provisioning" is mandatory. Thick provisioned Lazy Zero is also supported, but Thin provisioned is not supported.
Step 9

On the Network Mapping, choose your network on which this VM will reside.

Step 10

Do not select Power on after deployment.

Step 11

On the Ready to Complete page, click Finish to start the deployment.

Step 12

After the VM is created, verify the memory, CPU, and disk settings against the requirements shown in Multinode Cluster Hardware Specifications.

Step 13

Power on the VM.

Step 14

Select the following options in the installation wizard:

Option Option name Description
1 IP The IP address of the server.
2 netmask The network mask for the server.
3 gateway The IP address of the network gateway.
4 DNS The DNS server is optional. Ensure that the DNS server is capable of looking up all hostnames referred to, including NTP server and remote backup locations.
5 NTP The NTP server is mandatory to ensure that time keeping is accurate and synchronized among nodes in the same cluster.
6 hostname The hostname, not the fully qualified domain name (FQDN).
7 role

  • A WebProxy role installs only the front-end web server together with ability to distribute load among multiple middleware nodes.

  • An Application node is the main transaction processing engine and includes a web server which can operate by itself, or route transactions from a web node.

  • A Database node provides persistent storage of data.

  • A Standalone node consists of the Web, Application, and Database roles on one node.

  • A Unified node consists of the Web, Application, and Database roles on one node. On installation, the system needs to be clustered with other nodes and the cluster provisioned.

8 data center The system's geographic location (data center name, city, country that a customer can use to identify the system location). You cannot change this setting once set.
9 platform password Platform password must be at least eight characters long and must contain both uppercase and lowercase letters and at least one numeric or special character.
10 fips mode Enable or disable FIPS compliant Cisco Unified CDM. If FIPS is enabled on a system, all install scripts and templates are encrypted and decrypted using FIPS 140-2 complaint encryption algorithms. Once enabled, FIPS mode cannot be disabled.
11

role

See the list of roles below the table.
12

boot password

Enable boot loader configuration password. See the example below the table.
13 install Completes the installation configuration and installs Cisco Unified Communications Domain ManagerCisco HCM-Core.

The default security protocol for the web server is TLSv1.2. To disable TLSv1.1 and below, see the Cisco Unified Communications Domain Manager 11.5(3) Maintain and Operate Guide for detailed information.

If fips mode is selected upon installation, the system is enabled for adherence to Federal Information Processing Standards (FIPS). If fips mode is not selected upon installation, it can be enabled from the command line interface using the system fips enable command.

The following roles are available:

  • AWebProxy role installs only the front-end web server together with ability to distribute load among multiple middleware nodes.

  • An Application node is the main transaction processing engine and includes a web server which can operate by itself, or route transactions from a web node.

  • A Database node provides persistent storage of data.

  • A Standalone node consists of the Web, Application and Database roles on a single node.

  • A Unified node consists of the Web, Application and Database roles on a single node. On installation, the system needs to be clustered with other nodes and the cluster provisioned.

Password protection can be enabled on the Unified CDM boot loader configuration from theIinstall Wizard upon first install and also from the CLI. The console example below shows the output: 

(1)		    ip	(199.29.21.89)
(2)	     netmask	(255.255.255.0
(3)	     gateway	(199.29.21.1)
(4)		  dns	(199.29.88.56)
(5)		  ntp	(199.29.88.56)
(6)      boot password       (disabled)
(7)	    hostname       (atlantic)
(8)	        role	(UNDEFINED)
(9)        data centre	(earth)
(10) platform password       (UNDEFINED)
(11)	  fips mode       (disabled)
Select option ? 6
Valid passwords must contain:
	at least one lower- and one upper-case letter,
	at least one numeric digit
	and a special character eg. !#@$%&^*
Password: Please enter platform user password:
 Please re-enter password
Password:
NOTE: The system boot password is now set for user platform.

When the boot password is set, the wizard will show this: 

(6)	boot password	(*****)

For multi-node installations, also refer to the topic on Clustering the System. Detailed configuration can be applied from the Command Line Interface (CLI). Use network help or network for details. For example, domain can be configured using network domain add <domain-name>. For a geo-redundant deployment, the data center information is equivalent to the location information.

Once all details are entered, installation will commence. When installation is complete, the system will reboot.

Log in to the platform and run the following command from the CLI:

  • For a fresh install: voss cleardown (confirm at the prompt). Note that this command removes any data from the database.

  • For an existing installation: voss upgrade_db on one of the application nodes.

Security updates that are a part of the installation are installed automatically. For a system upgrade, however, run security update to apply all the latest security updates. A system notification upon completion will instruct the user to reboot. This should always be done, because some critical updates on a system layer requires this action to be completed for the security patches to take affect. For a cluster, if a node does not properly reboot but the console shows all processes have terminated, you can manually reboot the node without any system corruption.

The system is ready for use.

The login message would for example looks the same as the following: 

Last login: Wed Nov 2 11:12:45 UTC 2016 
     from oigumbor-m-thwh.visionoss.int on pts/6
Last failed login: Wed Nov 2 11:19:53 UTC 2016
 from riza-dell-laptop.visionoss.int on ssh:notty
There were 2 failed login attempts since the last 
successful login.
host: dev-test, role: webproxy,application,database, 
load: 0.21, USERS: 3
date: 2016-11-02 11:19:57 +00:00, up: 14:19
network: 172.29.253.14, ntp: 172.29.1.15
HEALTH: NOT MONITORED
database: 31Gb
WEB CERT EXPIRED AT: 2016-01-19 07:58:44
Failed logins: 2 since Wed Nov 02 11:19:53 2016 
   from riza-dell-laptop.visionoss.int
  mail - local mail management
	keys - ssh/sftp credentials
network - network management	
backup - manage backups
  voss - voss management tools	
log - manage system logs
database - database management	
notify - notifications control
schedule - scheduling commands	
selfservice - selfservice management
  diag - system diagnostic tools	
system - system administration
  snmp - snmp configuration	
user - manage users
cluster - cluster management	
drives - manage disk drives
  web - web server management	
app - manage applications
security - security update tools

The application: up message indicates the application status. If the message is NOT PROVISIONED, then for a standalone installation, the system provision command can be run. This command, however, runs automatically during the standalone installation.

If the user failed to log in prior to a successful login, the count, date and origin of the attempts are shown as Failed logins. A successful login resets this login count.

After provisioning, if the admin or Self-Service GUI needs to be disabled on the web proxy nodes for security purposes, run the command on the relevant web proxy node: 

web service disable <selfservice|admin>

If needed, the web service can be enabled again by: 

web service enable <selfservice|admin>

These commands will automatically reconfigure and restart the nginx process, so will include some downtime. Request URLs to the disabled service will redirect the user to the active service. It is not advisable to run these commands on a standalone configuration.

When the installation of the OVA is complete, a sign-in prompt for the platform user is displayed.

What to do next

Return to Multinode Installation to complete the overall installation procedure.

Create the HCM-F Device

After you create the HCM-F device, data synchronization begins if there is a network connection and the NBI REST service is running on the HCM-F server.

Before you begin

  • Install and configure HCM-F. For more information, see the Cisco Hosted Collaboration Mediation Fulfillment Install and Configure Guide

    .

  • Verify that the NBI REST SDR Web Service is running

    1. Sign in to the HCM-F CLI as the user administrator.

    2. Run the utils service list command. Verify that the Cisco HCS NBI REST SDR Web Service is running.

    3. If not running, start it with the utils service start Cisco HCS NBI REST SDR Web Service command.

Procedure

Step 1

Sign in to Cisco Unified Communications Domain Manager (Unified CDM)Cisco HCM-Core as hcsadmin@sys.hcs.

Step 2

Create a new HCM-F instance:

  1. Select Device Management > HCM-F and click Add.

  2. Enter the HCM-F hostname.

  3. Enter the HCM-F administrator Username.

  4. Enter the HCM-F administrator Password.

  5. Select the HCM-F Version from the drop-down list.

    Note 
    Once the HCM-F Version is set to a new version, it cannot be changed to an older one.

  6. Click Save.

Step 3

If the previous step fails:

  • Verify that HCM-F Hostname is correct

  • Verify that HCM-F administrator Username and administrator Password are correct

  • Verify that HCM-F Version is correct

  • Verify that the domain is set correctly using the Unified CDMCisco HCM-Core CLI:

    1. ssh platform@<cucdm hostname>

    2. network domain
Step 4

After a couple of minutes, verify that the initial synchronization between Unified CDMCisco HCM-Core and HCM-F is successful:

  1. Select Provider Management > Advanced > SDR Service Provider.

  2. The sync is successful if the default entry, "Service Provider Name", appears.

What to do next

If the initial sync is not working after following the previous steps, verify that the HCM-F REST API is working by browsing to the following: http://<hcmf_app_node_host>/sdr/rest/<hcmf_version>/entity/ServiceProvider. This command returns the JSON representation of the predefined service provider instance in the HCM-F Shared Data Repository (SDR). If you get an error, log in as the administrator on the HCM-F app node CLI and verify that the REST service is running:

To display the services, run the command: utils service list.

In the output, you see Cisco HCS NBI REST SDR Web Service[STARTED].

If this service is not started, start it with the command: utils service start Cisco HCS NBI REST SDR Web Service

For data sync failures, try importing the new HCM-F:

  1. Select Device Management > HCM-F and click the HCM-F device.

  2. Update the Hostname and click Save.

  3. Import the new HCM-F:

    1. Select Device Management > Advanced > Perform Actions.

    2. In the Action field, select Import.

    3. In the Device field, select the HCM-F server.

    4. Click Save and wait a few minutes.

  4. Check the provider under Provider Management > Advanced > SDR Service Provider.

Create a Provider


Note

In Cisco Unified CDM 10.6(2) or later, the provider name is set to the current service provider name in HCM-F. You can decouple the provider name in Cisco Unified CDM from the service provider name in HCM-F.

Procedure

Step 1

Log in to Cisco Unified Communications Domain ManagerCisco HCM-Core as hcsadmin@sys.hcs.

Step 2

Select Provider Management > Providers.

Step 3

Click Add.

Step 4

On the Service Provider Details tab, complete the following fields:

Field Description
Name

The name of the provider. The name is automatically set to the current service provider name in HCM-F. You can keep the existing name or overwrite with a more meaningful name. This field is mandatory.

Note 

Once you have saved the provider, you cannot change the provider name.

Note 

Any spaces in the provider name are converted to underscores in the provider local administrator name and email, if Create Local Admin is checked.

Decouple SDR Name

Check to set a provider name in Unified CDM that is different from the service provider name in HCM-F.

If you leave unchecked, the provider name you enter in the Name field is synchronized into HCM-F as the service provider name.

SDR Name

The service provider name to store in the SDR on HCM-F. This field appears only if Decouple SDR Name is checked.

Description

A description of the provider.

Domain Name

The domain of the provider. For example, provider.com. Used when creating the default local administrator so the administrator can sign in with an email ID such as ProviderAdmin@provider.com. This field is mandatory.

Create Local Admin

Controls whether a default local administrator is created.

Cloned Admin Role

The HCS default provider role used to create a new role prefixed with the provider name. The created provider role, shown in Default Admin Role field, is assigned to the default local administrator. This field appears only if Create Local Admin is checked.

Default Admin Role

The created provider role that is assigned to the default local administrator. This field is read only and appears only if Create Local Admin is checked.

Default Admin Password

The password to assign to the default local administrator. This mandatory field appears only if Create Local Admin is checked.

Repeat Default Admin Password

Confirm the default local administrator password. This mandatory field appears only if Create Local Admin is checked.

Step 5

On the Contact Information tab, enter address, email, and phone information as appropriate.

Step 6

Click Save.

The provider hierarchy node in Unified CDMCisco HCM-Core, the Service Provider name in SDR, and optionally a default provider administrator are created. All existing Cisco HCS System Administration-level dial plan schemas and schema groups are automatically cloned to the new provider. For more information on automatic cloning, see the Cisco Hosted Collaboration Solution Dial Plan Management Guide for Cisco Unified Communications Domain Manager, Release 10.x/11.5.

Validated Identity Providers

To enable Single Sign-On, Cisco Unified Communications Domain Manager 10.1(x) and later works with an Identity Provider (IdP) using the SAML protocol. For this Cisco HCS release, the following IdPs have been validated:

  • SiteMinder

  • OpenAM

  • Shibboleth

Contact your Identity Provider for information about installation and other instructions.

Prime Collaboration Deployment for UC Applications

Cisco Prime Collaboration Deployment helps you to manage Unified Communications (UC) applications. Its functions are to:

  • Migrate a cluster of UC servers to a new cluster (such as MCS to virtual, or virtual to virtual).


    Tip

    Cisco Prime Collaboration Deployment does not delete the source cluster VMs after migration is complete. You can fail over to the source VMs if there is a problem with the new VMs. When you are satisfied with the migration, you can manually delete the source VMs.

  • Perform operations on clusters, such as:

    • Upgrade

    • Switch version

    • Restart

  • Fresh install a new release UC cluster

  • Change IP addresses or hostnames in clusters (for a network migration).

    Cisco Prime Collaboration Deployment supports simple migration and network migration. Changing IP addresses or hostnames is not required for a simple migration. For more information, see the Prime Collaboration Deployment Guide.

The functions that are supported by the Cisco Prime Collaboration Deployment can be found in the Prime Collaboration Deployment Administration Guide.

Use the Cluster Discovery feature to find application clusters on which to perform fresh installs, migration, and upgrade functions. Perform this discovery on a blade-by-blade basis.

For more information about features, installation, configuration and administration, best practices, and troubleshooting, see the following documents:

Install Cisco Unified Contact Center Domain Manager

Install Cisco Unified Contact Center Domain Manager (Unified CCDM) if your deployment supports Cisco HCS for Contact Center. For information about prerequisites and installation, see the Installing and Upgrading Guide for Cisco Hosted Collaboration Solution for Contact Center guide: http://www.cisco.com/c/en/us/support/unified-communications/hosted-collaboration-solution-contact-center/products-installation-guides-list.html.

The OVA files for Unified CCDM are available here: http://www.cisco.com/c/en/us/support/unified-communications/hosted-collaboration-solution-contact-center/tsd-products-support-general-information.html.

Contact your Cisco account representative to order the Unified CCDM software media kit.

License Management

Install Prime License Manager

You can install Prime License Manager server as a standalone application on a virtual machine that resides in the management domain. Standalone means that License Manager is not installed on the same server as Unified Communications Manager or Cisco Unity Connection. Standalone installation is required when you want to manage Prime License Manager in HCS License Manager.


Note

Cisco Unified Communications Manager Release 11.5(1)SU3 is compatible with Cisco Prime License Manager Release 11.5(1)SU2. If you are deploying a standalone Cisco Prime License Manager, make sure that your Prime License Manager version is 11.5(1)SU2. Otherwise, Cisco Unified Communications Manager cannot synchronize its license usage with the standalone Prime License Manager.

With co-resident Prime License Manager deployments, Cisco Unified Communications Manager and Cisco Prime License Manager are compatible automatically.

Before you begin

Ensure that the following prerequisites are met:

  • You have access to the Cisco Hosted Collaboration Solution License Management guide at http://www.cisco.com/c/en/us/support/unified-communications/hosted-collaboration-solution-hcs/tsd-products-support-series-home.html.

  • Prime License Manager (PLM) doesn't support UC apps version 12.x and above from the HCS 12.5 release. If you plan to use 12.x and above UC apps version, configure Smart Licensing. For more details on smart licensing configuration, refer Cisco Hosted Collaboration Solution Customer Onboarding Guide.

  • Cisco HCM-F is installed and configured.

  • On the ASA switch, the ports used by Prime License Manager are allowed in the firewall or ACL rules. See the following table.

    Traffic type

    		Protocol

    Port

    Incoming traffic

    Browser HTTP

    TCP

    80/8080 443/8443

    SSH/SFTP

    TCP

    22

    Ephemeral port ranges for clients initiating connections

    TCP

    UDP

    32768-61000

    32768-61000

    Outgoing traffic

    DNS name resolution

    UDP

    TCP

    53

    53

    Used to connect to product instances and the Cisco back office for electronic fulfillment

    TCP

    80, 8080, 443, 8443 (HTTP and HTTPS)

    Disaster recovery

    TCP

    22 (SSH/SFTP)

    DHCP client

    UDP

    67

    NTP client

    TCP

    UDP

    123

    123

Procedure

Step 1

Plan for Prime License Manager installation and configuration.

Each Prime License Manager supports up to 1000 Unified Communications application clusters. If you have more than one cluster, you can assign each cluster to multiple Prime License Managers. For example, you can assign cluster A to 'PLM1', assign cluster B to 'PLM1', and assign cluster C to 'PLM2'.

Cisco recommends that you install Prime License Manager in the service provider space or in the same management network as Cisco HCM-F. Then, Prime License Manager can access all Unified Communications application clusters. Prime License Manager periodically connects to the clusters to update license counts and to grant licenses.

Prime License Manager supports NAT and can be in a NAT environment with its own private address.

Prime License Manager is a management application that runs on the same ISO as Unified Communications Manager in vCenter. Virtual machine specifications are defined in the OVA that is provided by Cisco. Standalone Prime License Manager uses the same virtual machine specifications as Unified 2500 user node and supports the standard HCS license.

Step 2

Gather the information for setting up the Prime License Manager virtual machine and for configuring Prime License Manager:

  • Virtual machine name

  • ESXi host or cluster

  • Storage for virtual machine files

  • VLAN

  • Hostname

  • IP address allocated to the virtual machine

  • Administrator username and password for the Prime License Manager operating system

    The system uses this username and password to sign in to Cisco Unified Communications Operating System Administration, the command line interface, and the Disaster Recovery System.

  • Node authentication password (security password)

    The system uses this password to authorize communications between nodes. Ensure that this password is identical on all nodes in the cluster.

  • Prime License Manager application username and password

  • Network Time Protocol (NTP) server name. Use the same NTP server that the management applications use.

  • Default gateway

  • DNS (optional)

  • DHCP (optional)

Step 3

Obtain the OVA file (template) for Prime License Manager.

The Cisco Prime License Manager OVA image is available for download at http://software.cisco.com/download. Navigate to Downloads Home > Products > Cloud and Systems Management > Collaboration and Unified Communications Management > Cisco Prime License Manager.

Step 4

Create a Virtual Machine for Prime License Manager on a UCS Blade.

Step 5

Install the Prime License Manager software on the virtual machine.

For more information, see Cisco Hosted Collaboration Solution License Management at http://www.cisco.com/c/en/us/support/unified-communications/hosted-collaboration-solution-hcs/tsd-products-support-series-home.html.

Step 6

Run the utils service list command in the Unified Communications Manager CLI and verify that the Cisco PLM Resource API service is running.

If the service is not running, run utils service start Cisco PLM Resource API to start it.
Step 7

Log in to Prime License Manager with the username and password that you entered during the Prime License Manager installation process.

Step 8

Change the log level in Prime License Manager from info to detailed/debug.

Click Administration > Diagnostic logs > Log settings. Change the log levels for Prime License Manager core services and Communication with product instances to debug.

Step 9

Configure the backup functionality for Prime License Manager in the Unified Communications Manager Disaster Recovery System (DRS).

The Disaster Recovery page in Prime License Manager contains a link to the Cisco Disaster Recovery Service utility. When you click the link, the utility opens in a new window. The Cisco Disaster Recovery Service utility is common to Cisco Unified Communications Manager, Cisco Unity Connection, and Prime License Manager. For information about the Cisco Disaster Recovery Service utility, see the following documents (as required):
Step 10

Install the Prime License Manager license.

For more information, see Cisco Hosted Collaboration Solution License Management at http://www.cisco.com/c/en/us/support/unified-communications/hosted-collaboration-solution-hcs/tsd-products-support-series-home.html.

Note 

Prime License Manager operates in Demo mode until after the license file is installed. A warning at the top of the Prime License Manager Dashboard identifies Demo mode. When you install the license, Prime License Manager registers with the Cisco licensing back office and is no longer in Demo mode.

Product instances managed by Prime License Manager are not in license compliance while Prime License Manager runs in Demo mode. Cisco Unified Communications Manager and Cisco Unity Connection have their own version of Demo mode that operates independently of the Prime License Manager Demo mode.

Prime License Manager must not be running Demo mode when you configure Prime License Manager in Cisco HCM-F. If Prime License Manager is still running in Demo mode, the creation of the PLM instance in the HCS space fails.

Attention 
Do not add Cisco Unified Communications Manager and Cisco Unity Connection applications directly into Prime License Manager. Add the Cisco Unified Communications Manager and Cisco Unity Connection applications through HCM-F.

Prime License Manager setup is completed and Prime License Manager is ready for use.

Create a Virtual Machine for Prime License Manager on a UCS Blade

Procedure

Step 1

Start the VMware vSphere client.

Step 2

Deploy the Prime License Manager virtual machine OVA using File > Deploy OVF Template.

Step 3

Follow the prompts in the VMware wizard to complete the deployment:

  1. Select the CUCM 2500 user node option.

  2. Enter the data you gathered in Step 2 of Install Prime License Manager.

  3. To provision the virtual hard disk, choose Thick Provision Lazy Zeroed.

Prime License Manager does not support high availability. Therefore, primary and secondary servers do not apply.

When done, the new virtual machine is created with the correct amount of RAM, number of CPUs, and size and number of disks for Prime License Manager.

Configure HCS License Manager in Cisco HCM-F

This section outlines the procedure to complete the HCS Prime License Manager configuration in Cisco HCM-F.

Procedure

Step 1

Run utils service list in the Cisco HCM-F CLI, and verify that the Cisco HCS Prime License Manager Service is still running.

Step 2

Select License Management > License Manager Summary, and then click Add New.

Step 3

Enter the name, hostname, cluster capacity, deployment mode, network space, and OS administrator user ID and password for the Prime License Manager instance.

Step 4

Click Save.