Transcription

CHAPTER4Installing the Cisco MSE Virtual Appliance on aXenServerCitrix XenServer is a complete server virtualization platform, optimized for both Windows and Linuxvirtual servers with all the capabilities required to create and manage a virtual infrastructure.Citrix XenServer runs directly on server hardware without requiring an underlying operating system,which results in an efficient and scalable system. XenServer works by abstracting elements from thephysical machine and allocates them to the Virtual Machines (VMs) running on it.Citrix XenCenter is the Windows-native graphical user interface for managing Citrix XenServer. Importof MSE virtual appliance onto the XenServer is done using the XenCenter.This chapter contains the Overview of the Process for Installing the Cisco MSE Virtual Appliance On aXenServer, page 4-1.Overview of the Process for Installing the Cisco MSE VirtualAppliance On a XenServerTable 4-1 describes the steps to be followed while deploying the Cisco Mobility Services Engine (MSE)virtual appliance.Table 4-1Workflow for MSE Virtual Appliance InstallationProcessDescription1.Verify the requirements and prepare forCisco MSE VA installation.See Verifying Requirements, page 4-2 for more information.2.Download the Cisco MSE VA OVA filefrom Cisco.com.See Downloading the Cisco MSE Virtual Appliance OVA File, page 4-2 formore information.3.Importing VMs.See Importing the MSE Virtual Appliance Using the XenCenter, page 4-3 formore information.4.Configure the basic settings.See Configuring the Basic Settings to Start the MSE Virtual Appliance VM,page 4-10 for more information.5.Configure the MSE on PrimeInfrastructure.See Configuring MSE on the Prime Infrastructure, page 4-18 for moreinformation.6.Synchronize the network design andtracking parameters.See Synchronizing the Network Design and Tracking Parameters, page 4-18for more information.Cisco MSE Virtual Appliance Installation and Configuration GuideOL-32455-014-1

Chapter 4Installing the Cisco MSE Virtual Appliance on a XenServerVerifying RequirementsVerifying RequirementsTable 4-2 describes the requirements to verify.Table 4-2RequirementsSystem Requirements64 bit processor Intel VT/AMD-V32 GB RAM Memory500 GB HDDEthernet Cards (NIC) of 1 GbpsSoftware RequirementsCitrix XenServer 6.1Citrix XenCenter 6.1LicensesEnterprise edition or advanced editionManagement Tools XenServer Version 6.1.x XenCenter Version 6.1.xDownloading the Cisco MSE Virtual Appliance OVA FileTo download the MSE .ova file, follow these steps:Step 1Access the Cisco MSE Virtual Appliance image at the following tor.htmlStep 2In the Product/Technology Support section, choose Download Software.Step 3In the Select a Product section, navigate to the Wireless software by choosing Products Wireless Mobility Services Cisco Mobility Services Engine Virtual Appliance.A list of the latest release software for Cisco Mobility Services Engine Virtual Appliance is available fordownload.Step 4In the Latest list, choose 7.6.100.0.Step 5You can select any of the following ova files to download:Step 6 MSE-XEN-VA-8-0-100-0-Generic.ova—Use this file for a new MSE deployment on a Xenplatform. MSE-XEN-VA-8-0-100-0-LowEnd.ova—Use this file for a new MSE deployment on a low-endXen platform.Save the installer to your computer in a place that will be easy to find when you start the deployment.Cisco MSE Virtual Appliance Installation and Configuration Guide4-2OL-32455-01

Chapter 4Installing the Cisco MSE Virtual Appliance on a XenServerImporting the MSE Virtual Appliance Using the XenCenterImporting the MSE Virtual Appliance Using the XenCenterYou can import and export Virtual Machines (VMs) in XenCenter using the Import and Export wizards.To import an Open Virtualization Archive (OVA) package, follow these steps:Step 1Launch XenCenter Client application on your desktop and log in using the Administrative privileges.Step 2Add XenServer to XenCenter if it is not added. You can skip this step if you have already connected theXenCenter to the XenServer host. See this URL for more ervlet/download/32306-102-691299/QuickStartGuide BasicVersion.pdf.Step 3Right-click on XenServer in the XenCenter client and choose Import to import the MSE OVA file.The Import wizard appears.Step 4Figure 4-1In the Import Source page, click Browse to select the MSE OVA file (see Figure 4-1).Import Source PageCisco MSE Virtual Appliance Installation and Configuration GuideOL-32455-014-3

Chapter 4Installing the Cisco MSE Virtual Appliance on a XenServerImporting the MSE Virtual Appliance Using the XenCenterStep 5From the Open dialog box, locate the appropriate .ova file that you downloaded to your computer andclick Open.Step 6Click Next.The Location page appears (see Figure 4-2).NoteStep 7If the package you are importing includes any EULAs, accept them and click Next to continue.If there are no EULAs included in the package, the wizard skips this step and goes to the nextpage. Review and accept End User License Agreement (EULA).In the Location page, choose the pool or standalone server where you want to place the VM(s). You canalso specify a Home Server within the selected pool for each imported VM. From the Import VM(s) to drop-down list, choose the destination pool or standalone server whereyou want to place the VMs that you are importing and assign them a home server. The Add NewServer window appears.– In the Server text box, enter the host name or IP address of the server you want add.– In the User name text box, enter the user name for that server.– In the Password text box, enter the password. Figure 4-2To assign imported VM(s) to a home server, select the server from the list in the Home Servercolumn (see Figure 4-2). For more information on assigning a home server to new VMs, see theHome Server documentation available at the Citrix Website.Location PageCisco MSE Virtual Appliance Installation and Configuration Guide4-4OL-32455-01

Chapter 4Installing the Cisco MSE Virtual Appliance on a XenServerImporting the MSE Virtual Appliance Using the XenCenterStep 8Click Next.The Storage page appears (see Figure 4-3).Step 9Configure storage for the imported VMs.On the Storage page, select one or more storage repositories (SRs) to place the virtual disks (seeFigure 4-3).Figure 4-3Storage Page To place the imported disk images on the same SR, click Place all imported virtual disks on thistarget SR radio button and select an SR from the list. To place the disk images of incoming VMs onto different SRs, click Place imported virtual disksonto specified target SR radio button and select the target SR from the drop-down list in theStorage Repository column.Cisco MSE Virtual Appliance Installation and Configuration GuideOL-32455-014-5

Chapter 4Installing the Cisco MSE Virtual Appliance on a XenServerImporting the MSE Virtual Appliance Using the XenCenterStep 10Click Next.The Networking page appears (see Figure 4-4).Step 11On the Networking page, map the virtual network interfaces in the VMs you are importing to targetnetworks in the destination pool or standalone server. Figure 4-4Select the virtual network interface in the VM-Virtual Network Interface column and select thetarget network from the drop-down list in the Target Network column (see Figure 4-4).Networking PageCisco MSE Virtual Appliance Installation and Configuration Guide4-6OL-32455-01

Chapter 4Installing the Cisco MSE Virtual Appliance on a XenServerImporting the MSE Virtual Appliance Using the XenCenterStep 12Click Next to continue.The Security page appears (see Figure 4-5).Step 13On the Security page, you can set the security settings to validate the OVF/OVA package that you areimporting. Figure 4-5Select the Verify manifest content check box to verify if the manifest matches with the appliancefiles.Security PageStep 14Click Next. The OS Fixup Settings page appears.Step 15Configure the following in the OS Fixup Settings page: If the VMs in the package you are importing were built on a hypervisor other than XenServer, thenselect the Use Operating System Fixup check box to enable the imported VM to boot correctly onthe XenServer. The Operating System Fixup attempts to repair boot device-related problems withimported VMs that might prevent the operating system within the VM from booting in a XenServerenvironment. If you enable the Use Operating System Fixup check box, then you must select an ISO library wherethe fixup ISO will be copied. Click New ISO library to choose the type of new storage andconfigure. Select the type of virtual disk storage:– NFS VHD– Software iSCSI– Hardware HBA– StorageLink technology Select ISO library type:– Windows File Sharing (CIFS)– NFS ISOCisco MSE Virtual Appliance Installation and Configuration GuideOL-32455-014-7

Chapter 4Installing the Cisco MSE Virtual Appliance on a XenServerImporting the MSE Virtual Appliance Using the XenCenterStep 16Click Next. Step 17Provide a name and description for your SR in the Name and Description text box.Click Next. Provide the name of the share where your SR is located in the Share Name text box. You canoptionally specify alternative credentials by setting the server options by providing the usernameand password. Click Finish.Step 18Click Next. The Transfer VM Settings page appears.Step 19On the Transfer VM Settings page, configure the following networking settings: Select the network on which the temporary VM used to perform the import operations from theNetwork drop-down list. Configure either of the following network settings:– Automatically obtain network settings using DHCP.– Use these network settings.Step 20Click Next to continue.Step 21On the Finish page, review all the import settings and click Finish to begin the import process and closethe wizard.Step 22Click the Logs tab in the XenCenter client to check the progress of the OVA import.Step 23The MSE OVA gets imported.Figure 4-6 shows the deployed appliance.Cisco MSE Virtual Appliance Installation and Configuration Guide4-8OL-32455-01

Chapter 4Installing the Cisco MSE Virtual Appliance on a XenServerImporting the MSE Virtual Appliance Using the XenCenterFigure 4-6Deployed ApplianceStep 24The OVA will be in shutdown state as soon as the import is completed.Step 25Start the Virtual Machine (VM).Right-click on the imported file and select Start.Cisco MSE Virtual Appliance Installation and Configuration GuideOL-32455-014-9

Chapter 4Installing the Cisco MSE Virtual Appliance on a XenServerConfiguring the Basic Settings to Start the MSE Virtual Appliance VMConfiguring the Basic Settings to Start the MSE VirtualAppliance VMYou have completed deploying the MSE virtual appliance on a new virtual machine. A node for thevirtual machine now appears in the resource tree in the XenCenter Client window. After deployment,you need to configure basic settings for the MSE virtual appliance.To start the MSE setup, follow these steps:Step 1In the XenCenter Client, click the MSE virtual appliance node in the resource tree.Step 2Click the Console tab, within the console pane to make the console prompt active for keyboard input.The VM starts booting.Step 3Press Enter for the login prompt to appear to initiate the MSE Installation Wizard. The following ---------------------------Cisco Mobility Service EngineXen-8-6-x-x login: rootPassword: passwordRunning the Cisco Mobility Services Engine installer. It may take several minutes emsignhash.binPreparing to install.Extracting the JRE from the installer archive.Unpacking the JRE.Extracting the installation resources from the installer archive.Configuring the installer for this system’s environment.Launching installer.Preparing CONSOLE Mode Installation. Introduction-----------InstallAnywhere will guide you through the installation of Cisco Mobility Services Engine.It is strongly recommended that you quit all programs before continuing with thisinstallation.Respond to each prompt to proceed to the next step in the installation. If you want tochange something on a previous step, type ‘back’.Licensing on the Mobility Services Engine is enforced with the release of software version6.x and greater. Please have the Product Authorization key (PAK) and refer to theinstructions in the User Guide to enable licensing.PRESS ENTER TO CONTINUE:Installing MSE Version: 8.0.x.xCisco MSE Virtual Appliance Installation and Configuration Guide4-10OL-32455-01

Chapter 4Installing the Cisco MSE Virtual Appliance on a XenServerConfiguring the Basic Settings to Start the MSE Virtual Appliance VM Installation Check------------------ Cisco Mobility Services Engine Installation --------------------Cisco MSE v8.0 upgrade procedure may take several hours to complete, depending on theamount of data on the system.During the upgrade process, please ensure that the session to the MSE is not terminated.User action is needed at the end of the installation process.- 1- Exit2- ContinueENTER THE NUMBER OF THE DESIRED CHOICE, OR PRESS ENTER TO ACCEPT THE DEFAULT: [ Installing.------------[ ][------------------ ------------------ ------------------ -------------]Database Installation---------------------The installer will now install the database. This may take a long time (up to 30 minutes).Do not cancel the installer during this set up.Installing Database filesStep 1/3 - Installing Database filesStep1/3 CompletedStep 2/3 Configuring DatabaseStep 2/3 CompletedStep 3/3 - Updating patchesStep 3/3 CompletedInstallation of database Completed ---------------------]Starting Health Monitor, Waiting to check the statusHealth Monitor successfully startedStarting Admin process.Started Admin process.Starting database.Database started successfully. Starting framework and services.NoteAfter the initial installation, you are logged off the newly created VM and you must login to theconsole panel again.Cisco MSE Virtual Appliance Installation and Configuration GuideOL-32455-014-11

Chapter 4Installing the Cisco MSE Virtual Appliance on a XenServerConfiguring the Basic Settings to Start the MSE Virtual Appliance VMStep 4The MSE virtual machine shuts down and reboots.GRUB Loading stage2.Press any key to continue.Press any key to -----------------Cisco Mobility Services Enginemse login: rootpassword: passwordLast login: Mon Apr 7 04:11:50 on tty1NoteIf the MSE does not prompt for setup, enter the following command: /opt/mse/setup/setup.sh.Would you like to setup initial parameters using menu options (yes/no) [yes]:[Press Enter to use the default values (yes) to use the Menu options]Please select a configuration option below and enter therequested information. You may exit setup at any time bytyping Ctrl C .You will be prompted to choose whether you wish to configure aparameter, skip it, or reset it to its initial default value.Skipping a parameter will leave it unchanged from its currentvalue.Please note that the following parameters are mandatory and must be configured at leaseonce.- Hostname- Network interface eth0- Timezone settings- Root password- NTP settings- Prime Infrastructure passwordYou must select option 24 to verify and apply any changes made during this -------------------PRESS ENTER TO ---------------------Configure ---------------1) Hostname *2) Network Interface eth0 settings *3) Timezone settings *4) Root password *5) NTP settings *6) Prime Infrastructure configuration7) Display current configuration8) Domain9) High availability role10) Network interface eth1 settings11) DNS settings12) Future restart time13)14)15)16)17)18)19)20)21)22)23)24)Remote syslog settingHost access control settingsAudit rulesLogin bannerSystem console restrictionsSSH root accessSingle user password checkLogin and password settingsGRUB passwordRoot access controlAuto start MSE on system boot up## Verify and apply changes ##Cisco MSE Virtual Appliance Installation and Configuration Guide4-12OL-32455-01

Chapter 4Installing the Cisco MSE Virtual Appliance on a XenServerConfiguring the Basic Settings to Start the MSE Virtual Appliance VMStep 5NoteIt is highly recommended that all relevant items must be configured during initial setup to ensureoptimum operation of the mobility services engine in your network. The hostname and either theEthernet-0 (eth0) or the Ethernet-1 (eth1) port must always be configured during the automaticinstallation.NoteYou can rerun the automatic installation script at any time to add or change parameters using thiscommand:[[email protected]]# /opt/mse/setup/setup.sh.There is no need to re-enter values that you do not want to change during one of these updates.NoteIf you do not want to configure an item, enter skip and you are prompted for the nextconfiguration step. Any setting skipped is retained and not modified.NoteMinimal configuration is done for the mobility services engine as part of installation using theconsole. All configurations beyond the initial setup using the automatic installation is done withthe Cisco Prime Infrastructure.Configure the host namePlease enter your choice [1 - 24]: 2Current hostname [Xen-8-0-x-x]Configure hostname? (Y)es/(S)kip/(U)se default [Skip]: yThe host name should be a unique name that can identifythe device on the network. The hostname should start witha letter, end with a letter or number, and contain onlyletters, numbers, and dashes.Enter a host name [Xen-8-0-x-x]:Step 6Configure eth0 network settingsPlease enter your choice [1 - 24]: 2Current IP address [10.0.0.1]Current eth0 netmask [255.0.0.0]Current IPv4 gateway address [172.20.104.123]Configure eth0 interface parameters? (Y)es/(S)kip/(U)se default [Skip]:yEnter an IP address for first ethernet interface of this machine.Enter eth0 IP address[10.0.0.2]:Enter the network mask for IP address 172.21.105.126Enter network mask [255.255.255.224]:Enter an default gateway address for this machine.Note that the default gateway must be reachable fromthe first ethernet interface.Enter default gateway address [172.20.104.123]:Cisco MSE Virtual Appliance Installation and Configuration GuideOL-32455-014-13

Chapter 4Installing the Cisco MSE Virtual Appliance on a XenServerConfiguring the Basic Settings to Start the MSE Virtual Appliance VMStep 7Configure the DNS Settings:Please enter your choice [1 - 24]: 11Domain Name Service (DNS) SetupEnable DNS (yes/no) [no]: yDefault DNS server 1 [8.8.8.8]Enter primary DNS server IP address:DNS server address must be in the form #.#.#.#, where # is 0 to 255 or hexadecimal :separated v6 addressEnter primary DNS server IP address [8.8.8.8]:Enter backup DNS server IP address (or none) [none]:Step 8Configure the Timezone settings:NoteIf your wIPS deployment consists of a Cisco MSE and other devices (such as Cisco WLCs andaccess points), set the Cisco MSE and the other devices to the same time zone.Please enter your choice [1 - 24]: 3Current Timezone [America/New York]Configure timezone? (Y)es/(S)kip/(U)se default [Skip]: yEnter the current date and time.Please identify a location so that time zone rules can be set correctly.Please select a continent or ocean.1) Africa2) Americas3) Antarctica4) Arctic Ocean5) Asia6) Atlantic Ocean7) Australia8) Europe9) Indian Ocean10) Pacific Ocean11) UTC - I want to use Coordinated Universal Time.#? 2Please select a country.1) Anguilla27) Honduras2) Antigua & Barbuda28) Jamaica3) Argentina29) Martinique4) Aruba30) Mexico5) Bahamas31) Montserrat6) Barbados32) Netherlands Antilles7) Belize33) Nicaragua8) Bolivia34) Panama9) Brazil35) Paraguay10) Canada36) Peru11) Cayman Islands37) Puerto Rico12) Chile38) St Barthelemy13) Colombia39) St Kitts & Nevis14) Costa Rica40) St Lucia15) Cuba41) St Martin (French part)16) Dominica42) St Pierre & Miquelon17) Dominican Republic43) St Vincent18) Ecuador44) Suriname19) El Salvador45) Trinidad & TobagoCisco MSE Virtual Appliance Installation and Configuration Guide4-14OL-32455-01

Chapter 4Installing the Cisco MSE Virtual Appliance on a XenServerConfiguring the Basic Settings to Start the MSE Virtual Appliance VM20) French Guiana46) Turks & Caicos Is21) Greenland47) United States22) Grenada48) Uruguay23) Guadeloupe49) Venezuela24) Guatemala50) Virgin Islands (UK)25) Guyana51) Virgin Islands (US)26) Haiti#? 47Please select one of the following time zone regions.1) Eastern Time2) Eastern Time - Michigan - most locations3) Eastern Time - Kentucky - Louisville area4) Eastern Time - Kentucky - Wayne County5) Eastern Time - Indiana - most locations6) Eastern Time - Indiana - Daviess, Dubois, Knox & Martin Counties7) Eastern Time - Indiana - Pulaski County8) Eastern Time - Indiana - Crawford County9) Eastern Time - Indiana - Pike County10) Eastern Time - Indiana - Switzerland County11) Central Time12) Central Time - Indiana - Perry County13) Central Time - Indiana - Starke County14) Central Time - Michigan - Dickinson, Gogebic, Iron & Menominee Counties15) Central Time - North Dakota - Oliver County16) Central Time - North Dakota - Morton County (except Mandan area)17) Mountain Time18) Mountain Time - south Idaho & east Oregon19) Mountain Time - Navajo20) Mountain Standard Time - Arizona21) Pacific Time22) Alaska Time23) Alaska Time - Alaska panhandle24) Alaska Time - Alaska panhandle neck25) Alaska Time - west Alaska26) Aleutian Islands27) Hawaii#? 21The following information has been given:United StatesPacific TimeTherefore TZ 'America/Los Angeles' will be used.Local time is now:Sun Apr 6 18:45:27 PDT 2014.Universal Time is now: Mon Apr 7 01:45:27 UTC 2014.Is the above information OK?1) Yes2) No#? 1Cisco MSE Virtual Appliance Installation and Configuration GuideOL-32455-014-15

Chapter 4Installing the Cisco MSE Virtual Appliance on a XenServerConfiguring the Basic Settings to Start the MSE Virtual Appliance VMStep 9Configure the Root password:NoteIf you do not set the root password, a warning message is displayed when you apply the settings.Pleaseenter your choice [1 - 24]: 4Root password has not been configuredConfigure root password? (Y)es/(S)kip/(U)se default [Skip]:Changing password for user root.You can now choose the new password.A valid password should be a mix of upper and lower case letters, digits, and othercharacters. You can use an 8 character long password with characters from all of theseclasses. An upper case letter that begins the password and a digit that ends it do notcount towards thenumber of character classes used.Enter new password:Step 10Configure the NTP SetupPlease enter your choice [1 - 24]: 5Network Time Protocol (NTP) Setup.If you choose to enable NTP, the system time will beconfigured from NTP servers that you select. Otherwise,you will be prompted to enter the current date and time.NTP is currently disabled.Configure NTP related parameters? (Y)es/(S)kip/(U)se default [Skip]: yEnter whether or not you would like to set up theNetwork Time Protocol (NTP) for this machine.If you choose to enable NTP, the system time will beconfigured from NTP servers that you select. Otherwise,you will be prompted to enter the current date and time.Enable NTP (yes/no) [no]: yDefault NTP server 1 [time.nist.gov]Enter NTP server name or address:NTP server address must be in the form #.#.#.3, where # is 0 to 255 hexadecimal :separated v6 address.Enter NTP server name or [time.nist.gov]:Enter another NTP server IP address (or none) [none]:Configure NTP Authentication ? (Y)es/(S)kip/(U)se default [Skip]: yEnter NTP Auth key Number [1]:Enter NTP Auth key Value (String) [Secret]:Do you want to continue (yes/no) [no]: yCisco MSE Virtual Appliance Installation and Configuration Guide4-16OL-32455-01

Chapter 4Installing the Cisco MSE Virtual Appliance on a XenServerConfiguring the Basic Settings to Start the MSE Virtual Appliance VMStep 11Configure the Prime Infrastructure password:NoteIf you do not set the password, a warning message appears when you apply the changes. Thedefault PI communication password is admin.Please enter your choice [1 - 24]: 6Cisco Prime Infrastructure communication password has not been configuredConfigure Prime Infrastructure communication password? (Y)es/(S)kip/(U)se default [Skip]:yEnter a password for the admin user.The admin user is used by the Prime Infrastructure and other northbound systems toauthenticate their SOAP/XML session with the server. Once this password is updated, itmust correspondingly be updated on the NCS page for MSE General Parameters so that thePrime Infrastructure can communicate with the MSE.Step 12Verify the setup information and apply the changes:Please enter your choice [1 - 24]:24Please verify the following setup -----------------------Hostname mse8-0Eth0 IP address , Eth0 network mask 255.255.254.0Time zone America/Los AngelesEnable DNS yes, DNS servers 8.8.8.8Enable NTP yes, NTP servers time.nist.govTime zone America/Los AngelesRoot password is changed.Cisco Prime Infrastructure password is -------------------You may enter "yes" to proceed with configuration, "no" to makemore changes.Configuration ChangedIs the above information correct (yes or no): yesNoteStep 13The next time you log in using root, only the Linux shell prompt appears and not the setup script.You can rerun the setup script at any time to change settings by logging in as root and running/opt/mse/setup/setup.sh.To verify the configuration, run the getserverinfo command.[[email protected]]# getserverinfoCisco MSE Virtual Appliance Installation and Configuration GuideOL-32455-014-17

Chapter 4Installing the Cisco MSE Virtual Appliance on a XenServerConfiguring MSE on the Prime InfrastructureStep 14To configure the MSE to automatically launch after boot up, enter the following command:[[email protected]]# chkconfig msed onStep 15Roboot using the following command:[[email protected]]# rebootNoteTo start the MSE service manually, enter the following command:[[email protected]]# service msed startThe setup script generates a log file that can be found at /opt/mse/setup/setup.log.Configuring MSE on the Prime InfrastructureSee Configuring MSE on the Prime Infrastructure, page 3-21 for more information.Synchronizing the Network Design and Tracking ParametersSee Synchronizing the Network Designs, page 3-24 for more information.Cisco MSE Virtual Appliance Installation and Configuration Guide4-18OL-32455-01

Citrix XenServer is a complete server virtualization platform, optimized for both Windows and Linux . Download the Cisco MSE VA OVA file from Cisco.com. See Downloading the Cisco MSE Virtual Appliance OVA File, page 4-2 for more information. 3. Importing VMs. See Importing th