Using Configuration Building Blocks

Similar documents
Using Configuration Building Blocks

Configuring Virtual Servers

Using Application Template Definitions

Configuring Traffic Policies

Configuring SSL. SSL Overview CHAPTER

What is New in Cisco ACE 4710 Application Control Engine Software Release 3.1

Overview. ACE Appliance Device Manager Overview CHAPTER

Using Homepage. Information About Homepage CHAPTER

Configuring SSL CHAPTER

Configuring SSL. SSL Overview CHAPTER

Using Homepage. Information About Hompage CHAPTER

Configuring Real Servers and Server Farms

Using ANM With Virtual Data Centers

Configuring End-to-End SSL

Role Configuration Mode Commands

Configuring Stickiness

Configuring Traffic Policies for Server Load Balancing

Upgrade/Downgrade Guide, Cisco ACE 4700 Series Application Control Engine Appliance

Configuring Role-Based Access Control

Quick Start Guide, Cisco ACE 4700 Series Application Control Engine Appliance

Device Management Basics

Cisco ACE Application Control Engine Module for Cisco Catalyst 6500 Series Switches and Cisco 7600 Series Routers

Installing and Configuring vcloud Connector

Configuring SSL Security

Cisco ACE30 Application Control Engine Module

Cisco 4700 Series Application Control Engine Appliance Virtualization Configuration Guide

Configuring the Catena Solution

DEPLOYMENT GUIDE HOW TO DEPLOY MICROSOFT SHAREPOINT 2016 WITH A10 THUNDER ADC

CCIE Data Center Written Exam ( ) version 1.0

Configuring Traffic Policies for Server Load Balancing

Oracle E-Business Suite 11i with Cisco ACE Series Application Control Engine Deployment Guide, Version 1.0

IM and Presence Service Network Setup

DEPLOYMENT GUIDE DEPLOYING F5 WITH ORACLE ACCESS MANAGER

Cisco TelePresence VCS Cluster Creation and Maintenance

Device Management Basics

Configuring Answers and Answer Groups

Configuring Answers and Answer Groups

Release Note for the Cisco 4700 Series Application Control Engine Appliance

jetnexus Virtual Load Balancer

Barracuda Link Balancer

jetnexus Virtual Load Balancer

Task Scheduling. Introduction to Task Scheduling. Configuring a Recurring Task

LevelOne. Quick Installation Guide. WHG series Secure WLAN Controller. Introduction. Getting Started. Hardware Installation

Configuring CWMP Service

F5 Networks F5LTM12: F5 Networks Configuring BIG-IP LTM: Local Traffic Manager. Upcoming Dates. Course Description. Course Outline

Contents. Introduction

Configuring Hybrid REAP

Deploying F5 with Microsoft Active Directory Federation Services

Cisco CISCO Securing Networks with ASA Advanced. Practice Test. Version

Configuring Stickiness

Device Management Basics

Smart Install in LMS CHAPTER

DATASHEET. Advanced 6-Port Gigabit VPN Network Router. Model: ER-6. Sophisticated Routing Features. Advanced Security, Monitoring, and Management

Configuring SSL Termination

Configuring Health Monitoring

Deployment Guide AX Series with Oracle E-Business Suite 12

Enabling Remote Access to the ACE

VMware Identity Manager Connector Installation and Configuration (Legacy Mode)

Cisco ISE Ports Reference

System Configuration. The following topics explain how to configure system configuration settings on Firepower Management Centers and managed devices:

App Orchestration 2.6

Cisco ISE Ports Reference

Deploying VMware Identity Manager in the DMZ. JULY 2018 VMware Identity Manager 3.2

RealPresence Access Director System Administrator s Guide

ISE Deployment Assistant. Administration & User Guide

DEPLOYMENT GUIDE Version 1.1. Deploying F5 with IBM WebSphere 7

Installing and Configuring vcloud Connector

Configuring Cisco ACE for Load Balancing Cisco Identity Service Engine (ISE)

Cisco Expressway Cluster Creation and Maintenance

Installing and Configuring VMware Identity Manager Connector (Windows) OCT 2018 VMware Identity Manager VMware Identity Manager 3.

Configuring FlexConnect Groups

Deploying F5 with Microsoft Active Directory Federation Services

Configuring Web Cache Services By Using WCCP

jetnexus Load Balancer

Load Balancing Sage X3 ERP. Deployment Guide v Copyright Loadbalancer.org, Inc

UDP Director Virtual Edition Installation and Configuration Guide (for Stealthwatch System v6.9.0)

Viewing System Status, page 404. Backing Up and Restoring a Configuration, page 416. Managing Certificates for Authentication, page 418

Configuring High Availability (HA)

Configuring WCCPv2. Information About WCCPv2. Send document comments to CHAPTER

Fundamentals of Network Security v1.1 Scope and Sequence

Configuring Secure Oracle E-Business Suite 11i Deployment Using Cisco Application Control Engine (ACE)

DEPLOYMENT GUIDE Version 1.2. Deploying the BIG-IP System v10 with Microsoft IIS 7.0 and 7.5

F5 BIG-IQ Centralized Management: Local Traffic & Network Implementations. Version 5.4

Oracle 10g Application Server Suite Deployment with Cisco Application Control Engine Deployment Guide, Version 1.0

CCNP Security VPN

User Group Configuration

Cisco Expressway Cluster Creation and Maintenance

Cisco ISE Ports Reference

Realms and Identity Policies

Peplink SD Switch User Manual. Published on October 25th, 2018

Deploy the ExtraHop Discover Appliance with VMware

Core DDI Basics NIOS 8.1

Deploying VMware Identity Manager in the DMZ. SEPT 2018 VMware Identity Manager 3.3

BIG-IP Local Traffic Management: Basics. Version 12.1

Cisco Nexus 7000 Series Switches Configuration Guide: The Catena Solution

McAfee Web Gateway Administration

Deploying the BIG-IP System v10 with Oracle s BEA WebLogic

McAfee Web Gateway Administration Intel Security Education Services Administration Course Training

Security Management System Release Notes

Load Balancing VMware Workspace Portal/Identity Manager

Transcription:

CHAPTER 15 Note Beginning with ANM software Version 5.1, the building block feature by default is hidden. If you have used the building block feature in the past and want to continuing using it after upgrading to ANM 5.1, you must enable it (see the Enabling the Building Block Feature section on page 15-5). Note When naming ACE objects (such as a real server, virtual server, parameter map, class map, health probe, and so on), enter an alphanumeric string of 1 to 64 characters, which can include the following special characters: underscore (_), hyphen (-), and dot (.). Spaces are not allowed. If you are using ANM with an ACE module or ACE appliance and you configure a named object at the ACE CLI, keep in mind that ANM does not support all of the special characters that the ACE CLI allows you to use when configuring a named object. If you use special characters that ANM does not support, you may not be able to import or manage the ACE using ANM. Building blocks allow authorized users to create and design reusable configuration attributes which can then be applied to virtual contexts. The ANM also allows you to extract the configuration of an existing virtual context and tag it as a building block. In many cases, the same configuration settings can be used in several virtual contexts (for example, it can offer the same service bundle to many customers). To avoid repeating virtual context configuration and testing each time you create a virtual context, you can create a building block of many configuration attributes that can be applied to virtual contexts as appropriate or as needed. With building blocks, you can also create a variety of configurations that address customers differing needs. The ability to customize configurations to customer needs also allows you to use network resources most efficiently. Benefits of configuration building blocks include: You can establish baseline versions of working configurations. Users can make real-time changes to configurations and roll back to a previously working configuration, if needed. Building blocks can be extracted from proven, working configurations. Building blocks can be placed under version control, with tagged versions that cannot be modified. 15-1

Chapter 15 Table 15-1 lists the configuration options that are available for each building block type and provides links to related topics. For descriptive information about the menu options, see the Configuring Virtual Contexts section on page 5-8. Table 15-1 Building Block Configuration Options Menu Option Building Block Type ACE 2. 0 ACE 4710 Applianc e Related Topic System Primary Attributes X X Configuring Building Block Primary Attributes, page 15-8 Syslog X X Configuring Virtual Context Syslog Settings, page 5-19 SNMP X X Configuring SNMP for Virtual Contexts, page 5-27 Global Policies X X Applying a Policy Map Globally to All VLAN Interfaces, page 5-37 Licenses - - Application Acceleration - - and Optimization Resource Classes - - Checkpoints - - Backup/Restore 1 - - Load Balancing Virtual Servers - - Real Servers X X Configuring Real Servers, page 7-5 Server Farms X X Configuring Server Farms, page 7-31 Health Monitoring X X Configuring Health Monitoring for Real Servers, page 7-52 Stickiness X X Configuring Sticky Groups, page 8-12 HTTP Parameter Map X X Configuring HTTP Parameter Maps, page 9-9 Connection Parameter X X Configuring Connection Parameter Maps, page 9-3 Maps Optimization Parameter - X Configuring Optimization Parameter Maps, page 9-12 Maps Generic Parameter Maps X X Configuring Generic Parameter Maps, page 9-8 RTSP Parameter Maps X X Configuring RTSP Parameter Maps, page 9-21 SIP Parameter Maps X X Configuring SIP Parameter Maps, page 9-22 Skinny Parameter Maps X X Configuring Skinny Parameter Maps, page 9-24 DNS Parameter Maps X X Secure KAL-AP X X Configuring Secure KAL-AP, page 7-80 SSL Setup Sequence - - 15-2

Chapter 15 Table 15-1 Building Block Configuration Options (continued) Security ACLs X X Creating ACLs, page 5-84 Object Groups X X Configuring Object Groups, page 5-94 Network Building Block Type ACE 4710 ACE 2. Applianc Menu Option 0 e Related Topic Certificates - - Keys X X Using SSL Keys, page 10-10 Parameter Maps X X Configuring SSL Parameter Maps, page 10-18 Chain Group Parameters - - CSR Parameters X X Configuring SSL CSR Parameters, page 10-24 Proxy Service - - Auth Group Parameters X X Configuring SSL Authentication Groups, page 10-31 Certificate Revocation Lists (CSL) X X Configuring CRLs for Client Authentication, page 10-33 Port Channel - - Gigabit Ethernet - - Interfaces VLAN Interfaces X X Configuring Virtual Context VLAN Interfaces, page 11-6 BVI Interfaces X X Configuring Virtual Context BVI Interfaces, page 11-19 NAT Pools 2 X Configuring VLAN Interface NAT Pools and Displaying NAT Utilization, page 11-26 Static Routes X X Configuring Virtual Context Static Routes, page 11-29 Global IP DHCP X X Configuring Global IP DHCP, page 11-30 Static NAT Overwrite X Configuring Static VLANs for Over 8000 Static NAT Configurations, page 11-32 High Availability Setup - - HA Tracking and Failure Detection Interfaces - - Hosts - - HSRP Groups - - Role-Based Access Control Users X X Configuring Device RBAC Users, page 4-53 Roles X X Configuring Device RBAC Roles, page 4-56 Domains X X Configuring Device RBAC Domains, page 4-61 15-3

Information About Building Block Versions and Tagging Chapter 15 Table 15-1 Building Block Configuration Options (continued) Menu Option Building Block Type ACE 2. 0 ACE 4710 Applianc e Related Topic Expert Class Map X X Configuring Virtual Context Class Maps, page 13-6 Policy Map X X Configuring Virtual Context Policy Maps, page 13-32 HTTP Header Modify X X Configuring an HTTP Header Modify Action List, page 13-91 Action Lists Optimization Action Lists - X Configuring an HTTP Optimization Action List, page 14-3 Building Block Audit - - 1. Backup/Restore is only supported for software version A2(3.0) and higher for the ACE module. 2. NAT pools as a selection under Network is only supported for software version A2(3.0) and higher for the ACE module. This chapter includes the following sections: Information About Building Block Versions and Tagging, page 15-4 Creating Building Blocks, page 15-5 Extracting Building Blocks from Virtual Contexts, page 15-7 Configuring Building Blocks, page 15-8 Applying Building Blocks, page 15-10 Displaying Building Block Use, page 15-12 Information About Building Block Versions and Tagging The ANM maintains version history for the building blocks that you create, design, and tag. You can tag a working building block version at any point during design or configuration, and reuse any tagged version of a building block. A building block is not available for deployment until it has been tagged. When you tag a building block, the ANM publishes it with a version tag, such as 1.0 or 1.1. You cannot edit tagged versions of a building block. After a building block is tagged, it is frozen and can no longer be modified in any way. When you open a tagged building block for editing, the ANM does not modify the tagged version, but instead creates a new working copy of the building block for you to work in. Any changes you make to the working copy are not available for deployment until you tag the building block under a new version tag. 15-4

Chapter 15 Enabling the Building Block Feature, page 15-1 Creating Building Blocks, page 15-5 Extracting Building Blocks from Virtual Contexts, page 15-7 Applying Building Blocks, page 15-10 Displaying Building Block Use, page 15-12 Enabling the Building Block Feature Beginning with ANM software Version 5.1, the building block feature by default is hidden because it has been replaced with the application template feature introduced in the same release. The application template feature provides a more efficient and easier way of configuring ACE devices (see Chapter 4, Using Application Template Definitions ). If you have used the building block feature in the past and want to continuing using it after upgrading to ANM 5.1, you must enable it. This procedure shows how to enable the building block feature on ANM server and ANM Virtual Appliance. Enable the building block feature as follows: ANM Server Open the /opt/cscoanm/etc/cs-config.properties file in a text editor and add the following line: web.buildingblocks.enable=true ANM Virtual Appliance Enter the following command: anm-property set web.buildingblocks.enable true Restart ANM as follows: ANM Server Enter the following command: /opt/cscoanm/bin/anm-tool restart ANM Virtual Appliance Enter the following command: anm-tool restart From the ANM client devices, close all open ANM browser instances, clear the browser cache, and log in again. Failure to clear the browser cache after enabling the building block feature can result in the Extract Building Block function buttons not displaying. Creating Building Blocks Use this procedure to create a building block without using an existing configuration. 15-5

Creating Building Blocks Chapter 15 To create a building block from an existing virtual context, see the Extracting Building Blocks from Virtual Contexts section on page 15-7. Step 4 Step 5 Step 6 Choose Config > Building Blocks. The All Building Blocks table appears. In the All Building Blocks table, click Add. The New Building Block window appears. In the Name field of the New Building Block window, enter a unique name for this building block. In the Type field, choose the type of building block to create: ACE v1.0 Use with virtual contexts on ACE modules using the specified software version. ACE v2.0 Use with virtual contexts on ACE modules using the specified software version. ACE v2.3 Use with virtual contexts on ACE modules using the specified software version. ACE v4.1 Use with virtual contexts on ACE modules using the specified software version. ACE v4.2 Use with virtual contexts on ACE modules using the specified software version. ACE4710 V 1.0 Use with virtual contexts on ACE appliances using the specified software version. ACE4710 V 2.0 Use with virtual contexts on ACE appliances using the specified software version. ACE4710 V 4.1 Use with virtual contexts on ACE appliances using the specified software version. ACE4710 V 4.2 Use with virtual contexts on ACE appliances using the specified software version. See Table 15-1 for a list of the available configuration options for each building block type. In the Description field, enter a brief description for this building block. Do one of the following: Click Save to save your entries and to continue with building block configuration. The Primary Attributes configuration window appears. Click Cancel to exit this procedure without saving your entries and to return to the All Building Blocks table. Click Tag to save your entries and tag the building block. After you tag a building block, the window refreshes and provides fields for applying the building block. For more information, see the Applying Building Blocks section on page 15-10., page 15-1 Extracting Building Blocks from Virtual Contexts, page 15-7 Information About Building Block Versions and Tagging, page 15-4 15-6

Chapter 15 Extracting Building Blocks from Virtual Contexts Applying Building Blocks, page 15-10 Displaying Building Block Use, page 15-12 Extracting Building Blocks from Virtual Contexts An alternative to creating a new configuration building block and configuring each attribute individually is to extract a configuration building block from an existing virtual context. By extracting a building block from a virtual context, you can reduce the time you spend configuring and testing the configuration. Use this procedure to create a working building block from a virtual context configuration. Step 4 Step 5 Choose Config > Devices. The device tree appears. In the device tree, choose the ACE with the virtual context whose configuration you want to use as a building block. The Virtual Contexts table appears. In the Virtual Contexts table, choose the context with the configuration that you want to extract, and click Extract Building Block. A popup window appears, asking for a building block name. In the Name field of the popup window, enter a name for this building block, and click OK. The window refreshes with the Primary Attributes window for the newly created building block (Config > Global > building_block). Modify the building block as desired using the information in Table 15-1, or tag and deploy it as described in the Tagging Building Blocks section on page 15-10 and the Applying Building Blocks section on page 15-10). Applying Building Blocks, page 15-10 Displaying Building Block Use, page 15-12 15-7

Configuring Building Blocks Chapter 15 Configuring Building Blocks You can modify a working version of a configuration building block. Note You can modify only working versions of building blocks; you cannot modify tagged versions of building blocks. If you select a tagged building block version, and then select a configuration option (such as Load Balancing > Health Monitoring), you can view the entries for that tagged version, but you cannot modify them. Choose Config > Building Blocks. The All Building Blocks table appears. Choose the working version of the building block that you want to modify, then choose the attributes that you want to configure. For information about building block configuration options, see Table 15-1. Note While it is possible to configure VLAN and BVI interfaces in a building block, we recommend that you do not do so. Applying a building block with these attributes configured to a virtual context with different settings can disrupt network traffic. To apply this building block, tag it, and deploy it as described in the Tagging Building Blocks section on page 15-10 and the Applying Building Blocks section on page 15-10., page 15-1 Information About Building Block Versions and Tagging, page 15-4 Creating Building Blocks, page 15-5 Extracting Building Blocks from Virtual Contexts, page 15-7 Displaying Building Block Use, page 15-12 Configuring Building Block Primary Attributes Use this procedure to change the description of a configuration building block. Choose Config > Building Blocks. The All Building Blocks table appears. In the All Building Blocks table, choose the building block that you want to modify, and choose System > Primary Attributes. 15-8

Chapter 15 Configuring Building Blocks The Primary Attributes window appears. Step 4 In the Description field of the Primary Attributes window, modify the description as desired. Do one of the following: Click Save to save your entries. The window refreshes with the saved information. Click Tag to tag the building block. To deploy the tagged building block, see the Applying Building Blocks section on page 15-10. Creating Building Blocks, page 15-5 Configuring Building Blocks, page 15-8 15-9

Tagging Building Blocks Chapter 15 Tagging Building Blocks You can tag a working copy of a building block. After creating a building block, you must tag it before you can apply it to virtual contexts. Choose Config > Building Blocks. The All Building Blocks table appears. In the All Building Blocks table, choose the working copy of the building block that you want to tag, and click Tag. The All Building Blocks table refreshes with the newly tagged building block identified by its version, such as 1.2 or 1.3. A working copy of the building block remains available so that you can use it for future building block versions. To apply the tagged building block to virtual contexts on your network, see the Applying Building Blocks section on page 15-10., page 15-1 Information About Building Block Versions and Tagging, page 15-4 Creating Building Blocks, page 15-5 Applying Building Blocks, page 15-10 Extracting Building Blocks from Virtual Contexts, page 15-7 Displaying Building Block Use, page 15-12 Applying Building Blocks You can apply building blocks in two ways: By selecting a virtual context, then applying the building block. See the Applying a Building Block to a Single Virtual Context section on page 15-11. By selecting the tagged building block, then applying it to one or more virtual contexts. See the Applying a Building Block to Multiple Virtual Contexts section on page 15-11. 15-10

Chapter 15 Applying Building Blocks Applying a Building Block to a Single Virtual Context You can apply a tagged building block to a virtual context using virtual context configuration screens. Note Before applying a building block to a virtual context, confirm that the VLAN and BVI interfaces are defined correctly for the virtual context. If needed, remove VLAN and BVI interface configuration information from the building block and then apply it. Step 4 Choose Config > Devices > All Devices. The device tree appears. Choose the virtual context that you want to apply a building block to, and choose System > Primary Attributes. The Primary Attributes window appears. In the Tagged Building Block to Apply field, choose the building block you want to apply to the virtual context. Click Deploy Now. Applying a Building Block to Multiple Virtual Contexts, page 15-11, page 15-1 Information About Building Block Versions and Tagging, page 15-4 Extracting Building Blocks from Virtual Contexts, page 15-7 Applying a Building Block to Multiple Virtual Contexts You can apply a tagged building block to one or more contexts by using the building block configuration screens. Note Before applying a building block to a virtual context, confirm that the VLAN and BVI interfaces are defined correctly for the virtual context. If needed, remove VLAN and BVI interface configuration information from the building block and then apply it. Choose Config > Building Blocks. The All Building Blocks table appears. 15-11

Displaying Building Block Use Chapter 15 Step 4 Step 5 In the All Building Blocks table, choose the tagged building block that you want to apply to one or more virtual contexts. Choose System > Primary Attributes. The Primary Attributes configuration window appears. In the Push Building Block to VCs field of the Primary Attributes configuration window, choose the contexts that you want to apply the building block to in the Available Items list, and click Add. They appear in the Selected Items list. To remove contexts that you do not want to apply the building block to, choose them in the Selected Items list, then click Remove. They items appear in the Available Items list. Click Save. A progress bar reports status and the window refreshes when the operation is complete. Applying a Building Block to a Single Virtual Context, page 15-11, page 15-1 Information About Building Block Versions and Tagging, page 15-4 Creating Building Blocks, page 15-5 Displaying Building Block Use You can identify the virtual contexts using a building block. Choose Config > Devices. The device tree appears. In the device tree, choose All VC. The Virtual Contexts table appears. In the Virtual Contexts table, use one of the following methods to display the building blocks being used: For a small number of contexts, scan the Building Block column to see which building blocks are in use on virtual contexts. For a large number of contexts, click Filter. The window refreshes so that you can enter search criteria. In the field beneath the Building Block column heading, enter a building block name or search string, then click Go. The table refreshes with entries that match the search criteria., page 15-1 Information About Building Block Versions and Tagging, page 15-4 15-12

Chapter 15 Displaying Building Block Use Creating Building Blocks, page 15-5 Extracting Building Blocks from Virtual Contexts, page 15-7 15-13

Displaying Building Block Use Chapter 15 15-14

2024 © technodocbox.com Privacy Policy | Terms of Service | Feedback