Installation of Verity for Enterprise Software Components in a VMWare Environment

Introduction

The Verity management and orchestration system is comprised of two functional components, both of which are instantiated as Virtual Machines (VMs). This document describes the installation and configuration of these VMs within a VMWare ESXi server.

Virtual Machine Overview

Verity’s two VM functional components are:

1. Virtual Network Commander (vNetC) – Functions include the orchestration logic, UI hosting, northbound RESTful API, and databases.
2. Software Defined LAN Controller (SDLC) – The SDLC VM is comprised of a series of containers that map one-to-one to the managed switch devices. Functions include network discovery, device provisioning, and network assurance. The SDLC serves as the abstraction layer between the managed switch and the vNetC by translating the native management protocols into the vNetC’s NETCONF interface and Yang model.

Topology Overview

Below is the basic VM and hardware topology for reference.

Recommended Network Management Architecture

Each system requires a management subnet that can support 4 system IP addresses as well as 3 IP addresses per managed switch. The breakdown is as follows:

IP address Allocations for Management Network	Component	Allocation
Verity System components	vNETC LAN side, SDLC, ACS, GuiA	4 Static Addresses
Managed Switches	Verity Switch Controller*	1 Dynamic Address per switch
Managed Switches	Switch in ZTP Process (optional)*	1 Dynamic Address per switch
Managed Switches	Switch Post ZTP Process*	1 Static Address per switch

• If applicable

The orchestration platform (vNETC) is configured on the customer’s network with one static IP address to be accessed by users.

The following diagram shows the recommended management network architecture. Variations are possible based on individual customer’s network needs. A second diagram follows with a version showing only one connection to the vNETC.

Prerequisites

1. vNetC
   1. Resolvable, fully qualified domain name
   2. Static IP address, gateway, DNS servers
   3. Valid Verity license

2. SDLC

   1. IP addressing per table above.

      NOTE: Must be routable to the vNetC

3. Controllers (within SDLC)

   1. IP Addressing per table above.

      NOTE: The diagram above shows that the controllers are bridged to NIC 2 of the SDLC. The IP MUST be on the same VLAN/subnet as the SDLC.

4. ESXi

   1. Compute resources meeting Verity requirements based on the number of switches being managed. See Resource documentation for computing CPU and memory needs.
   2. Virtual Switch
      1. The vNetC and SDLC should be on the same virtual switch in ESXi or at minimum they must be routable.
      2. Your system requires promiscuous mode will be set to enabled.

Obtaining the vNetC and SDLC VM Images and Files

Obtain the following files from BE Networks:

Description	Filename Example	File Type	Notes
vNetC VM Image	vNetC-x_x_x_x.ova	VMware OVA	Resources including vCPU and memory should be adjusted based on iVN resource needs documentation. Networking will need to be altered to the correct virtual switch names used in the server
vNetC “core” Upgrade	core-x_x_x_x- full.tar	tarball	vNetC needs to be updated via GUI SD-Admin immediately after configuration and boot
SDLC VM Image	SDLC-x_x_x_x.ova	VMware OVA	Resources including vCPU and memory should be adjusted based on iVN resource needs documentation. Networking will need to be altered to the correct virtual switch names used in the server
SDLC Binary Firmware Upgrade	firmware-x_x_x_x.tar	tarball	SDLC should be upgraded via web page immediately after configuration and boot
Monitoring VM Image	verity-monitoring_x.x.x.ova	VMware OVA	Resources including vCPU and memory should be adjusted based on iVN resource needs documentation. Networking will need to be altered to the correct virtual switch names used in the server
Monitoring Software Upgrade	verity-monitoring_x.x.x.tar	tarball	Monitoring needs to be updated via GUI SD-Admin immediately after configuration and boot
License	license.cms or sitexxxxx.tar	License file	Is uploaded using GUI
Firmware Upgrade Package	firmware-x_x_x_x.tar	Binary	SDLC should be upgraded via web page immediately after configuration and boot

Creating the Virtual Machines

The following instructions explain how to create virtual machines for both the vNetC and SDLC (once VMware is loaded into the desired server).

Create the vNetC Virtual Machine

1. Go to Virtual Machines. Click Create/Register VM .

2. In the window that appears select Deploy a virtual machine from an OVF or OVA file. Click Next.

3. Enter a name for the VM and upload the vNetC VM Image OVA file via the prompt that says Click to Select file or drag/drop. Click Next .

4. Select the desired data store options. Click Next .

5. Set the Deployment options – Network mappings to the correct Port Group.

6. This Port Group must be set to promiscuous mode.
7. Click Next .

8. Click on Finish .

Notice

Ignore "A required disk image was missing" message.

The VM creation process will start. When the process completes the progress bar in Recent tasks at the bottom of the screen will say Completed Successfully.

Configure the vNetC from the Console.

This step requires you to configure the vNetC with an IP address and Fully Qualified Domain Name (FQDN). To do so, you need to open the VM console. Select your VM under the Virtual Machine column and click Console/Open browser console.

The VM console appears. The vNetc initialization may take several minutes. While waiting you can press Enter and wait for login prompt.

1. Login to the vNetC with username root and password vnc1234. Enter a new password if prompted. If not prompted for the password, you can continue to use the default password or change it with the passwd command.

2. Run the administration application from the shell by typing ns_admin and pressing Enter

3. You are prompted to enter a web user interface admin account password. Document the password you choose as it will be required for UI authentication later in the process. It is very important that you remember the password! When done press Enter.

4. In the Admin Menu, select Network Configuration. Press Enter

5. Select FQDN (Fully Qualified Domain Name). Press Enter and set to the desired Fully Qualified Domain Name. If the field is prepopulated, it is required that you replace the default text with your own FQDN.

6. Verify that WAN IP DHCP is disabled. If WAN IP DHCP is enabled, disable it using the menu or…
7. Select WAN Static IP Settings, press enter.
   • Enter: IPv4 Address and subnet in CIDR format (x.x.x.x/##) where x.x.x.x is the IPv4 address and ## is the CIDR subnet mask prefix
   • Enter: Default Route (Gateway)
   • Enter: DNS Server 1
   • Enter: DNS Server 2 (if required)
8. Return to the network configuration menu.
9. Save Settings

Follow the prompt and the VM will reboot with the new settings configured.

Install the License and Upgrade to the Latest vNetC Core Software

Upgrade the vNetC Core software via the vNetC Web Administration.

1. Use Chrome Web Browser to access the vNetC IP address that was just configured.

2. At the login prompt enter username admin and the administration password configured in the menu during installation. These are the credentials you entered in step 3 of Configure the vNetC from the Console .

3. From the Admin web page, select the Software Packages and Licensing section by double clicking and zooming in .

4. Select License.

5. When the window appears, record the information on the Licensing tied to line. Provide this information to BeyondEdge to obtain your license file

6. After you obtain your license.cms file you are required to upload it to the application. Use the drag and drop palette to upload the file or browse for the file. The license file may also be embedded in a \<filename>.tar file and this can also be directly imported, and the system will extract the license.cms file .

After you upload the file make sure a success message is presented .

After you upload the license, a tab titled Verity appears at the upper right of the screen (refresh the page if you do not see the tab). Click Verity and let the screen populate

After the Verity window has fully completed populating select the Admin tab. Select Software Packages and Licensing and click vNetC Packages. .

Using the Browse Files (or drag and drop) field, import the vNetC Core Upgrade file provided by BeyondEdge

When the process is complete you are presented with a success message .

Click the Deploy button . When prompted to continue, click Yes

The software updates.

You may see an error titled Fatal Error WebSocket Error: Connection lost -2 appear, this is normal. The browser may temporarily say that the site cannot be reached. When the process is done, the landing page will render.

Save Settings

While in Admin, go to the Settings box.

1. Add Management VLAN.
2. Add Management address with mask.
3. Verify Permissible IP Address Ranges on Managed Devices are assigned .

Use the VMWARE interface to Power Off the vNetC. Later, after you install the SDLC VM, you will restart (Power on) the vNetC .

Create Optional NIC LAG

1. Select “Networking”.
2. Select “Virtual switches”.

3. Select “Add standard virtual switch” .

4. Give the virtual switch a name then click on the ADD button.

5. Edit settings on same.
6. Add a second uplink.

7. Configure remaining options as shown below. Pay particular attention to the Uplink Security, and NIC Teaming assignments .

8. Verify both link’s Status indicate Active.

9. Click on “SAVE” button.
10. Select “Networking".
11. Select Port Groups.
12. Select “Add port group”.
13. Port Group “SDLAN_MGMT_2000” is created with VLAN 2000 and Virtual switch LAN-2000

Notice

In the listed examples, SDLAN_MGMT_2000 is untagged and SDLAN_MGMT_TRUNK is tagged.

14. Enter name, VLAN and Virtual switch.
15. Click on Add.
16. Select “Add port group”. To create the 2nd Port Group, SDLAN_MGMT_TRUNK.
17. Input name, VLAN and Virtual switch.

18. Click on Add .

19. Go back to the ESXi Host Client page. Select Virtual Machines.

20. Select the VNetC FQDN (gatorland in this example).
21. Select Actions.

22. From the pull-down menu select Edit settings .

23. Click on the pull-down menu for Network Adaptor 3.

24. Select “SDLAN_MGMT_TRUNK.
25. Click on the check box to Connect. Also verify Network Adaptor 1 is configured as shown.
26. Save.

Create the SDLC Virtual Machine

1. Go to Virtual Machines. Click Create/Register VM.

2. In the window that appears select Deploy a virtual machine from an OVF or OVA file. Click Next .

3. Enter a name for the VM and upload the SDLC VM Image OVA file via the prompt that says Click to Select file or drag/drop. Click Next .

4. Select the desired data store options. Click Next .

5. Set the deployment options. Click Next .

6. Review the settings and if they are correct, click Finish .

The VM creation process will start. When the process completes the progress bars at the bottom of the screen will say Completed Successfully .

Configure the SDLC from the Console

The SDLC must be configured with a Static IP address and the vNetC FQDN.

1. Select the SDLC from the VMWARE ESXi interface and click the Console tab.
2. Select Open browser console.

3. The console appears.

   DHCP Error Messages

   During the following process DHCP errors may appear. These can be ignored.

4. Press Enter to get the login prompt, enter username: admin and password: admin.

5. At the command line interface (CLI) press Enter to see a list of options.
6. Select Admin and press Enter.
7. Type Wizard and press Enter.

Note

If vNetC and SDLC (GuiA, ACS) are on different subnets, it is recommended to have three consecutive static IP addresses on the same subnet for GuiA, ACS and DHCP. However, if vNetC is on the same subnet as GuiA, ACS and DHCP, it is recommended to use four sequential IP addresses.

Prompt	Answer
Enter new hostname	SDLC
Enter MGMT IP or enter 'd' to use DHCP	Enter management IP
Enter URL connection protocol	http
Enter default gateway IP/Prefix in CIDR format	Enter the default gateway IP address
Enter ACS IP or type 'none' to remove config	Enter IP
Enter vNetC FQDN or IP	vNetC IP address
Enter DNS server	Enter DNS server IP
Enter Comma separated NTP server(s)	Enter vNetCs IP address
Enter ACS url	Press Enter or Enter a different url

8. Type y and press Enter
9. Reboot is required for any changes to take effect. In the console, type reboot and press Enter.

---

Power On the vNetC.

In the VMware ESXi interface power on the vNetC. This takes a few minutes.

Power On the SDLC.

In the VMware ESXi interface power on the vNetC. This takes a few minutes.

Go to the Verity tab.

Wait until the process is finished. The application landing page resembles the image below when all processes have been completed.

Update SDLC

Double click the Admin tab, double click Software Packages and Licensing. Double click Firmware Packages. Select and place the SDLC Binary Firmware Upgrade firmware file on the Drag & Drop area or use the Browse Files button to select the file.

If upgrades are disabled, enable for update.

When uploaded, you are prompted with a green success message.

Deploy the firmware by clicking the Deploy button .

A validation message appears. Click Yes .

Click the Verity tab

Double click the VNFs window

Double click the SDLC section

Double click the box with the title of SW Version

Set the Target Package field to the Firmware version

Click the Check button

Go to Endpoint Sets

Uncheck the box titled Disable Upgrades

In the window that appears titled GuiA Disconnected, click the icon to refresh.

Let the process complete.

When the window appears the initial state of System Applications are offline. This is expressed by their red LED icons.

When the System Applications come online their LED icons render green. This may take up to 5 minutes.

The installation and updates of Verity for Enterprise software components is now complete.

Disable (check) All Upgrades Disabled