Manage component VMs
Component VMs are VMs deployed through a component package.
The following types of component VMs are supported:
UIS-Sec gateway component VMs—You can use a uis_net_gw component package to deploy multiple VMs that act as network devices. These VMs can provide routing, load balancing, firewall, and public IP services to tenants in UIS Manager.
UIS CloudOS component VMs—The UIS CloudOS component allows you to deploy VMs used for setting up CloudOS for UIS.
UIS-APM component VMs—The UIS APM component allows you to deploy VMs for the application monitoring service.
UIS-Sec management component VMs—The UIS-Sec management component allows you to deploy UIS_Sec_Mgr VMs used for setting up a basic environment for advanced network services of UIS Manager. The UIS-Sec gateway component depends on the UIS-Sec management component. You must deploy the UIS-Sec management component prior to the UIS-Sec gateway component.
UIS-Sec security component VMs—The nfv-vfw, nfv-vlb, nfv-vacg, nfv-vdba, and nfv-vwaf components allow you to deploy VMs that provide firewall, application delivery, application control gateway, database auditing, and Web application firewall services on the UIS-Sec management platform or UIS Manager, respectively.
Prerequisites
To deploy a UIS-Sec gateway component VM on a host, make sure the host meets the following hardware requirements:
Four or more CPU cores.
8 GB or more idle memory.
100 GB or more idle storage.
vSwitch named vs_gateway.
The system uses this vSwitch by default. If this vSwitch does not exist, create a vSwitch named vs_gateway and use it for UIS-Sec gateway component VM deployment as a best practice.
To deploy a UIS CloudOS component VM cluster, make sure the following minimum hardware requirements are met on each target host:
Two CPUs, each having eight cores.
An available memory capacity of 64 GB.
An SSD with an available capacity of 480 GB.
An SSD or NVMe disk has been mounted to /vms/defaultPool_cloudos by using script python /opt/bin/uis_disk_obligate.pyc /dev/sdx, where sdx is the drive letter reserved for UIS CloudOS.
To deploy a standalone UIS CloudOS component VM, make sure the following minimum hardware requirements are met:
The target host has 24 CPU cores.
The target host has 80 GB available memory.
The cluster that accommodates the target host has three available hosts, each of which has an SSD with 480 GB or more available space. An SSD or NVMe disk has been mounted to /vms/defaultPool_cloudos by using script python /opt/bin/uis_disk_obligate.pyc /dev/sdx, where sdx is the drive letter reserved for UIS CloudOS. The SSDs will be used to create the system storage pool. The target host must be among the available hosts.
The cluster that accommodates the target host has a shared storage pool whose available space is larger than 1 TB. The shared storage pool will be used to create the service storage pool.
To deploy a UIS-APM component VM on a host, make sure the following minimum hardware requirements are met:
The host has 24 CPU cores.
The host has 64 GB available memory.
The cluster that accommodates the target host has three available hosts, each of which has an SSD with 420 GB or more available space. The SSDs will be used to create the system storage pool. The target host must be among the available hosts.
You can create the system storage pool on UIS Manager or use the system storage pool of UIS CloudOS.
The cluster that accommodates the target host has a shared storage pool whose available space is larger than 80 GB. The shared storage pool will be used to create the service storage pool.
As a best practice, exclusively assign a disk pool to a UIS-APM component VM to accommodate its system disk. If you do not have enough disks, you can assign a disk pool to both a UIS-APM component VM and UIS CloudOS component VMs. However, the VMs cannot share a block device.
To deploy a UIS-Sec management component VM on a host, make sure the system storage pool of the VM contains only SSDs in exclusive mode.
For more information about creating storage pools, see "Manage shared storage pools." Make sure the capacity of a shared storage pool is not smaller than 500 GB. As a best practice, use the following procedure to create a shared storage pool:
Create a disk pool with three 480GB SSDs.
Create a data pool that uses two replicas for data redundancy.
Create a shared storage pool with the disk pool and the data pool.
Before you deploy UIS-Sec security component VMs, upload the components to the component repository. Make sure the target hosts meet the hardware requirements in Table-1.
Table-1 Hardware requirements for UIS-Sec security component
|
Component |
CPU cores |
Memory (GB) |
System disk (GB) |
Data disk (GB) |
Remarks |
|
vFW |
4 |
8 |
80 |
0 |
N/A |
|
vLB |
4 |
8 |
80 |
50 |
The data disk stores logs. |
|
vACG |
4 |
8 |
80 |
0 |
N/A |
|
vDBA |
4 |
8 |
80 |
600 |
The disks must be the SCSI type. |
|
vWAF |
8 |
8 |
100 |
0 |
N/A |
Restrictions and guidelines
Select one or two available hosts as the destination hosts when you deploy UIS-Sec gateway component VMs. A maximum of two VMs can be deployed at a time.
Select three available hosts as the destination hosts when you deploy UIS CloudOS component VMs in cluster mode. Select a host where resources have been reserved for the UIS CloudOS component when you deploy a standalone UIS CloudOS component VM. You can deploy the UIS CloudOS component only once.
Select one available host as the destination host when you deploy a UIS-APM component VM. You can deploy the UIS-APM component only once, and it supports only standalone deployment.
Select one available host as the destination host when you deploy UIS-Sec management component VMs. You can deploy the UIS-Sec management component only once.
Deploy UIS-Sec security components on the advanced network management console or VDC management page of CloudOS for UIS.
Deploy component VMs
On the top navigation bar, click System.
From the left navigation pane, select Component Management > Components.
Click the UIS-Sec Gateway Component, UIS CloudOS Component, UIS-APM Component, or UIS-Sec Management Component tab.
Click Deploy.
Select a component type from the Component Type list, and then configure the parameters as described in "Parameters."
Click Finish.
Delete component VMs
On the top navigation bar, click System.
From the left navigation pane, select Component Management > Components.
Click the UIS-Sec Gateway Component, UIS CloudOS Component, UIS-APM Component, UIS-Sec Management Component, or UIS-Sec Security Component tab.
Click Delete.
Select a component package type, and then click OK.
|
|
When you delete a standalone UIS CloudOS component VM, do not delete disk pool diskpool_cloudos, data pool defaultDataPool_cloudos, block device defaultBlock_cloudos, or shared storage pool defaultPool_cloudos. If you do so, no hosts will be available for the next UIS CloudOS component deployment. |
Start component VMs
On the top navigation bar, click System.
From the left navigation pane, select Component Management > Components.
Click the UIS-Sec Gateway Component, UIS CloudOS Component, UIS-APM Component, UIS-Sec Management Component, or UIS-Sec Security Component tab.
Select one or multiple component VMs, click Batch Actions, and then select Start.
In the dialog box that opens, click OK.
Shut down component VMs
On the top navigation bar, click System.
From the left navigation pane, select Component Management > Components.
Click the UIS-Sec Gateway Component, UIS CloudOS Component, UIS-APM Component, UIS-Sec Management Component, or UIS-Sec Security Component tab.
Select one or multiple component VMs, click Batch Actions, and then select Shut Down.
In the dialog box that opens, click OK.
Power off component VMs
On the top navigation bar, click System.
From the left navigation pane, select Component Management > Components.
Click the UIS-Sec Gateway Component, UIS-APM Component, UIS-Sec Management Component, or UIS-Sec Security Component tab.
Select one or multiple component VMs, click Batch Actions, and then select Power Off.
In the dialog box that opens, click OK.
Edit component VMs
On the top navigation bar, click System.
From the left navigation pane, select Component Management > Components.
Click the UIS-Sec Gateway Component, UIS CloudOS Component, UIS-APM Component, UIS-Sec Management Component, or UIS-Sec Security Component tab.
Select one or multiple component VMs, click Batch Actions, and then select Edit.
Edit the parameters as described in "Parameters."
Click OK.
Parameters
Deploy UIS-Sec gateway component VMs-Basic Info
Component Type: Select uis_net_gw as the component package type. This component package type is used to deploy VMs as network nodes to provide routers, load balancers, firewalls, and public IP addresses for UIS Manager.
Component Package: Select a component package. To use a component package, you must first upload it to the component repository. For more information, see "Upload a component package."
Advanced Features: Configure advanced features such as DPDK for the VM as needed.
VRRP_ID: Specify a VRRP ID for UIS-Sec gateway component VMs to elect a master. You can manually enter a VRRP ID or have the system to automatically assign one.
Cluster: Select a cluster to accommodate the component VMs.
Deploy UIS-Sec gateway component VMs-Host Selection
Available: You can deploy VMs on one or two available hosts. To deploy VMs on a host, make sure the host has a vSwitch named vs_gateway. You can deploy two VMs at a time.
Deploy UIS-Sec gateway component VMs-Network Info
Network Cluster VIP: Specify the virtual IP address of the network cluster, which is used for communicating with UIS-Sec management component VMs or a CloudOS for UIS cluster. The virtual IP address must reside on the same network as the IP addresses of UIS-Sec management component VMs or the virtual IP address of the CloudOS for UIS cluster.
Network Cluster VIP Mask: Specify a subnet mask for the network cluster virtual IP address. The subnet mask must be the same as that for the IP addresses of UIS-Sec management component VMs or the virtual IP address of the CloudOS for UIS cluster.
Management Cluster VIP: Specify the IP addresses of UIS-Sec management component VMs or the virtual IP address of the CloudOS for UIS cluster.
Management Network IP: Specify a management network IP address for each UIS-Sec gateway component VM.
Gateway: Specify a gateway address for the management network where UIS-Sec gateway component VMs reside.
System Storage Pool: Select a storage pool to accommodate the image of the component VM. As a best practice, select a shared storage pool. If you leave this field empty, the system automatically selects an optimal storage pool. If you select a local storage pool, the VM does not have HA capabilities. When you deploy a cluster, select the same storage pool with enough space for all hosts. If you leave this field empty, the system might distribute the VMs to multiple storage pools.
Service Network vSwitch: Select vSwitch vs_gateway. The system uses this vSwitch by default. If this vSwitch does not exist, create a vSwitch named vs_gateway and use it for component VM deployment as a best practice.
Management Network Port Profile: Select a port profile for the management network. In the current software version, only VLAN configuration takes effect. For successful deployment, make sure vswitch0, the management networks of CloudOS for UIS and the UIS-Sec management component, and the management network of the UIS-Sec gateway component have the same VLAN ID.
Deploy UIS CloudOS component VMs-Basic Info
Component Type: Select uiscloud or uis_cloud5 as the component package type.
uiscloud—Used for deploying component VMs on which CloudOS for UIS will be set up.
uis_cloud5—Used for deploying component VMs on which CloudOS for UIS 5.0 will be set up.
Component Package: Select a component package. To use a component package, you must first upload it to the component repository. For more information, see "Upload a component package."
Alias Prefix: Specify the alias prefix for VMs deployed through the component package.
Starting Number: Specify the start number of aliases for VMs deployed through the component package.
Cluster: Select a cluster to accommodate the component VMs.
Deploy UIS CloudOS component VMs-Host Selection
Available: You can deploy VMs on available hosts. For more information about host hardware requirements, see "Prerequisites."
Deploy UIS CloudOS component VMs-Network Info
For cluster deployment:
Destination Host: Destination host on which the VMs are deployed.
Management Network IP: Specify a management network IP address for a UIS CloudOS component VM. The management network IP addresses of different UIS CloudOS component VMs must be different and belong to the same network.
Management Network Mask: Specify a subnet mask for management network IP addresses. The three management network subnet masks must be the same.
Management Network Gateway: Specify a gateway address for the management network. The three management network gateway addresses must be the same.
Storage Front-End Network IP: Specify a storage front-end network IP address for a UIS CloudOS component VM. The IP address must belong to the storage front-end network specified during system initialization.
Storage Front-End Network Mask: Specify a subnet mask for storage front-end network IP addresses.
Management Network Port Profile: Select a port profile for the management network.
Storage Front-End Network Port Profile: Select a port profile for the storage front-end network.
For standalone deployment:
Management Network IP: Specify a management network IP address for the UIS CloudOS component VM.
Management Network Mask: Specify a subnet mask for the management network IP address.
Management Network Gateway: Specify a gateway address for the management network.
Service Storage Pool: Select a storage pool to accommodate service disks of the component VM. The service storage pool and the system storage pool cannot share a disk pool.
Management Network Port Profile: Select a port profile for the management network.
Deploy UIS-APM component VMs-Basic Info
Component Type: Select uis_apm as the component package type.
Component Package: Select a component package. To use a component package, you must first upload it to the component repository. For more information, see "Upload a component package."
Cluster: Select a cluster to accommodate the component VM.
Deploy UIS-APM component VMs-Host Selection
Available: Select one available host to deploy a VM.
Deploy UIS-APM component VMs-Network Info
Management Network IP: Specify a management network IP address for the component VM. This IP address must reside on the same subnet as the management network IP address of UIS Manager.
Management Network Gateway: Specify a gateway address for the management network.
Deploy UIS-Sec management component VMs-Basic Info
Component Type: Select UIS_Sec_Mgr as the component package type.
Component Package: Select a component package. To use a component package, you must first upload it to the component repository. For more information, see "Upload a component package."
Cluster: Select a cluster to accommodate the component VM.
Deploy UIS-Sec management component VMs-Host Selection
Available: Select one available host to deploy a VM.
Deploy UIS-Sec management component VMs-Network Info
Management Network IP: Specify a management network IP address for a component VM.
Management Network Gateway: Specify a gateway address for the management network.
System Storage Pool: Select a shared storage pool that contains only SSDs in exclusive mode.
Management Network Port Profile: Select a port profile for the management network. In the current software version, only VLAN configuration takes effect. For successful deployment, make sure vswitch0, the management networks of CloudOS for UIS and the UIS-Sec management component, and the management network of the UIS-Sec gateway component have the same VLAN ID.
Edit component VMs
CPUs: Set the number of CPUs per VM and the number of cores per CPU.
Memory: Set the memory size per VM.
VNC Password: Specify a VNC password for VM consoles.
VNC Proxy: Select whether to enable VNC proxy for VMs.
Time Synchronization: Select whether to enable time synchronization for VMs. After you enable this feature, the system synchronizes the system time of a VM to the host where the VM resides when time inconsistency occurs.
Destruction Protection: Select whether to enable destruction protection for VMs. After you enable this feature, VMs cannot be deleted.
Auto CAStools Upgrade: Select whether to enable automatic CAStools upgrade for VMs.
HA: Select whether to enable HA for VMs. After you enable this feature, the system automatically migrates VMs on a failed host to other hosts. This parameter is available only when the cluster is enabled with HA. HA cannot be enabled for VMs if the cluster is not enabled with HA.
I/O Priority: Select the priority for a VM to read and write disks of its attached host. When access contention occurs, VMs with higher I/O priorities take precedence.
Boot Priority: Select the priority for a VM to start on a new host when its attached host fails. This parameter is available only when the cluster is enabled with HA.
Automatic Migration: Select whether to enable automatic migration for VMs. After you enable this feature, the system can automatically migrate a VM between hosts in the cluster based on the DRS policies.
CPU Scheduling Priority: Select the priority for a VM to use the physical CPU resources of its attached host.