UCSD 6 5 Bare Metal Automation ESXi 6
UCSD 6. 5 Bare Metal Automation ESXi 6. 5 with i. SCSI Boot Lauri Toropainen Technical Solutions Architect, ltoropai@cisco. com Updated July 2017
Solution Overview © 2017 Cisco and/or its affiliates. All rights reserved. Cisco Confidential
Cisco UCS Director - Overview Infrastructure Automation and Private Cloud Foundation Infrastructure Automation and Orchestration Physical Compute, Network, Storage, Hypervisor Day 0 bring up of Infrastructure Single Pane Management Converged Infrastructure (Flex. Pod, Vblock, . . etc. ) Private Cloud Foundation Virtualization Physical Servers Secure Multi-Tenancy Application Infrastructure Blueprint Resource Management Self-Service Portal Metering and Showback Improve IT Operational Efficiency Reduce Opex & Decrease Service Delivery time © 2017 Reduce Capex Increased Visibility Cisco and/or its affiliates. rights reserved. Cisco on Confidential All Increase focus value-add services Network Storage UCS Director
UCS Director – Bare Metal as a Service What is BMaa. S ? OS Only OS + Application Cisco UCS • Automate OS & Application provisioning on Bare Metal Servers • Self-Service Delivery, Access and Management • Secure Isolation between Tenants • Chargeback/Showback © 2017 Cisco and/or its affiliates. All rights reserved. Cisco Confidential
Bare Metal Server Provisioning Architecture OS image library • Windows • Linux • Hypervisors Bare Metal Provisioning Workflow UCS Director Bare Metal Agent (BMA) 2 1 UCS Director 1 Management Network 1 PXE Network 2 UCS Service Profile 4 Customer Network 3 1) 2) 3) 4) Infrastructure management network PXE network for OS installation Storage network Customer network © 2017 Cisco and/or its affiliates. All rights reserved. Cisco Confidential Supported storage (such as Net. App, EMC, or IBM) FC/FCo. E/i. SCSI boot LUNs (block storage)
UCSD 6. 5 BMA Initial Setup © 2017 Cisco and/or its affiliates. All rights reserved. Cisco Confidential
Pre-requisites for UCSD 6. 5 BMA • Deploy supported converged infrastructure stack (such as Flex. Pod) with UCS, Nexus/MDS, and 3 rd party storage • Install UCSD 6. 5 based on this guide • Add infrastructure element managers in UCSD as physical and virtual accounts based on these guides © 2017 Cisco and/or its affiliates. All rights reserved. Cisco Confidential
Pre-requisites for UCSD 6. 5 BMA • Prepare separate management and PXE networks in the converged infrastructure • Allocate DHCP pool in the PXE network • Management and PXE networks should be added as tagged VLANs on the UCS v. NICs connected to the infrastructure ESXi hosts • Management and PXE networks should be configured with VLAN ID in v. Sphere • PXE VLAN should have active uplinks only to a single fabric in UCS, depending on which fabric (A or B) BM hosts will connect to during the provisioning © 2017 Cisco and/or its affiliates. All rights reserved. Cisco Confidential
UCSD 6. 5 BMA Installation • Install UCSD 6. 5 BMA based on this guide • Make sure that the BMA is connected to management and PXE networks • During the first time login, change the root password from the default (pxeboot) • Verify that the BMA VM is completely booted up by launching /opt/infra/bin/shelladmin © 2017 Cisco and/or its affiliates. All rights reserved. Cisco Confidential
Add BMA Account to UCSD • If you are planning to use BMA for provisioning Windows servers, enable Samba service • Otherwise, you may leave this option unchecked © 2017 Cisco and/or its affiliates. All rights reserved. Cisco Confidential
Configure DHCP pool for the BMA Account © 2017 Cisco and/or its affiliates. All rights reserved. Cisco Confidential
Start BMA Services and Verify Service Status © 2017 Cisco and/or its affiliates. All rights reserved. Cisco Confidential
Adding ESXi 6. 5 OS Image to UCSD 6. 5 BMA © 2017 Cisco and/or its affiliates. All rights reserved. Cisco Confidential
Pre-requisites for ESXi 6. 5 Prepare ESXi installation files (1) • Upload ESXi 6. 5 installation files (ISO) to BMA /tmp directory • Run /opt/infra/�/iso. Extractor. sh and select ESXi 6. 5 • • • • Please Select the OS Type (1 ESXi 4. 1 (2 ESXi 5. 0 (3 ESXi 5. 1 (4 ESXi 5. 5 (5 ESXi 6. 0 (6 ESxi 6. 5 (7 ESXi 5. 5 VSAN (8 ESXi 6. 0 VSAN (9 Cent. OS or RHEL [Pre 7. 0[ (10 Cent. OS 7. x or RHEL 7. x (11 SUSE Linux 11 SP 3 (12 SUSE Linux 12 and above (13 Other © 2017 Cisco and/or its affiliates. All rights reserved. Cisco Confidential
Pre-requisites for ESXi 6. 5 Prepare ESXi installation files (2) • • • SELECT> 6 Image path : /tmp/VMware-VMvisor-Installer-6. 5 -201704001 -5310538. x 86_64. iso OS catalog name : ESXi-6. 5 • Wait until BMA prepares the image • Edit /opt/cnsaroot/templates/<OS catalog name>/ks. cfg, commenting the line for local boot and uncommenting the line for SAN boot • • • #for Local boot #install --firstdisk –overwritevmfs #for SAN boot install --firstdisk=remote –overwritevmfs. . . © 2017 Cisco and/or its affiliates. All rights reserved. Cisco Confidential
Pre-requisites for ESXi 6. 5 Prepare ESXi installation files (3) • Verify that /opt/cnsaroot/templates/<OS catalog name>/boot. cfg has the correct parameters for kernelopt • • • bootstate=0 title=Loading ESXi installer prefix=images/ESXi-6. 5/timeout=5 kernel=tboot. b 00 kernelopt=runweasel pxebooting ks=$PXE_KS_URL. . . © 2017 Cisco and/or its affiliates. All rights reserved. Cisco Confidential
UCS Service Profile Setup for Net. App i. SCSI Boot © 2017 Cisco and/or its affiliates. All rights reserved. Cisco Confidential
Pre-requisites for UCS Service Profiles • Create pools required for the service profile template • MAC address pools for v. NICs • IP address pools for i. SCSI initiators on both fabrics (i. SCSI- A, i. SCSI-B) • UUID pool • IQN pool for i. SCSI initiators • Server pool with unassociated servers © 2017 Cisco and/or its affiliates. All rights reserved. Cisco Confidential
Pre-requisites for UCS Service Profiles • Create v. NIC templates required for the service profile template • • • 2 Management v. NICs with PXE (native) and Management VLANs 2 v. Motion v. NIC 2 NFS v. NICs (optional, if NFS datastores are used) 2 User v. NICs for VM networks 2 i. SCSI v. NICs for i. SCSI boot Create boot policies required during and after the BM provisioning Initial boot policy with i. SCSI and PXE LAN interfaces • Post-provisioning boot policy with i. SCSI interfaces • • Always use initial templates, in order to allow changes in the individual service profiles during the provisioning © 2017 Cisco and/or its affiliates. All rights reserved. Cisco Confidential
Pre-requisites for UCS Service Profiles Management-A v. NIC template with PXE VLAN must be added as a native VLAN © 2017 Cisco and/or its affiliates. All rights reserved. Cisco Confidential
Pre-requisites for UCS Service Profiles Other v. NIC templates • Similarly, create v. NIC templates for Management-B with PXE (native) and Management VLANs • v. Motion-A and v. Motion-B with v. Motion VLAN • NFS-A and NFS-B with NFS VLAN (optional) • User-A and User-B with user VLANs for VMs • © 2017 Cisco and/or its affiliates. All rights reserved. Cisco Confidential
Pre-requisites for UCS Service Profiles i. SCSI-A v. NIC template © 2017 Cisco and/or its affiliates. All rights reserved. Cisco Confidential
Pre-requisites for UCS Service Profiles i. SCSI-B v. NIC template © 2017 Cisco and/or its affiliates. All rights reserved. Cisco Confidential
Pre-requisites for UCS Service Profiles Boot policy for BM provisioning Include i. SCSI disk and PXE LAN interface © 2017 Cisco and/or its affiliates. All rights reserved. Cisco Confidential
Pre-requisites for UCS Service Profiles Boot policy for post-BM provisioning i. SCSI disk only (with both paths enabled) © 2017 Cisco and/or its affiliates. All rights reserved. Cisco Confidential
Pre-requisites for UCS Service Profiles Net. App SVM Settings Verify that i. SCSI is enabled with target addresses in both fabrics © 2017 Cisco and/or its affiliates. All rights reserved. Cisco Confidential
Create UCS Service Profile Template © 2017 Cisco and/or its affiliates. All rights reserved. Cisco Confidential
Create UCS Service Profile Template Place i. SCSI v. NICs before other v. NICs. NOTE: v. NIC eth 0 used for the PXE request will be created 3 rd as the result © 2017 Cisco and/or its affiliates. All rights reserved. Cisco Confidential
Create UCS Service Profile Template © 2017 Cisco and/or its affiliates. All rights reserved. Cisco Confidential
Create UCS Service Profile Template Add the Net. App i. SCSI address in fabric A as the target interface. Similarly, add target interfaces in post-provisioning boot policy BM_ISCSI_BOOT for both fabrics (not shown here) © 2017 Cisco and/or its affiliates. All rights reserved. Cisco Confidential
UCSD Workflow for ESXi 6. 5 BM Provisioning © 2017 Cisco and/or its affiliates. All rights reserved. Cisco Confidential
ESXi 6. 5 BM Provisioning Workflow © 2017 Cisco and/or its affiliates. All rights reserved. Cisco Confidential
ESXi 6. 5 BM Provisioning Workflow Execute workflow This workflow has user inputs for the hostname, administrator password, and management IP address. Subnet mask, default gateway, and DNS information is generated automatically © 2017 Cisco and/or its affiliates. All rights reserved. Cisco Confidential
ESXi 6. 5 BM Provisioning Workflow © 2017 Cisco and/or its affiliates. All rights reserved. Cisco Confidential
ESXi 6. 5 BM Provisioning Workflow At this point we’ll use boot policy with PXE LAN interface © 2017 Cisco and/or its affiliates. All rights reserved. Cisco Confidential
ESXi 6. 5 BM Provisioning Workflow Service profile is associated with a server in a pool © 2017 Cisco and/or its affiliates. All rights reserved. Cisco Confidential
ESXi 6. 5 BM Provisioning Workflow © 2017 Cisco and/or its affiliates. All rights reserved. Cisco Confidential At this point open KVM console for monitoring the provisioning tasks
ESXi 6. 5 BM Provisioning Workflow The server name will be used in the Net. App object names © 2017 Cisco and/or its affiliates. All rights reserved. Cisco Confidential
ESXi 6. 5 BM Provisioning Workflow Initiator name is taken from task 2 output (Create UCS Service Profile from Template) © 2017 Cisco and/or its affiliates. All rights reserved. Cisco Confidential
ESXi 6. 5 BM Provisioning Workflow Task creates a 10 GB i. SCSI LUN for VMware © 2017 Cisco and/or its affiliates. All rights reserved. Cisco Confidential
ESXi 6. 5 BM Provisioning Workflow © 2017 Cisco and/or its affiliates. All rights reserved. Cisco Confidential
ESXi 6. 5 BM Provisioning Workflow Verify that task input points to the correct v. NIC © 2017 Cisco and/or its affiliates. All rights reserved. Cisco Confidential
ESXi 6. 5 BM Provisioning Workflow Verify in UCSD that PXE environment has been set up Task is using this PXE configuration template in BMA: /opt/cnsaroot/templates/ESXi-6. 5/pxe. cfg © 2017 Cisco and/or its affiliates. All rights reserved. Cisco Confidential
ESXi 6. 5 BM Provisioning Workflow Verify that server is able to access the Net. App i. SCSI target © 2017 Cisco and/or its affiliates. All rights reserved. Cisco Confidential
ESXi 6. 5 BM Provisioning Workflow Verify that server gets an IP address and PXE configuration from BMA © 2017 Cisco and/or its affiliates. All rights reserved. Cisco Confidential
ESXi 6. 5 BM Provisioning Workflow Verify that server starts downloading ESXi © 2017 Cisco and/or its affiliates. All rights reserved. Cisco Confidential
ESXi 6. 5 BM Provisioning Workflow Setup will reboot when installation is completed © 2017 Cisco and/or its affiliates. All rights reserved. Cisco Confidential
ESXi 6. 5 BM Provisioning Workflow When the PXE request is removed, the status will change to “Archived” © 2017 Cisco and/or its affiliates. All rights reserved. Cisco Confidential
ESXi 6. 5 BM Provisioning Workflow © 2017 Cisco and/or its affiliates. All rights reserved. Cisco Confidential Server is powered off to allow changes in boot policy and v. NIC configuration
ESXi 6. 5 BM Provisioning Workflow In the final setup PXE LAN interface is removed and the second i. SCSI path is added © 2017 Cisco and/or its affiliates. All rights reserved. Cisco Confidential
ESXi 6. 5 BM Provisioning Workflow PXE VLAN in v. NICs eth 0 and eth 1 is removed © 2017 Cisco and/or its affiliates. All rights reserved. Cisco Confidential
ESXi 6. 5 BM Provisioning Workflow Server is powered on and should be reachable with http and ssh © 2017 Cisco and/or its affiliates. All rights reserved. Cisco Confidential
ESXi 6. 5 BM Provisioning Workflow © 2017 Cisco and/or its affiliates. All rights reserved. Cisco Confidential
- Slides: 54