Set up the initial configuration

You must perform the following configuration tasks to set up the base BMC Cloud Lifecycle Management environment:

• Before you begin
• To configure the BMC Cloud Lifecycle Management Administration Console
• To create a physical location for a pod
• To configure SSL for the Linux Platform Manager
• To configure the virtualization connections in BMC Server Automation
• To ensure access to Quick Start
• To create network pod blueprints
• To create network pods
• To onboard network pods
• To create and import network container blueprints
• To enable supportability for service offering instances
• To improve security for the My Cloud Services console                              
• Where to go next

Before you begin

Ensure that you have completed the tasks described in Verify the configuration.

To configure the BMC Cloud Lifecycle Management Administration Console

Use the Configuration workspace to set various options needed by BMC Cloud Lifecycle Management. Many of these options have default values, but you must verify that the values are appropriate for your environment before using them. Perform the following tasks to ensure that the console is configured to best suit your needs:

• Set the general options, such as the plug-in configuration and auto-decommission settings.
• Set the preferences for the console. You can use the Console tab to specify which services and options are displayed on the My Services, Service Catalog, BMC Cloud Lifecycle Administration, and My Cloud Services End User Console.
• Set the hostname preferences for provisioned servers. From the General tab, you can set:
  • The specified length of the host name string
  • The maximum number of characters that a cloud end user can enter in the host name string when requesting a server
  • A predefined format for the host name string
• Verify the storage preferences. Storage resources are implemented in the background using BMC Atrium Orchestrator. You set the BMC Atrium Orchestrator values in the BMC Cloud Lifecycle Management installer during installation. Note that if you change these values in BMC Atrium Orchestrator, you need to update the configuration settings.
• Register the Advanced Interface Form template and its associated form and class with BMC Cloud Lifecycle Management.

^{Back to top}

To create a physical location for a pod

Before you can create a pod, you must create a site in the Physical Location form on the BMC AR System Server – Cloud Portal and Database server.

1. Create a direct access URL link to the Physical Location form using the mid-tier server and port.
   Specify a valid enterprise BMC Remedy AR System server (EAR Host in the accompanying syntax example) in the URL. The direct access link follows this format:
   http://<Mid-Tier Host>:<Mid-Tier Port>/arsys/forms/<EAR Host>/BMC.CORE:BMC_PhysicalLocation
   For example: 
   http://MidTier:8080/arsys/forms/EAR/BMC.CORE:BMC_PhysicalLocation 
2. Enter values for the following (all fields are required unless otherwise noted):
   • Name (required)
   • Short Description (optional)
   • DatasetId (BMC.ASSET)
   • StateOrProvince (optional, located on the Specification tab)
   • City
   • Company (optional, located on the Custom tab)
   • Description
3. Click Save.

^{Back to top}

To configure SSL for the Linux Platform Manager

If you have installed the Platform Manager on Linux, complete the following steps to configure SSL for Linux Platform Manager.

1. Download OpenSSL and unpack the tar files.

   Click here for details.

   1. Download OpenSSL.
       See this website to obtain a tar file for OpenSSL.
   2. Copy the installation package to the location where you want to install OpenSSL, and run the following command to unpack the tar file:
      tar -xf openssl-0.9.8c.tar.gz
   3. Navigate to the directory where OpenSSL is installed and create the following directories with read, write, and execute permissions:
      • demoCA
      • demoCA/certs
      • demoCA/crl
      • demoCA/newcerts
      • demoCA/private
   4. Run the following commands to copy files between directories:
      cp apps/demoCA/index.txt demoCA/index.txt
      cp apps/demoCA/serial demoCA/serial

   5. In the /etc/pki/tls/openssl.cnf file, edit the CA_default section so it identifies the location of /demodirectory.

      [ CA_default ]
      dir      = <openssl_install_dir>/demoCA       # Where everything is kept
      

2. Generate a CA certificate.

   Click here for details.

   1. Enter the following command:
      openssl req -new -x509 -days 365 -keyout cakey.pem -out cacert.pem
   2. When prompted, enter a pass phrase.
   3. When prompted, repeat the pass phrase to confirm your entry.
   4. When prompted, provide the requested information or enter a dot to leave the field blank.
   5. When prompted for a common name, enter the host name or IP address of the Linux Platform Manager host.
       OpenSSL generates a cakey.pem and a cacert.pem file in the same directory where you have installed OpenSSL.

3. Generate an SSL certificate request.

   Click here for details.

   1. Enter the following command:
      openssl req -new -nodes -out req.pem -keyout reqkey.pem
   2. When prompted, enter a pass phrase.
   3. When prompted, repeat the pass phrase to confirm your entry.
   4. When prompted for additional information, provide the requested information or enter a dot to leave the field blank.
   5. When prompted for a common name, enter the host name or IP address of the Linux Platform Manager host.

4. Generate a signed SSL certificate.

   Click here for details.

   1. From the directory where OpenSSL is installed, run the following commands to copy files between directories:
      cp cakey.pem openssl-0.9.8c/apps/demoCA/private/.
      cp cacert.pem openssl-0.9.8c/apps/demoCA/private/.
   2. Enter the following command:
      openssl ca -out cert.pem -infiles req.pem
   3. When prompted, enter a pass phrase.
       If you have installed the Platform Manager on Linux, complete the following steps to configure SSL for Linux Platform Manager.
5. When you configure Platform Manager to run on SSL, you must also import the certificate on the enterprise AR Server host so that the CloudPortal Plugin can communicate to the Platform Manager. You must import the root certificate into the CA certificates present in the Java/security folder, as the Java which is being utilized by Cloud Portal.

^{Back to top}

To configure the virtualization connections in BMC Server Automation

BMC Cloud Lifecycle Management uses BMC Server Automation for provisioning. To be able to provision virtual machines (VMs) in a specific virtualization environment (for example, VMware vSphere) you must set up the virtualization connections in BMC Server Automation.

The following topics provide instructions for adding the connections in BMC Server Automation for specific virtualization environments:

• VMware vShpere
• IBM LPAR
• Citrix XenServer
• Microsoft Hyper-V

^{Back to top}

To ensure access to Quick Start

 Quick Start is a web application that runs in its own framework. The Quick Start server runs on the same server where you installed Cloud Platform Manager.

After installing BMC Cloud Lifecycle Managment, you can perform procedures to ensure access to Quick Start.

1. Log on to the Enterprise AR (EAR) server using the BMC Remedy User tool.
2. Search for the CMF:PluginConfiguration form.
3. In the form, add a field named QuickStart URL.
4. Set the value of the field to the fully qualified URL for the Quick Start server. For example, in the following graphic, the field is set to http://pcsm-sqa-r5v11.bmc.com:9000.
   

Assigning a different port number for Quick Start

Some installations may not want to use the default value of 9000 for the Quick Start port number.

1. Enter a port number in the fully qualified URL for the Quick Start server, as described in the procedure above.
2. On the server where you installed the Cloud Platform Manager, modify the application.conf file.
    In a typical installation on Windows, you can find this file in the following directory:
   
   C:\Program Files\BMC Software\BMCCloudLifeCycleManagement\Platform_Manager\QuickStart\conf
3. In the application.conf file, uncomment line 33 by removing the hash sign.
   By default the line reads:
   # http.port=9000.
4. On the same line, set the port number to the number you assigned to the Quick Start server in the first step.
   For example, the line might read as follows:
   http.port=9075

^{Back to top}

To create network pod blueprints

Pods are built from pod blueprints, which define the pod architecture and include a definition of the physical pod topology. Pod blueprints are created by modifying an XML document and then importing it into BMC Network Automation. You then create the pod in BMC Network Automation by specifying the imported pod blueprint. After you create the pod, you onboard the pod into BMC Cloud Lifecycle Management.

Perform the following steps to create a pod:

1. Review the Pod model to understand the context of a pod and pod blueprints.
2. Gather information about the network devices that you plan to use for your cloud's virtual infrastructure.
   For example, gather the names and credentials of the physical firewall host, load balancer host, distribution switch host, and access switches that you plan to use in your pod.
3. On the BMC Network Automation host, navigate to BCAN_HOME\public\bmc\bca-networks\csm.

4. Open a previously created pod blueprint XML file or one of the pod blueprint XML files provided with the product in an editor.

   Note

   You can also start with the skeleton pod blueprint file, and fill in the portions you require, and comment out the other portions of the file.

5. Save the XML file with a new name that you want to use for this pod blueprint.
6. Modify the new XML pod blueprint file as needed.
   For more information, see Pod-blueprint-XML-reference.
7. Import the modified XML into BMC Network Automation using the import script.
   1. Find the script in the bcan-import-export.v.r.mm.zip file in the BCAN_HOME\public\bmc\bca-networks\extras directory.
      When the file is unzipped, the scripts are in the bin subdirectory.
       The lib subdirectory contains the libraries needed to run the scripts —a .bat script for Microsoft Windows and a .sh script for Linux.
   2. From the command line, run the script to import the pod blueprint XML file:
      import.bat -url <url> -user <user> -password <password> <xml-filename>

 

^{Back to top}

To create network pods

A pod is the base on which logical networks are created in the cloud. A pod is created on a group of co-located network hardware, such as routers, firewalls, and load balancers, that segregates cloud networks from other pods and non-cloud networks.

Pods are created in BMC Network Automation using pod blueprints, which define the pod architecture and include a definition of the physical pod topology. After a pod is created, you can then onboard the pod into BMC Cloud Lifecycle Management.

Before you begin

• Create the provider company, as described in Creating-tenant-companies-and-users-by-using-BMC-Remedy-ITSM-Foundation.
• Create a physical location, as described in Creating-a-physical-location-for-a-pod.

• Enable the integration with BMC Cloud Lifecycle Management in BMC Network Automation.

  Click here to view the steps required to enable the vdcEnabled property in BMC Network Automation.

  Before you can use BMC Network Automation to provide network resources to BMC Cloud Lifecycle Management, you must first enable the vdcEnabled property in BMC Network Automation. The BMC Cloud Lifecycle Management installer allows you to enable this option during the installation.

  1. Open the the <BCAN_DATA>\global.properties file located in C:\BCA-Networks-Data\global.properties.
  2. Verify that the line containing, vdcEnabled=true is not commented out by using # as the first character on the line.
  3. (Optional) If the line starts with the #character:
     1. Remove the # character from the line and save the file.
     2. Restart BMC Network Automation.

  Note

  If you do not enable this option while running the installer, you must import the cloud-related pod and container files using the import.bat or import.sh script. Scripts are available in the bcan-import-export-<v.r.mm>.zip file in the <BCAN_HOME>\public\bmc\bca-network\extras directory. When you unzip the file, the scripts are in the bin subdirectory. The lib subdirectory contains the libraries needed to run the scripts.

• Enable the integration with BMC Atrium CMDB in BMC Network Automation. This integration is used to synchronize the physical location created in the cloud with BMC Network Automation, and to create the pod for that physical location.

  Click here to view the steps to configure the BMC Atrium CMDB inside BMC Network Automation.

  1. In BMC Network Automation, navigate to Admin > System Admin > System Parameters.
  2. Select the Enable CMDB Integration option.
  3. Enter the Web Service Endpoint URL:
     http://<AR_Enterprise_Host_Server>:<Port>/cmdbws/server/cmdbws
  4. Enter the user name and password.
  5. Click Save.

Creating a network pod

1. Gather information about the network devices such as the names and credentials of the physical firewall host, load balancer host, distribution switch host, and access switches that you plan to use in your pod or cloud virtual infrastructure. See Configuring-vendor-specific-devices in the BMC Cloud Lifecycle Management documentation.
   
   

   Note

   When you configure devices to be used in a pod, ensure that the file transfer mode is set to FTP, SCP, or TFTP. Do not use tunneled protocol because its use might lead to performance problems with large ACLs. BMC Network Automation automatically uses tunneled protocol for the following actions:

   • Merging a template to an F5 device.
   • Executing the initGuestAction in a fault host pair because the action is executed before the guest context has a management address to use for file transfers.
   • Configuring a standalone firewall or load balancer host because they might be sending templates that contain commands to switch from admin context to guest context.

2. In BMC Network Automation, create device security profiles (DSP) for the network devices that you identified in Step 1 by performing the following substeps:
   
   

   Note

    You need only one DSP per set of credentials. For example, if three devices use the same credentials, create one DSP that applies to all three devices.

    

   1. In a web browser, log into BMC Network Automation at https://<localhost>/bca-networks. See Accessing the interface in the BMC Network Automation documentation.
      
      

      Note

       The default user name and password are sysadmin. The GUI prompts you to change the password if you have not done so.

   2. Add a new DSP. See Adding a device security profile in the BMC Network Automation documentation.
      
      Example DSP

      Field	Value
      Name	<DSP Name>
      Login User Name	<Username>
      Login Password	<Password>
      Confirm Login Password	<Password>
      Privileged User Name	<Priv Username>
      Privileged Password	<Priv Password>
      Confirm Privileged Password	<Priv Password>

3. In BMC Network Automation, add routers and switches. See Adding a device in the BMC Network Automation documentation.
   
   

   Note

   Ensure that you have added a configuration entry for all of your devices before performing any network-related activities in BMC Cloud Lifecycle Management.
   
   By default, a backup is made of the configuration entry when you add a device. The skipAutomaticBackup=false option in the global.properties file is commented out by default.

    

   Example 1

   Field	Value
   Name	Access
   Device Type	VMware vSwitch
   Device Category	Switch
   Host Name/IP Address/URL	<VSwitchName>&nbsp <ESXServerName>)https://<VCenterServerName> <VSwitchName>@https://<ESXServerName> For example: vSwitch2@aus-r710-clm-esx-03.bmc.com@https://aus-r710clm2vc1.bmc.com
   Device Security Profile	ESX Server DSP

   
   Example 2

   Field	Value
   Name	Edge
   Device Type	Cisco IOS Switch/Router
   Device Category	Router
   Host Name/IP Address/URL	<address>
   Device Security Profile	ESX Server DS

4. Create a pod blueprint and import it into BMC Network Automation. See Creating-network-pod-blueprints.
5. Create a pod by using the pod blueprint that you created in step 4 by performing the following substeps:

   1. In BMC Network Automation, navigate to Network > Virtual Data Center > Pod Blueprints > Create Pod. See Creating a pod from a pod blueprint in the BMC Network Automation documentation.
      
      Example pod

      Field	Value
      Name	Baby1
      Vlan Pool Customer - VLAN Start Number	2
      Vlan Pool Customer - VLAN End Number	10
      Vlan Pool Management - VLAN Start Number	11
      Access Node Device	access
      Edge Node Device	edge
      Address Pool ManagementAddresses - Pool Address	11.0.0.0
      Address Pool ManagementAddresses - Pool Mask	255.255.255.128
      Address Pool ManagementAddresses - Gateway Address	11.0.0.1
      Address Range Customer - Range Address	10.0.0.0
      Address Range Customer - Range Mask	255.255.252.0

      Note

      If you plan to onboard a Citrix XenServer cluster and if you have a rogue device in your network pod, you must use the following requirements when specifying the device during pod creation:

      • Specify <switch name>@<xen host>@<xen master host> for the ROGUE_DEVICE_ADDRESS parameter.
      • The switch name must be the same as the xen resource pool name.
      • <xen host> must be entered exactly as it was entered in BMC Server Automation. For example, if you used a fully qualified domain name in BMC Server Automation, you must specify it in the same way for the pod.
   2. Click Save.
6. Back up the database by executing the BCAN_HOME\tools\backup_db.bat backup1.dump command.
   
   The bcan.dump backup file is located in the BNA-Network-Data\dbbackup directory.

^{Back to top}

To onboard network pods

You must onboard one or more network pods to make BMC Cloud Lifecycle Management aware of the network environment.

1. From the BMC Cloud Lifecycle Management Administration Console, click the vertical Workspaces menu on the left side of the window and select Resources.
2. Under Quick Links at left, click Pods under the General section.
3. Click the Onboard Pod icon . The Onboard Pod dialog box is displayed.
    
4. Click the Provider Name menu button to select the resource provider instance for the pod. The default network resource provider is listed as BBNA for BMC Network Automation.
5. Select the pods that you want to onboard.
6. Click Onboard to onboard the selected pods and close the dialog box.

^{Back to top}

To create and import network container blueprints

Network container blueprints are XML files that define the settings used when creating a network container. To create a new network container blueprint you copy and modify one of the templates that are installed with BMC Network Automation and then importing it into BMC Network Automation. After the blueprint is available in BMC Newtork Automation, you use the BMC Cloud Lifecycle Management console to import the blueprint into BMC Cloud Lifecycle Management.

^{Back to top}

Creating and importing network container blueprints in BMC Network Automation

Network container blueprints are XML files that define the settings used when creating a network container.

To create a new network container blueprint you copy and modify one of the templates that are installed with BMC Network Automation and then importing it into BMC Network Automation. You can also create a pod blueprint using the pod blueprint XML skeleton file and filling in the necessary information. See Creating-custom-content.

For overview information about network resources, see Network-resources-overview.

Before starting this procedure, see the types of container blueprint templates described in Overview-of-pod-and-container-blueprints. You can select one of several blueprints that have been customized for various applications.

For detailed network container blueprint XML tag descriptions, see Container-blueprint-XML-reference and Skeleton-network-container-blueprint-file.

1. Review the Container model page to understand the context of network containers and network container blueprints.
2. On the BMC Network Automation host, navigate to BCAN_HOME\public\bmc\bca-networks\csm. The container blueprints that are installed with BMC Network Automation are in subdirectories of this directory.

3. Open a previously created container blueprint XML file or one of the sample container blueprint XML files in an editor.

   Note

   You can also start with the skeleton pod blueprint file, and fill in the portions you require, and comment out the other portions of the file.

4. Modify the new XML container blueprint file as needed.
   For more information, see Container-blueprint-XML-reference.

   Note

   Starting with version 8.7.00 of BMC Network Automation, if you provision a container by using a container blueprint with duplicate rule blueprints, provisioning fails. For successful provisioning, you must export the container blueprint, remove the duplicates, and re-import the container blueprint with a new name.

5. Save the XML file with a unique name that you want to use for this network container blueprint.
6. Import the file into BMC Network Automation by using the import script:
   1. Unzip the bcan-import-export._v.r.mm_.zip file in the BCAN_HOME\public\bmc\bca-networks\extras directory.
      When the file is unzipped, the scripts are in the bin subdirectory. The lib subdirectory contains the libraries needed to run the scripts. Each script is provided as a .bat file for Microsoft Windows and a .sh file for Linux.
   2. From the command line, run the script to import the container blueprint XML file (any container blueprint templates used in the blueprint must be imported before importing the blueprint itself):
      import.bat -url url -user user -password password xml-filename
      For more information about the import script, see Exporting and importing components using a script in the BMC Network Automation on-line technical documentation.
7. Confirm that the new container blueprint has successfully imported in BMC Network Automation, by logging into the user interface and navigating to Networks > Container Blueprints (under Virtual Data Center on the left column). See Viewing the container blueprint listing in the BMC Netwo

^{Back to top}

Importing network container blueprints in BMC Cloud Lifecycle Management

1. From the BMC Cloud Lifecycle Management Administration Console, click the vertical Workspaces menu on the left side of the window and select Resources.
2. Under Quick Links on the left, click Pods under the General section.
3. Click the Import Network Container Blueprints icon .
   The Import Network Container Blueprints dialog box is displayed. The dialog shows the Pod name, the version number (if the pod has been updated), and a description (if available).
    
4. Select the network container blueprints that you want to import.
5. Click Import to onboard the selected blueprints and close the dialog box.

^{Back to top}

To enable supportability for service offering instances

As a cloud administrator, you can now enable the following supportability options to perform better troubleshoot and maintenance activities for service offering instances. 

1. Configure email notifications to receive for service offering instance failures
2. Enable retry provisioning for service offering instances
3. Download log files for service offering instance failures

^{Back to top}

To improve security for the My Cloud Services console                              

If you installed the My Cloud Services console (clmui) on a separate web server that was installed as part of the BMC Cloud Lifecycle Management installation, then after the installation, you must configure Tomcat (or other servlet container) to disable the directory listing behavior.

To disable directory listings in Tomcat, set the value of the servlet’s initialization parameter (listings) to false in Tomcat’s default deployment descriptor ($CATALINA_HOME/conf/web.xml), for example:

Where to go next

Configure-environments 

^{Back to top}