Welcome to Knowledge Base!

KB at your finger tips

This is one stop global knowledge base where you can learn about all the products, solutions and support features.

Categories
All
Storage and Backups-Nutanix
Calm Administration and Operations Guide

Calm 3.5.2

Product Release Date: 2022-08-03

Last updated: 2022-11-10

Introduction

Introduction to Calm

Calm allows you to seamlessly select, provision, and manage your business applications across your infrastructure for both the private and public clouds. Calm provides application automation, lifecycle management, monitoring, and remediation to manage your heterogeneous infrastructure, for example, VMs or bare-metal servers.

Calm supports multiple platforms so that you can use the single self-service and automation interface to manage all your infrastructure. Calm provides an interactive and user-friendly graphical user interface (GUI) to manage your infrastructure.

Figure. Calm Model Click to enlarge

Calm Key Benefits

Calm is a multi-cloud application management framework that offers the following key benefits:

  • IT Agility and Human Error Elimination

    Calm simplifies the setup and management of custom enterprise applications by incorporating all important elements, such as the relevant VMs, configurations, and related binaries into an easy-to-use blueprint. These blueprints make the deployment and lifecycle management of common applications repeatable and help infrastructure teams eliminate extensive and complex routine application management.

  • Unified Multi-Cloud Orchestration

    Calm unifies the management of all your clouds into a single-pane-of-glass, removing the need to switch between portals. Calm automates the provisioning of multi-cloud architectures, scaling both multi-tiered and distributed applications across different cloud environments, including AWS, GCP, Azure, and VMware (on both Nutanix and non-Nutanix platforms).

  • Automated Self-Service with Centralized Control

    Calm empowers different groups in the organization to provision and manage their own applications, giving application owners and developers an attractive alternative to public cloud services. Calm provides powerful, application-centric self-service capabilities with role-based access control. All activities and changes are logged for end-to-end traceability, aiding security teams with key compliance initiatives.

  • Nutanix Marketplace

    The marketplace offers preconfigured application blueprints that infrastructure teams can instantly consume to provision applications. The marketplace also provides the option to publish sharable runbooks. A runbook is a collection of tasks that are run sequentially at different endpoints. Infrastructure teams can define endpoints and use runbooks to automate routine tasks and procedures that pan across multiple applications without the involvement of a blueprint or an application.

  • Cost Governance

    With native integration into Beam, Calm also shows the overall utilization and true cost of public cloud consumption to help you make deployment decisions with confidence.

  • Application Development and Modernization

    Combined with Nutanix Karbon or your choice of certified Kubernetes, Calm provides the tools required to modernize applications without losing control of policy. Additionally, Calm natively integrates with Jenkins to empower CI/CD pipelines with automatic infrastructure provisioning or upgrades for all applications.

  • Calm DSL - Infrastructure-as-Code (IaC)

    Calm DSL describes a simpler Python3-based Domain Specific Language (DSL) for writing Calm blueprints. DSL offers all the richness of the Calm user interface along with additional benefits of being human readable and version controllable code that can handle even the most complex application scenario. DSL can be also used to operate Calm from a CLI.

    As Calm uses Services, Packages, Substrates, Deployments and Application Profiles as building blocks for a blueprint, these entities can be defined as Python classes. You can specify their attributes as class attributes and define actions on those entities (procedural runbooks) as class methods.

    Calm DSL also accepts appropriate native data formats such as YAML and JSON that allow reuse into the larger application lifecycle context of a Calm blueprint.

    For technical articles, videos, labs and resources on Calm DSL, see Nutanix Calm DSL on Nutanix.dev.

Calm Prerequisites

Pre-configuration for Using Calm

You must configure the following components before you start using Calm.

  • Image configuration for VM: To use Nutanix as your provider, you must add and configure the image for your VMs. Images are provider-specific. You can upload images to Prism Central or Prism web console and use those images when you configure your blueprints. For more information, see Image Management section in the Prism Central Guide .
  • SSH key (optional): Generate SSH keys so that you can use them for authentication when you configure or launch your blueprints. For more information, see Generating SSH Key on a Linux VM or Generating SSH Key on a Windows VM.
  • Lightweight Directory Access Protocol (LDAP): Configure LDAP to authenticate users or group of users to use Calm. For more information about LDAP, see Configuring Authentication section in the Prism Central Guide .
  • SSP: The Prism Self Service feature allows you to create projects within an enterprise. Users or group of users can provision and manage VMs in a self-service manner without involving IT in their day-to-day operations. For more information, see Prism Self Service Administration section in the Prism Central Guide .

Prerequisites to Enable Calm

Before you enable Calm from Prism Central, ensure that you have met the following prerequisites.

  • The Prism Central version is compatible with Calm.

    You can go to the Software Product Interoperability page to verify the compatible versions of Calm and Prism Central.

  • The Prism Central in which Calm is running is registered with the same cluster.
    Note:
    • Calm is supported only on AHV and ESXi hypervisors on a Nutanix cluster.
    • Calm is not supported on Hyper-V cluster.
    • Calm does not support vSphere essential edition. If you try to enable Calm with vSphere essential edition license, you get a failure notification because hot-pluggable virtual hardware is not supported by vSphere essential edition.
  • A unique data service IP address is configured in the Prism web console cluster that is running on Prism Central. For more information about configuring data service IP address, see the Modifying Cluster Details in the Prism Web Console Guide .
    Note: Do not change the data service IP address after Calm enablement.
  • A minimum allocation of 4 GB of memory for a small Prism Central and 8 GB of memory for large Prism Central. For more information, see Calm Benchmarks.
  • All the required ports are open to communicate between a Prism web console and Prism Central. For more information about ports, see Port Reference.
  • The DNS server is reachable from Prism Central. Unreachable DNS server from Prism Central can cause slow deployment of Calm.

Calm Benchmarks

Nutanix certifies the following benchmarks for single-node deployment profiles (non-scale-out) and three-node deployment profiles (scale-out). Each benchmark contains scale numbers across different entities of Calm. Because the scaling properties of these entities often depend on each other, changes to one entity might affect the scale of other entities. For example, if your deployment has smaller number of VMs than the benchmarked number, you can have a higher number of blueprints, projects, runbooks, and so on.

Use these guidelines as a good starting point for your Calm installation. You might have to allocate more resources over time as your infrastructure grows.

Calm Single-Node Profile

The following table shows the Calm benchmarks for a single-node Prism Central profile.

Prism Central size Prism Central configuration Number of VMs Number of single-VM blueprints Number of single-VM applications Number of projects Number of runbooks
Small (1 node)

6 vCPUs and 30 GB of memory for each node.

2000 400 2000 50 250
Large (1 node)

10 vCPUs and 52 GB of memory for each node.

7000 1400 7000 250 500

Calm Three-Node (Scale-Out) Profile

The following table shows the Calm benchmarks for a three-node Prism Central profile. If high-availability is preferred, it is recommended to use the scale-out deployment.

Prism Central size Prism Central configuration Number of VMs Number of single-VM blueprints Number of single-VM applications Number of projects Number of runbooks
Small (3 nodes, scale out)

6 vCPUs and 30 GB of memory for each node.

3500 700 3500 100 500
Large (3 nodes, scale out)

10 vCPUs and 52 GB of memory for each node.

12500 2500 12500 500 1000

Benchmark Considerations

The following considerations are applicable for both Calm single-node and three-node (scale-out) profiles:

  • When you enable Calm, an additional 4 GB memory per node is added to the Prism Central small deployment profile and 8 GB of memory per node is added to the Prism Central large deployment profile.
  • The listed application and blueprint numbers include both running and deleted applications and blueprints. Data related to deleted applications and blueprints is cleaned up after 3 months.
  • All the listed VM numbers are for the VMs that are managed by Calm and not Prism Central overall.
  • These performance tests are done by using single-service blueprints and applications. Results might be lower when blueprints with multiple services are deployed.
  • Calm automatically archives the logs every 3 months to clean up the database and to free up the resources. You can also increase the memory (RAM) of your deployed Prism Central VM to increase the Calm capacity.

Calm Throughput

The maximum throughput on a large three-node (scale-out) deployment profile is 400 VMs per hour.

Note: For customized higher capacity Calm configurations, work with your Nutanix sales representative.

Port Information in Calm

For a list of required Calm ports, see Port Reference. The Port Reference section provides detailed port information for Nutanix products and services, including port sources and destinations, service descriptions, directionality, and protocol requirements.

Calm Enablement

Enabling and Accessing Calm

Calm is integrated into Prism Central and does not require you to deploy any additional VMs. To start using Calm, you only have to enable Calm from Prism Central.

Before you begin

Ensure that you have met the prerequisites to enable Calm. For more information, see Prerequisites to Enable Calm.
Note:

If the Prism web console is not registered from a Prism Central and the application blueprints have subnet, image, or VMs on the Prism web console, the Calm functionality is impacted.

Procedure

  1. Log on to Prism Central with your local admin account.
    For detailed information on how to install and log on to Prism Central, see the Prism Central Guide .
  2. From the Prism Central UI, click Services > Calm .
  3. Click Enable .
    Note: The Enable option appears only when you log on to Prism Central with a local admin account.
    When you enable Calm, an additional 4 GB memory per node is added to the Prism Central small deployment profile and 8 GB of memory per node is added to the Prism Central large deployment profile.
  4. To access Calm, click Services > Calm from the entities menu.

What to do next

You can instantaneously launch your first application. For more information, see Launching a Blueprint Instantaneously.

Checking Calm Version

You can check the version of your Calm instance from the Calm user interface.

Procedure

  1. From the Prism Central entities menu, click Services > Calm .
  2. Click the icon on the bottom-left corner.
    The About Nutanix Calm page appears displaying the version number of Calm. For example:
    Figure. Version Number Click to enlarge

Calm VM Deployment

Calm VM is a standalone VM that you can deploy on AHV and ESXi hypervisors and leverage calm functionality without the Nutanix infrastructure.

You can deploy Calm using the image at the Nutanix Support Portal - Downloads page and manage your applications across a variety of cloud platforms. Calm VM deployment eliminates the need of the complete Nutanix infrastructure to use Calm features.

Note:
  • Calm VM currently supports Calm version 3.5.2.
  • Calm VM supports scale-out deployment. See Setting up Scale-Out Calm VM.
  • The supported ESXi versions are 6.0.0 and 6.7 (vCenter version 6.7).
You can deploy Calm VM on ESXi in one of the following ways:
  • Using the vSphere Web Client. See Deploying Calm VM using the vSphere Web Client
  • Using the vSphere CLI. See Deploying Calm VM using the vSphere CLI

For information on Calm VM deployment on AHV, see Deploying Calm VM on AHV.

Deploying Calm VM on AHV

This section describes the steps to deploy a Calm VM on AHV.

Before you begin

Ensure that you have the URL of the OVA file.

Procedure

  1. From the Prism Central entities menu, click Compute & Storage > OVAs .
  2. Click Upload OVA .
    The Upload OVA page appears.
  3. Under OVA Source, select the URL radio button and do the following.
    Figure. Upload OVA Click to enlarge

    1. Provide a name in the Name field.
    2. Provide the URL of the OVA file of the Calm VM in the OVA URL field.
    3. Click Upload .
  4. On the OVAs page, select the uploaded OVA from the list.
  5. From the Actions list, select Deploy as VM .
    Figure. Deploy VM Click to enlarge

  6. On the Deploy as VM page, do the following:
    Figure. Deploy as VM - Configuration Click to enlarge

    1. Under the VM Properties section, specify the values for CPU , Cores Per CPU , and Memory .
      The CPU and Memory requirements of the Calm VM Deployment is equivalent to the Calm single-node profile. For the benchmark values, see Calm Benchmarks.
    2. Click Next .
    3. To configure the networks, associate the required subnets for your Calm VM instance.
    4. Click Next .
    5. Click Create VM to start the deployment of the Calm VM instance.
  7. From the Prism Central entities menu, go to Compute & Storage > VMs and do the following:
    Figure. VM Power On Click to enlarge

    1. Select the Calm VM instance that you deployed.
    2. Click Actions and then click Power On to power on the Calm VM instance.
    3. Wait for the Calm services to be up and running.

What to do next

To manage and administer your applications, use the Calm VM IP address and the following default credentials to log in to the Calm VM for the first time:
  • Username: admin
  • Password: Nutanix/4u
You can change the default credentials after you log in.

Deploying Calm VM using the vSphere Web Client

You must create a VM with a specific Open Virtualization Format (OVF) image to access the Calm UI.

Before you begin

Ensure that you have the URL of the OVF file, or you have saved the OVF file on your local machine.

Procedure

  1. Log on to the vSphere web client.
  2. Click the cluster on which you want to deploy the Calm VM.
    Figure. vSphere Web Client - Deploying OVF Template Click to enlarge
  3. Click Actions > Deploy OVF Template .
    Figure. Deploy OVF Template - Window Click to enlarge
  4. In the Deploy OVF Template window, do the following.
    1. Click the Local File option to browse and upload the OVF file from your local machine.
      Go to Nutanix Support Portal - Downloads and download the OVF file.
    2. Click Next and select the cluster where you want to deploy the Calm VM.
    3. Click Next and configure the storage and networks for the VM. Then, click Finish .
    The system starts importing and deploying the file on the selected VMware cluster. After the deployment is complete, the Calm VM needs to be powered on.
    Note: Calm services takes around 30 min to start after the VM is powered on.

    For more information, see Deploying OVA Template on VMware vSphere section in the VMware documentation .

What to do next

To manage and administer your applications, use the Calm VM IP address and the following default credentials to log in to the Calm VM for the first time:
  • Username: admin
  • Password: Nutanix/4u
You can change the default credentials after you log in.

Deploying Calm VM using the vSphere CLI

This section describes the steps to deploy a Calm VM by using the vSphere CLI (govc).

Before you begin

Ensure that you have installed all the libraries of the vSphere CLI client (govc). For more information, click here.

Procedure

  1. Login to the SSH client.
    Note: Ensure that you have installed the govc libraries.
  2. Run the following command.
    $ govc import.ova -name 5.17.1-prismcentral -3.0.0.1 http://endor.dyn.nutanix.com/GoldImages/calm-vm

    If you have downloaded the OVF file on your system, replace http://endor.dyn.nutanix.com/GoldImages/calm-vm with the location of the OVF file.

    Figure. vSphere CLI (govc) - Deploy Calm Click to enlarge

    Running the command starts the uploading process. Once the uploading is complete, power on the Calm VM from the vSphere web client.

    Note: Calm services takes around 30 min to start after the VM is powered on.

What to do next

To manage and administer your applications, use the Calm VM IP address and the following default credentials to access Calm VM for the first time:
  • Username: admin
  • Password: Nutanix/4u
You can change the default credentials after you log in.

Setting up Scale-Out Calm VM

Use the following procedure to set up Scale-out version of Calm VM.

Before you begin

Ensure that:
  • Your VMware vCenter version is later than 6.0.
  • You downloaded the Calm VM OVA file from the Downloads page.
  • You uploaded the Calm VM OVA file on ESXi using the vSphere CLI (govc) or vSphere Web Client and marked it as a template. See Deploying Calm VM using the vSphere Web Client and Deploying Calm VM using the vSphere CLI.
  • You uploaded the Calm VM OVA file on AHV using the Prism Central User Interface. See Deploying Calm VM on AHV.
  • You have taken a backup of Calm data in case you are planning to extend an existing Calm VM.

Procedure

  1. Create three Calm VMs using the templates you uploaded.
  2. Do one of the following:
    • To assign static IP addresses to the VMs, see Launching Calm VM with a Static IP Address.
    • If DHCP is enabled, continue to step 3.
  3. SSH to the three Calm VMs and wait until all the cluster services, including Calm and Epsilon, are up and running.
  4. Run the following commands on all three VMs.
    cluster stop
    cluster destroy
    Note: Run these commands only after taking a backup of the Calm data in case you are extending an existing
  5. Run the cluster create command on one of the three VMs.
    • To create a simple cluster, run the following command:
      #cluster --cluster_function_list="multicluster" -s <ip1>,<ip2>,<ip3> create

      For example:

      cluster --cluster_function_list="multicluster" -s 10.46.141.71,10.46.138.20,10.46.138.26 create
    • To create an advanced cluster with cluster name and virtual IP, run the following command:
      cluster --cluster_function_list="multicluster" --cluster_name "<Cluster Name>" -s <ip1>,<ip2>,<ip3> --cluster_external_ip=<vip> create

      For example:

      cluster --cluster_function_list="multicluster" --cluster_name "Demo" -s 10.46.141.71,10.46.138.20,10.46.138.26 --cluster_external_ip=10.46.141.70 --dns_servers 10.40.64.15,10.40.64.16 create
  6. Run the following command on one of the three VMs.
    cd /home/nutanix/bin
    python enable_calm.py
  7. Run the following command to verify epsilon and Calm services status:
    cluster status
  8. Enable policy engine for Calm VM. For more information, see Enabling Policy Engine for Calm VM.
  9. Run the following command to set up policy engine on one of the VMs.
    docker cp /home/nutanix/bin/set_policy_calmvm.pyc nucalm:/home
    docker cp /home/nutanix/bin/set_policy.sh nucalm:/home
    docker exec nucalm /bin/sh -c '/home/set_policy.sh <POLICY_VM_IP> <POLICy_VM_UUID>'
    

What to do next

To manage and administer your applications, use the Calm VM IP address and the following default credentials to log in to the Calm VM for the first time:
  • Username: admin
  • Password: Nutanix/4u
You can change the default credentials after you log in.

Enabling Policy Engine for Calm VM

Use the following steps to enable policy engine for Calm VM.

Before you begin

  • Ensure that you have the accounts configured. For more information, see Provider Account Settings in Calm.
  • Ensure that you have created a project for the blueprint. For more information, see Projects Overview.
  • The project to which you upload the blueprint must have the account in which you want to create the policy engine VM.

Procedure

  1. To enable policy engine on a new deployment of Calm VM, do the following:
    1. Download the blueprint from one of the following locations.
      • To download the blueprint for a single-node Calm VM, click here.
      • To download the blueprint for a scale-out Calm VM, click here.
    2. Upload the downloaded blueprint to a project.
      Note: You can add any string in the credential password and save the blueprint to avoid any blueprint errors after the upload.
    3. Set values for the following variables in the blueprint.
      • Desired policy engine IP address. This IP address must be in the same network as that of the Calm VM.
      • VIP of the Calm VM
      • Netmask of the Calm VM network
      • Gateway of the Calm VM network
      • DNS IP of the Calm VM
      • NTP IP of the Calm VM
      • Public key of CALM VM. For scale-out Calm VM, provide the public key of all VMs.
      • Disable check-login in case the check-login is enabled by default.
    4. Launch the blueprint.
    5. Wait for the application that you created by launching the blueprint to get into the running state.
    6. SSH into the Calm VM as a Nutanix user and run the following command after making the required changes.
      docker cp /home/nutanix/bin/set_policy_calmvm.py nucalm:/home
      docker cp /home/nutanix/bin/set_policy.sh nucalm:/home
      docker exec nucalm /bin/sh -c '/home/set_policy.sh <POLICY_VM_IP> <POLICY_VM_UUID>'
  2. To upgrade the policy engine VM on an upgraded Calm VM, do the following:
    1. SSH to the policy engine VM as a Nutanix user.
    2. Wget the policy-engine.tar.gz file from the Downloads page on to the policy engine VM.
    3. Untar (extract) the policy-engine.tar.gz file.
    4. Locate and run upgrade.sh .
    5. Run the docker ps command to check the status of policy containers, and wait for the containers to get healthy.
  3. To enable the policy engine VM on an upgraded Calm VM where the older version did not have the Policy Engine VM enabled, do the following:
    1. Download the set_policy_calmvm.py script from the Downloads page into the /home/nutanix/bin/ directory of your Calm VM and provide the execute permission.
    2. Download the set_policy.sh script from the Downloads page into the /home/nutanix/bin/ directory of your Calm VM and provide the execute permission.
    3. Perform Step 1 to enable the policy engine VM.

Launching Calm VM with a Static IP Address

By Default, Calm VM uses DHCP IP address. You can use the following procedure to launch Calm VM using a static IP address.

Procedure

  1. Log on to vCenter.
  2. In the Navigator pane, go to Home > Policies and Profiles > Customization Specification Manager .
  3. Click Create a new specification and do the following:
    Figure. Create New Specification Click to enlarge

    1. In the Target VM Operating System drop-down menu, select Linux .
      Figure. Specify Properties Click to enlarge

    2. In the Customization Spec Name field, enter a name for the specification.
    3. (Optional) Add a description in the Description field.
    4. Click Next .
  4. On the Computer Name page, do the following.
    Figure. Set Computer Name Click to enlarge

    1. Select the Use the virtual machine name radio button.
    2. Enter a domain name in the Domain name field.
    3. Click Next .
  5. On the Time Zone page, specify the time zone and then click Next .
  6. On the Configure Network page, do the following:
    Figure. Configure Network Click to enlarge

    1. Select the Manually select custom settings radio button.
    2. Click the Edit icon for the NIC to open the IP details page.
      Figure. IP Details Click to enlarge

    3. On the IPv4 page, select the Prompt the user for an address when the specification is used radio button.
    4. Enter the subnet mask in the Subnet Mask field.
    5. Enter the default gateway in the Default Gateway field.
    6. Click OK .
    7. On the Configure Network page, click Next .
  7. On the Enter DNS and Domain Settings page, enter the DNS and DNS search path details, and then click Next .
  8. On the Ready to complete page, verify the details you entered, and then click Finish .
  9. To launch the VM, do the following:
    1. Click Actions and then select New VM from This Template... .
      Before you launch the VM, ensure that you have uploaded the Calm VM OVA file to vCenter and converted it as a template.
    2. On the Select a name and folder page, enter a name for the VM, select the datacenter location for the VM, and then click Next .
      Figure. Name and Datacenter Click to enlarge

    3. On the Select a compute resource page, select a cluster or node, and then click Next .
    4. On the Select storage page, select the datastore and click Next .
    5. On the Select clone options page, select the following check boxes.
      • Customize the operating System
      • Customize this virtual machine’s hardware
      • Power-on virtual machine after creation
    6. On the Customize guest OS page, select the customization spec that you created.
      Figure. Customization Spec Click to enlarge

    7. On the User Settings page, enter the IP address that you want to assign to the VM, and then click Next .
      The User Settings page appears because you selected the Prompt the user for an address when the specification is used radio button during the setup.
      Figure. User Settings Click to enlarge

    8. On the Customize hardware page, update the CPU, memory, and network requirements, and then click Next .
    9. On the Ready to complete page, verify the details you entered, and then click Finish .
    Use these steps to launch other VMs in case of a scale-out Calm VM.

What to do next

To set up scale-out Calm VM, see Setting up Scale-Out Calm VM.

Getting Started with Calm

Calm Overview

The following table lists the different tabs in Calm, their icons, and their usage:

Table 1. Calm Tabs
Icons Tab Usage
Marketplace tab To instantly consume application blueprints to provision applications. See Marketplace Overview.
Blueprint tab To create, configure, publish, and launch single-VM or multi-VM blueprints. See Calm Blueprints Overview.
Application tab To view and manage applications that are launched from blueprints. See Applications Overview.
Library tab To create and use variable types and tasks. You use variables and tasks while configuring a blueprint. See Library Overview.
Runbooks tab To automate routine tasks and procedures that pan across multiple applications without involving any blueprints or applications. See Runbooks Overview.
Endpoints tab To create and manage target resources where the tasks defined in a runbook or in a blueprint can run. See Endpoints Overview.
Settings tab

To enable or disable general settings. See General Settings in Calm.

To configure and manage provider accounts. See Provider Account Settings in Calm.

To configure and manage credential provider. See Configuring a Credential Provider.

Policies tab To schedule application actions and runbook executions. See Scheduler Overview.
Marketplace Manager tab To manage approval and publishing of application blueprints. See Marketplace Manager Overview.
Projects tab To create users or groups and assign permissions to use Calm. Projects tab also allows you to configure environment for your providers. See Projects Overview.

Exploring Calm

You can use the following procedure to explore Calm user interface and get an overview of the Calm components.

Procedure

  1. Click the Tour icon on the bottom-left pane and click Explore Calm .
  2. Do one of the following.
    1. To navigate through the Calm components, click the right or left arrow.
    2. To skip the tour, click Skip tour .

Accessing Calm REST API Explorer

You can use the following procedure to access the Calm REST API explorer console from the Calm user interface.

Procedure

  1. Click the icon on the bottom-left corner.
    The About Nutanix Calm page appears.
  2. Click the Rest API Explorer link.
    The Calm REST API explorer interface appears.

Role-Based Access Control in Calm

Calm manages the role-based access control using projects. Projects are logical groupings of user roles, accounts, VM templates, and credentials that are used to manage and launch blueprints and applications within your organization. For more information, see Projects Overview.

Users or groups are allowed to view, launch, or manage applications based on the roles that are assigned within the projects. Calm has the following roles for users or groups:

  • Project Admin

    Project admins have full control of the project. They can perform reporting and user management, create blueprints, launch blueprints, and run actions on the applications.

  • Developer

    Developers can create blueprints, launch blueprints, and run actions on the applications. They are, however, not allowed to perform reporting and user management.

  • Consumer

    Consumers can launch new blueprints from the marketplace and run actions on the applications. They are, however, not allowed to create their own blueprints.

  • Operator

    Operators have minimum access and are allowed only to run actions against existing applications. They are not allowed to launch new blueprints or edit any existing blueprints.

Note: A Prism Admin is a super user within Calm and within the rest of Prism Central who has full access to all the features and functionalities of Calm.

The following table details the roles and responsibilities in Calm:

Table 1. Roles and Responsibilities Matrix
Prism Admin Project Admin Developer Consumer Operator
Marketplace Enable and Disable X
Manage X
App publishing request X X X
Send App publishing request to the Administrator X X
Clone and edit App blueprint X X X
Blueprint Create, update, delete, and duplicate X X X
Read-only X X X X
Launch X X X X
Applications Complete App summary X X X X X
Run functions X X X X X
App debug mode X X X X X
Function edit X X X
Create App (brownfield import) X X X
Delete App X X X X
Settings CRUD X
Task Library View X X X X X
Create and Update X X X
Delete X
Sharing with Projects X
Projects Add project X
Update project X X
Add VMs to projects X
Custom roles
Users Add users to the system and change roles X
Add and remove users to or from a project X X
Change user roles in a project X X
Create Administrator X
Create Project Administrator X X
Runbooks Create and Update X X X
View X X X X X
Delete X X X
Execute X X X X X
Endpoints Create and Update X X X
View X X X X X
Delete X X X
Scheduler Create, delete, and clone jobs X X X X
Read job and view execution status X X X X X
Update job name, schedule, executable, and application action X X X X
Edit operations on a blueprint launch X X X X
Edit operations on runbook executions X X X X
Edit operations on application actions X X X X
Edit operations on Marketplace launch X X X X
Note: Scheduler does not support custom roles in this release.

Calm: Quick Start

Launching a Blueprint Instantaneously

When you enable Calm, you get an out-of-the-box blueprint, a default project, and a preconfigured application profile with your Nutanix account. You can use the blueprint, project, and application profile to instantaneously launch your first application.

About this task

Video: Launching a Blueprint Instantaneously

Procedure

  1. Click the Tour icon in the bottom-left pane and click Launch Blueprint .
    The Quick Launch a Blueprint page appears.
  2. On the Select Blueprint tab, click Next .
    The default selection for launch is ExpressLaunch.
  3. On the Select Project tab, select a project and click Next .
    Projects are logical groupings of user roles, providers, VM templates, and credentials used to manage and launch blueprints within your organization. For more information, see Projects Overview.
  4. On the Select App Profile tab, click Next .
    The default selection for launch is an application profile that is configured with your Nutanix account.
    Application profiles are profiles for different datacenters or cloud services where you want to run your application. For more information, see Calm Blueprints Overview.
  5. On the Preview and Launch tab, type a name for your application and click Launch and Create App .
    The Preview and Launch tab displays the VM details of your application.
    The blueprint application is created and provisioned.

What to do next

You can view the details of the blueprint application on the Applications tab. For more information, see Applications Overview.

Provisioning a Linux or Windows Infrastructure as a Service (IaaS)

To quickly provision a Linux or Windows Infrastructure as a Service (IaaS) for your end users, you can configure and launch a single-VM blueprint in Calm.

Before you begin

  • Ensure that you have enabled Calm from your Prism Central instance. For more information, see Enabling and Accessing Calm.
  • Ensure that you have configured the projects that you want to use to provision your IaaS. For more information, see Projects Overview.

About this task

Provisioning a Linux or Windows IaaS involves configuring the single-VM blueprint VM specifications and launching the blueprint.

Procedure

  1. Log on to Prism Central.
  2. From the Prism Central UI, click Services > Calm .
  3. Click the Blueprint icon in the left pane.
  4. Click + Create Blueprint > Single VM Blueprint .
  5. On the Blueprint Settings tab, enter a name and description for your blueprint, and select a project and an environment.
    Figure. Blueprint Settings Click to enlarge

  6. On the VM Details tab, enter a VM name, and then select an account and an operating system.
    Figure. VM Details Click to enlarge

    If you have not configured any account, then keep the default Nutanix account selected. For detailed information about configuring provider accounts, see Provider Account Settings in Calm.
    You can select Linux or Windows as the operating system of your IaaS.
  7. On the VM Configuration tab, do the following:
    1. Enter the number of vCPU, cores of each vCPU, and total memory to configure the processing unit of the VM.
    2. Provide the guest customization, if required.
    3. Based on the operating system you selected, select a Linux image or a Windows image from the image service under the Disks section.
    4. Select a network configuration under the NICs section.
    Figure. VM Configuration Click to enlarge

    For detailed information about the VM configuration for different provider accounts, see VM Configuration.
  8. Click Save to save the blueprint.
  9. Click Launch to launch the blueprint.
    Figure. Blueprint Launch Click to enlarge

  10. Provide an application name, description, environment, and application profile, and then click Deploy .
    If you have not configured any environment or application profile, keep the default environment and application profile selected.
  11. Navigate to the Applications tab to view and access the application.

What to do next

  • You can publish the blueprint to the marketplace so that other project users can also launch the blueprint and use the IaaS. For more information, see Submitting a Blueprint for Approval.
  • You can create single-VM blueprints with different provider accounts and launch them. For more information, see Creating a Single-VM Blueprint.

General Settings in Calm

The Settings tab allows you to control the overall administrative functionalities of the Calm instances. You must be a Prism Central administrator to access the Settings tab.

You can use the Settings > General tab to control the following functionalities:

  • Enable the Default Landing Page option to make Calm as the default landing page in Prism Central.
  • Enable the availability of ready-to-use application blueprints in the marketplace manager. For more information, see Marketplace Manager Overview.
  • Enable showback to estimate the overall service cost of the applications running on your on-prem cloud. For more information, see Showback.
  • Enable the policy engine to enforce resource quota policy for the infrastructure resources (compute, memory, and storage) on Nutanix and VMware. For more information, see Policy Engine Overview.
  • Set up quota defaults for vCPU, memory, and disk so that they can populate automatically when you allocate quotas to your provider accounts. For more information, see Setting up Quota defaults.
  • Disable policy engine quota enforcement for your Calm instance in case the policy engine VM does not respond or encounters any connectivity issues. For more information, see Disabling Policy Enforcement.
  • Download application logs that are archived by the system periodically to clear resources. For more information, see Application Log Archive.

Enabling Nutanix Marketplace Applications

Enable Nutanix Marketplace Applications to view and launch ready-to-use application blueprints. These application blueprints appear on the Marketplace Manager tab for publishing. You can publish the blueprints to the marketplace after associating them with a project.

Procedure

  1. Click the Settings icon Settings icon in the left pane.
  2. Under the General tab, click the Nutanix Marketplace Apps toggle button.
    The application blueprints appear on the Marketplace Manager tab.

What to do next

You can associate the ready-to-use application blueprints with a project and publish them to the marketplace. For more information, see Approving and Publishing a Blueprint or Runbook.

Showback

Showback allows you to estimate the overall service cost of the applications running on your on-prem cloud. You can also view the graphical representation of the cost of the applications.

Calm supports showback for the following platforms.
  • Nutanix
  • VMware through vCenter

To enable and configure showback, see Enabling Showback.

Note: Starting with AOS 5.10 or NCC 3.6.3, Prism Central generates the following NCC alerts for showback:
  • Beam connectivity with Prism Central
  • Prism Central and Prism web console (also known as Prism Element) registration or de-registration

Enabling Showback

Enable Showback to configure the resource cost of your applications and monitor them while you configure a blueprint or manage an application. Showback is applicable only for the Nutanix platform and the VMware through vCenter platform.

About this task

Video: Enabling Showback

Procedure

  1. Log into Prism Central as an administrator.
  2. Click the Settings icon Settings icon in the left pane.
  3. Under the General tab, click the Enable Showback toggle button.
    The Enable Showback window is displayed.
  4. Click the supported provider for which you want to define the cost.
  5. To configure the resource usage cost, click Edit for the selected provider, and configure the cost of the following resources.
    1. In the vCPU field, enter the cost of vCPU consumption for each hour in dollars.
      The default value is $0.01 for each vCPU for each hour.
    2. In the Memory field, enter the cost of memory consumption for each hour in dollars.
      The default value is $0.01 for each GB of usage for each hour.
    3. In the Storage field, enter the cost of storage consumption for each hour in dollars.
      The default value is $0.0003 for each GB of usage for each hour.
  6. Click Enable Showback .

Disabling Showback

Disable showback to stop monitoring the resources cost of your application blueprints.

Procedure

  1. Log into Prism Central as an administrator.
  2. Click the Settings icon Settings icon in the left pane.
  3. Under the General tab, click the Disable Showback toggle button.
    The Disable Showback window is displayed.
  4. To disable Showback, click Disable Showback .

Policy Engine Overview

The policy engine is a single-VM setup for the single or scale-out Prism Central. When you enable the policy engine for your Calm instance, a new VM is created and deployed for the policy engine. All you need is an available IP address that belongs to the same network as that of your Prism Central VM for the policy engine VM.

As an administrator, you can enable the policy engine to:

  • Enforce resource quota policy for the infrastructure resources (compute, memory, and storage) on Nutanix and VMware. The quota policy enforcement allows better governance on resources across infrastructures at the provider and project levels. See Quota Policy Overview.
  • Orchestrate applications through tunnels on a virtual private network (VPC) on Nutanix accounts. See Tunnels for Orchestration within a VPC.
  • Enforce approval policies to manage resources and control actions in your environment. See Approval Policy Overview.
  • Schedule application actions and runbook executions. See Scheduler Overview.

Enabling policy Engine

The policy engine is a single-VM setup for the single or scale-out Prism Central.

About this task

When you enable the policy engine for your Calm instance, a new VM is created and deployed for the policy engine. All you need is an available IP address that belongs to the same network as that of your Prism Central VM for the policy engine VM.

Note:
  • If your Prism Central is on ESXi, add the VMware provider account for the vCenter that manages the host where the Prism Central VM resides to your Calm.
  • For quota consumption of running applications, you can either wait for the next platform sync to happen or run platform sync manually after the policy engine enablement. For more information on how to run platform sync, see Synchronizing Platform Configuration Changes.
  • When you upgrade Calm to the latest version as part of the Prism Central upgrade and if the policy engine is enabled, then ensure to upgrade your policy engine to the latest version using LCM.
  • If an HTTP proxy is configured, ensure that the IP address you provide for the policy engine VM is added to the HTTP-proxy whitelist.

Procedure

  1. Click the Settings icon Settings icon in the left pane.
    The Settings page appears.
  2. On the Policies tab, enter the IP address in the IP Address for Policy Engine field.
    The IP address must be an available IP address and must belong to the same network as that of your Prism Central VM.
    Figure. Enable Policy Engine Click to enlarge Policy Engine Enablement

  3. Click the Enable button.
  4. Click the Confirm button to enable the policy engine.

What to do next

  • To get quota consumption of running applications for the first time after enabling the policy engine, you can wait for the platform sync to happen or run the platform sync manually. After the first update, all future updates will happen instantly. For information on how to run platform sync, see Synchronizing Platform Configuration Changes.
  • Allocate resource quotas to provider accounts. See Allocating Resource Quota to an Account.
  • Allocate resource quotas to projects. See Managing Quota Limits for Projects .
  • Create VPC tunnels on Nutanix accounts. See Creating VPC Tunnels.
  • Create approval policies for runbook executions, application launch, or application day-2 operations. See Creating an Approval Policy.
  • Schedule application actions and runbook executions. See Creating a Scheduler Job.

Enabling Policy Engine at a Dark Site

You can enable the policy engine at a dark site.

Before you begin

If your Prism Central is on ESXi, add the VMware provider account for the vCenter that manages the host where the Prism Central VM resides to your Calm.

Procedure

  1. Download the policy engine image of the version that is compatible with your Calm version from the Downloads page of the Support & Insights Portal:
    https://portal.nutanix.com/page/downloads?product=calm
  2. Do one of the following:
    • If your Prismr Central is on AHV, upload the image on Prism Central with the following name:

      <Calm version number>-CalmPolicyVM.qcow2

    • If your Prism Central is on ESXi, manually upload the image as template on the vCenter host where the Prism Central VM resides with the following name:

      <Calm version number>-CalmPolicyVM.ova

  3. After uploading the image, enable the policy engine on the Settings page. For more information on enabling the policy engine, see Enabling policy Engine.

Setting up Quota defaults

After you enable the policy engine, you can set up the default quota values for vCPU, memory, and disk. This step is optional.

About this task

Setting up quota defaults saves you from repeatedly entering vCPU, memory, and disk quota values for each cluster. After you set the quota defaults, the default quota values populate automatically when you allocate quotas to your provider accounts.

Note: The quota defaults are visible in the accounts only after the next platform sync. You can also run the platform sync manually. For information on how to run platform sync, see Synchronizing Platform Configuration Changes.

Before you begin

Ensure that you enabled the policy engine for your Calm instance. For information about enabling the policy engine, see Enabling policy Engine.

Procedure

  1. Click the Settings iconic Settings icon the left pane.
    The Settings page appears.
  2. On the Policies tab, click the Quotas tab in the left pane.
  3. Select the Set Quota Defaults check box.
  4. Specify the values for vCPU , Memory , and Disk .
  5. Click the Save icon next to the fields.

Viewing Policy Engine VM Details

After you enable policy engine, review the policy engine VM configuration, network configuration, and cluster information on the Policies tab of your Setttings page. For example, you can view the power status, protection status, or cluster name of the policy engine VM.

Before you begin

Ensure that you have enabled the policy engine for your Calm instance. For information about enabling the policy engine, see Enabling policy Engine.

Procedure

  1. Click the Settings icon Settings icon in the left pane.
    The Settings page appears.
  2. On the Policies tab, click the Policy Settings tab in the left pane.
  3. Expand the Policy Engine VM Details section to view the policy engine VM details.

Disabling Policy Enforcement

Disable the policy enforcement for your Calm instance if the policy engine VM encounters any connectivity issues or the policy engine VM is not responding.

About this task

When you disable policy enforcement, policies are not enforced for quota checks and approval policies.

Procedure

  1. Click the Settings icon Settings icon in the left pane.
    The Settings page appears.
  2. On the Policies tab, click the Policy Settings tab in the left pane.
  3. Select the Skip Policy Checks check box to disable the policy enforcement.
  4. Click the Confirm button.

Enabling Approvals

You can enable approvals for your Calm instance from the settings page.

About this task

Caution: This feature is currently in technical preview and is disabled by default. Do not use any technical preview features in a production environment.

When you enable approvals, events such as runbook executions, application launch, and application day-2 operations that match the conditions defined in the approval policy go through the approval process.

Procedure

  1. Click the Settings icon Settings icon in the left pane.
    The Settings page appears.
  2. On the Policies tab, click the Approvals tab in the left pane.
  3. Use the Approvals toggle button to enable approvals.

Disabling Approvals

You can disable approvals for your Calm instance from the Settings page.

About this task

When you enable approvals, events such as runbook executions, application launch, and application day-2 operations do not go through the approval process even when they match the conditions defined in the approval policy.

Procedure

  1. Click the Settings icon Settings icon in the left pane.
    The Settings page appears.
  2. On the Policies tab, click the Approvals tab in the left pane.
  3. Use the Approvals toggle button to disable approvals.

Viewing Approval Email Templates

You can view the configuration details and email template on the Policies tab of the Settings page.

Procedure

  1. Click the Settings icon Settings icon in the left pane.
    The Settings page appears.
  2. On the Policies tab, click the Approvals tab in the left pane.
  3. Under the General Configuration section, view details such as the number of days after which a request expires and the frequency of the email sent to the approver and requester.
  4. Under the Email Content section, click the For Approver or For Requester tabs to view the template of the emails that are sent with each request.
    Figure. Email Template Click to enlarge

    The content of the email templates for approver or requester can be modified only using the APIs. You can use the following supported email template variables.

    • Approver
    • Requester
    • ConditionDetails
    • Event
    • EntityType
    • EntityName
    • State
    • PCIP
    • CreationTime
    • ExpirationTime
    • NutanixLogo

    You can use these variables with the {{}} syntax. For example, {{.PCIP}} .

Application Protection Status

You can view the protection and recovery status of a Calm application when:

  • The VMs of the application running on a Nutanix platform are protected by a protection policy in Prism Central.
  • You enabled the option to show application protection status in Calm.

You can view the protection and recovery status of the application on the Application Overview page. For more information, see Overview Tab.

Note:
  • The option to show application protection status is available only when at least one VM of the application is protected by a protection policy in Prism Central.
  • You can view the protection and recovery status of the Calm applications if the versions of Prism Central and Prism Element are 5.17 or later.
  • If the target recovery location is set to another Prism Central, Calm still displays the correct protection status. However, the recovery is not tracked, and there is no recovery status available for the application. Calm application still points to the old VMs.

To enable the option to show application protection status, see Enabling Application Protection Status View.

Enabling Application Protection Status View

Enable the Show App Protection Status toggle button to view the protection and recovery status of a Calm application that is deployed on a Nutanix platform. You must be a Prism Central administrator to enable or disable the toggle button.

Before you begin

  • Ensure that the versions of Prism Central and Prism Element are 5.17 or above.
  • Ensure that at least one VM of the application is protected by a protection policy in Prism Central.

Procedure

  1. Log on to Prism Central as an administrator.
  2. From the Prism Central UI, click Services > Calm .
  3. Click the Settings icon Settings icon in the left pane.
  4. Under the General tab, click the Show App Protection Status toggle button.

What to do next

You can view the protection and recovery status of the application in the application Overview page. For more details, see Overview Tab.

Application Log Archive

Calm automatically archives run logs of the deleted applications and custom actions that are older than three months. You can download the archives within 7 days from the time of archive creation.

For a running application, data is not archived for the system-generated Create actions.

You can get the following information for Start, Restart, Stop, Delete, and Soft Delete system-generated actions and user-created actions.

  • Started by
  • Run by
  • Status

Calm archives all action details of a deleted application.

Only an administrator can view and download the application log archive. For more information, see Downloading Application Log Archive.

Downloading Application Log Archive

Calm periodically archives application logs to clear resources. You can download the archived application logs from the Settings tab.

Procedure

  1. Log into Prism Central as an administrator.
  2. From the Prism Central UI, click Services > Calm .
  3. Click the Settings icon Settings icon in the left pane.
  4. Under Application log archive is ready to download , click Download .
    The tar.gz file is downloaded.

Provider Account Settings in Calm

Provider accounts are cloud services, baremetals, or existing machines that you can use to deploy, monitor, and govern your applications. You can configure multiple accounts of the same provider.

Use the Settings > Accounts tab to configure provider accounts. You configure provider accounts (by using the provider credentials) to enable Calm to manage applications by using your virtualization resources.

Calm supports the following provider accounts:

Table 1. Provider Accounts
Provider Accounts Description
Nutanix All the AHV clusters that are registered to the Prism Central instance are automatically added as providers.
Note: If you want to add a remote Prism Central (PC) instance as a provider in a multi-PC setup, you must add the remote PC instance as an account in Calm. For more information, see Configuring a Remote Prism Central Account.
VMware To configure a VMware account, see Configuring a VMware Account.
AWS To configure an AWS account, see Configuring an AWS Account.
Azure To configure an Azure account, see Configuring an Azure Account.
GCP To configure a GCP account, see Configuring a GCP Account.
Kubernetes To configure a Kubernetes account, see Configuring a Kubernetes Account.
Xi Cloud To configure Xi Cloud as a provider, see Configuring a Xi Cloud Account.

Nutanix Account Configuration

All AHV clusters that are registered to your Prism Central instance are automatically added as provider accounts to Calm.

You can also configure any remote Prism Central (PC) as an account in Calm to deploy applications on the remote PC. For more information, see Support for Multi-PC Setup.

Support for Multi-PC Setup

In a multiple Prism Centrals (multi-PC) setup, a central Calm instance (called global Calm instance) runs only on one of the PCs (called host or parent PC) and all the other PCs are connected to the central Calm instance as the remote PCs.

The global Calm instance can now manage the applications deployed on the geographically distributed Prism Centrals (also called remote PCs) without the need of separate Calm instances for every PC. A remote PC is only used to provision the tasks for the deployed applications.

In a multi-PC environment, every remote PC is added as an account to the host PC and you can add the account to your project before creating and launching a blueprint.

For more information about adding a remote PC as an account, see Configuring a Remote Prism Central Account.

For more information about adding the account to a project, see Adding Accounts to a Project.

Figure. Multi-PC Setup Click to enlarge

Configuring a Remote Prism Central Account

To deploy an application on a remote PC, you must configure the remote PC as an account in Calm.

About this task

You require the role of a Prism Admin to configure a remote PC account.

For more information about multiple Prism Central setup support, see Support for Multi-PC Setup.

Procedure

  1. Click the Settings icon in the left pane.
  2. Click the Account tab.
    The account inspector panel appears.
  3. Click +Add Account .
    The Account settings page appears.
  4. In the Name field, type a name for the PC account.
  5. From the Provider list, select Nutanix .
    Figure. Remote Prism Central Account Click to enlarge

  6. In the PC IP field, type the IP address of the remote PC.
    The application is provisioned in the remote PC IP address.
  7. In the PC Port field, type the port number for the IP address.
  8. In the User name field, type the administrator username of the remote PC.
  9. In the Password field, type the administrator password of the remote PC.
  10. In the Account Sync Interval field, specify the interval after which the platform sync must run for a cluster.
    Calm uses platform sync to synchronize any configuration changes occur in Calm-managed resources, such as IP Address changes, disk resizing, and so on. Platform sync enables Calm to maintain accurate quota and Showback information.
  11. Click Save .
    The account list displays the account that you created.
  12. To verify the credentials of the account, click Verify .
    Calm adds the remote PC as a Nutanix account after credential authentication and account verification.

Tunnels for Orchestration within a VPC

Calm lets you use Virtual Private Clouds within the Flow Virtual Networking framework to network the VMs using overlay networks. A VPC is an independent and isolated IP address space that functions as a logically isolated virtual network. VMs that you create with VPC Subnets cannot communicate with a VM that is outside the VPC. Even the VMs outside the VPC cannot reach the VMs within the VPC.

In the absence of this direct communication, you can set up tunnels to communicate with the VMs within the VPC for orchestration activities and to run script-based tasks. You can set up the tunnel VM in any one of the subnets within the VPC.

Figure. VPC Tunnels Click to enlarge

To set up tunnels for your VPCs, you must:

  • Have Flow Virtual Networking enabled in the Prism Central that hosts the Calm instance (see Enabling Flow Networking). For more information on VPCs, see Virtual Private Cloud.
  • Enable the Advanced Network Controller.
  • Attach an external subnet (VLAN) to the VPC to enable the tunnel VM to reach the policy engine VM and establish a tunnel connection. An external subnet allows VMs inside the VPC to reach the VMs that are outside the VPC network.
  • Ensure that the VMs inside the VPC is able to ping the policy engine VM and Prism Central.
  • Permit traffic from the tunnel VM to the Policy Engine VM on port 2222 using TCP connections.
  • Allow connections on default 22 port for SSH script execution or default 5985 for Powershell script execution on the target VM.
  • Enable the policy engine in Calm to allow the tunnel VM to communicate with Calm.
  • Have 2 vCPUs, 2 GiB memory and 10 GiB disk space for the tunnel VM.

For more information on creating VPC tunnels, see Creating VPC Tunnels.

Creating VPC Tunnels

In your Nutanix account, you set up tunnels to get access to the VMs that are created within the VPCs.

About this task

The tunnels that you create enables you to perform check log-in and run script-based execution tasks on the VMs that use the overlay subnets of the VPC.

If tunnel is not configured for the selected VPC, you can only perform basic operations (such as VM provisioning) on the VPC.

Before you begin

Ensure that you have enabled the policy engine on the Settings page. For details about enabling the policy engine, see Enabling policy Engine. To know other requirements to set up the tunnel, see Tunnels for Orchestration within a VPC.

Procedure

  1. Click the Settings icon Settings icon in the left pane.
  2. Click the Accounts tab.
  3. Select the Nutanix account in the left pane.
    The Account Settings page appears.
  4. In the VPC Tunnels section, do the following to set up the tunnel.
    1. Click Create Tunnel .
      The Create Tunnel for VPCs window appears.
      Figure. Create Tunnel Click to enlarge

    2. From the Select VPC list, select the VPC on which you want to set up the tunnel.
    3. From the Select VPC Subnet , select the subnet that must be used for the NIC of the tunnel VM.
    4. Under Tunnel Configuration section, select the cluster on which you want to place the VM from the Select Cluster list.
    5. In the Tunnel Name field, edit the name of the tunnel. This step is optional.
      The tunnel name is auto-generated to ensure uniqueness. You can only edit or append based on your requirement.
    6. In the Tunnel VM Name field, edit the tunnel VM name. This step is optional.
      The tunnel VM name is auto-generated to ensure uniqueness. You can only edit or append based on your requirement.
    7. Click Create .

Configuring a VMware Account

Configure your VMware account in Calm to manage applications on the VMware platform.

About this task

Note:
  • If you do not have an administrator user account in vCenter while configuring the account, then you can also use a user account with required permissions. See Permission Required in vCenter.
  • You cannot enable Calm with vSphere Essentials edition license because vSphere Essentials edition does not support hot-pluggable virtual hardware.
  • With VMware accounts, Calm also supports virtual switch (vSwitch) networks and VMware NSX-based networks.

To refer to the video about setting up VMware as provider, click here.

Procedure

  1. Click the Settings icon Settings icon in the left pane.
  2. Click the Accounts tab.
    The account inspector panel is displayed.
  3. Click +Add Account .
    The Account Settings page appears.
    Figure. Account- VMware Click to enlarge

  4. In the Name field, type a name for the account.
    Note: The name you specify appears as the account name when you add the account to a project.
  5. From the Provider list, select VMware .
  6. In the Server field, type the server IP address of the vCenter server.
  7. In the Username field, type the user name of the vCenter account.
    If a domain is part of the username, then the username syntax must be <username>@<domain> .
  8. In the Password field, type the password of the account.
  9. In the Port field, type the port number as 443 .
  10. Click Save .
  11. From the Datacenter list, select the datacenter.
    A VMware datacenter is the grouping of servers, storage networks, IP networks, and arrays. All the datacenters that are assigned to your vCenter account are available for your selection.
  12. In the Account Sync Interval field, specify the interval after which the platform sync must run for a cluster.
    Calm uses platform sync to synchronize any configuration changes occur in Calm-managed VMware resources, such as IP Address changes, disk resizing, and so on. Platform sync enables Calm to maintain accurate quota and Showback information.
  13. To monitor the operating cost of your applications, configure the cost of the following resources. This step is optional.
    Note: Ensure that you have enabled showback. For more information about enabling showback, see Enabling Showback.
    • In the vCPU field, type the cost of vCPU consumption for each hour in dollars. The default value is $0.01 for each vCPU for each hour.
    • In the Memory field, type the cost of memory consumption for each hour in dollars. The default value is $0.01 for each GB of usage for each hour.
    • In the Storage field, type the cost of storage consumption for each hour in dollars. The default value is $0.0003 for each GB of usage for each hour.
  14. Click Save .
  15. To verify the credentials of the account, click Verify .
    Calm lists the account as an active account after successful credential authentication and account verification.

What to do next

Create a project and configure a VMware environment, see Creating a Project and Configuring VMware Environment.

Permission Required in vCenter

The following table provides the complete list of permissions that you need to enable in vCenter before you configure your VMware account in Calm.

Table 1. Permissions required in vCenter
Entity Permission
Datastore
  • Allocate space
  • Browse datastore
  • Low level file operation
  • Update virtual machine files
Network
  • Assign Network
  • Configure
  • Move Network
Resource
  • Assign virtual machine to resource pool
vSphere Tagging
  • All
Virtual Machine > Change Configuration
  • Add existing disk
  • Add new disk
  • Add or remove device
  • Change CPU count
  • Change memory
  • Modify device settings
  • Configure raw device
  • Rename
  • Set annotation
  • Change settings
  • Upgrade virtual machine compatibility
Virtual Machine > Interaction
  • Configure CD media
  • Connect devices
  • Power On
  • Power off
  • Reset
  • Install VMware tools
Virtual Machine > Edit Inventory
  • Create from existing
  • Remove
Virtual Machine > Provisioning
  • Clone template
  • Customize guest
  • Deploy template
  • Read customization specifications

You must define the custom role at the vCenter level instead of the Datacenter level. For information on how to enable permissions in vCenter, see the vSphere Users and Permissions section in the VMware documents.

Supported vSphere Versions

Calm supports the following versions of vSphere.

  • 7.0
  • 6.7
  • 6.5
  • 6.0

Configuring an AWS Account

Configure your AWS account in Calm to manage applications on the AWS platform.

Before you begin

Ensure that you have the following accounts and details.
  • An AWS account with valid credentials.
  • An IAM user account. For information on how to create an IAM user account, refer to AWS Documentation .
  • A user account with full EC2 access and IAM read-only access.
  • The access key ID and the secret access key for the IAM user account.
Note:
  • Ensure that you have configured the domain name server (DNS). To verify the DNS configuration, from the Prism Central UI, click Prism Central > Gear icon > Name Servers and run the following command.
    nutanix@cvm$ ncli cluster get-name-servers
  • If you are configuring DNS now, then you must restart the Prism Central VM.

Procedure

  1. Click the Settings icon in the left pane.
  2. Click the Accounts tab.
    The account inspector panel appears.
  3. Click +Add Account .
    The Account Settings page appears.
    Figure. Account- AWS Click to enlarge

  4. In the Name field, type a name for the account.
  5. From the Provider list, select AWS .
  6. In the Access Key ID field, type the access key ID of your AWS account.
  7. In the Secret Access Key field, type the secret access key of your AWS account.
  8. From the Regions list, select the geographical regions.
    By default, Calm includes all regions except China and GovCloud in the account. You can remove a region from the account. You can also clear the All Regions check box and select regions from the Regions list.
    Warning: Removing a region from an existing AWS account impacts the deployed VMs in that region.
  9. In the Search Public Image field, search the public image applicable to your region, and select the public image. This step is optional.
    You must authenticate the credentials before searching. You can select multiple public images and use any of the selected public images when you create a blueprint for AWS.
  10. Click Save .
  11. To verify the credentials of the account, click Verify .
    Calm lists the account as an active account after successful credential authentication and account verification.

What to do next

Create a project and configure an AWS environment, see Creating a Project and Configuring AWS Environment.

Configuring AWS C2S Provider on Calm

GovCloud (US) is an isolated AWS region to help the United States government agencies and federal IT contractors host sensitive workloads into the cloud by addressing their specific regulatory and compliance requirements.

About this task

With AWS C2S support in Calm, you can configure your GovCloud authentication, and then create or manage your workload instances on AWS GovCloud region as done for other AWS regions. The AWS GovCloud provides the same high-level security as other AWS regions, however, the Commercial Cloud Services (C2S) and the C2S Access Portal (CAP) are used to grant controlled access to the C2S Management Console and C2S APIs for Government users and applications.
Note:

The AWS GovCloud (US) region supports the management of regulated data by restricting physical and logical administrative access to U.S. citizens only.

Before you begin

Ensure that you have the following accounts.
  • An AWS GovCloud (US) account with valid credentials.
  • A C2S account configured in AWS.

Procedure

  1. Click the Settings icon Settings icon in the left pane.
  2. Click the Accounts tab.
    The inspector panel appears.
    Figure. Provider- AWS Click to enlarge

  3. In the Name field, type the name of the account.
  4. From the Type list, select AWS C2S .
  5. In the C2S account address field, type the C2S account IP address.
  6. In the Client Certificate field, type or upload the client certificate.
  7. In the Client Key field, type or upload the client key.
  8. In the Role field, type the required IAM role.
  9. In the Mission field, type the mission.
  10. In the Agency field, type the agency.
  11. Select All GovCloud Regions check box to select all the GovCloud regions.
  12. Click Save .
  13. To verify the credentials of the account, click Verify .
    Calm lists the account as an active account after successful credential authentication and account verification.

What to do next

You can use the configured AWS C2S provider while you create a blueprint.

Configuring AWS User Account with Minimum Privilege

To manage applications on the AWS platform using Calm, you must have a privileged AWS user account with an appropriate policy.

Before you begin

Ensure that you have an AWS administrator user account.

Procedure

  1. Log on to the AWS console with your AWS administrator account.
  2. Click Services > IAM .
  3. To add a user, click Users > Add User .
  4. On the Add User page, do the following.
    1. In the User name field, type a user name.
    2. In the Access Type area, select the check boxes next to the Programmatic access and AWS Management Console access fields, and then click Next: Permission .
      Note: Do not configure any fields on the Set Permission page.
    3. Click Next: Tags .
    4. To add a tag to a user, type the key and value pair in the Key and Value fields.
      For more information about IAM tags, see AWS Documents .
    5. Click Next: Review .
    6. Click Create User .
      An IAM user is created.
    7. To display the credential of the user, click Show in the Access key ID , Secret access Key , and Password fields.
      Note: Copy the credentials in a file and save the file on to your local machine. You need the credentials when you configure AWS as an account in Calm to manage applications.
  5. To assign permission to the user, click the user you created on the Users page.
    The Summary page appears.
  6. On the Permissions tab, click + Add inline policy .
  7. On the Create Policy page, click the JSON tab and use the following JSON code in the code editor area.
    
    {
    	"Version": "2012-10-17",
    	"Statement": [
        	{
            	"Effect": "Allow",
            	"Action": [
                	"iam:ListRoles",
                	"iam:ListSSHPublicKeys",
                	"iam:GetSSHPublicKey",
                	"iam:GetAccountPasswordPolicy",
                	"ec2:RunInstances",
                	"ec2:StartInstances",
                	"ec2:StopInstances",
                	"ec2:RebootInstances",
                	"ec2:CreateTags",
                	"ec2:CreateVolume",
                	"ec2:CreateSnapshot",
                	"ec2:CreateImage",
                	"ec2:ModifyImageAttribute",
                	"ec2:ModifyInstanceAttribute",
                	"ec2:AttachVolume",
                	"ec2:DetachVolume",
                	"ec2:ModifyVolume",
                	"ec2:AssociateIamInstanceProfile",
                	"ec2:ReplaceIamInstanceProfileAssociation",
                	"ec2:DisassociateIamInstanceProfile",
                	"ec2:RegisterImage",
                	"ec2:DeregisterImage",
                	"ec2:DeleteSnapshot",
                	"ec2:GetConsoleOutput",
                	"ec2:Describe*",
                	"ec2:DeleteTags",
                	"ec2:TerminateInstances"
            	],
            	"Resource": "*"
        	},
        	{
            	"Effect": "Allow",
            	"Action": ["iam:ListUserPolicies"],
            	"Resource": ["arn:aws:iam::*:user/${aws:username}"]
        	},
        	{
            	"Effect": "Allow",
            	"Action": ["iam:PassRole"],
            	"Resource": ["arn:aws:iam::*:role/*"]
        	}
    	]
    }
    
  8. Click Review Policy .
  9. On the Review Policy page, in the Name field, type a name for the policy and click Create policy .

What to do next

You can configure AWS as a provider on the Settings page. For more information, see Configuring an AWS Account. You can also assign different policy privileges to the user. For more information, see AWS Policy Privileges.

AWS Policy Privileges

The following table displays the list of user policy privileges and the corresponding JSON attributes that you can add in the JSON syntax to assign different privileges to a user.

Table 1. User Privileges and the JSON attributes
To create JSON attributes
EC2 Instances ec2:RunInstances
Volumes ec2:CreateVolume
Snapshot ec2:CreateSnapshot
Image(AMI) ec2:CreateImage
To list or get JSON attributes
SSH Public Keys for all users iam:ListSSHPublicKeys
List IAM Roles iam:ListRoles
EC2 attributes ec2:Describe*
EC2 instance console output ec2:GetConsoleOutput
IAM user policies for the user iam:ListUserPolicies
To update JSON attributes
Image(AMI) attributes ec2:ModifyImageAttribute
To delete JSON attributes
EC2 Instances ec2:TerminateInstances
Instance Tags ec2:DeleteTags
Snapshot ec2:DeleteSnapshot
Images(deregister images) ec2:DeregisterImage
Others JSON attributes
Start/Stop/Restart Instances ec2:RunInstances, ec2:StartInstances, ec2:StopInstances, ec2:RebootInstances
Pass and IAM role to service iam:PassRole

Configuring a GCP Account

Configure your GCP account in Calm to manage applications on the GCP platform.

Before you begin

Ensure that you have the service account file of your GCP account in a JSON format saved on your local machine. To create a GCP service account file, see the GCP documentation .

Procedure

  1. Click the Settings icon Settings icon in the left pane.
  2. Click the Accounts tab.
    The account inspector panel is displayed.
  3. Click +Add Account .
    The Account Settings page appears.
    Figure. Account- GCP Click to enlarge

  4. In the Name field, type a name for the account.
  5. From the Provider list, select GCP .
  6. To import the service account file from your local machine, click Service Account File .
    A service account file is a special Google account file that you can use to upload the details of your GCP account.
    The values in the Project ID , Private Key , Client Email , and Token URI fields are auto-filled after you upload the file.
  7. From the Regions list, select the geographical regions.
    By default, Calm includes all regions in the account. You can remove a region from the account. You can also clear the All Regions check box and select regions from the Regions list.
    Warning: Removing a region from an existing GCP account impacts the deployed VMs in that region.
  8. Select the Enable GKE check box to enable Google Kubernetes Engine (GKE). This step is optional.
  9. In the Server IP field, type the GKE leader IP address.
  10. In the Port field, type the port number.
  11. Click Save .
  12. To verify the credentials of the account, click Verify .
    Calm lists the account as an active account after successful credential authentication and account verification.

What to do next

To troubleshoot some common issues, see KB-5616. You can create a project and configure a GCP environment, see Creating a Project and Configuring GCP Environment.

Configuring an Azure Account

Configure your Azure account in Calm to manage applications on the Azure platform.

About this task

Note:
  • For detailed description of the required fields, refer to the Azure documentation .
  • Only authorized organizations can use restricted regions like Australia Central through Calm. For more information, refer to the Microsoft documentation .

Before you begin

  • Assign appropriate role to your application. For detailed information, refer to the Microsoft documentation .

Procedure

  1. Click the Settings icon Settings icon in the left pane.
  2. Click the Accounts tab.
    The account inspector panel appears.
    Figure. Account- Azure Click to enlarge

  3. In the Name field, type a name for the account.
  4. From the Provider list, select Azure .
  5. Do the following under the Service Principal Credentials section.
    1. In the Directory/Tenant ID field, type the directory/tenant ID of your Azure application.
    2. In the Application/Client ID field, type the application/client ID.
    3. In the Client Key/Secret field, type the client key or secret.
  6. From the Subscriptions list, select your Azure subscriptions.
    The subscriptions you select provide access to the associated resource groups during blueprint configuration. The subscriptions allow you to launch VMs in the associated resource groups with a single account. When you do not select any subscriptions, Calm provides access to all the subscriptions available in the Azure service principal.
  7. From the Default Subscription list, select a default subscription. This step is optional.
    Specify the default subscription if the Azure VM configurations such as blueprints and marketplace items created in any earlier versions of Calm require any backward compatibility.
  8. From the Cloud Environment list, select a cloud environment.
    You can select Public Cloud , US Government Cloud , China Cloud , or German Cloud .
  9. Click Save .
  10. To verify the credentials of the account, click Verify .
    Calm lists the account as an active account after successful credential authentication and account verification.

What to do next

Create a project and configure an Azure environment, see Creating a Project and Configuring Azure Environment.

Configuring Azure User Account with Minimum Privilege

You must have a privileged Azure user account to manage applications on an Azure platform using Calm.

About this task

To refer to a video about assigning minimum privilege to configure Azure account to work with Calm, click here.

Procedure

  1. Log on to Azure portal with your administrator account.
  2. Open https://shell.azure.com and select bash.
  3. Create a .json file with the following content.
    {
      "Name": "Calm Admin",
      "IsCustom": true,
      "Description": "For calm to manage VMs on azure provisioned from calm applications",
      "Actions": [
        "Microsoft.Storage/storageAccounts/read",
        "Microsoft.Storage/storageAccounts/write",
        "Microsoft.Storage/checknameavailability/read",
        "Microsoft.Storage/skus/read",
        "Microsoft.Network/virtualNetworks/subnets/*",
        "Microsoft.Network/virtualNetworks/read",
        "Microsoft.Network/networkSecurityGroups/*",
        "Microsoft.Network/networkInterfaces/*",
        "Microsoft.Network/publicIPAddresses/*",
        "Microsoft.Network/publicIPPrefixes/*",
        "Microsoft.Compute/availabilitySets/vmSizes/read",
        "Microsoft.Compute/availabilitySets/read",
        "Microsoft.Compute/availabilitySets/write",
        "Microsoft.Compute/disks/*",
        "Microsoft.Compute/images/read",
        "Microsoft.Compute/images/write",
        "Microsoft.Compute/locations/publishers/read",
        "Microsoft.Compute/locations/publishers/artifacttypes/offers/read",
        "Microsoft.Compute/locations/publishers/artifacttypes/offers/skus/read",
        "Microsoft.Compute/locations/publishers/artifacttypes/offers/skus/versions/read",
        "Microsoft.Compute/skus/read",
        "Microsoft.Compute/snapshots/*",
        "Microsoft.Compute/locations/vmSizes/read",
        "Microsoft.Compute/virtualMachines/*",
        "Microsoft.Resources/subscriptions/resourceGroups/read",
        "Microsoft.Resources/subscriptions/resourceGroups/write",
        "Microsoft.Resources/subscriptions/resourceGroups/delete",
        "Microsoft.GuestConfiguration/*/read",
        "Microsoft.GuestConfiguration/*/write",
        "Microsoft.GuestConfiguration/*/action",
        "Microsoft.Compute/galleries/read",
        "Microsoft.Compute/galleries/images/read",
        "Microsoft.Compute/galleries/images/versions/read",
        "Microsoft.KeyVault/vaults/read",
        "Microsoft.KeyVault/vaults/deploy/action"
      ],
      "NotActions": [],
      "AssignableScopes": [
        "/subscriptions/<subscription id>"
      ]
    } 
  4. In the Azure cloud shell, run the following command.
    az role definition create --role-definition <file>.json
    Use the file you created in step 4 in place of <file>.json .
    Calm Admin user role is created.
  5. In the Azure cloud shell, run the following command to create an Azure Service Principal. The command returns all the information required to add the Azure account in Calm.
    az ad sp create-for-rbac -n "CalmAccount" --role "Calm Admin"
  6. Copy the values for appId , password , and tenant . You need these values to add the Azure account in Calm.

Configuring a Kubernetes Account

Configure your Kubernetes account in Calm to manage applications on the Kubernetes platform.

Before you begin

Ensure that you meet the following requirements.
  • You have a compatible version of Kubernetes. Calm is compatible with Kubernetes 1.16 and 1.17.
  • You have necessary RBAC permissions on the Kubernetes server.
  • You have the authentication mechanism enabled on the Kubernetes cluster.

Procedure

  1. Click the Settings icon Settings icon in the left pane.
  2. Click the Accounts tab.
    The account inspector panel is displayed.
  3. Click +Add Account .
    The Account Settings page appears.
    Figure. Provider- Kubernetes Click to enlarge

  4. In the Name field, type a name for the account.
  5. From the Provider list, select Kubernetes .
  6. From the Type list, select one of the following.
    • Select Vanilla to self deploy the kubernetes clusters.
    • Select Karbon to add Karbon as the provider type. Nutanix Karbon is a curated turnkey offering that provides simplified provisioning and operations of Kubernetes clusters.
  7. If you have selected the kubernetes type as Vanilla , then do the following.
    1. In the Server IP field, type the Kubernetes leader IP address.
    2. In the Port field, type the port number of the Kubernetes server.
    3. From the Auth Type list, select the authentication type.
      You can select one of the following authentication types.
      • Basic Auth : Basic authentication is a method for an HTTP user agent, for example, a web browser, to provide a user name and password when making a request.
      • Client Certificate : A client certificate is a digital certificate protected with a key for authentication.
      • CA Certificate : A client authentication certificate is a certificate that is used to authenticate clients during an SSL handshake. The certificate authenticates users who access a server by exchanging the client authentication certificate.
      • Service Account : A service account is an automatically enabled authenticator that uses signed bearer tokens to verify requests.
    4. If you have selected Basic Auth , then do one of the following.
      • In the Username field, type the username. If the domain is a part of the username, then the username syntax should be <username>@<domain> .
      • In the Password field, type the password.
    5. If you have selected Client Certificate , then do one of the following.
      • Under Client Certificate , upload the client certificate.
      • Under Client Key , upload the private key.
    6. If you have selected CA Certificate , then do one of the following.
      • Under CA Certificate , upload the CA certificate.
      • Under Client Certificate , upload the client certificate.
      • Under Client Key , upload the private key.
    7. If you selected Service Account , then do one of the following.
      • Under Token , upload the service account authentication token.
      • Under CA Certificate , upload the CA certificate.
  8. If you have selected the kubernetes type as Karbon , then do the following.
    1. In the Cluster list, select the respective kubernetes cluster that you want to add.
  9. Click Save .
  10. To verify the credentials of the account, click Verify .
    Calm lists the account as an active account after successful credential authentication and account verification.

Configuring Amazon EKS, Azure Kubernetes Service, or Anthos

For Calm to manage workloads on Amazon EKS, Azure Kubernetes Service (AKS), or Anthos, enable the generic authentication mechanism and create a service account on the Kubernetes cluster. You can then use the service account to communicate with the cluster.

Procedure

  1. Create a service account by running the following Kubernetes command:
    kubectl create serviceaccount ntnx-calm
    A service account is a user that the Kubernetes API manages. A service account is used to provide an identity for the processes that run in a pod.
  2. Bind the cluster admin role to the Calm service account using the following command:
    kubectl create clusterrolebinding ntnx-calm-admin --clusterrole cluster-admin --serviceaccount default:ntnx-calm
  3. Get the service account secret name using the following command:
    SECRET_NAME=$(kubectl get serviceaccount ntnx-calm -o jsonpath='{$.secrets[0].name}')
    Secrets are objects that contain sensitive data such as a key, token, or password. Placing such information in a Secret allows better control and reduces the risk of exposure.
  4. Get the service account token using the following command:
    kubectl get secret ${SECRET_NAME} -o jsonpath='{$.data.token}' | base64 –decode
  5. Get the CA certificate using the following command:
    kubectl config view --minify --raw -o jsonpath='{.clusters[*].cluster.certificate-authority-data}' | base64 –decode

What to do next

After receiving the service token, you can add the account in Calm and use the token to communicate with the cluster. For more information on adding the account, see Configuring a Kubernetes Account.

Configuring a Xi Cloud Account

To manage workloads on Nutanix Xi Cloud, add your Xi Cloud as an account in Calm if your Prism Central is paired with a Xi cloud. Calm automatically discovers the availability zones of the Xi Cloud and allows you to add the Xi Cloud account as a provider account.

Before you begin

Ensure that you meet the following conditions.
  • You enabled Xi leap in Prism Central.
  • Your Prism Central is paired with Xi Cloud.
  • Your Prism Central and Xi Cloud are connected to a VPN.
  • You added the routes to Xi gateway in Prism Central.

Procedure

  1. Click the Settings icon in the left pane.
  2. Click the Accounts tab.
    The account inspector panel appears.
  3. Click +Add Account .
    The Account Settings page appears.
  4. In the Name field, type a name for the Xi cloud.
  5. From the Provider list, select Xi .
    Calm automatically add the paired availability zones in the Availability Zones field.
  6. Click Save .
  7. To verify the credentials of the account, click Verify .
    Calm lists the account as an active account after successful credential authentication and account verification.

What to do next

You can use the configured Xi cloud to host blueprints and application by using Calm. For more information, see Calm Blueprints Overview.

Platform Sync for Provider Accounts

Calm automates the provisioning and management of infrastructure resources for both private and public clouds. When any configuration changes are made directly to the Calm-managed resources, Calm needs to sync up the changes to accurately calculate and display quotas and Showback information.

Platform sync enables Calm to synchronize any changes in the clusters that are managed by Calm on connected providers. These changes can be any IP Address changes, disk resizing, unavailability of VMs, and so on.

For example, when a VM is powered off externally or deleted, platform sync updates the VM status in Calm. Calm then adds the infrastructure resources consumed by the VM (memory and vCPU) to the total available quota.

You can specify an interval after which the platform sync must run for a cluster. For more information, see Configuring a Remote Prism Central Account and Configuring a VMware Account.

Note: Platform sync is supported for Nutanix, VMware, and AWS. Calm provides automatic platform sync for AWS with a predefined sync interval of 20 minutes. You can, however, sync up the configuration changes instantly for your Nutanix or VMware account. For more information, see Synchronizing Platform Configuration Changes.

Synchronizing Platform Configuration Changes

Platform sync enables Calm to synchronize any changes in the clusters that are managed by Calm on connected providers. These changes can be any IP Address changes, disk resizing, unavailability of VMs, and so on. You can sync up the configuration changes instantly for your accounts.

About this task

Note: Platform sync is supported for Nutanix, VMware, and AWS. Calm provides automatic platform sync for AWS with a predefined sync interval of 20 minutes. The following steps are applicable only to the Nutanix and VMware accounts.

Procedure

  1. Click the Settings icon Settings icon in the left pane.
    The Settings page appears.
  2. Click the Accounts tab.
  3. Select the Nutanix or VMware account for which you want to sync up configuration changes in the left pane.
  4. On the Account Settings page, click the Sync Now button.
    Figure. Sync Now Click to enlarge

Allocating Resource Quota to an Account

Allocate resource quotas to your accounts to have a better control over the infrastructure resources (computer, memory, and storage) that are provisioned through Calm. Based on the resource quota you allocate, the policy engine enforces quota checks when applications are launched, scaled-out, or updated.

About this task

Note: You can allocate resource quotas to Nutanix and VMware accounts only.

Before you begin

  • Ensure that you configured your Nutanix or VMware account. For more details about configuring an account, see Provider Account Settings in Calm.
  • Ensure that you enabled the policy engine on the Settings page. For more details about enabling the policy engine, see Enabling policy Engine.

Procedure

  1. Click the Settings icon Settings icon in the left pane.
    The Settings page appears.
  2. Click the Accounts tab.
  3. Select the Nutanix or VMware account in the left pane.
  4. On the Account Settings page, select the Quotas check box.
    If you have set up the quota defaults on the General tab of the Settings page, the default values populate automatically in the vCPU , Memory , and Disk fields of the discovered clusters.
    Figure. Quota Definition Click to enlarge Quota Definition

  5. Allocate required quota values to the discovered clusters.
    The Physical Resources row below the quota fields shows the physical resource already used and the total physical resource of the cluster. You can use this information when you allocate resource quotas to the account.
  6. Click Save .

Viewing Quota Utilization Report

Use the utilization report to analyze how the projects to which the cluster is assigned consumed the allocated resources of the cluster. For example, if a Nutanix cluster is assigned to three different projects, you can analyze how the assigned projects consumed the allocated resources of that cluster.

Before you begin

  • Ensure that you have enabled the policy engine on the Settings tab. For more details about enabling the policy engine, see Enabling policy Engine.
  • Ensure that you have allocated resource quotas to the provider. For more details, see Allocating Resource Quota to an Account.
  • Ensure that you have allocated resource quotas to projects. For more details, see Adding Accounts to a Project.

Procedure

  1. Click the Settings icon Settings icon in the left pane.
  2. Click the Accounts tab.
  3. Select the Nutanix or VMware account in the left pane.
    The Account Settings page appears.
  4. In the Quotas section, do the following to view the resources consumed for each cluster:
    1. In the Quota Utilization | View Report row, hover your mouse over the status bar of a resource.
      The ToolTip displays the resources consumed and the resources allocated to the cluster.
      Figure. Quota Utilization Status Bar Click to enlarge Quota Utilization Status Bar

      Note: You can also use the status bar to view the overall status and percentage of resources consumed.
    2. Click View Report .
      The Utilization Report window appears.
      Figure. Utilization Report Click to enlarge Utilization Report

    3. View project-wise consumption of resources along with the amount of compute, memory, and storage that the projects used.

Credentials in Calm

Credentials help in abstracting identity settings while connecting to an external system. Credentials are used to authenticate a user to access various services in Calm. Calm supports key-based and password-based authentication method.

Credentials Overview

Credentials are used in multiple Calm entities and workflows.

  • Environment

    Environment allows a Project Admin to add multiple credentials and configure VM default specifications for each of the selected providers as a part of project and environment configurations.

    Project admins must configure an environment before launching an application from the marketplace. The recommendation is to have at least one credential of each secret type (SSH or password) to be defined under each environment in the project. These values get patched wherever the credential values are empty when you launch your marketplace items.

  • Blueprints and runbooks

    Developers can add credentials to a blueprint. These credentials are referenced after the VM is provisioned. Credentials defined within an environment of a project have no significance or impact on the credentials you define within the blueprint.

    Calm supports export and import of blueprints across different Prism Central or Calm instances along with the secrets. The developer uses a passphrase to encrypt credentials and then decrypts credentials in a different instance using the same passphrase to create a blueprint copy.

  • Marketplace

    All global marketplace items have empty credentials values. However, locally published blueprints can have the credential values if the developer published the blueprint with the Publish with Secret s option enabled.

    When you launch a marketplace item, credentials are patched wherever the value is empty. In case there are multiple credentials of a particular type configured within the environment of a project, you get the option to select a credential for the launch.

  • Applications

    Owners can change the credential value of an application multiple times until the application is deleted. The latest value of a credential that is available at that point in the application instance is used when an action is triggered.

    Any change in the credential value at the application level does not impact the credential value at the corresponding blueprint level.

Calm allows managing the following types of credentials:

  • Static Credentials

    Static credentials in Calm are modelled to store secrets (password or SSH private key) in the credential objects that are contained in the blueprints that the applications copy.

  • Dynamic Credentials

    Calm supports external credential store integration for dynamic credentials. A credential store holds username and password or key certificate combinations and enables applications to retrieve and use credentials for authentication to external services whenever required. As a developer, you can:

    • Define credential attributes that you want to pass on to the credential provider from the blueprint during execution.
    • Define variables that the credential provider must use. By default, Calm defines the secret variable when you configure your credential provider.
      Note: To use the credential in the blueprint, the variables in the credential and the blueprint must match.
    • Define a runbook with eScript tasks in the dynamic credential provider definition. The tasks you define in the runbook can set the username, password, private key, or passphrase values for the credential.

    For more information about configuring a credential provider, see Configuring a Credential Provider.

    When a blueprint uses a dynamic credential, the secret (password or SSH private key) is not stored in the credential objects within the blueprint. The secret values are fetched on demand by executing the runbook within the credential provider that you configure in Calm and associate with the blueprint.

    Note:
    • You cannot add a dynamic credential when you configure an environment in our project. You can, however, allow the credential provider in the environment.
    • You cannot use dynamic credentials for HTTP variables, such as profile variables, service variables, runbooks, and so on.
    • You cannot use dynamic credentials for HTTP endpoints and Open Terminal in applications.
    • For ready-to-use blueprints or blueprints that are published without secrets, the empty credential values are patched with the credential along with its associated runbook and variable values.

Configuring a Credential Provider

Calm supports external credential store integration for dynamic credentials.

About this task

As a developer, you can define variable, runbook, and attributes in a dynamic credential provider definition.

Procedure

  1. Click the Settings icon Settings icon in the left pane.
  2. On the Credential Providers tab, click Add Credential Provider .
    Figure. Add Credential Provider Click to enlarge

  3. On the Credentials Provider Account Settings page, enter a name for the credential provider in the Name field.
    Figure. Credential Provider Click to enlarge

  4. Enter the server address of the credential provider in the Provider Server Address field.
  5. Enter the secret for the account in the Provider Secret field. The secret for the provider can be a key, token, or password.
  6. To add the credential attributes, click the + icon next to Credential Attributes and do the following:
    1. Enter a name for the credential attribute in the Name field.
    2. Select a data type for the credential attribute in the Data Type field.
    3. Provide a value for the data type you selected in the Value field. You can select the Secret check box to hide the value of the credential attribute.
      Credential attributes are the variables that you pass on to the credential provider from the blueprint during execution. Developers require these attributes in blueprints and runbooks to use the credential provider.
  7. To add variables, click the + icon in the Variables section and do the following:
    1. Enter a name for the variable in the Name field.
    2. Select a data type for the variable in the Data Type field.
    3. Provide a value for the data type you selected in the Value field. You can select the Secret check box to hide the value of the variable.
      The variables that you add during the credential provider configuration are only used in the runbooks that you define for the credential provider.
      To use the credential in the blueprint, the variables in the credential and the blueprint must match.
  8. Configure a runbook for the credential provider. For information on runbook configuration, see Runbooks Overview.
    You can define a runbook with an eScript task. The tasks are used to set the username, password, private key, or passphrase values for the credential.
    Note: When the runbook uses the eScript task, then do the following in the Set Variable eScript task to fetch SSH keys or multi-line secrets from the credential provider.
    • Encode the secrets.
    • Set the is_secret_encoded variable to True.
    The runbook uses the variables you defined during the credential provider configuration. You can click Variable/Attributes button within the runbook to view, edit, or add variables. After your runbook is defined, you can click Test to test the runbook.
  9. Click Save .

What to do next

You can add the credential provider to a project. For more information, see Adding Accounts to a Project.

Projects Overview

A project defines Active Directory users or groups to manage common set of requirements or functions. For example, a project can define a team collaborating on an engineering project. A project specifies roles to associate its members, select existing networks that the deployed VMs can use, and (optionally) set usage limits on infrastructure resources.

Figure. Projects Click to enlarge

The refactored project provides a consistent experience when you access it from Prism Central or from Calm. However when Calm is enabled, you can also configure application management specific features in your projects.

For more information on the Project Summary view and Project Details view, see Project Summary View and Project Details View.

For more information on how to create a project, add users, add infrastructure, configure environments, and managing quota and snapshot policies, see Projects Overview in the Prism Central Guide.

Calm Blueprints Overview

A blueprint is the framework for every application that you model by using Calm. Blueprints are templates that describe all the steps that are required to provision, configure, and execute tasks on the services and applications that you create.

You create a blueprint to represent the architecture of your application and then run the blueprint repeatedly to create an instance, provision, and launch applications.

A blueprint also defines the lifecycle of an application and its underlying infrastructure; starting from the creation of the application to the actions that are carried out on a blueprint until the termination of the application.

You can use blueprints to model the applications of various complexities; from simply provisioning a single virtual machine to provisioning and managing a multi-node, multi-tier application.

Building Blocks of a Blueprint

Calm uses services, application profiles, packages, substrates, and actions as building blocks for a blueprint to define applications.

  • Services

    An application is made up of multiple components (or services) working together. The architecture of an application is composed of compute, storage, network, and their connections and dependencies. Services are logical entities that are exposed by an IP address. End users and services communicate with each other over a network through their exposed IP addresses and ports. For more information, see Services Overview.

  • Application Profiles

    Any useful blueprint requires infrastructure for instantiation. A blueprint can specify the exact infrastructure or can be completely left to the blueprint user to specify at the time of instantiation.

    An application profile provides different combinations of the service, package, and VM (infrastructure choices) while configuring a blueprint. The application profile allows you to use the same set of services and packages on the different platforms. You select an application profile while launching your blueprint.

    Application profiles determine where an application should run, for example, on a Nutanix provider account or on an Azure account. Application profiles also control the T-shirt sizing of an application. T-shirt sizing means that the value of a variable might change based on the selection of a small or a large instance of an application.

    If Showback feature is enabled, the application profile also displays service cost of the resources used for an application.

    Figure. Application Profile Click to enlarge
  • Package (Install and Uninstall)

    Package Install and Uninstall are operations that are run when you first launch a blueprint or when you finally delete the entire application. In other words, these operations are run during the Create or Delete profile actions. Package Install and Uninstall are unique to each application profile, which means that the tasks or the task contents can vary depending upon the underlying cloud or the size.

    Package install is commonly used for installing software packages. For example, installing PostgreSQL with sudo yum -y install postgresql-server postgresql-contrib .

  • Substrates

    Substrates are a combination of the underlying cloud and the virtual machine instance. When you select the desired cloud, Calm displays all of the fields required for creating a virtual machine instance on that particular cloud. The combination of all these fields constitutes a substrate. Substrates are the infrastructure abstraction layer for Calm. Calm can quickly change where or how applications are deployed by simply changing the substrate.

  • Actions

    Actions are runbooks to accomplish a particular task on your application. You can use actions to automate any process such as backup, upgrade, new user creation, or clean-up, and enforce an order of operations across services. For more information, see Actions Overview.

Other Configurational Components

Calm also has a few other components that you can use while configuring your blueprints.

  • Macros

    Calm macros are part of a templating language for Calm scripts. These are evaluated by Calm's execution engine before the script is run. Macros help in making scripts generic and creating reusable workflows. For more information, see Macros Overview.

  • Variables

    Variables are either user defined or added to the entities by Calm. Variables are always present within the context of a Calm entity and are accessible directly in scripts running on that entity or any of its child entities. For more information, see Variables Overview.

  • Categories

    Categories (or tags) are metadata labels that you assign to your cloud resources to categorize them for cost allocation, reporting, compliance, security, and so on. Each category is a combination of key and values. For more information, see Categories Overview.

  • Dependencies

    Dependencies are used to define the dependence of one service in your application on another service or multiple other services for properties such as IP addresses and DNS names. For example, if service 2 is dependent on service 1, then service 1 starts first and stops after service 2.

    For information about how to define dependencies between services, see Setting up the Service Dependencies.

    Figure. Dependencies Click to enlarge
    Note: If there are no dependencies between tasks in a service, Calm runs the tasks in any order or even in parallel.

Blueprint Types

You can configure the following blueprint types in Calm.

  • Single-VM Blueprint

    A single-VM blueprint is a framework that you can use to create and provision an instance and launch applications that require only one virtual machine. Single-VM blueprints enable you to quickly provide Infrastructure-as-a-Service (IaaS) to your end users. For more information, see Creating a Single-VM Blueprint.

  • Multi-VM Blueprint

    A multi-VM blueprint is a framework that you can use to create an instance, provision, and launch applications requiring multiple VMs. You can define the underlying infrastructure of the VMs, application details, and actions that are carried out on a blueprint until the termination of the application. For more information, see Creating a Multi-VM Blueprint.

Blueprint Editor

The blueprint editor provides a graphical representation of various components that allow you to visualize and configure the components and their dependencies in your environment.

Figure. Blueprint Editor Click to enlarge

Use the Blueprints tab to perform actions, such as:

  • Create application blueprints for single-VM or multiple-VM architectures. For more information, see Creating a Single-VM Blueprint and Creating a Multi-VM Blueprint.
  • Add update configuration. For more information, see Update Configuration for VM.
  • Add configuration for snapshots and restore. For more information, see Blueprint Configuration for Snapshots and Restore.
  • Publish blueprints. For more information, see Submitting a Blueprint for Approval.
  • Launch blueprints. For more information, see Launching a Blueprint.
  • Upload existing blueprints from your local machine. For more information, see Uploading a Blueprint.
  • View details of your blueprints. For more information, see Viewing a Blueprint.
  • Edit details of an existing blueprint. For more information, see Editing a Blueprint.

Services Overview

Services are the virtual machine instances, existing machines or bare-metal machines, that you can provision and configure by using Calm. You can either provision a single service instance or multiple services based on the topology of your application. A service can only expose an IP address and ports on which the request is received. After a service is configured, you can clone or edit the service as required.

A service includes the following entities:

VM

A VM defines the configuration of the virtual machine instance, the platform on which the VM will be installed, and the connection information of the machine. For example, as shown in the following figure, you need to define the name, cloud, operating system, IP address, and the connection information for an existing machine.

Figure. VM Tab Click to enlarge

Package

A package enables you to install and uninstall software on an existing machine or bare metal machine by using a script. You need to provide the credentials of the VM on which you need to run the script. A sample script is shown in the following figure. Package also defines the port number and the protocol that is used to access the service.

Figure. Package Tab Click to enlarge

Service

A service enables you to create the variables that are used to define the service-level tasks and service-level actions. As part of the service, you can also define the number of replicas that you want to create of a service. The maximum number of replicas allowed is 300.

Figure. Service Tab Click to enlarge

For information about how to configure a service, see Configuring Nutanix and Existing Machine VM, Package, and Service.

Macros Overview

Calm macros are part of a templating language for Calm scripts. These are evaluated by Calm's execution engine before the script is run.

Macros enable you to access the value of variables and properties that are set on entities. The variables can be user defined or system generated. For more information, see Variables Overview.

Macro Usage

Macros help in making scripts generic and creating reusable workflows. You can use macros in tasks within the blueprints or in the configuration of Calm entities, such as the VM name.

Macro Syntax

Macros require a set of delimiters for evaluation. These are @@{ and }@@ . Everything within these delimiters is parsed and evaluated. For example,

  • To concatenate the value of a path and a string variable, you can use cd "@@{path + '/data'}@@" in your script.
  • To access credentials, you can use the @@{cred_name.username}@@ and @@{cred_name.secret}@@ formats, where cred_name is the name of the credential with which the credential is created.

Supported Entities

Macros support the following entities.

  • Application
  • Deployment
  • Service
  • Package
  • Virtual machine
  • Runbooks

Supported Data Types

Macros support the following data types.

Table 1. Supported Data Types
Data Type Usage
String @@{"some string"}@@ or @@{'some string'}@@
Note: Newline or other such special characters are not supported. You can use \ to escape quotes.
Numbers Supports integer and float. For example, @@{ 10 + 20.63 }@@
Note: All variables are treated as strings.

Supported Operations

Macros support the following operations.

  • Supports basic binary operations or numbers. For example, @@{(2 * calm_int(variable1) + 10 ) / 32 }@@.
  • Supports string concatenation. For example, @@{ foo + bar }@@.
  • Supports slicing for strings. For example, @@{foo[3:6]}@@.
    Note: For a comma separated value, slicing splits the string on comma (,). For example, @@{"x,y,z"[1]}@@ results in y.

Macros of an Array Service

Calm allows you to access macros of an array service using a special macro which starts with calm_array . You can configure a VM with replicas and access the common macros of all the replicas. For example, you can:

  • Use the following syntax to retrieve the name of all the instances of VM separated by commas.

    @@{calm_array_name}@@

  • Use the following syntax to retrieve the IP address of all the instances of VM separated by commas.

    @@{calm_array_address}@@

  • Use the following syntax to retrieve the ID of all the instances of VM separated by commas.

    @@{calm_array_id}@@

Built-in Macros

The following table lists the built-in macros that you can use to retrieve and display the entities.

Table 1. Built-in Macros
Macro Usage
@@{calm_array_index}@@ Index of the entity within an array
@@{calm_blueprint_name}@@ Name of the blueprint from which the application was created
@@{calm_blueprint_uuid}@@ Universally unique identifier (UUID) of the blueprint from which the application was created
@@{calm_application_name}@@ Name of the application
@@{calm_application_uuid}@@ UUID of the application
@@{calm_uuid}@@ UUID of the entity within the application on which the current task is running
@@{calm_random}@@ A random number is generated each time this is used. This will be evaluated each time and should not be used in fields such as VM name.
@@{calm_unique}@@ A random number that is unique to this replica. This will be evaluated to the same value across runs.
@@{calm_jwt}@@ JWT for the currently logged in user for API authentication.
@@{calm_now}@@

@@{calm_today}@@
The current time stamp
@@{calm_time(“<format>”)}@@ The current time in the specified format
@@{calm_year(“YYYY”)}@@

@@{calm_year(“YY”)}@@
The current year in YYYY or YY format
@@{calm_month(“short”)}@@

@@{calm_month(“long”)}@@
Name of the current month in long or short format
@@{calm_day(“month”)}@@

@@{calm_day(“year”)}@@
Numeric day of the month or year
@@{calm_weeknumber}@@

@@{calm_weeknumber(“iso”)}@@
ISO Numeric week of the year
@@{calm_weekday(“number”)}@@

@@{calm_weekday(“name_short”)}@@

@@{calm_weekday(“name_long”)}@@
Day of the week in numeric or short name or long name
@@{calm_hour(“12”)}@@

@@{calm_hour(“24”)}@@

@@{calm_hour(“am_pm”)}@@
Numeric hour of the day in 12:00-hour or 24:00-hour format along with AM or PM
@@{calm_minute}@@ Numeric minute
@@{calm_second}@@ Numeric second
@@{calm_is_weekday}@@ Displays 1 if the current day is a weekday
@@{calm_is_long_weekday}@@ Displays 1 if the current day is a weekday from Monday to Saturday
@@{calm_is_within("time1", "time2")}@@ Displays 1 if the current time is within the time1 and time2 range
@@{calm_project_name}@@ Displays the project name
@@{calm_username + @nutanix.com}@@ Displays the username
@@{calm_float("32.65") * 2}@@

@@{calm_int(calm_array_index) + 1}@@
Typecast to integer. This is useful for binary operations.
@@{calm_string(256) + "-bit"}@@

@@{"xyz" + calm_string(42)}@@
Typecast to string. This is useful for string concatenation.
@@{calm_b64encode(api_response)}@@

@@{calm_b64encode("a,b,c")}@@
Base64 encode the data passed to this macro.
@@{calm_b64encode(b64_encoded_data)}@@

@@{calm_b64encode("YSxiLGM=")}@@
Base64 decode the data passed to this macro.

Platform Macros

You can access the properties of a VM by using the platform macros. The following section describes the macros to access the VM properties for different providers.

Table 1. AHV platform Macros
Macro Usage
@@{platform}@@ To access all the properties of a VM.
@@{platform.status.cluster_reference.uuid}@@ To access the uuid of the cluster or the Prism element.
@@{platform.status.resources.nic_list[0].mac_address}@@ To access mac the address.
Note: Use the nic_list index to access the mac address of a specific nic.
@@{platform.status.resources.nic_list[0].subnet_reference.name}@@ To access the NIC name.
@@{platform.status.resources.power_state}@@ To get the state of the VM.
@@{platform.status.num_sockets}@@ To access number of sockets of the VM.
Note: The @@{platform}@@ macro stores the GET response of the VM. You can access any VM information that is available through the GET API response.
Table 2. VMware platform Macros
Macro Usage
@@{platform}@@ To access all the properties of a VM.
@@{platform.datastore[0].Name}@@ To access the datastore name.
@@{platform.num_sockets}@@ To access number of sockets of the VM.
Note: The @@{platform}@@ macro stores the GET response of the VM. You can access any VM information that is available through the GET API response.
Table 3. GCP platform Macros
Macro Usage
@@{platform}@@ To access all the properties of a VM.
@@{platform.creationTimestamp}@@ To get the VM creation time stamp.
@@{platform.selfLink}@@ To access the self link of the VM.
@@{platform.networkInterfaces[0].subnetwork}@@ To access the network details of the VM.
Note: The @@{platform}@@ macro stores the GET response of the VM. You can access any VM information that is available through the GET API response.

Endpoint Macros

The following table lists the endpoint macros for HTTP, Linux, and Windows endpoint types.

Table 1. HTTP
Macro Usage
@@{endpoint.name}@@ Name of the endpoint
@@{endpoint.type}@@ Type of the endpoint
@@{endpoint.length}@@ Number of IP Addresses in the endpoint
@@{endpoint.index}@@ Index of the IP address or VM in a given endpoint
@@{endpoint.base_url}@@ Base URL of the HTTP endpoint
@@{endpoint.connection_timeout}@@ Time interval in seconds after which the connection attempt to the endpoint stops
@@{endpoint.retry_count}@@ Number of attempts the system performs to create a task after each failure
@@{endpoint.retry_interval}@@ Time interval in seconds for each retry if the task fails
@@{endpoint.tls_verify}@@ Verification for the URL of the HTTP endpoint with a TLS certificate
@@{endpoint.proxy_type}@@ HTTP(s) proxy/SOCKS5 proxy to use
@@{endpoint.base_urls}@@ Base URLs of HTTP endpoints
@@{endpoint.authentication_type}@@ Authentication method to connect to an HTTP endpoint: Basic or None
@@{endpoint.credential.username}@@ User name in the credential to access the endpoint
@@{endpoint.credential.secret}@@ Credential secret type to access the endpoint: Passphrase or SSH Private Key
Table 2. Linux
Macro Usage
@@{endpoint.name}@@ Name of the endpoint
@@{endpoint.type}@@ Type of the endpoint
@@{endpoint.length}@@ Number of IP Addresses in the endpoint
@@{endpoint.index}@@ Index of the IP address or VM in a given endpoint
@@{endpoint.address}@@ IP address to access the endpoint device
@@{endpoint.port}@@ Port number to access the endpoint
@@{endpoint.value_type}@@ Target type of the endpoint: IP address or VM
@@{endpoint.addresses}@@ IP addresses to access endpoint devices
@@{endpoint.credential.secret}@@ Credential secret type to access the endpoint: Passphrase or SSH Private Key
@@{endpoint.credential.username}@@ User name in the credential to access the endpoint
Table 3. Windows
Macro Usage
@@{endpoint.name}@@ Name of the endpoint
@@{endpoint.type}@@ Type of the endpoint
@@{endpoint.length}@@ Number of IP Addresses in the endpoint
@@{endpoint.index}@@ Index of the IP address or VM in a given endpoint
@@{endpoint.address}@@ IP address to access the endpoint device
@@{endpoint.port}@@ Port number to access the endpoint
@@{endpoint.value_type}@@ Target type of the endpoint: IP address or VM
@@{endpoint.connection_protocol}@@ Connection protocol to access the endpoint: HTTP or HTTPS
@@{endpoint.addresses}@@ IP addresses to access endpoint devices
@@{endpoint.credential.secret}@@ Credential secret type to access the endpoint: Passphrase or SSH Private Key
@@{endpoint.credential.username}@@ User name in the credential to access the endpoint
Note: To call an endpoint variable from another object, replace endpoint with the other endpoint name.

Runbook Macros

The following table lists the runbook macros.

Table 1. Runbook Macros
Macro Usage
@@{calm_runbook_name}@@ Name of the runbook
@@{calm_runbook_uuid}@@ Universally unique identifier (UUID) of the runbook

Virtual Machine Common Properties

The following table lists the common properties of the virtual machine that are available for usage.

Table 1. Virtual Machine Common Properties
Properties Usage
@@{address}@@ IP address of the instance that is used by Calm to access the VM
@@{id}@@ ID of the platform identifier
@@{name}@@ Name of the VM or container
@@{mac_address}@@ Mac address of the VM
@@{platform}@@ Platform response for a GET query. This is the response in JSON format from provider.
Note: For an existing machine, only the address property is applicable.

Variables Overview

Macros provide a way to access the values of variables that you set on entities. Variables are either user defined or added to the entities by Calm. Variables are always present within the context of a Calm entity and are accessible directly in scripts running on that entity or any of its child entities.

Note: User defined variables in Calm cannot have macros in their values.

Variable Value Inheritance

The variable value of a parent entity can be accessed by the child entity unless the properties or the variables are overridden by another entity.

For example, if Variable1 is a variable that you defined on the application profile, then all child entity of the application profile can directly access the value of Variable1 in any task or script running on it as @@{variable1}@@ unless overridden by another entity.

Figure. Variable Value Inheritance Click to enlarge

Variable Access

Variables are directly accessed as @@{variable_name}@@ within any task on an entity where the variable is defined and all child entity that inherit this variable. This syntax only delivers the value for the corresponding replica in which the task is running. To get comma-separated values across replicas, you can use @@{calm_array_variable_name}@@ .

For example, on a service with 2 replicas, if you set a backup_dir variable through a set variable Escript task such as:

print "backup_dir=/tmp/backup_@@{calm_array_index}@@"

You get /tmp/backup_0 and /tmp/backup_1 values for replica 0 and 1 respectively.

When a task runs on this service with the echo "@@{backup_dir}@@" script, the script evaluates the following values in each replica of the service:

  • Replica 0

    /tmp/backup_0

  • Replica 1

    /tmp/backup_1

When you change the script to echo "@@{calm_array_backup_dir}@@" , the script evaluates to the following values in each replica of the service:

  • Replica 0

    /tmp/backup_0,/tmp/backup_1

  • Replica 0

    /tmp/backup_0,/tmp/backup_1

The syntax to access the value of variables or properties of other entities or dependencies is @@{<entity name>.<variable/attribute name>}@@ where entity name , is the name of the other entity or dependency and variable/attribute name is the name of the variable or attribute. For example:

  • Example 1: If a blueprint contains a service by the name of app_container , you can access the IP address of the app_container service in any other service using @@{app_container.address}@@ syntax.
  • Example 2: If you need addresses of a service (S1) in a task on another service (S2), you can use @@{S1.address}@@ in the script for the task running on S2. The script will evaluate to the value, such as 10.0.0.3,10.0.0.4,10.0.0.5 in case S1 has 3 replicas.

Action-Level Variables

Action-level variables are variables that are associated to an action and passed as an argument to the runlog when you run the action. Service action variables are unique for each service while the profile action variables are unique for each profile across all services and replicas. If you deploy five replicas, the service action variables will be the same across all replicas.

Action variables are used in the context of running an action and are defined at the action level. For example, if you have an action to install or uninstall a package on a particular VM, you can have the following action variables.

  • Type of action (in this case install or uninstall)
  • Name of the package

With multiple runs of this action, you can then install or uninstall multiple packages on the VM.

Nutanix Variables

The following table lists the Nutanix variables that are available for usage.

Table 1. Nutanix Variables
Variables Usage
@@{address}@@ IP address of the instance that is used by Calm to access the VM
@@{id}@@ ID of the platform identifier
@@{name}@@ Name of the VM or container
@@{mac_address}@@ Mac address of the VM
@@{platform}@@ Platform response for a GET query. This is the response in JSON format from provider.
Note: For an existing machine, only the address property is applicable.

VMware Variables

The following table lists the built-in VMware macros that you can use to retrieve and display the entities.

Table 1. VMware Macros
Properties Usage
@@{address}@@ IP address of the instance that is used by Calm to access the VM
@@{id}@@ ID of the platform identifier
@@{name}@@ Name of the VM or container
@@{mac_address}@@ Mac address of the VM
@@{platform}@@ Platform response for a GET query. This is the response in JSON format from provider.
Note: For an existing machine, only the address property is applicable.

AWS Variables

The following table lists the built-in AWS macros that you can use to retrieve and display the entities.

Table 1. AWS Macros
Macros Usage
@@{address}@@ IP address of the instance that is used by Calm to access the VM.
Note: The VM Name field does not support this macro.
@@{id}@@ Internal ID of the instance that is used within the Prism.
Note: The VM Name field does not support this macro.
@@{name}@@ Name of the VM.
Note: The VM Name field does not support this macro.
@@{aws_instance_id}@@ Instance ID of AWS
@@{private_ip_address}@@ Private IP address
@@{private_dns_name}@@ Private DNS name
@@{public_ip_address}@@ Public IP address
@@{public_dns_name}@@ Public DNS name
@@{vm_zone}@@ AWS zone of instance
@@{platform}@@ Platform response for a GET query. This is the response in JSON format from provider.

GCP Variables

The following table lists the built-in GCP macros that you can use to retrieve and display the entities.

Table 1. GCP Macros
Macros Usage
@@{address}@@

@@{ip_address}@@

@@{public_ip_address}@@
IP address of the instance that is used by Calm to access the VM.
Note: The VM Name field does not support this macro.
@@{id}@@ Internal ID of the instance that is used within the Prism.
Note: The VM Name field does not support this macro.
@@{name}@@ Name of the VM.
Note: The VM Name field does not support this macro.
@@{zone}@@ Zone in which the VM instance is created.
@@{platform_data}@@ Platform response for a GET query. This is the response in JSON format from provider.
@@{internal_ips}@@ List of all the private IP addresses.
@@{external_ips}@@ List of all the public IP addresses.

Azure Variables

The following table lists the built-in Azure macros that you can use to retrieve and display the entities.

Table 1. Azure Macros
Macros Usage
@@{address}@@ IP address of the instance that is used by Calm to access the VM.
Note: The VM Name field does not support this macro.
@@{id}@@ Internal ID of the instance that is used within the Prism.
Note: The VM Name field does not support this macro.
@@{name}@@ Name of the VM.
Note: The VM Name field does not support this macro.
@@{private_ip_address}@@ Private IP address
@@{public_ip_address}@@ Public IP address
@@{resource_group}@@ Resource group name in which the VM instance is created.
@@{platform_data}@@ Platform response for a GET query. This is the response in JSON format from provider.

Kubernetes Variables

The following table lists the Kubernetes variables that are available for usage.

Table 1. Kubernetes Variables
Properties Usage
@@{K8sPublishedService.address}@@ IP address of the service.
@@{K8sPublishedService.name}@@ Name of the service.
@@{K8sPublishedService.ingress}@@ Load balancer IP for public service.
@@{K8sPublishedService.platform}@@ Platform data for the service.
@@{K8sDeployement.name}@@ Name of the deployment.
@@{K8sDeployement.platform}@@ Platform data for the deployment.
Note: Do not use deployment macros in publish service specs or publish macros in deployment service specs in the same calm deployment.

Runtime Variables Overview

Runtime variables are used to mark the attributes while creating the blueprint so that those attributes can be modified at the time of launching the application blueprint. This is useful for the users who cannot edit or create a blueprint such as consumers. For example, while creating a blueprint, if memory attribute is marked as a runtime variable then you can change its value before launching the application blueprint.
Note: Ensure that the attributes marked as runtime variable are not null or empty and an initial value is configured.
Figure. Runtime Variable Click to enlarge

Categories Overview

Categories (or tags) are metadata labels that you assign to your cloud resources to categorize them for cost allocation, reporting, compliance, security, and so on. Each category is a combination of key and values.

Your providers impose a limit to the number of tags that you can use for cloud governance. The following table lists the category or tag limit imposed by each provider:

Table 1. Tag or Category Limit
Providers Category or Tag Limit
Nutanix 30
AWS 50
VMware No limit
GCP 15
Azure 15

Calm reserves 6 tags out of the total tags allowed by your provider and populates them automatically when you provision your VMs using Calm. For example, AWS allows a limit of 50 tags. When you provision your VM on AWS using Calm, 6 out of 50 tags are automatically populated with keys and values specific to Calm VM provisioning. You can use the remaining 46 tags to define other key-value pairs.

The following table lists the Calm-specific categories or tags and their availability for different providers:

Table 2. Calm-Specific Categories or Tags
Categories or Tags Nutanix AWS VMware GCP Azure
account_uuid X X X X
CalmApplication X X X X X
CalmService X X X X X
CalmUsername X X X X X
Calm Project X X X X
OSType X X X X X

Single-VM Blueprints in Calm

A single-VM blueprint is a framework that you can use to create and provision an instance and launch applications that require only one virtual machine.

Creating a Single-VM Blueprint

Single-VM blueprints enable you to quickly provide Infrastructure-as-a-Service (IaaS) to your end users.

About this task

You can create single-VM blueprints with your Nutanix, VMware, AWS, GCP, or Azure accounts. Use these steps to create a single-VM blueprint with any of your provider accounts.

Before you begin

Ensure that the Prism web console (also known as Prism Element) is registered with your Prism Central.

Procedure

  1. Set up your single-VM blueprint. In this step, you provide the name and description for the blueprint and select the project and environment for the blueprint. This step is common for all provider accounts. For more information, see Setting up a Single-VM Blueprint.
  2. Add VM details to your blueprint. In this step, you provide a VM name and associate a provider account and an operating system to the blueprint. This step is also common for all provider accounts. For more information, see Adding VM Details to a Blueprint.
  3. Configure the VM of your blueprint. This options available for VM configuration are derived from either the project or the environment that you selected while setting up the blueprint. For more information, see VM Configuration.
  4. Configure advanced options. In this optional step, you add credentials, configure options to check the logon status of the VM after blueprint provisioning, add pre-create and post-delete tasks, or add packages. For more information, see Configuring Advanced Options for a Blueprint.

Setting up a Single-VM Blueprint

Perform the following steps to do the preliminary setup of your single-VM blueprint.

Before you begin

Ensure that you created a project and configured an environment for the provider account that you want to associate to your blueprint. For more information, see Creating a Project and Configuring Environments in a Project .

Procedure

  1. Click the Blueprint icon in the left pane.
  2. Click + Create Blueprint > Single VM Blueprint .
  3. On the Blueprint Settings tab, enter a name and a description for your blueprint.
  4. From the Project list, select a project.
  5. From the Environment list, select an environment to configure your blueprint.
  6. To save your blueprint setup, click Save .

What to do next

Click VM Details to provide a VM name and associate a provider account and an operating system to the blueprint. For more information, see Adding VM Details to a Blueprint.

Adding VM Details to a Blueprint

Perform the following steps to add VM details to your blueprint.

Before you begin

Ensure that you set up your single-VM blueprint. For more information, see Setting up a Single-VM Blueprint.

Procedure

  1. On the VM Details tab, enter a name for the VM.
  2. From the Account list, select the provider account that you want to associate to your blueprint.
    If your provider account does not appear in the Account list, ensure that you selected the correct project on the Blueprint Settings tab. The project must have the required provider account configured.
  3. From the Operating System list, select either Linux or Windows as the operating system for the VM.
  4. To save the configurations, click Save .

What to do next

Click VM Configuration and configure the VM in your single-VM blueprint. For more information, see VM Configuration.

VM Configuration

Configuring the VM in your blueprint is specific to the provider account and the operating system you select for your blueprint. You can configure the VM in a blueprint with Nutanix, VMware, AWS, GCP, or Azure accounts.

Configuring VM for Nutanix Account

Perform the following steps to configure the VM in a single-VM blueprint for your Nutanix account.

Before you begin

  • Ensure that you set up your single-VM blueprint. For more information, see Setting up a Single-VM Blueprint.
  • Ensure that you added the VM details to your blueprint. For more information, see Adding VM Details to a Blueprint.

Procedure

  1. If you have configured an environment during the project creation, then on the VM Configuration tab, click the Clone from environment button to autofill the VM configuration details. This step is optional.
    The Clone from environment button appears only when you select a specific environment you configured for the account from the Environment list on the Blueprint Settings tab. The option does not appear if you select All Project Accounts as your environment.
    You can also click the View Configuration option to review the configuration details before cloning the environment.
  2. In the Cluster list, select the cluster that you want to associate to the blueprint.
    The Cluster list displays the clusters that you allowed in the project.
    The VLAN subnets have direct association with the cluster. When you select a VLAN subnet under the Network Adapters (NICs) section, the associated cluster is auto-populated in the Cluster list. However, if you intend to use overlay subnets, you must select the cluster in list.
    If you mark the cluster as runtime editable, the selected subnets also become runtime editable.
    Figure. General Configuration Click to enlarge

  3. Edit the VM name in the VM Name field.
    You can use Calm macros to provide a unique name to the VM. For example, vm-@@{calm_time}@@ . For more information on Calm macros, see Macros Overview.
  4. Configure the processing unit of the VM by entering the number of vCPU, cores of each vCPU, and total memory in GB of the VM in the vCPU , cores per vCPU , and Memory (GiB) fields.
  5. (Optional) If you want to customize the default OS properties of the VM, select the Guest Customization check box.
    Guest customization allows you to modify the properties of the VM operating system. You can prevent conflicts that might result due to the deployment of virtual machines with identical settings, such as duplicate VM names or same SID. You can also change the computer name or network settings by using a custom script.
    1. Select Cloud-init for Linux or SysPrep for Windows, and enter or upload the script in the Script panel.
      For Sysprep, you must use double back slash for all escape characters . For example, \\v.
    2. For Sysprep script, click Join a Domain check box and configure the following fields.
      • Enter the domain name of the Windows server in the Domain Name field.
      • Select a credential for the Windows VM in the Credentials list. You can also add new credentials.
      • Enter the IP address of the DNS server in the DNS IP field.
      • Enter the DNS search path for the domain in the DNS Search Path field.
  6. Under the Disks section, do the following:
    1. To add a disk, click the + icon next to Disks .
    2. Select the device from the Device Type list.
      You can select CD-ROM or DISK .
    3. Select the device bus from the Device Bus list.
      You can select IDE or SATA for CD-ROM and SCSI , IDE , PCI , or SATA for DISK.
    4. From the Operation list, select one of the following:
      • To allocate the disk memory from the storage container, select Allocate on Storage Container .
      • To clone an image from the disk, select Clone from Image Service .
    5. If you selected Allocate on Storage Container , enter the disk size in GB in the Size (GiB) field.
    6. If you selected Clone from Image Service , select the image you want to add to the disk in the Image field.
      All the images that you uploaded to Prism Central are available for selection. For more information about image configuration, see Image Management section in the Prism Central guide.
    7. Select the Bootable check box for the image that you want to use to start the VM.
    Note: You can add more than one disk and select the disk with which you want to boot up the VM.
  7. Under the Boot Configuration section, select a firmware type to boot the VM.
    • To boot the VM with legacy BIOS firmware, select Legacy BIOS .
    • To boot the VM with UEFI firmware, select UEFI . UEFI firmware supports larger hard drives, faster boot time, and provides more security features.
    • To boot the VM with the Secure Boot feature of UEFI, select Secure Boot . Secure Boot ensures a safe and secure start by preventing unauthorized software such as a malware to take control during the VM bootup.
  8. (For GPU-enabled clusters only) To configure a vGPU, click the + icon under the vGPUs section and do the following:
    1. From the Vendor list, select the GPU vendor.
    2. From the Device ID list, select the device ID of the GPU.
    3. From the Mode list, select the GPU mode.
  9. Under the Categories section, select a category in the Key: Value list.
    Use this option to tag your VM to a defined category in Prism Central. The list options are available based on your Prism Central configuration. If you want to protect your application by a protection policy, select the category defined for the policy in your Prism Central.
  10. To add a network adapter, click the + icon next to the Network Adapters (NICS) field.
    Figure. Network Adapters Click to enlarge

    The NIC list shows all the VLAN and overlay subnets. The VLAN subnets have direct association with the cluster. Therefore, when you select a VLAN subnet, the associated cluster is auto-populated in the Cluster list.
    The NICs of a VM can either use VLAN subnets or overlay subnets. For example, if you select an overlay subnet in NIC 1 and then add NIC 2, the NIC 2 list displays only the overlay subnets.
    If you select a VLAN subnet in NIC 1, all subsequent VLAN subnets belong to the same cluster. Similarly, if you select an overlay subnet, all subsequent overlay subnets belong to the same VPC.
  11. To add a serial port to the VM, click the + icon next to the Serial Ports field.
    You can use serial ports to connect a physical port or a file on the VM.
  12. To save the blueprint, click Save .

What to do next

  • You can optionally configure the advanced options in the blueprint. For more information, see Configuring Advanced Options for a Blueprint.
  • You can view the blueprint on the Blueprint tab. You can use the blueprint to model your application. For more information, see Blueprints Management in Calm.

Configuring VM for VMware Account

Perform the following steps to configure the VM in a single-VM blueprint for your VMware account.

Before you begin

  • Ensure that you set up your single-VM blueprint. For more information, see Setting up a Single-VM Blueprint.
  • Ensure that you added the VM details to your blueprint. For more information, see Adding VM Details to a Blueprint.

Procedure

  1. (Optional) If you have configured an environment during the project creation, then on the VM Configuration tab, click Clone from environment to autofill the VM configuration details.
    The Clone from environment option appears only when you select a specific environment you configured for the account from the Environment list on the Blueprint Settings tab. The option does not appear if you select All Project Accounts as your environment.
    You can also click the View Configuration option to review the configuration details before cloning the environment.
  2. Select the Compute DRS Mode check box to enable load sharing and automatic VM placement.
    Distributed Resource Scheduler (DRS) is a utility that balances computing workloads with available resources in a virtualized environment. For more information about DRS mode, see the VMware documentation .
    • If you selected Compute DRS Mode , then select the cluster where you want to host your VM from the Cluster list.
    • If you have not selected Compute DRS Mode , then select the host name of the VM from the Host list.
  3. Do one of the following:
    • Select the VM Templates radio button and then select a template from the Template list.

      Templates allow you to create multiple virtual machines with the same characteristics, such as resources allocated to CPU and memory or the type of virtual hardware. Templates save time and avoid errors when configuring settings and other parameters to create VMs. The VM template retrieves the list options from the configured vCenter.

      Note:
      • Install the VMware Tools on the Windows templates. For Linux VMs, install Open-vm-tools or VMware-tools and configure the Vmtoolsd service for automatic start-up.
      • Support for Open-vm-tools is available. When using Open-vm-tools , install Perl for the template.
      • Do not use SysPrepped as the Windows template image.
      • If you select a template that has unsupported version of VMware Tools, then a warning appears stating VMware tool or version is unsupported and could lead to VM issues .
      • You can also edit the NIC type when you use a template.

      For more information, refer to VMware KB articles.

    • Select the Content Library radio button, a content library in the Content Library list, and then select an OVF template or VM template from the content library.

      A content library stores and manages content (VMs, vApp templates, and other types of files) in the form of library items. A single library item can consist of one file or multiple files. For more information about the vCenter content library, see the VMware Documentation .

      Caution: Content Library support is currently a technical preview feature in Calm. Do not use any technical preview features in a production environment.
  4. If you want to use the storage DRS mode, then select the Storage DRS Mode check box and a datastore cluster from the Datastore Cluster list.
    The datastore clusters are referred as storage pod in vCenter. A datastore cluster is a collection of datastores with shared resources and a shared management interface.
  5. If you do not want to use storage DRS mode, then do not select the Storage DRS Mode check box, and select a datastore from the Datastore list.
  6. In the VM Location field, specify the location of the folder in which the VM must be created when you deploy the blueprint. Ensure that you specify a valid folder name already created in your VMware account.
    To create a subfolder in the location you specified, select the Create a folder/directory structure here check box and specify a folder name in the Folder/Directory Name field.
    Note: Calm gives preference to the VM location specified in the environment you select while launching an application. For example, you specify a subfolder structure as the VM location in the blueprint and the top-level folder in the environment. When you select this environment while launching your application, Calm considers the VM location you specified in the environment and creates the VM at the top-level folder.
    Select the Delete empty folder check box to delete the subfolder created within the specified location, in case the folder does not contain any VM resources. This option helps you to keep a clean folder structure.
  7. Enter the instance name of the VM in the Instance Name field.
    This field is pre-populated with a macro as suffix to ensure name uniqueness. The service provider uses this name as the VM name.
  8. Under Controllers , click the + icon to add the type of controller.
    You can select either SCSI or SATA controller. You can add up to three SCSI and four SATA controllers.
  9. Under the Disks section, click the + icon to add vDisks and do the following:
    1. Select the device type from the Device Type list.
      You can either select CD-ROM or DISK .
    2. Select the adapter type from the Adapter Type list.
      You can select IDE for CD-ROM.
      You can select SCSI , IDE , or SATA for DISK.
    3. Enter the size of the disk in GiB.
    4. In the Location field, select the disk location.
    5. If you want to add a controller to the vDisk, select the type of controller in the Controller list to attach to the disk.
      Note: You can add either SCSI or SATA controllers. The available options depend on the adapter type.
    6. In the Disk mode list, select the type of the disk mode. Your options are:
      • Dependent : Dependent disk mode is the default disk mode for the vDisk.
      • Independent - Persistent : Disks in persistent mode behave like conventional disks on your physical computer. All data written to a disk in persistent mode are written permanently to the disk.
      • Independent - Nonpersistent : Changes to disks in nonpersistent mode are discarded when you shut down or reset the virtual machine. With nonpersistent mode, you can restart the virtual machine with a virtual disk in the same state every time. Changes to the disk are written to and read from a redo log file that is deleted when you shut down or reset.
    You can also mark the vDisks runtime editable so you can add, delete, or edit the vDisks while launching the blueprint. For more information about runtime editable attributes, see Runtime Variables Overview.
  10. Under the Tags section, select tags from the Category: Tag pairs field.
    You can assign tags to your VMs so you can view the objects associated with your VMs in your VMware account. For example, you can create a tag for a specific environment and assign the tag to multiple VMs. You can then view all the VMs that are associated with the tag.
  11. (Optional) If you want to customize the default OS properties of the VM, then click the Enable check box under VM Guest Customization and select a customization from the Predefined Guest Customization list.
  12. If you do not have any predefined customization available, select None .
  13. Select Cloud-init or Custom Spec .
  14. If you selected Cloud-init , enter or upload the script in the Script field.
  15. If you have selected Custom Spec , enter the details for the VM in the following fields:
    1. Enter the hostname in the Hostname field.
    2. Enter the domain in the Domain field.
    3. Select timezone from the Timezone list.
    4. Select Hardware clock UTC check box to enable hardware clock UTC.
    5. Click the + icon to add network settings.
      To automatically configure DHCP server, enable the Use DHCP check box and then skip to the DNS Setting section.
    6. Enter a name for the network configuration you are adding to the VM in the Setting name field.
      Settings name is the saved configuration of your network that you want to connect to your VM.
    7. Enter values in the IP Address , Subnet Mask , Default Gateway , and Alternative Gateway fields.
    8. Under the DNS Settings section, enter the DNS primary, DNS secondary, DNS tertiary, and DNS search path name.
    Note: You can launch a single-VM blueprint without a NIC or network adapter with your VMware account.
  16. To save the blueprint, click Save .

What to do next

  • You can optionally configure the advanced options in the blueprint. For more information, see Configuring Advanced Options for a Blueprint.
  • You can view the blueprint on the Blueprint tab. You can use the blueprint to model your application. For more information, see Blueprints Management in Calm.

Configuring VM for GCP Account

Perform the following steps to configure the VM in a single-VM blueprint for your GCP account.

Before you begin

  • Ensure that you set up your single-VM blueprint. For more information, see Setting up a Single-VM Blueprint.
  • Ensure that you added the VM details to your blueprint. For more information, see Adding VM Details to a Blueprint.

Procedure

  1. (Optional) If you have configured an environment during the project creation, then on the VM Configuration tab, click Clone from environment to autofill the VM configuration details.
    The Clone from environment option appears only when you select a specific environment you configured for the account from the Environment list on the Blueprint Settings tab. The option does not appear if you select All Project Accounts as your environment.
    You can also click the View Configuration option to review the configuration details before cloning the environment.
  2. (Optional) Edit the VM name in the Instance Name field.
    This field is pre-populated with a macro as suffix to ensure name uniqueness. The service provider uses this name as the VM name.
  3. Select a zone from the Zone list.
    A zone is a physical location where you can host the VM.
  4. Select the type of machine from the Machine type list.
    The machine types are available based on your zone. A machine type is a set of virtualized hardware resources available to a virtual machine (VM) instance, including the system memory size, virtual CPU (vCPU) count, and persistent disk limits. In Compute Engine, machine types are grouped and curated by families for different workloads.
  5. Under the DISKS section, click the + icon to add a disk.
    You can also mark the added vDisks runtime editable so you can add, delete, or edit the vDisks while launching the blueprint. For more information about runtime editable attributes, see Runtime Variables Overview.
  6. To use an existing disk configuration, select the Use existing disk check box, and then select the persistent disk from the Disk list.
  7. If you have not selected the Use existing disk check box, then do the following:
    1. Select the type of storage from the Storage Type list. The available options are as follows.
      • pd-balanced : Use this option as an alternative to SSD persistent disks with a balanced performance and cost.
      • pd-extreme : Use this option to use SSD drives for high-end database workloads. This option has higher maximum IOPS and throughput and allows you to provision IOPS and capacity separately.
      • pd-ssd : Use this option to use SSD drives as your persistent disk.
      • pd-standard : Use this option to use HDD drives as your persistent disk.
      The persistent disk types are durable network storage devices that your instances can access like physical disks in a desktop or a server. The data on each disk is distributed across several physical disks.
    2. Select the image source from the Source Image list.
      The images available for your selection are based on the selected zone.
    3. Enter the size of the disk in GB in the Size in GB field.
    4. To delete the disk configuration after the instance is deleted, select the Delete when instance is deleted check box under the Disks section.
  8. To add a blank disk, click the + icon under the Blank Disks section and configure the blank disk.
  9. To add networking details to the VM, click the + icon under the Networking section.
  10. To configure a public IP address, select the Associate Public IP address check box and configure the following fields.
    1. Select the network from the Network list and the sub network from the Subnetwork list.
    2. Enter a name of the network in the Access configuration Name field and select the access configuration type from the Access configuration type list.
      These fields appear when you select the Associate public IP Address check box.
  11. To configure a private IP address, clear the Associate Public IP address check box and select the network and sub network.
  12. Under the SSH Key section, click the + icon and enter or upload the username key data in the Username field.
  13. Select Block project-wide SSH Keys to enable blocking project-wide SSH keys.
  14. Under the Management section, do the following:
    1. Enter the metadata in the Metadata field.
    2. Select the security group from the Network Tags list.
      Network tags are text attributes you can add to VM instances. These tags allow you to make firewall rules and routes applicable to specific VM instances.
    3. Enter the key-value pair in the Labels field.
      A label is a key-value pair that helps you organize the VMs created with GCP as the provider. You can attach a label to each resource, then filter the resources based on their labels.
  15. Under the API Access section, do the following:
    1. Specify the service account in the Service Account field.
    2. Under Scopes, select Default Access or Full Access .
  16. To save the blueprint, click Save .

What to do next

  • You can optionally configure the advanced options in the blueprint. For more information, see Configuring Advanced Options for a Blueprint.
  • You can view the blueprint on the Blueprint tab. You can use the blueprint to model your application. For more information, see Blueprints Management in Calm.

Configuring VM for AWS Account

Perform the following steps to configure the VM in a single-VM blueprint for your AWS account.

Before you begin

  • Ensure that you set up your single-VM blueprint. For more information, see Setting up a Single-VM Blueprint.
  • Ensure that you added the VM details to your blueprint. For more information, see Adding VM Details to a Blueprint.

Procedure

  1. (Optional) If you have configured an environment during the project creation, then on the VM Configuration tab, click Clone from environment to autofill the VM configuration details.
    The Clone from environment option appears only when you select a specific environment you configured for the account from the Environment list on the Blueprint Settings tab. The option does not appear if you select All Project Accounts as your environment.
    You can also click the View Configuration option to review the configuration details before cloning the environment.
  2. Edit the VM name in the Instance Name field.
    This field is pre-populated with a macro as suffix to ensure name uniqueness. The service provider uses this name as the VM name.
  3. Select the Associate Public IP Address check box to associate a public IP address with your AWS instance.
    If you do not select the Associate Public IP Address check box, ensure that the AWS account and Calm are on the same network for the scripts to run.
  4. Select an AWS instance type from the Instance Type list.
    Instance types include varying combinations of CPU, memory, storage, and networking capacity and give you the flexibility to select the appropriate mix of resources for your applications. Each instance type includes one or more instance sizes that allows you to scale your resources to the requirements of your target workload.
    The list displays the instances that are available in the AWS account. For more information, see AWS documentation.
  5. Select a region from the Region list and do the following:
    Note: The list displays the regions that are selected while configuring the AWS setting.
    1. Select an availability zone from the Availability Zone list.
      An availability zone is one or more discrete data centers with redundant power, networking, and connectivity in an AWS region. Availability zones allow you to operate production applications and databases that are more highly available, fault tolerant, and scalable than would be possible from a single data center.
    2. Select a machine image from the Machine Image list.
      An Amazon Machine Image is a special type of virtual appliance that is used to create a virtual machine within the Amazon Elastic Compute Cloud. It serves as the basic unit of deployment for services delivered using EC2.
    3. Select an IAM role from the IAM Role list.
      An IAM role is an AWS Identity and Access Management entity with permissions to make AWS service requests.
    4. Select a key pair from the Key Pairs list.
      A key pair (consisting of a private key and a public key) is a set of security credentials that you use to prove your identity when connecting to an instance.
    5. Select the VPC from the VPC list and do the following:
      Amazon Virtual Private Cloud (Amazon VPC) allows you to provision a logically isolated section of the AWS cloud where you can launch AWS resources in your defined virtual network.
      • Select the Include Classic Security Group check box to enable security group rules.
      • Select security groups from the Security Groups list.
      • Select a subnet from the Subnet list.
  6. Enter or upload the AWS user data in the User Data field.
  7. Enter AWS tags in the AWS Tags field.
    AWS tags are key and value pair to manage, identify, organize, search for, and filter resources. You can create tags to categorize resources by purpose, owner, environment, or other criteria.
  8. Under the Storage section, configure the following to boot the AWS instance with the selected image.
    1. From the Device list, select the device to boot the AWS instance.
      The available options are based on the image you have selected.
    2. In the Size(GiB) field, enter the required size for the bootable device.
    3. From the Volume Type list, select the volume type. You can select either General Purpose SSD , Provisioned IOPS SSD , and EBS Magnetic HDD .
      For more information on the volume types, see AWS documentation.
    4. Optionally, select the Delete on termination check box to delete the storage when the instance is terminated.
    You can also add more secondary storages by clicking the + icon next to the Storage section.
  9. To save the blueprint, click Save .

What to do next

  • You can optionally configure the advanced options in the blueprint. For more information, see Configuring Advanced Options for a Blueprint.
  • You can view the blueprint on the Blueprint tab. You can use the blueprint to model your application. For more information, see Blueprints Management in Calm.

Configuring VM for Azure Account

Perform the following steps to configure the VM in a single-VM blueprint for your Azure account.

Before you begin

  • Ensure that you set up your single-VM blueprint. For more information, see Setting up a Single-VM Blueprint.
  • Ensure that you added the VM details to your blueprint. For more information, see Adding VM Details to a Blueprint.

Procedure

  1. (Optional) If you have configured an environment during the project creation, then on the VM Configuration tab, click Clone from environment to autofill the VM configuration details.
    The Clone from environment option appears only when you select a specific environment you configured for the account from the Environment list on the Blueprint Settings tab. The option does not appear if you select All Project Accounts as your environment.
    You can also click the View Configuration option to review the configuration details before cloning the environment.
  2. Edit the VM name in the Instance Name field.
    This field is pre-populated with a macro as suffix to ensure name uniqueness. The service provider uses this name as the VM name.
  3. Select a resource group from the Resource Group list or select the Create Resource Group check box to create a resource group.
    Each resource in Azure must belong to a resource group. A resource group is simply a logical construct that groups multiple resources together so you can manage the resources as a single entity. For example, you can create or delete resources as a group that share a similar life cycle, such as the resources for an n-tier application.

    The Resource Group list displays the resource groups that are associated with the subscriptions you selected in your Azure account. In case you have not selected any subscriptions, Calm considers all the subscriptions that are available in the Azure service principal to display the resource groups. Each resource group in the list also displays the associated subscription.

  4. If you selected a resource group from the Resource Group list, then do the following:
    1. Select the geographical location of the datacenter from the Location list.
    2. Select Availability Sets or Availability Zones from the Availability Option list.
      You can then select an availability set or availability zone. An availability set is a logical grouping capability to ensure that the VM resources are isolated from each other to provide High Availability if deployed within an Azure datacenter. An availability zone allows you to deploy your VM into different datacenters within the same region.
    3. Select the hardware profile as per your hardware requirements from the Hardware Profile list.
      The number of data disks and NICs depends upon the selected hardware profile. For information about the sizes of Windows and Linux VMs, see Windows and Linux Documentation.
  5. If you selected the Create Resource Group check box to create a resource group, then do the following:
    1. Select a subscription associated to your Azure account in the Subscription field.
    2. Enter a unique name for the resource group in the Name field.
    3. Select the geographical location of the datacenter that you want to add to the resource group in the Location list.
    4. Under Tags , enter a key and value pair in the Key and Value fields respectively.
      Tags are key and value pairs that enable you to categorize resources. You can apply a tag to multiple resource groups.
    5. If you want to automatically delete a resource group that has empty resources while deleting an application, click the Delete Empty Resource Group check box.
    6. Specify the location and hardware profile.
  6. Under the Secrets section, click the + icon and do the following:
    1. Enter a unique vault ID in the Vault ID field.
    2. Under Certificates , click the + icon.
    3. Enter the URL of the configuration certificate in the URL field.
      The URL of the certificate is uploaded to the key vault as a secret.
  7. Under the Admin Credentials section, do the following:
    1. Enter the username in the Username field.
    2. Select a secret type from the Secret Type list.
      You can either select Password or SSH Private Key.
    3. Do one of the following.
      • If you selected password, then enter the password in the Password field.
      • If you selected SSH Private Key, then enter or upload the SSH Private Key in the SSH Private Key field.
      • You can use the selected or default credential as the default credential for the VM.
      • You cannot use key-based credential for Windows VMs.
      • Username and password must adhere to the complexity requirements of Azure.
  8. (For Windows) Select the Provision Windows Guest Agent check box.
    This option indicates whether or not to provision the virtual machine agent on the virtual machine. When this property is not specified in the request body, the default behavior is to set it to true. This ensures that the VM Agent is installed on the VM, and the extensions can be added to the VM later.
  9. (For Windows) To indicate that the VM is enabled for automatic updates, select the Automatic OS Upgrades check box.
  10. Under the Additional Unattended Content section, click the + icon and do the following:
    1. Select a setting from the Setting Name list.
      You can select Auto Logon or First Logon Commands .
      Note: Guest customization is applicable only on images that allows or support guest customization.
    2. Enter or upload the xml content. See Sample Auto Logon and First Logon Scripts.
  11. Under the WinRM Listeners section, click the + icon and do the following:
    1. Select the protocol from the Protocol list.
      You can select HTTP or HTTPS .
    2. If you selected HTTPS, then select the certificate URL from the Certificate URL list.
  12. Under the Storage Profile section, select the Use Custom Image check box to use a custom VM image created in your subscription.
    You can then select a custom image or publisher-offer-SKU-version from the Custom Image list.
  13. Under the VM Image Details section, select an image type in the Source Image Type list.
    You can select Marketplace , Subscription , or Shared Image Gallery .
    • If you selected Marketplace , then specify the publisher, offer, SKU, and version for the image.
    • If you selected Subscription , then select the custom image.
    • If you selected Shared Image Gallery , then select the gallery and the image.
  14. Under the OS Disk Details section, do the following:
    1. Select the storage type from the Storage Type list.
      You can select Standard HDD , Standard SSD , or Premium SSD .
    2. Select a disk storage account from the Disk Storage list.
      This field is available only when the Use Custom Image check box is enabled.
    3. Select disk caching type from the Disk Caching Type list.
      You can select None , Read-only , or Read write .
    4. Select disk create option from the Disk Create Option list.
      You can select Attach , Empty , or From Image .
  15. Under the Data Disk section, do the following:
    1. Select the storage type from the Storage Type list.
      You can select Standard HDD , Standard SSD , or Premium SSD .
    2. Select disk caching type from the Disk Caching Type list.
      You can select None , Read-only , or Read write .
    3. Enter the size in GB in the Size field.
    4. Enter disk logical unit number (LUN) in the Disk LUN field.
      Note: The LUN value should be unique across data disk list.
  16. Under the Network Profile section, add NICs as per your requirement and do the following for each NIC:
    1. Select a security group from the Security Group list.
    2. Select a virtual network from the Virtual Network list.
    3. Under Public IP Config , enter a name and select an allocation method.
    4. Under Private IP Config , select an allocation method.
      If you selected Static as the allocation method, then enter the private IP address in the IP Address field.
  17. Enter tags in the Tags field.
  18. To save the blueprint, click Save .

What to do next

  • You can optionally configure the advanced options in the blueprint. For more information, see Configuring Advanced Options for a Blueprint.
  • You can view the blueprint on the Blueprint tab. You can use the blueprint to model your application. For more information, see Blueprints Management in Calm.

Configuring VM for Xi Cloud Account

Perform the following steps to configure the VM in a single-VM blueprint for your Xi Cloud account.

Before you begin

  • Ensure that you set up your single-VM blueprint. For more information, see Setting up a Single-VM Blueprint.
  • Ensure that you added the VM details to your blueprint. For more information, see Adding VM Details to a Blueprint.

Procedure

  1. On the VM Configuration tab, edit the VM name in the VM Name field.
    You can use Calm macros to provide a unique name to the VM. For example, vm-@@{calm_time}@@ . For more information on Calm macros, see Macros Overview.
  2. Configure the processing unit of the VM by entering the number of vCPU, cores of each vCPU, and total memory in GB of the VM in the vCPU , cores per vCPU , and Memory fields.
  3. If you want to customize the default OS properties of the VM, select the Guest Customization check box.
    Guest customization allows you to modify the properties of the VM operating system. You can prevent conflicts that might result due to the deployment of virtual machines with identical settings, such as duplicate VM names or same SID. You can also change the computer name or network settings by using a custom script.
  4. Select Cloud-init for Linux or SysPrep for Windows, and enter or upload the script in the Script panel.
    For Sysprep, you must use double back slash for all escape characters . For example, \\v.
    For Sysprep script, click Join a Domain check box and configure the following fields.
    • Enter the domain name of the Windows server in the Domain Name field.
    • Select a credential for the Windows VM in the Credentials list. You can also add new credentials.
    • Enter the IP address of the DNS server in the DNS IP field.
    • Enter the DNS search path for the domain in the DNS Search Path field.
  5. Select the image from the Image list.
    The list displays the images that are available in the cluster. You can add more than one image by clicking the + icon.
    All the images that you uploaded to Prism Central are available for selection. For more information about image configuration, see Image Management section in the Prism Central guide.
  6. Select the device from the Device Type list.
    You can select CD-ROM or Disk .
  7. Select the device bus from the Device Bus list.
    You can select IDE or SATA for CD-ROM and SCSI , IDE , PCI , or SATA for DISK.
  8. Select the Bootable check box for the image that you want to use to start the VM.
  9. To add a vDisk, click the + icon and specify the device type, device bus, and disk size.
    You can also mark the vDisks runtime editable so you can add, delete, or edit the vDisks while launching the blueprint. For more information about runtime editable attributes, see Runtime Variables Overview.
  10. Under Categories , select a category in the list.
    Use this option to tag your VM to a defined category in Prism Central. The list options are available based on your Prism Central configuration. If you want to protect your application by a protection policy, select the category defined for the policy in your Prism Central.
  11. Under the Network section, select the VPC from the VPC list. For more information about VPC, see Xi Infrastructure Service Admininistration Guide .
  12. To save the blueprint, click Save .

What to do next

  • You can optionally configure the advanced options in the blueprint. For more information, see Configuring Advanced Options for a Blueprint.
  • You can view the blueprint on the Blueprint tab. You can use the blueprint to model your application. For more information, see Blueprints Management in Calm.

Configuring Advanced Options for a Blueprint

Perform the following steps to configure advanced options such as credentials, packages, pre-create and post-delete tasks. Configuring advanced options is optional for a blueprint.

Before you begin

  • Ensure that you set up your single-VM blueprint. For more information, see Setting up a Single-VM Blueprint.
  • Ensure that you added the VM details to your blueprint. For more information, see Adding VM Details to a Blueprint.
  • Ensure that you configured the VM in your blueprint. For more information, see VM Configuration.

Procedure

  1. Add credentials to enable packages and actions. For more information, see Adding Credentials.
  2. Configure the connection in your blueprint. For more information, see Configuring Check Log-In.
  3. Configure pre-create or post-delete tasks and packages in the blueprint. For more information, see Configuring Tasks or Packages in a Blueprint.
  4. Add an action. For more information, see Adding an Action to a Single-VM Blueprint.
  5. Click Save .

What to do next

  • You can configure application variables in the blueprint. For more information, see Configuring Application Variables in a Blueprint.
  • You can view the blueprint on the Blueprint tab. You can use the blueprint to model your application. For more information, see Blueprints Management in Calm.

Configuring Tasks or Packages in a Blueprint

Perform the following steps to configure pre-create task, post-delete task, install package, or uninstall package in a single-VM blueprint.

Before you begin

  • Ensure that you set up your single-VM blueprint. For more information, see Setting up a Single-VM Blueprint.
  • Ensure that you added the VM details to your blueprint. For more information, see Adding VM Details to a Blueprint.
  • Ensure that you configured the VM in your blueprint. For more information, see VM Configuration.

Procedure

  1. On the Advanced Options tab, do one of the following:
    • To configure a pre-create or post-delete task, click Edit next to the Pre VM create tasks or Post VM delete tasks field under the PreCreate & PostDelete section.
    • To configure an install or uninstall package, click the Edit button next to the Package Install or Package Uninstall field under the Packages section.
  2. Click + Add Task .
  3. Click the Task button.
  4. Enter the task name in the Task Name field.
  5. Select the type of tasks from the Type list.
    The available options are:
    • Execute : Use this task type to run eScripts on the VM. For more information, see Creating an Execute Task.
    • Set Variable : Use this task to change variables in a blueprint. For more information, see Creating a Set Variable Task.
    • Delay : Use this task type to set a time interval between two tasks or actions. For more information, see Creating a Delay Task.
    • HTTP Task : Use this task type to query REST calls from a URL. An HTTP task supports GET, PUT, POST, and DELETE methods. For more information, see Creating an HTTP Task.
  6. To add another task or package, do one of the following:
    • To add another pre-create or post-delete task, click the Pre create or Pre delete button and repeat steps 3 to 5.
    • To add another task for package install or uninstall, click the Package Install or Package Uninstall button.
  7. To establish a connection between tasks, click Add Connector and use the arrow to create the connection.
  8. To delete a task, click the Delete button next to the task.
  9. To add variables, do one of the following:
    • To add a pre-create or post-delete variable, click the Pre create Variables or Post delete Variables tab.
    • To add a package install or uninstall variable, click the Package Install Variables or Package Uninstall Variables tab.
  10. Click the + icon next to Variables .
  11. In the Name field, enter a name for the variable.
  12. From the Data Type list, select one of the base type variables or import a custom library variable type.
    If you selected a base type variable, configure all the variable parameters. For more information about configuring variable parameters, see Creating Variable Types.
    If you imported a custom variable type, all the variable parameters are auto filled.
  13. If you want to hide the variable value, select the Secret check box.
  14. Click Done .

Configuring Application Variables in a Blueprint

Perform the following steps to configure application variables in your blueprint.

Procedure

  1. On the blueprint page, click App variables .
  2. Click + Add Variable .
  3. In the Name field, enter a name for the variable.
  4. From the Data Types list, select one of the base type variables or import a custom library variable type. Your options are:
    • String
    • Integer
    • Multi-line string
    • Date
    • Time
    • Date Time
    If you selected a base type variable, then configure all the variable parameters. For more information about configuring variable parameters, see Creating Variable Types.
    If you have imported a custom variable type, all the variable parameters are auto filled.
  5. Enter a value for the selected data type in the Value field.
    You can select the Secret check box to hide the variable value.
  6. Click Show Additional Options .
  7. In the Input Type field, select one of the following input types:
    • Simple : Use this option for default value.
    • Predefined : Use this option to assign static values.
    • eScript : Use this option to attach a script that you run to retrieve values dynamically at runtime. Script can return single or multiple values depending on the selected base data type.
    • HTTP : Use this option to retrieve values dynamically from the defined HTTP end point. Result is processed and assigned to the variable based on the selected base data type.
  8. If you selected Simple , then enter the value for the variable in the Value field.
  9. If you selected Predefined , then enter the value for the variable in the Option field.
    To add multiple values for the variable, click + Add Option , and enter values in the Option field.
    Note: To make any value as default, select Default for the option.
  10. If you selected eScript , enter the eScript in the field.
    You can upload the script from the library or from your computer by clicking the upload icon.
    You can also publish the script to the library by clicking the publish button.
    Note:
    • You cannot add macros to eScripts.
    • If you have selected Multiple Input (Array) check box with input type as eScript, then ensure that the script returns a list of values separated by comma. For example, CentOS, Ubuntu, Windows.
  11. If you selected HTTP , then configure the following fields.
    1. In the Request URL field, enter the URL of the server that you want to run the methods on.
    2. In the Request Method list, select one of the following request methods.
      • Use the GET method to retrieve data from a specified resource.
      • Use the PUT method to send data to a server to update a resource.
      • Use the POST method to send data to a server to create a resource.
      • Use the DELETE method to send data to a server to delete a resource.
      In the Request Body field, enter the PUT, POST, or DELETE request. You can also upload the request by clicking the upload icon.
    3. In the Content Type list, select the type of the output format.
      The available options are XML , JSON , and HTML .
    4. In the Connection Timeout (sec) field, enter the timeout interval in seconds.
    5. (Optional) In the Authentication field, select Basic and do the following:
      • In the Username field, enter the user name.
      • In the Password field, enter the password.
    6. If you want to verify the TLS certificate for the task, select the Verify TLS Certificate check box.
    7. If you want to use a proxy server that you configured in Prism Central, select the Use PC Proxy configuration check box.
      Note: Ensure that the Prism Central has the appropriate HTTP proxy configuration.
    8. In the Retry Count field, enter the number of attempts the system must perform to create a task after each failure.
      By default, the retry count is zero. It implies that the task creation procedure stops after the first attempt.
    9. In the Retry Interval field, enter the time interval in seconds for each retry if the task fails.
    10. Under the Headers section, enter the HTTP header key and value in the Key and Value fields respectively.
      If you want to publish the HTTP header key and value pair as secret, select the Secrets check box.
    11. Under the Expected Response Options section, enter the details for the following fields:
      • In the Response Code field, enter the response code.
      • From the Response Status list, select either Success or Failure as the response status for the task.
    12. In the Set Response Path for Variable field, enter the variables from the specified response path.
      The example of json format is $.x.y and xml format is //x/y. For example, if the response path for variable is $.[*].display for response.
      [
          {
              "display": "HTML Tutorial",
              "url": "https://www.w3schools.com/html/default.asp"
          },
          {
              "display": "CSS Tutorial",
              "url": "https://www.w3schools.com/css/default.asp"
          },
          {
              "display": "JavaScript Tutorial",
              "url": "https://www.w3schools.com/js/default.asp"
          },
          {
              "display": "jQuery Tutorial",
              "url": "https://www.w3schools.com/jquery/default.asp"
          },
          {
              "display": "SQL Tutorial",
              "url": "https://www.w3schools.com/sql/default.asp"
          },
          {
              "display": "PHP Tutorial",
              "url": "https://www.w3schools.com/php/default.asp"
          },
          {
              "display": "XML Tutorial",
              "url": "https://www.w3schools.com/xml/default.asp"
          }
      ]
      Then, during the launch time the list options are ["HTML Tutorial","CSS Tutorial","JavaScript Tutorial","jQuery Tutorial","SQL Tutorial","PHP Tutorial","XML Tutorial"].
  12. (Optional) Enter a label and description for the variable.
  13. (Optional) Set variable options.
    • Select the Mark this variable private check box to make the variable private. Private variables are not shown during the blueprint launch or in the application.
    • Select the Mark this variable mandatory check box to make the variable a requisite for application launch.
    • Select the Validate with Regular Expression check box if you want to test the Regex values. Click Test Regex , provide the value for the Regex, and test or save the Regex. You can enter regex values in PCRE format. For more details, see from http://pcre.org/.
  14. Click Done .

Multi-VM Blueprints in Calm

A multi-VM blueprint is a framework that you can use to create an instance, provision, and launch applications that require multiple VMs.

Creating a Multi-VM Blueprint

In a Multi-VM blueprint, you can define the underlying infrastructure of the VMs, application details, and actions that are carried out on a blueprint until the termination of the application.

About this task

You can create and configure multi-VM blueprints with your Nutanix, VMware, AWS, GCP, or Azure accounts.

Before you begin

Ensure that you have configured an account and a project for your blueprint.

Procedure

  1. Add a service. For more information, see Adding a Service.
  2. Configure VM, package, and service for your provider account. For more information, see Configure Multi-VM, Package, and Service.
  3. Set the service dependencies. For more information, see Setting up the Service Dependencies.
  4. Add and configure an application profile. For more information, see Adding and Configuring an Application Profile.
  5. (Optional) Add and configure Scale Out and Scale In. For more information, see Adding and Configuring Scale Out and Scale In.
  6. Create an action. For more information, see Adding an Action to a Multi-VM Blueprint.

Adding a Service

Services are the virtual machine instances, existing machines or bare-metal machines, that you can provision and configure by using Calm. A service exposes the IP address and ports on which the request is received. You can either provision a single-service instance or multiple services based on the topology of your application.

About this task

For more information about services in Calm, see Services Overview.

Procedure

  1. Click the Blueprint icon in the left pane.
    The Blueprint page is displayed.
  2. From the + Create Blueprint list, select Multi VM/Pod Blueprint .
    The Blueprint Setup window appears.
  3. Enter the name of the blueprint in the Name field.
  4. Optionally, provide a description about the blueprint in the Description field.
  5. Select a project from the Project list.
    Note: The available account options depend on the selected project.
  6. Click Proceed .
    The Multi-VM Blueprint Editor page appears.
    Figure. Multi-VM Blueprint Editor Click to enlarge

  7. To add a service, click the + icon next to Service in the Overview Panel.
    The service inspector appears in the Blueprint Canvas.
    Figure. Service Inspector Click to enlarge

What to do next

Configure the VM, package, and service. For more information, see Configure Multi-VM, Package, and Service.

Configure Multi-VM, Package, and Service

You can define and configure the underlying infrastructure of the VM, application details, and actions that are carried out on a blueprint until the termination of the application for a service provider.

Configuring Nutanix and Existing Machine VM, Package, and Service

You can define the underlying infrastructure of the VM, application details, and actions that are carried out on a blueprint until the termination of the application on a Nutanix platform.

Before you begin

  • Ensure that you have completed the pre-configuration requirements. For more information, see Creating a Multi-VM Blueprint.
  • Ensure that you have created a project and configured an environment for Nutanix. For more information, see Creating a Project and Configuring Nutanix Environment.

Procedure

  1. Perform the basic blueprint setup, and add a service. For more information, see Adding a Service.
    Figure. Blueprint Configuration Click to enlarge

  2. Enter a name of the service in the Service Name field.
  3. On the VM tab, in the Name field, enter a name for the VM.
  4. Select the provider account from the Account list.
    You can select Existing Machine or a Nutanix account.
    Note: The account options depend on the project you selected while setting up your blueprint.
  5. If you selected Existing Machine , then do the following:
    1. Select Windows or Linux from the Operating System list.
    2. In the Configuration section, enter the IP address of the existing machine in the IP Address field
    3. In the Select tunnel to connect with list, select a tunnel that you want to use to connect with this VM if the VM is within the VPC. This step is optional.
    4. Configure the connection in your blueprint. For more information, see Configuring Check Log-In.
    Figure. Existing Machine Click to enlarge

  6. If you selected a Nutanix account, then select Windows or Linux from the Operating System list.
  7. If you have configured an environment during the project creation, then under the Preset VM Config section, click the Clone from environment button to autofill the VM configuration details. This step is optional.
    The Clone from environment button appears only when you select a specific environment you configured for the account from the Environment list in the application profile. The option does not appear if you select All Project Accounts as your environment.
    You can also click the View Configuration option to review the configuration details before cloning the environment.
  8. In the Cluster list, select the cluster you want to associate to the service.
    The Cluster list displays the clusters that you allowed in the project.
    The VLAN subnets have direct association with the cluster. When you select a VLAN subnet under the Network Adapters (NICs) section, the associated cluster is auto-populated in the Cluster list. However, if you intend to use overlay subnets, you must select the cluster in list.
    If you mark the cluster as runtime editable, the selected subnets also become runtime editable.
  9. Under the VM Configuration section, enter the name of the VM in the VM Name field.
    You can use Calm macros to provide a unique name to the VM. For example, vm-@@{calm_array_index}@@-@@{calm_time}@@ . For more information on Calm macros, see Macros Overview.
  10. Configure the processing unit of the VM by entering the number of vCPU, cores of each vCPU, and total memory in GB of the VM in the vCPU , cores per vCPU , and Memory (GiB) fields.
  11. (Optional) If you want to customize the default OS properties of the VM, select the Guest Customization check box.
    Guest customization allows you to modify the properties of the VM operating system. You can prevent conflicts that might result due to the deployment of virtual machines with identical settings, such as duplicate VM names or same SID. You can also change the computer name or network settings by using a custom script.
    1. Select Cloud-init for Linux or SysPrep for Windows, and enter or upload the script in the Script panel.
      For Sysprep, you must use double back slash for all escape characters . For example, \\v.
    2. For Sysprep script, click Join a Domain check box and configure the following fields.
      • Enter the domain name of the Windows server in the Domain Name field.
      • Select a credential for the Windows VM in the Credentials list. You can also add new credentials.
      • Enter the IP address of the DNS server in the DNS IP field.
      • Enter the DNS search path for the domain in the DNS Search Path field.
  12. Under the DISKS section, do the following:
    1. To add a disk, click the + icon next to DISKS .
    2. Select the device from the Device Type list.
      You can select CD-ROM or DISK .
    3. Select the device bus from the Device Bus list.
      You can select IDE or SATA for CD-ROM and SCSI , IDE , PCI , or SATA for DISK.
    4. From the Operation list, select one of the following:
      • To allocate the disk memory from the storage container, select Allocate on Storage Container .
      • To clone an image from the disk, select Clone from Image Service .
    5. If you selected Allocate on Storage Container , enter the disk size in GB in the Size (GiB) field.
    6. If you selected Clone from Image Service , select the image you want to add to the disk in the Image field.
      All the images that you uploaded to Prism Central are available for selection. For more information about image configuration, see Image Management section in the Prism Central guide.
    7. Select the Bootable check box for the image that you want to use to start the VM.
    Note: You can add more than one disk and select the disk with which you want to boot up the VM.
  13. Select one of the following firmwares to boot the VM.
    • Legacy BIOS : Select legacy BIOS to boot the VM with legacy BIOS firmware.
    • UEFI : Select UEFI to boot the VM with UEFI firmware. UEFI firmware supports larger hard drives, faster boot time, and provides more security features.
    • To boot the VM with the Secure Boot feature of UEFI, select Secure Boot . Secure Boot ensures a safe and secure start by preventing unauthorized software such as a malware to take control during the VM bootup.
  14. Under the Categories section, select a category in the Key: Value list.
    Use this option to tag your VM to a defined category in Prism Central. The list options are available based on your Prism Central configuration. If you want to protect your application by a protection policy, select the category defined for the policy in your Prism Central.
  15. To add a network adapter, click the + icon next to the Network Adapters (NICS) field and select the subnet from the NIC list.
    The NIC list shows all the VLAN and overlay subnets. The VLAN subnets have direct association with the cluster. Therefore, when you select a VLAN subnet, the associated cluster is auto-populated in the Cluster list.
    Figure. Network Adapter Click to enlarge

    The NICs of a VM can either use VLAN subnets or overlay subnets. For example, if you select an overlay subnet in NIC 1 and then add NIC 2, the NIC 2 list displays only the overlay subnets.
    If you select a VLAN subnet in NIC 1, all subsequent VLAN subnets belong to the same cluster. Similarly, if you select an overlay subnet, all subsequent overlay subnets belong to the same VPC.
  16. To add a serial port to the VM, click the + icon next to the Serial Ports field.
    You can use serial ports to connect a physical port or a file on the VM.
  17. Configure the connection in your blueprint. For more information, see Configuring Check Log-In.
  18. On the Package tab, enter the package name in the Package Name field.
    1. Click one of the following:
      • To create a task to install a package, click Configure install .
      • To create a task to uninstall a package, click Configure uninstall .
    2. In the Blueprint Canvas, click + Task .
      Figure. Package Click to enlarge Packages

    3. Enter the task name in the Task Name field.
  19. To create a task, select the type of task from the Type list.
    The available options are:
    • Execute : To create the Execute task type, see Creating an Execute Task.
    • Set Variable : To create the Set Variable task type, see Creating a Set Variable Task.
    • HTTP : To create the HTTP type, see Creating an HTTP Task.
    • Delay : To create the Delay task type, see Creating a Delay Task.
    For Execute and Set Variable tasks, you can use endpoints as targets for script execution. For more information, see Endpoints Overview.
  20. To reuse a task from the task library, do the following.
    1. Click Browse Library .
    2. Select the task from the task library.
      When you select a task, the task inspector panel displays the selected task details.
    3. Click Select .
    4. Optionally, edit the variable or macro names as per your blueprint.
      The variable or macro names used in the task can be generic, you can update them with corresponding variable or macro names as per your blueprint.
    5. To update the variable or macro names, click Apply .
    6. To copy the task, click Copy .
  21. On the Service tab, do the following:
    1. Under Deployment Config , enter the number of default, minimum and maximum service replicas that you want to create in the Default , Min , and Max fields respectively.
      The Min and Max fields define the scale-in and scale-out actions. The scale-in and scale-out actions cannot scale beyond the defined minimum and maximum numbers. The default field defines the number of default replicas the service creates.
      If there is an array of three VMs, define the minimum number as three.
    2. In the Variables section, click the + icon to add variable types to your blueprint.
    3. In the Name field, enter a name for the variable.
    4. From the Data Type list, select one of the base type variables or import a custom library variable type.
    5. If you have selected a base type variable, configure all the variable parameters. For more information about configuring variable parameters, see Creating Variable Types.
    6. If you have imported a custom variable type, all the variable parameters are auto filled.
    7. Select the Secret check box if you want to hide the value of the variable.
  22. Add credentials to the blueprint. For more information, see Adding Credentials.
  23. Click Save on the Blueprint Editor page.
    The blueprint is saved and listed on the Blueprints page.

What to do next

Define the service dependencies. See Setting up the Service Dependencies.

Configuring AWS VM, Package, and Service

You can define the underlying infrastructure of the VM, application details, and actions that are carried out on a blueprint until the termination of the application on an AWS platform.

Before you begin

  • Ensure that you have completed the pre-configuration requirements. See Creating a Multi-VM Blueprint.
  • Ensure that you have created a project and configured an environment for AWS. For more information, See Creating a Project and Configuring AWS Environment.

Procedure

  1. Perform the basic blueprint setup, and add a service. For more information, see Adding a Service.
    Figure. Blueprint Configuration Click to enlarge Blueprint configuration

  2. Enter a name of the service in the Service Name field.
  3. On the VM tab, enter a name for the VM in the Name field.
  4. Select the AWS account from the Account list.
    Note: The account options depend on the project you selected while setting up your blueprint.
  5. Select Windows or Linux from the Operating System list.
  6. (Optional) If you have configured an environment during the project creation, then click Clone from environment to autofill the VM configuration details.
    The Clone from environment option appears only when you select a specific environment you configured for the account from the Environment list in the application profile. The option does not appear if you select All Project Accounts as your environment.
    You can also click the View Configuration option to review the configuration details before cloning the environment.
  7. Edit the VM name in the Instance Name field.
    This field is pre-populated with a macro as suffix to ensure name uniqueness. The service provider uses this name as the VM name.
  8. Select the Associate Public IP Address check box to associate a public IP address with your AWS instance.
    If you do not select the Associate Public IP Address check box, ensure that the AWS account and Calm are on the same network for the scripts to run.
  9. Select an AWS instance type from the Instance Type list.
    Instance types include varying combinations of CPU, memory, storage, and networking capacity and give you the flexibility to select the appropriate mix of resources for your applications. Each instance type includes one or more instance sizes that allows you to scale your resources to the requirements of your target workload.
    The list displays the instances that are available in the AWS account. For more information, see AWS documentation.
  10. Select a region from the Region list and do the following:
    Note: The list displays the regions that are selected while configuring the AWS setting.
    1. Select an availability zone from the Availability Zone list.
      An availability zone is one or more discrete data centers with redundant power, networking, and connectivity in an AWS region. Availability zones allow you to operate production applications and databases that are more highly available, fault tolerant, and scalable than would be possible from a single data center.
    2. Select a machine image from the Machine Image list.
      An Amazon Machine Image is a special type of virtual appliance that is used to create a virtual machine within the Amazon Elastic Compute Cloud. It serves as the basic unit of deployment for services delivered using EC2.
    3. Select an IAM role from the IAM Role list.
      An IAM role is an AWS Identity and Access Management entity with permissions to make AWS service requests.
    4. Select a key pair from the Key Pairs list.
      A key pair (consisting of a private key and a public key) is a set of security credentials that you use to prove your identity when connecting to an instance.
    5. Select the VPC from the VPC list and do the following:
      Amazon Virtual Private Cloud (Amazon VPC) allows you to provision a logically isolated section of the AWS cloud where you can launch AWS resources in your defined virtual network.
  11. Enter AWS tags in the AWS Tags field.
    AWS tags are key and value pair to manage, identify, organize, search for, and filter resources. You can create tags to categorize resources by purpose, owner, environment, or other criteria.
  12. Under the Storage section, configure the following to boot the AWS instance with the selected image.
    1. From the Device list, select the device to boot the AWS instance.
      The available options are based on the image you have selected.
    2. In the Size(GiB) field, enter the required size for the bootable device.
    3. From the Volume Type list, select the volume type. You can select either General Purpose SSD , Provisioned IOPS SSD , and EBS Magnetic HDD .
      For more information on the volume types, see AWS documentation.
    4. Optionally, select the Delete on termination check box to delete the storage when the instance is terminated.
    You can also add more secondary storages by clicking the + icon next to the Storage section.
  13. Configure the connection in your blueprint. For more information, see Configuring Check Log-In.
  14. On the Package tab, enter the package name in the Package Name field.
    1. Click one of the following:
      • Configure install : To create a task to install a package.
      • Configure uninstall : To create a task to uninstall a package.
    2. In the Blueprint Canvas, click + Task .
      Figure. Package Click to enlarge

    3. Enter the task name in the Task Name field.
  15. To create a task, select the type of task from the Type list.
    The available options are:
    • Execute : To create the execute type of task, see Creating an Execute Task.
    • Set Variable : To create the set variable type of task, see Creating a Set Variable Task.
    • HTTP : To create the HTTP Task type, see Creating an HTTP Task.
    • Delay : To create the Delay task type, see Creating a Delay Task.
    For Execute and Set Variable tasks, you can use endpoints as targets for script execution. For more information, see Endpoints Overview.
  16. To reuse a task from the task library, do the following.
    1. Click Browse Library .
    2. Select the task from the task library.
      When you select a task, the task inspector panel displays the selected task details.
    3. Click Select .
    4. Optionally, edit the variable or macro names as per your blueprint.
      The variable or macro names used in the task can be generic, you can update them with corresponding variable or macro names as per your blueprint.
    5. To update the variable or macro names, click Apply .
    6. To copy the task, click Copy .
  17. On the Service tab, configure the following.
    1. In the Deployment Config pane, enter the number of default, minimum and maximum service replicas that you want to create in the Default , Min , and Max fields respectively.
      The Min and Max fields define the scale-in and scale-out actions. The scale-in and scale-out actions cannot scale beyond the defined minimum and maximum numbers. The default field defines the number of default replicas the service creates.
      If there is an array of three VMs, define the minimum number as three.
    2. In the Variables section, click the + icon to add variable types to your blueprint.
    3. In the Name field, enter a name for the variable.
    4. From the Data Type list, select one of the base type variable or import a custom library variable type.
    5. If you have selected a base type variable, configure all the variable parameters. For more information about configuring variable parameters, see Creating Variable Types.
    6. If you have imported a custom variable type, all the variable parameters are auto filled.
    7. Select the Secret check box if you want to hide the value of the variable.
  18. Add credentials to the blueprint. For more information, see Adding Credentials.
  19. Click Save on the Blueprint Editor page.
    The blueprint is saved and listed on the Blueprints page.

What to do next

Define the service dependencies. See Setting up the Service Dependencies.

Configuring VMware VM, Package, and Service

You can define the underlying infrastructure of the VM, application details, and actions that are carried out on a blueprint until the termination of the application on a VMware platform.

Before you begin

  • Ensure that you complete the pre-configuration requirements. See Creating a Multi-VM Blueprint.
  • Ensure that you have created a project and configured an environment for VMware. For more information, see Creating a Project and Configuring VMware Environment.
  • You need licenses for both Compute and Storage distributed resource scheduler (DRS) in order to use the VMware DRS mode.
  • Ensure that storage DRS is enabled and set to fully automated in vCenter.

Procedure

  1. Perform the basic blueprint setup, and add a service. For more information, see Adding a Service.
    Figure. Blueprint Configuration Click to enlarge vmware

  2. Enter a name of the service in the Service Name field.
  3. On the VM tab, enter the name of the VM in the Name field.
  4. Select VMware from the Account list.
    Note: The account options depend on the project you selected while setting up the blueprint.
  5. Select Windows or Linux from the Operating System list.
  6. (Optional) If you have configured an environment during the project creation, then click Clone from environment to autofill the VM configuration details.
    The Clone from environment option appears only when you select a specific environment you configured for the account from the Environment list in the application profile. The option does not appear if you select All Project Accounts as your environment.
    You can also click the View Configuration option to review the configuration details before cloning the environment.
  7. Select the Compute DRS Mode check box to enable load sharing and automatic VM placement.
    Distributed Resource Scheduler (DRS) is a utility that balances computing workloads with available resources in a virtualized environment. For more information about DRS mode, see the VMware documentation .
    • If you selected Compute DRS Mode , then select the cluster where you want to host your VM from the Cluster list.
    • If you have not selected Compute DRS Mode , then select the host name of the VM from the Host list.
  8. Do one of the following:
    • Select the VM Templates radio button and then select a template from the Template list.

      Templates allow you to create multiple virtual machines with the same characteristics, such as resources allocated to CPU and memory or the type of virtual hardware. Templates save time and avoid errors when configuring settings and other parameters to create VMs. The VM template retrieves the list options from the configured vCenter.

      Note:
      • Install the VMware Tools on the Windows templates. For Linux VMs, install Open-vm-tools or VMware-tools and configure the Vmtoolsd service for automatic start-up.
      • Support for Open-vm-tools is available. When using Open-vm-tools , install Perl for the template.
      • Do not use SysPrepped as the Windows template image.
      • If you select a template that has unsupported version of VMware Tools, then a warning appears stating VMware tool or version is unsupported and could lead to VM issues .
      • You can also edit the NIC type when you use a template.

      For more information, refer to VMware KB articles.

    • Select the Content Library radio button, a content library in the Content Library list, and then select an OVF template or VM template from the content library.

      A content library stores and manages content (VMs, vApp templates, and other types of files) in the form of library items. A single library item can consist of one file or multiple files. For more information about the vCenter content library, see the VMware Documentation .

      Caution: Content Library support is currently a technical preview feature in Calm. Do not use any technical preview features in a production environment.
  9. If you want to use the storage DRS mode, then select the Storage DRS Mode check box and a datastore cluster from the Datastore Cluster list.
    The datastore clusters are referred as storage pod in vCenter. A datastore cluster is a collection of datastores with shared resources and a shared management interface.
  10. If you do not want to use storage DRS mode, then do not select the Storage DRS Mode check box, and select a datastore from the Datastore list.
  11. In the VM Location field, specify the location of the folder in which the VM must be created when you deploy the blueprint. Ensure that you specify a valid folder name already created in your VMware account.
    To create a subfolder in the location you specified, select the Create a folder/directory structure here check box and specify a folder name in the Folder/Directory Name field.
    Note: Calm gives preference to the VM location specified in the environment you select while launching an application. For example, you specify a subfolder structure as the VM location in the blueprint and the top-level folder in the environment. When you select this environment while launching your application, Calm considers the VM location you specified in the environment and creates the VM at the top-level folder.
    Select the Delete empty folder check box to delete the subfolder created within the specified location, in case the folder does not contain any VM resources. This option helps you to keep a clean folder structure.
  12. Enter the instance name of the VM in the Instance Name field.
    This field is pre-populated with a macro as suffix to ensure name uniqueness. The service provider uses this name as the VM name.
  13. Under Controllers , click the + icon to add the type of controller.
    You can select either SCSI or SATA controller. You can add up to three SCSI and four SATA controllers.
  14. Under the Disks section, click the + icon to add vDisks and do the following:
    1. Select the device type from the Device Type list.
      You can either select CD-ROM or DISK .
    2. Select the adapter type from the Adapter Type list.
      You can select IDE for CD-ROM.
      You can select SCSI , IDE , or SATA for DISK.
    3. Enter the size of the disk in GiB.
    4. In the Location field, select the disk location.
    5. If you want to add a controller to the vDisk, select the type of controller in the Controller list to attach to the disk.
      Note: You can add either SCSI or SATA controllers. The available options depend on the adapter type.
    6. In the Disk mode list, select the type of the disk mode. Your options are:
      • Dependent : Dependent disk mode is the default disk mode for the vDisk.
      • Independent - Persistent : Disks in persistent mode behave like conventional disks on your physical computer. All data written to a disk in persistent mode are written permanently to the disk.
      • Independent - Nonpersistent : Changes to disks in nonpersistent mode are discarded when you shut down or reset the virtual machine. With nonpersistent mode, you can restart the virtual machine with a virtual disk in the same state every time. Changes to the disk are written to and read from a redo log file that is deleted when you shut down or reset.
    You can also mark the vDisks runtime editable so you can add, delete, or edit the vDisks while launching the blueprint. For more information about runtime editable attributes, see Runtime Variables Overview.
  15. Under the Tags section, select tags from the Category: Tag pairs field.
    You can assign tags to your VMs so you can view the objects associated with your VMs in your VMware account. For example, you can create a tag for a specific environment and assign the tag to multiple VMs. You can then view all the VMs that are associated with the tag.
  16. (Optional) If you want to customize the default OS properties of the VM, then click the Enable check box under VM Guest Customization and select a customization from the Predefined Guest Customization list.
  17. If you do not have any predefined customization available, select None .
  18. Select Cloud-init or Custom Spec .
  19. If you selected Cloud-init , enter or upload the script in the Script field.
  20. If you have selected Custom Spec , enter the details for the VM in the following fields:
    1. Enter the hostname in the Hostname field.
    2. Enter the domain in the Domain field.
    3. Select timezone from the Timezone list.
    4. Select Hardware clock UTC check box to enable hardware clock UTC.
    5. Click the + icon to add network settings.
      To automatically configure DHCP server, enable the Use DHCP check box and then skip to the DNS Setting section.
    6. Enter a name for the network configuration you are adding to the VM in the Setting name field.
      Settings name is the saved configuration of your network that you want to connect to your VM.
    7. Enter values in the IP Address , Subnet Mask , Default Gateway , and Alternative Gateway fields.
    8. Under the DNS Settings section, enter the DNS primary, DNS secondary, DNS tertiary, and DNS search path name.
  21. Configure the connection in your blueprint. For more information, see Configuring Check Log-In.
  22. On the Package tab, enter the package name in the Package Name field.
    1. Click one of the following:
      • Configure install : To create a task to install a package.
      • Configure uninstall : To create a task to uninstall a package.
    2. In the Blueprint Canvas, click + Task .
      Figure. Package Click to enlarge

    3. Enter the task name in the Task Name field.
  23. To create a task, select the type of task from the Type list.
    The available options are:
    • Execute : To create the Execute type of task, see Creating an Execute Task.
    • Set Variable : To create the set variable type of task, see Creating a Set Variable Task.
    • HTTP : To create the HTTP task type, see Creating an HTTP Task.
    • Delay : To create the Delay task type, see Creating a Delay Task.
    For Execute and Set Variable tasks, you can use endpoints as targets for script execution. For more information, see Endpoints Overview.
  24. To reuse a task from the task library, do the following.
    1. Click Browse Library .
    2. Select the task from the task library.
      When you select a task, the task inspector panel displays the selected task details.
    3. Click Select .
    4. Optionally, edit the variable or macro names as per your blueprint.
      The variable or macro names used in the task can be generic, you can update them with corresponding variable or macro names as per your blueprint.
    5. To update the variable or macro names, click Apply .
    6. To copy the task, click Copy .
  25. On the Service tab, configure the following.
    1. In the Deployment Config pane, enter the number of default, minimum and maximum service replicas that you want to create in the Default , Min , and Max fields respectively.
      The Min and Max fields define the scale-in and scale-out actions. The scale-in and scale-out actions cannot scale beyond the defined minimum and maximum numbers. The default field defines the number of default replicas the service creates.
      If there is an array of three VMs, define the minimum number as three.
    2. In the Variables section, click the + icon to add variable types to your blueprint.
    3. In the Name field, enter a name for the variable.
    4. From the Data Type list, select one of the base type variable or import a custom library variable type.
    5. If you have selected a base type variable, configure all the variable parameters. For more information about configuring variable parameters, see Creating Variable Types.
    6. If you have imported a custom variable type, all the variable parameters are automatically filled.
    7. Select the Secret check box if you want to hide the value of the variable.
  26. Add credentials to the blueprint. For more information, see Adding Credentials.
  27. Click Save on the Blueprint Editor page.

What to do next

Define the service dependencies. See Setting up the Service Dependencies.

Supported VMware Guest Tools Versions

To know the supported VMware guest tools versions, see the

VMware Product Interoperability Matrices .

Configuring GCP VM, Package, and Service

You can define the underlying infrastructure of the VM, application details, and actions that are carried out on a blueprint until the termination of the application on a GCP platform.

Before you begin

  • Ensure that you complete the pre-configuration requirements. See Creating a Multi-VM Blueprint.
  • Ensure that you have created a project and configured an environment for AWS. For more information, see Creating a Project and Configuring GCP Environment.

Procedure

  1. Perform the basic blueprint setup, and add a service. For more information, see Adding a Service.
    Figure. Blueprint Configuration Click to enlarge

  2. Enter a name of the service in the Service Name field.
  3. On the VM tab, enter the name of the VM in the Name field.
  4. Select a GCP account from the Account list.
    Note: The account options depend on the selected project while setting up the blueprint.
  5. Select Windows or Linux from the Operating System list.
  6. (Optional) If you have configured an environment during the project creation, then click Clone from environment to autofill the VM configuration details.
    The Clone from environment option appears only when you select a specific environment you configured for the account from the Environment list in the application profile. The option does not appear if you select All Project Accounts as your environment.
    You can also click the View Configuration option to review the configuration details before cloning the environment.
  7. (Optional) Edit the VM name in the Instance Name field.
    This field is pre-populated with a macro as suffix to ensure name uniqueness. The service provider uses this name as the VM name.
  8. Select a zone from the Zone list.
    A zone is a physical location where you can host the VM.
  9. Select the type of machine from the Machine type list.
    The machine types are available based on your zone. A machine type is a set of virtualized hardware resources available to a virtual machine (VM) instance, including the system memory size, virtual CPU (vCPU) count, and persistent disk limits. In Compute Engine, machine types are grouped and curated by families for different workloads.
  10. Under the DISKS section, click the + icon to add a disk.
    You can also mark the added vDisks runtime editable so you can add, delete, or edit the vDisks while launching the blueprint. For more information about runtime editable attributes, see Runtime Variables Overview.
  11. To use an existing disk configuration, select the Use existing disk check box, and then select the persistent disk from the Disk list.
  12. If you have not selected the Use existing disk check box, then do the following:
    1. Select the type of storage from the Storage Type list. The available options are as follows.
      • pd-balanced : Use this option as an alternative to SSD persistent disks with a balanced performance and cost.
      • pd-extreme : Use this option to use SSD drives for high-end database workloads. This option has higher maximum IOPS and throughput and allows you to provision IOPS and capacity separately.
      • pd-ssd : Use this option to use SSD drives as your persistent disk.
      • pd-standard : Use this option to use HDD drives as your persistent disk.
      The persistent disk types are durable network storage devices that your instances can access like physical disks in a desktop or a server. The data on each disk is distributed across several physical disks.
    2. Select the image source from the Source Image list.
      The images available for your selection are based on the selected zone.
    3. Enter the size of the disk in GB in the Size in GB field.
    4. To delete the disk configuration after the instance is deleted, select the Delete when instance is deleted check box under the Disks section.
  13. To add a blank disk, click the + icon under the Blank Disks section and configure the blank disk.
  14. To add networking details to the VM, click the + icon under the Networking section.
  15. To configure a public IP address, select the Associate Public IP address check box and configure the following fields.
    1. Select the network from the Network list and the sub network from the Subnetwork list.
    2. Enter a name of the network in the Access configuration Name field and select the access configuration type from the Access configuration type list.
      These fields appear when you select the Associate public IP Address check box.
  16. To configure a private IP address, clear the Associate Public IP address check box and select the network and sub network.
  17. Under the SSH Key section, click the + icon and enter or upload the username key data in the Username field.
  18. Select Block project-wide SSH Keys to enable blocking project-wide SSH keys.
  19. Under the Management section, do the following:
    1. Enter the metadata in the Metadata field.
    2. Select the security group from the Network Tags list.
      Network tags are text attributes you can add to VM instances. These tags allow you to make firewall rules and routes applicable to specific VM instances.
    3. Enter the key-value pair in the Labels field.
      A label is a key-value pair that helps you organize the VMs created with GCP as the provider. You can attach a label to each resource, then filter the resources based on their labels.
  20. Under the API Access section, do the following:
    1. Specify the service account in the Service Account field.
    2. Under Scopes, select Default Access or Full Access .
  21. Configure the connection in your blueprint. For more information, see Configuring Check Log-In.
  22. On the Package tab, enter the package name in the Name field.
    1. Click one of the following:
      • Configure install : To create a task to install a package.
      • Configure uninstall : To create a task to uninstall a package.
    2. In the Blueprint Canvas, click + Task .
      Figure. Package Click to enlarge

    3. Enter the task name in the Task Name field.
  23. To create a task, select the type of task from the Type list.
    The available options are:
    • Execute : To create the Execute task type, see Creating an Execute Task.
    • Set Variable : To create the Set Variable task type, see Creating a Set Variable Task.
    • HTTP : To create the HTTP Task type, see Creating an HTTP Task.
    • Delay : To create the Delay task type, see Creating a Delay Task.
    For Execute and Set Variable tasks, you can use endpoints as targets for script execution. For more information, see Endpoints Overview.
  24. To reuse a task from the task library, do the following.
    1. Click Browse Library .
    2. Select the task from the task library.
      When you select a task, the task inspector panel displays the selected task details.
    3. Click Select .
    4. Optionally, edit the variable or macro names as per your blueprint.
      The variable or macro names used in the task can be generic, you can update them with corresponding variable or macro names as per your blueprint.
    5. To update the variable or macro names, click Apply .
    6. To copy the task, click Copy .
  25. On the Service tab, configure the following.
    1. In the Deployment Config pane, enter the number of default, minimum and maximum service replicas that you want to create in the Default , Min , and Max fields respectively.
      The Min and Max fields define the scale-in and scale-out actions. The scale-in and scale-out actions cannot scale beyond the defined minimum and maximum numbers. The default field defines the number of default replicas the service creates.
      If there is an array of three VMs, define the minimum number as three.
    2. In the Variables section, click the + icon to add variable types to your blueprint.
    3. In the Name field, enter a name for the variable.
    4. From the Data Type list, select one of the base type variable or import a custom library variable type.
    5. If you have selected a base type variable, configure all the variable parameters. For more information about configuring variable parameters, see Creating Variable Types.
    6. If you have imported a custom variable type, all the variable parameters are auto filled.
    7. Select the Secret check box if you want to hide the value of the variable.
  26. Add credentials to the blueprint. For more information, see Adding Credentials.
  27. Click Save on the Blueprint Editor page.
    The blueprint is saved and listed under blueprints tab.

What to do next

Define the service dependencies. See Setting up the Service Dependencies.

Configuring Azure VM, Package, and Service

You can define the underlying infrastructure of the VM, application details, and actions that are carried out on a blueprint until the termination of the application on an Azure platform.

Before you begin

  • Ensure that you have configured the following entities in the Azure account.
    • Resource Group
    • Availability set
    • Network Security Group
    • Virtual Network
    • Vault Certificates
  • Ensure that you complete the pre-configuration requirements. See Creating a Multi-VM Blueprint.
  • Ensure that you have created a project and configured an environment for Azure. For more information, see Creating a Project and Configuring Azure Environment.

Procedure

  1. Perform the basic blueprint setup, and add a service. For more information, see Adding a Service.
    Figure. Blueprint Configuration Click to enlarge

  2. Enter a name of the service in the Service Name field.
  3. Under the VM tab, enter the name of the VM in the Name field.
  4. Select Azure from the Account list.
    Note: The account options depend on the selected project while creating the blueprint.
  5. Select Windows or Linux from the Operating System list.
  6. (Optional) If you have configured an environment during the project creation, then click Clone from environment to autofill the VM configuration details.
    The Clone from environment option appears only when you select a specific environment you configured for the account from the Environment list in the application profile. The option does not appear if you select All Project Accounts as your environment.
    You can also click the View Configuration option to review the configuration details before cloning the environment.
  7. Edit the VM name in the Instance Name field.
    This field is pre-populated with a macro as suffix to ensure name uniqueness. The service provider uses this name as the VM name.
  8. Select a resource group from the Resource Group list or select the Create Resource Group check box to create a resource group.
    Each resource in Azure must belong to a resource group. A resource group is simply a logical construct that groups multiple resources together so you can manage the resources as a single entity. For example, you can create or delete resources as a group that share a similar life cycle, such as the resources for an n-tier application.

    The Resource Group list displays the resource groups that are associated with the subscriptions you selected in your Azure account. In case you have not selected any subscriptions, Calm considers all the subscriptions that are available in the Azure service principal to display the resource groups. Each resource group in the list also displays the associated subscription.

  9. If you selected a resource group from the Resource Group list, then do the following:
    1. Select the geographical location of the datacenter from the Location list.
    2. Select Availability Sets or Availability Zones from the Availability Option list.
      You can then select an availability set or availability zone. An availability set is a logical grouping capability to ensure that the VM resources are isolated from each other to provide High Availability if deployed within an Azure datacenter. An availability zone allows you to deploy your VM into different datacenters within the same region.
    3. Select the hardware profile as per your hardware requirements from the Hardware Profile list.
      The number of data disks and NICs depends upon the selected hardware profile. For information about the sizes of Windows and Linux VMs, see Windows and Linux Documentation.
  10. If you selected the Create Resource Group check box to create a resource group, then do the following:
    1. Select a subscription associated to your Azure account in the Subscription field.
    2. Enter a unique name for the resource group in the Name field.
    3. Select the geographical location of the datacenter that you want to add to the resource group in the Location list.
    4. Under Tags , enter a key and value pair in the Key and Value fields respectively.
      Tags are key and value pairs that enable you to categorize resources. You can apply a tag to multiple resource groups.
    5. If you want to automatically delete a resource group that has empty resources while deleting an application, click the Delete Empty Resource Group check box.
    6. Specify the location and hardware profile.
  11. Under the Secrets section, click the + icon and do the following:
    1. Enter a unique vault ID in the Vault ID field.
    2. Under Certificates , click the + icon.
    3. Enter the URL of the configuration certificate in the URL field.
      The URL of the certificate is uploaded to the key vault as a secret.
    4. Enter store in the Store field.
      • For Windows VMs, the Store field specifies the certificate store on the virtual machine to which the certificate is added. The specified certificate store is implicitly created in the LocalMachine account.

      • For Linux VMs, the certificate file is placed under the /var/lib/waagent directory. The format of the file name is <UppercaseThumbprint>.crt for the X509 certificate and <UppercaseThumbpring>.prv for private key. Both of these files are .pem formatted.

  12. (For Windows) Select the Provision Windows Guest Agent check box.
    This option indicates whether or not to provision the virtual machine agent on the virtual machine. When this property is not specified in the request body, the default behavior is to set it to true. This ensures that the VM Agent is installed on the VM, and the extensions can be added to the VM later.
  13. (For Windows) To indicate that the VM is enabled for automatic updates, select the Automatic OS Upgrades check box.
  14. Under the Additional Unattended Content section, click the + icon and do the following:
    1. Select a setting from the Setting Name list.
      You can select Auto Logon or First Logon Commands .
      Note: Guest customization is applicable only on images that allows or support guest customization.
    2. Enter or upload the xml content. See Sample Auto Logon and First Logon Scripts.
  15. Under the WinRM Listeners section, click the + icon and do the following:
    1. Select the protocol from the Protocol list.
      You can select HTTP or HTTPS .
    2. If you selected HTTPS, then select the certificate URL from the Certificate URL list.
  16. Under the Storage Profile section, select the Use Custom Image check box to use a custom VM image created in your subscription.
    You can then select a custom image or publisher-offer-SKU-version from the Custom Image list.
  17. Under the VM Image Details section, select an image type in the Source Image Type list.
    You can select Marketplace , Subscription , or Shared Image Gallery .
    • If you selected Marketplace , then specify the publisher, offer, SKU, and version for the image.
    • If you selected Subscription , then select the custom image.
    • If you selected Shared Image Gallery , then select the gallery and the image.
  18. Under the OS Disk Details section, do the following:
    1. Select the storage type from the Storage Type list.
      You can select Standard HDD , Standard SSD , or Premium SSD .
    2. Select a disk storage account from the Disk Storage list.
      This field is available only when the Use Custom Image check box is enabled.
    3. Select disk caching type from the Disk Caching Type list.
      You can select None , Read-only , or Read write .
    4. Select disk create option from the Disk Create Option list.
      You can select Attach , Empty , or From Image .
  19. Under the Data Disk section, do the following:
    1. Select the storage type from the Storage Type list.
      You can select Standard HDD , Standard SSD , or Premium SSD .
    2. Select disk caching type from the Disk Caching Type list.
      You can select None , Read-only , or Read write .
    3. Enter the size in GB in the Size field.
    4. Enter disk logical unit number (LUN) in the Disk LUN field.
      Note: The LUN value should be unique across data disk list.
  20. Under the Network Profile section, add NICs as per your requirement and do the following for each NIC:
    1. Select a security group from the Security Group list.
    2. Select a virtual network from the Virtual Network list.
    3. Under Public IP Config , enter a name and select an allocation method.
    4. Under Private IP Config , select an allocation method.
      If you selected Static as the allocation method, then enter the private IP address in the IP Address field.
  21. Optionally, enter tags in the Tags field.
  22. Configure the connection in your blueprint. For more information, see Configuring Check Log-In.
  23. On the Package tab, enter the package name in the Name field.
    1. Click one of the following:
      • Configure install : To create a task to install a package.
      • Configure uninstall : To create a task to uninstall a package.
    2. In the Blueprint Canvas, click + Task .
      Figure. Package Click to enlarge

    3. Enter the task name in the Task Name field.
  24. To create a task, select the type of task from the Type list.
    The available options are:
    • Execute : To create the execute type of task, see Creating an Execute Task.
    • Set Variable : To create the set variable type of task, see Creating a Set Variable Task.
    • HTTP : To create the HTTP Task type, see Creating an HTTP Task.
    • Delay : To create the Delay task type, see Creating a Delay Task.
    For Execute and Set Variable tasks, you can use endpoints as targets for script execution. For more information, see Endpoints Overview.
  25. Select the script from the Script Type list.
    For shell, PowerShell, and eScript scripts, you can access the available list of macros by using @@{ .
    Note: Azure library SDK support is available for eScripts.
  26. To reuse a task from the library do the following.
    1. Click Browse Library .
    2. Select the task from the library.
      When you select a task, the task inspector panel displays the selected task details.
    3. Click Select .
    4. Optionally, edit the variable or macro names as per your blueprint.
      The variable or macro names used in the task can be generic, you can update them with corresponding variable or macro names as per your blueprint.
    5. Click Apply to update the variable or macro names.
    6. Click Copy to copy the task.
  27. On the Service tab, configure the following.
    1. In the Deployment Config pane, enter the number of default, minimum and maximum service replicas that you want to create in the Default , Min , and Max fields respectively.
      The Min and Max fields define the scale-in and scale-out actions. The scale-in and scale-out actions cannot scale beyond the defined minimum and maximum numbers. The default field defines the number of default replicas the service creates.
      If there is an array of three VMs, define the minimum number as three.
    2. In the Variables section, click the + icon to add variable types to your blueprint.
    3. In the Name field, enter a name for the variable.
    4. From the Data Type list, select one of the base type variables or import a custom library variable type.
    5. If you have selected a base type variable, configure all the variable parameters. For more information about configuring variable parameters, see Creating Variable Types.
    6. If you have imported a custom variable type, all the variable parameters are automatically filled.
    7. Select the Secret check box if you want to hide the value of the variable.
    8. In the Port List pane, enter the name, protocol, and port number in the Name , Protocol , and Port fields.
  28. Add credentials to the blueprint. For more information, see Adding Credentials.
  29. Click Save on the Blueprint Editor page.
    The blueprint is saved and listed under blueprints tab.

What to do next

Define the service dependencies. See Setting up the Service Dependencies.

Azure Troubleshooting

The following section describes Azure troubleshooting.

  • For settings save or verification failure, you can check the logs at the following location.

    /home/calm/log/styx.log

  • For application blueprints save failure, you can check the logs at the following locations.
    • /home/calm/log/hercules_*.log
    • /home/calm/log/styx.log
  • For provisioning failure, you can check the logs at the following locations.
    • Task logs on UI
    • /home/epsilon/log/indra_*.log [Signature: Encountered ERROR]
    • /home/epsilon/log/durga_*.log
    • /home/epsilon/log/arjun_*.log
    • /home/calm/log/hercules_*.log
    • /home/calm/log/styx.log

Configuring Xi VM, Package, and Service

You can define the underlying infrastructure of the VM, application details, and actions that are carried out on a blueprint until the termination of the application on Xi cloud provider.

Before you begin

Ensure that you have configured DNS in the VPC section in the Xi Cloud dashboard in the Prism Central.

Procedure

  1. Perform the basic blueprint setup, and add a service. For more information, see Adding a Service.
  2. Enter a name of the service in the Service Name field.
  3. On the VM tab, enter the name of the VM in the Name field.
  4. Select Xi from the Account list.
    Note: The account options depend on the project you selected while setting up the blueprint.
    The Availability Zone field is automatically filled.
  5. Select Windows or Linux from the Operating System list.
  6. Under VM Configuration , enter the instance name of the VM in the VM Name field. This field displays the macro as suffix to ensure name uniqueness.
    The service provider uses this name as the VM name.
  7. In the vCPUs field, enter the required number of vCPUs for the VM.
  8. In the Cores per vCPU field, enter the number of cores per vCPU for the VM.
  9. In the Memory field, enter the required memory in GiB for the VM.
  10. (Optional) If you want to customize the default OS properties of the VM, select the Guest Customization check box and do the following.
    Guest customization allows you to upload custom scripts to modify the properties of the OS of the VM.
    1. Select Cloud-init or SysPrep type and enter the script in the Script panel.
      Note:
      • Select Cloud-init for Linux and Sysprep for Windows. For Sysprep, you must use double back slash for all escape characters . For example, \\v.
      • You can also upload the script by clicking the upload icon.
    2. For Sysprep script, click Join a Domain check box and configure the following fields.
      • Domain Name : Enter the domain name of the Windows server.
      • Credentials : From the Credentials list, enter a credential for the Windows VM. You can also create new credentials. For more information, see step 22.
      • DNS IP : Enter the IP address of the DNS server.
      • DNS Search Path : Enter the DNS search path for the domain.
  11. To add a vDisk, click + vDisks and do the following.
    1. Select the device type from the Device Type list.
      You can select CD-ROM or Disk .
    2. Select the device bus from the Device Bus list.
      You can select IDE or SATA for CD-ROM .
      You can select SCSI , IDE , PCI , or SATA for Disk .
    3. Enter the size of the vDisk in GiB.
    You can also make the vDisks as runtime editable. If you have marked the vDisk attribute as runtime editable, you can add, delete, or edit vDisks while launching the blueprint. For more information about runtime editable attributes, see Runtime Variables Overview.
  12. Select categories from the Categories list.
    Note: Categories field allows you to tag your VM to a defined category in the Prism Central. Based on the Prism Central configuration, the list options are available.
  13. Under Network , select the VPC from the VPC list. For more information about VPC, see Xi Infrastructure Service Admininistration Guide.
  14. Configure the connection in your blueprint. For more information, see Configuring Check Log-In.
  15. Under the Package tab, enter the package name in the Name field.
    1. Click one of the following:
      • Configure install : To create a task to install a package.
      • Configure uninstall : To create a task to uninstall a package.
    2. In the Blueprint Canvas, click + Task .
      Figure. Package Click to enlarge

    3. Enter the task name in the Task Name field.
  16. If you want to create a task, select the type of task from the Type list.
    The available options are:
    • Execute : To create the Execute task type, see Creating an Execute Task.
    • Set Variable : To create the Set Variable task type, see Creating a Set Variable Task.
    • HTTP : To create the HTTP Task type, see Creating an HTTP Task.
    • Delay : To create the Delay task type, see Creating a Delay Task.
  17. (Optional) To reuse a task from the task library, do the following.
    1. Click Browse Library .
    2. Select the task from the task library.
      When you select a task, the task inspector panel displays the selected task details.
    3. Click Select .
    4. (Optional) Edit the variable or macro names as per your blueprint.
      The variable or macro names used in the task can be generic, you can update them with corresponding variable or macro names as per your blueprint.
    5. To update the variable or macro names, click Apply .
    6. To copy the task, click Copy .
  18. On the Service tab, configure the following.
    1. In the Deployment Config pane, enter the number of default, minimum and maximum service replicas that you want to create in the Default , Min , and Max fields respectively.
      The Min and Max fields define the scale-in and scale-out actions. The scale-in and scale-out actions cannot scale beyond the defined minimum and maximum numbers. The default field defines the number of default replicas the service creates.
      If there is an array of three VMs, define the minimum number as three.
    2. In the Variables section, click the + icon to add variable types to your blueprint.
    3. In the Name field, enter a name for the variable.
    4. From the Data Type list, select one of the base type variables or import a custom library variable type.
    5. If you have selected a base type variable, configure all the variable parameters. For more information about configuring variable parameters, see Creating Variable Types.
    6. If you have imported a custom variable type, all the variable parameters are auto filled.
    7. Select the Secret check box if you want to hide the value of the variable.
  19. Click Save on the Blueprint Editor page.
    The blueprint is saved and listed under blueprints tab.

Configuring Kubernetes Deployment, Containers, and Service

Perform the following procedure to configure Kubernetes Deployment, Containers, and Service.

Before you begin

  • Ensure that you have completed the pre-configuration requirements. See Creating a Multi-VM Blueprint.
  • Ensure that the selected project has Kubernetes or GCP with GKE enabled or both as part of it.
  • Refer Kubernetes Documentation to get detailed information about the kubernetes attributes and configuration.

Procedure

  1. To add a service to the blueprint, see Adding a Service.
  2. To add a Pod, click + against the Pod .

    A Pod is the basic execution unit of a Kubernetes application and the smallest and simplest unit in the Kubernetes object model that you create or deploy. A Pod represents processes running on your cluster.

    The Pod service inspector panel appears.
  3. Enter a name of the pod in the Pod Name field.
  4. Under the Deployment tab, select the account from the Account list. All the accounts added to the project are available for selection.
  5. Optionally, edit the Calm deployment name in the Calm Deployment Name field.
    This filed is auto-populated.
  6. Optionally, edit the K8s deployment name in the K8s Deployment Name field.
    This filed is automatically populated.
  7. Enter namespace in the Namespace field.
    Namespace is a kubernetes field to use in environments with many users spread across multiple teams, or projects.
  8. Enter the number of replicas in the Replica field.
  9. Optionally, enter annotations in the Annotations field.
    You can use kubernetes annotations to attach arbitrary non-identifying metadata to objects.
  10. Enter selector in the Selectors field.
    The selector field defines how the Deployment finds which pods to manage.
  11. Enter label in the Label field.

    Labels are key/value pairs that are attached to objects, such as pods. You can use Labels to specify identifying attributes of objects that are meaningful and relevant to users, but do not directly imply semantics to the core system. You can also use Labels to organize and to select subsets of objects. You can attach Labels to objects either at the creation time or later. Each object can have a set of key/value labels defined. Each key must be unique for a given object.

  12. Optionally, you can edit the pod name in the K8s Pod Name field.
    This field is auto-populated.
  13. Enter value of image pull secrets in the Image Pull Secrets field.
    You can provide the list of secret names (pre-configured in a Kubernetes cluster by using Kubernetes Docker secret object) to be use by Kubernetes cluster to pull the container images from registries that require authentication.
  14. Select DNS policy from the DNS Policy list.
  15. Under Containers tab, optionally edit the Calm service name in the Calm Service Name field.
  16. Optionally, you can edit the K8s service name in the K8s Service Name field.
    This field is auto-populated.
  17. Enter arguments for the container in the Args field.
  18. Enter Docker image in the Image field.
  19. Select a value from the Image Pull Policy .
    You can either select Never or Always or IfNotPresent (default).
  20. Under Pre Stop Lifecycle , select an action.
    You can select None (default) or Exec or HTTP Get Action or TCP Socket .
    This hook is called immediately before a container is terminated. It is blocking, meaning it is synchronous, so it must complete before the call to delete the container can be sent. No parameters are passed to the handler.
  21. Under Post Stop Lifecycle , select an action.
    You can select None (default) or Exec or HTTP Get Action or TCP Socket .
    This hook runs immediately after a container is created. However, there is no guarantee that the hook runs before the container ENTRYPOINT. No parameters are passed to the handler.
  22. Under Container Port , enter the port number in the Port field.
    1. Enter name of the port in the Name field.
    2. Select protocol from the Protocol list.
      You can either select TCP or UDP .
  23. Under Readiness Probe , enter command in the Command field.
    The kubelet uses readiness probes to know when a Container is ready to start accepting traffic. A pod is ready after all of its Containers are ready. One use of this signal is to control the pods used as backends for Services. When a pod is not ready, it is removed from Service load balancers.
  24. Under Resource Limit , enter the cores per CPU in the CPU field.
    When you specify a pod, you can optionally specify how much CPU and memory (RAM) each Container needs. CPU and memory are each a resource type. A resource type has a base unit. You can specify CPU in units of cores and memory in bytes.
    1. Enter the bytes of memory in the Memory field.
  25. Under Resource Request , enter the termination message path in the Termination Message Path field.
    Termination messages provide a way for containers to write information about fatal events to a location where you can easily retrieve and surface these events by tools like dashboards and monitoring software.
  26. Under Service tab, optionally you can edit the Calm Published Service Name field.
  27. Optionally, you can edit the K8s Service Name field.
  28. Select a service type from the Service Type list. You can select one of the following.
    • ClusterIP : Exposes the service on a cluster-internal IP. Choosing this value makes the Service only reachable from within the cluster.
    • NodePort : Exposes the service on each node's IP at a static port (the NodePort ). A ClusterIP Service, to which the NodePort Service routes, is automatically created. You'll be able to contact the NodePort Service, from outside the cluster, by requesting <NodeIP>:<NodePort> .
    • LoadBalancer : Exposes the service externally using a cloud provider's load balancer. NodePort and ClusterIP Services, to which the external load balancer routes, are automatically created.
  29. Enter namespace in the Namespace field.
    You can use Namespaces in environments with many users spread across multiple teams, or projects.
  30. Enter label in the Label field.

    Labels are key/value pairs that are attached to objects, such as pods. You can use Labels to specify identifying attributes of objects that are meaningful and relevant, but do not directly imply semantics to the core system. You can also use Labels to organize and select subsets of objects. You can attach Labels to objects at creation time and add or modify at any time. Each object can have a set of key/value labels defined. Each key must be unique for a given object.

  31. Enter selector in the Selectors field.
    The selector field defines how the Deployment finds which pods to manage.
  32. Under Port List , enter the port name in the Port Name field.
    1. Enter node port in the Node Port field.
    2. Enter port number in the Port field.
    3. Select protocol from the Protocol list.
      You can either select TCP or UDP .
    4. Enter the target port in the Target Port field.
  33. To upload the POD specification file in .JSON or .YAML format from your local machine, click against the icon next to the Pod Name field and upload the specification file.
    You can also download the POD specification file in .JSON or .YAML format.
  34. To edit the uploaded POD specification, click the Spec Editor toggle button and click Edit .
    The Script Editor page is displayed. You can edit the specification file in .YAML or .JSON format.
  35. To save the edited POD specification file, click Done .
  36. Click Save .
    The blueprint is saved and listed under blueprints tab.

What to do next

Define the service dependencies. See Setting up the Service Dependencies.

Setting up the Service Dependencies

Dependencies are used to define the order in which tasks must get executed. Perform the following procedure to set up the service dependency.

Before you begin

  • Ensure that at least more than one service must be available. See Adding a Service.
  • Ensure that you have completed the pre-configuration requirements. See Creating a Multi-VM Blueprint.

Procedure

  1. Select the service.
  2. Select the dependency icon and drag to the service on which you want to create the dependency.
    Figure. Create Dependency Click to enlarge

What to do next

Configure the application profile. See Adding and Configuring an Application Profile.

Adding and Configuring an Application Profile

An application profile provides different combinations of the service, package, and VM while configuring a blueprint. You configure application profiles and use them while launching a blueprint.

Before you begin

Ensure that you have completed the pre-configuration requirements. See Creating a Multi-VM Blueprint.

Procedure

  1. To create an application profile, click the + icon next to Application Profile in the Overview Panel.
    Figure. Application Profile Click to enlarge

  2. In the Inspector Panel, enter the name of the application profile in the Application Profile Name field.
  3. Optionally, select an environment for the application profile from the Environment list.
    The environment available for the selection in the Environment list depends on the project you selected in the Blueprint Setup window. If you selected a default environment while configuring your environments for the project, the default environment automatically appears in the Environment list. You can select a different environment if required.
  4. Click the + icon next to Variables .
  5. Enter a name for the variable in the Name field.
  6. Select a data type from the Data Type list. You can select one of the following data type:
    • String
    • Integer
    • Multi-line string
    • Date
    • Time
    • Date Time
  7. Enter a value for the selected data type in the Value field.
    You can select the Secret check box to hide the variable value.
  8. Click Show Additional Options .
  9. In the Input Type field, select one of the following input type:
    • Simple: Use this option for default value.
    • Predefined: Use this option to assign static values.
    • eScript: Use this option to attach a script that is run to retrieve values dynamically at runtime. Script can return single or multiple values depending on the selected base data type.
    • HTTP: Use this option to retrieve values dynamically from the defined HTTP end point. Result is processed and assigned to the variable based on the selected base data type.
  10. If you have selected Simple , enter the value for the variable in the Value field.
  11. If you have selected Predefined , enter the value for the variable in the Option field.
    1. To add multiple values for the variable, click + Add Option , and enter values in the Option field.
      Note: To make any value as default, select the Default radio button for the option.
  12. If you have selected eScript , enter the eScript in the field.
    You can also upload the script from the library or from the computer by clicking the upload icon.
    You can also publish the script to the library by clicking the publish button.
    Note:
    • You cannot add macros to eScripts.
    • If you have selected Multiple Input (Array) check box with input type as eScript, then ensure that the script returns a list of values separated by comma. For example, CentOS, Ubuntu, Windows.
  13. If you have selected HTTP , configure the following fields.
    • Request URL : In the Request URL field, enter the URL of the server that you want to run the methods on.
    • Request Method : In the Request Method list, select one of the following request methods. The available options are GET, PUT, POST, and DELETE.
    • Request Body : In the Request Body field, enter the PUT request. You can also upload the PUT request by clicking the upload icon.
    • Content Type : In the Content Type list, select the type of the output format. The available options are XML , JSON, and HTML.
    • Connection Timeout (sec) : In the Connection Timeout (sec) field, enter the timeout interval in seconds.
    • Authentication : Optionally, if you have selected authentication type as BASIC, enter the user name and the password in the User name and Password fields respectively.
    • SSL Certificate Verification : If you want to verify SSL certificate for the task, click the SSL Cerificate Verification field.
    • Retry Count : Enter the number of attempts the system performs to create a task after each failure. By default, the retry count is zero. It implies that the task creation procedure stops after the first attempt.
    • Retry Interval : Enter the time interval in seconds for each retry if the task fails.
    • Headers : In the Header area, enter the HTTP header key and value in the Key and Value fields respectively. If you want to publish the HTTP header key and value pair as secret, click the Secrets fields.
    • Response Code : Enter the response code for the selected response status.
    • Response Status : Select either Success or Failure as the response status for the task.
    • Set Response Path for Variable : Enter the variables from the specified response path. The example of json format is $.x.y and xml format is //x/y. For example, if the response path for variable is $.[*].display for response.
      [
          {
              "display": "HTML Tutorial",
              "url": "https://www.w3schools.com/html/default.asp"
          },
          {
              "display": "CSS Tutorial",
              "url": "https://www.w3schools.com/css/default.asp"
          },
          {
              "display": "JavaScript Tutorial",
              "url": "https://www.w3schools.com/js/default.asp"
          },
          {
              "display": "jQuery Tutorial",
              "url": "https://www.w3schools.com/jquery/default.asp"
          },
          {
              "display": "SQL Tutorial",
              "url": "https://www.w3schools.com/sql/default.asp"
          },
          {
              "display": "PHP Tutorial",
              "url": "https://www.w3schools.com/php/default.asp"
          },
          {
              "display": "XML Tutorial",
              "url": "https://www.w3schools.com/xml/default.asp"
          }
      ]
      Then, during the launch time the list options are ["HTML Tutorial","CSS Tutorial","JavaScript Tutorial","jQuery Tutorial","SQL Tutorial","PHP Tutorial","XML Tutorial"].
  14. Optionally, enter a label and description for the variable.
  15. Optionally, do the following:
    • Mark this variable private : Select this to make the variable private. Private variables are not shown at luanch or in the application.
    • Mark this variable mandatory : Select this to make the variable a requisite for application launch.
    • Validate with Regular Expression : Select this if you want to test the Regex values. Click Test Regex , provide the value for the Regex, and test or save the Regex. You can enter Regex values in PCRE format. For more details, see from http://pcre.org/.
  16. Click Save on the Blueprint Editor page.

What to do next

After you added the application profile and its variables, you can create actions in the profile. For more information, see Adding an Action to a Multi-VM Blueprint.

Blueprint Configurations in Calm

Blueprint configuration involves adding tasks, actions, snapshot and restore configurations, and VM update configurations.

Configuring a Blueprint

Perform the following procedure to configure a blueprint.

Procedure

  1. Click the Blueprint icon in the left pane.
    The Blueprint page displays the list of all the available blueprints.
  2. Click the blueprint that you want to configure.
    The blueprint editor page is displayed.
  3. Click Configuration .
    The Blueprint Configuration window is displayed.
  4. In the Blueprint Name field, enter a name of the blueprint.
  5. In the Blueprint Description field, enter a brief description about the blueprint.
  6. Click + against the Downloadable Image Configuration field and configure the following:
    1. In the Package Name field, enter the name of the package.
    2. In the Description field, enter a brief description about the package.
    3. In the Image Name field, enter the name of the image.
    4. In the Image Type list, select the type of image.
    5. In the Architecture list, select the architecture.
    6. In the Source URI field, enter the source URI to download the image.
  7. In the Product Name field, enter the name of the product.
  8. In the Product Version field, enter the version of the product.
  9. Click one of the following:
    • To save the configuration, click Save .
    • To go back to the previous screen, click Back .

Adding Credentials

Credentials are used to authenticate a user to access various services in Calm. Calm supports static and dynamic credentials with key-based and password-based authentication methods.

Procedure

  1. To add a credential, do one of the following:
    • To add a credential in a single-VM blueprint, click Add/Edit Credentials on the Advanced Options tab and then click + Add Credentials .
    • To add a credential in a multi-VM blueprint or a brownfield application, click Credentials on the Blueprint Editor page and then click Credentials + .
    • To add a credential in a task, click Add New Credential in the Credential list.
  2. In the Name field, type a name for the credential.
  3. Under the Type section, select the type of credential that you want to add.
    • Static : Credentials store keys and passwords in the credential objects that are contained in the blueprints.
    • Dynamic : Credentials fetch keys and passwords from an external credential store that you integrate with Calm as the credential provider.
  4. In the Username field, type the user name.
    For dynamic credentials, specify the @@(username)@@ that you defined while configuring the credential provider.
    Note: A dynamic credential provider definition requires username and secret. The secret variable is defined by default when you configure your credential provider. However, you must configure a runbook in the dynamic credential provider definition for the username variable before you use the variable in different entities.
  5. Select either Password or SSH Private Key as the secret type.
  6. Do one of the following to configure the secret type.
    • If you selected Static as the credential type and Password as the secret type, then type the password in the Password field.
    • If you selected Static as the credential type and SSH Private Key as the secret type, then enter or upload the key in the SSH Private Key field.
    • If you selected Dynamic as the credential type and Password or SSH Private Key as the secret type, then select a credential provider in the Provider field. After you select the provider, verify or edit the attributes defined for the credential provider.
    If the private key is password protected, click +Add Passphrase to provide the passphrase. For dynamic credentials, you must configure a runbook in the dynamic credential provider definition for the passphrase variable and then use the @@{passphrase}@@ variable.
    The type of SSH key supported is RSA. For information on how to generate a private key, see Generating SSH Key on a Linux VM or Generating SSH Key on a Windows VM.
  7. If you want this credential as your default credential, select the Use as default check box.
  8. Click Done to add the credential.

Configuring Check Log-In

You configure a check log-in task to check whether you are able to SSH into the VM you create. Perform the following steps to configure check log-in.

Procedure

  1. Under Connection , select the Check log-in upon create check box to check the log on status after creating the VM.
  2. In the Credential list, select Add New Credential to add a new credential and do the following:
    1. Enter a name for the credential in the Name field.
    2. Select the type of credential you want to add under the Type section. Your options are:
      • Static : Credentials store keys and passwords in the credential objects that are contained in the blueprints.
      • Dynamic : Credentials fetch keys and passwords from an external credential store that you integrate with Calm as the credential provider.
    3. Enter the user name in the Username field.
      For dynamic credentials, specify the @@(username)@@ that you defined while configuring the credential provider.
      Note: A dynamic credential provider definition requires username and secret. The secret variable is defined by default when you configure your credential provider. However, you must configure a runbook in the dynamic credential provider definition for the username variable to use in different entities.
    4. Select either Password or SSH Private Key as the secret type.
    5. Do one of the following to configure the secret type.
      • If you selected Static as the credential type and Password as the secret type, then type the password in the Password field.
      • If you selected Static as the credential type and SSH Private Key as the secret type, then enter or upload the key in the SSH Private Key field.
      • If you selected Dynamic as the credential type and Password or SSH Private Key as the secret type, then select a credential provider in the Provider field. After you select the provider, verify or edit the attributes defined for the credential provider.
      If the private key is password protected, click +Add Passphrase to provide the passphrase. For dynamic credentials, you must configure a runbook in the dynamic credential provider definition for the passphrase variable and then use the @@{passphrase}@@ variable.
      The type of SSH key supported is RSA. For information on how to generate a private key, see Generating SSH Key on a Linux VM or Generating SSH Key on a Windows VM.
    6. If you want this credential as your default credential, select the Use as default check box.
    7. Click Done .
  3. Select address from the Address list.

    You can either select the public IP address or private IP address of a NIC.

  4. Select the connection from the Connection Type list.
    Select SSH for Linux or Windows (Powershell) for Windows.
    If you selected Windows (Powershell) , then select the protocol from the Connection Protocol list. You can select HTTP or HTTPS .
    The Connection Port field is automatically populated depending upon the selected Connection Type . For SSH, the connection port is 22 and for PowerShell the connection port is 5985 for HTTP and 5986 for HTTPS.
  5. Enter the delay in seconds in the Delay field.

    Delay timer defines the time period when the check login script is run after the VM starts. It allows you to configure the delay time to allow guest customization script, IP, and all other services to come up before running the check login script.

  6. In the Retries field, enter the number of log-on attempts the system must perform after each log on failure.
  7. To save the blueprint, click Save .

Tasks Overview

Tasks are part of your deployment creation process and are run one after the other. The tasks are used to perform a variety of operations such as setting up your environment, installing a set of software on your service, and so on.

You have the following basic types of tasks.

  • Execute: Used to run eScripts on a VM. For more information, see Creating an Execute Task.
  • Set variable: Used to change variables in a task. For more information, see Creating a Set Variable Task.
  • HTTP: Used to query REST calls from a URL. For more information, see Creating an HTTP Task.
  • Delay: Used to set a time interval between two tasks or actions. For more information, see Creating a Delay Task.

Pre-reate and Post-delete Tasks

Pre-create tasks are actions that are performed before a service is provisioned in a blueprint. For example, if you want to assign static IP addresses to your VMs by using IPAM service, you can create and run a pre-create task to receive the IP addresses before the service is provisioned. The pre-create task helps to restrict the broadcast traffic to receive the IP addresses for those VMs during the service provision.

Post-delete tasks are actions that are performed after you delete a service in a blueprint. For example, if you want to delete the assigned IP addresses from your VMs, you can add a post-delete task to delete the IP addresses after the service is deleted. The post-delete task helps to restrict the broadcast traffic to delete the IP addresses for those VMs during the service provision.

Creating an Execute Task

You can create the Execute task type to run scripts on the VM.

About this task

Use this procedure to create an Execute task.

Procedure

  1. In the Script Type list, select one of the following:
    • Shell
    • EScript
    • Powershell
    For Shell, PowerShell, and eScript scripts, you can access the available list of macros by using @@{ .
    Note: You can use macro expansions for variables used for eScripts.
    For sample eScripts , see Supported eScript Modules and Functions. For sample Powershell scripts, see Sample Powershell Script.
  2. If you have selected the script type as Shell or Powershell , do the following:
    1. In the Endpoint list, select an endpoint for the task or click Add New Endpoint to create an endpoint. For more information about creating an endpoint, see Creating an Endpoint.
    2. In the Credential list, select an existing credential or click Add New Credential to add a credential. For more information about adding a credential, see Adding Credentials.
    3. Enter the install or uninstall script in the Script panel.
      For example, see Sample Scripts for Installing and Uninstalling Services.
      You can also upload a script by clicking the upload icon.
    4. If you want to test the script in Calm playground, click Test Script .
      Calm playground allows you to test a script by running and reviewing the output and making required changes.
      The Test Script page is displayed.
    5. On the Authorization tab, enter the following fields:
      • IP Address : Enter the IP address of the test machine.
      • Port : Enter the port number of the test machine.
      • Select tunnel to connect with (Optional) : Select the tunnel to get access to the VMs within the VPC.
      • Credential : Select the credential from the list.
      • User name : Enter a user name.
      • Password : Enter a password.
    6. Click Login and Test .
      The Test script page is displayed.
      You can also view your script in the Source Script field.
    7. (Optional) You can edit your script in the Source Script field.
    8. If you are using macros in your script, provide the variable values in the macro inspector panel and click Assign and Test .
    9. Click Test .
      The test result is displayed in the Output field.
    10. To go back to the previous screen, click Done .
  3. If you have selected the script type as EScript , do the following:
    1. In the Select tunnel to connect with list, select a tunnel to access VMs in the VPC. This step is optional.
    2. In the Script field, enter the script.
      You can also upload a script by clicking the upload icon.
    3. Click Test Script .
      The Test EScript page is displayed.
      You can also view your script in the Source Script field.
    4. If you are using macros in your script, provide the variable values in the macro inspector panel and click Assign and Test .
    5. To test the script, click Test .
      The test result is displayed in the Output field.
    6. To go back to the previous screen, click Done .
  4. To publish this task to the task library, click Publish to Library .
    The task is published to the Library and you can browse and use the task while creating a blueprint.

Creating a Set Variable Task

You can create a Set Variable task type to change variables in a blueprint.

About this task

Use this procedure to create a Set Variable task.

Procedure

  1. In the Script Type list, select one of the following:
    • Shell
    • Powershell
    • EScript
    For Shell, Powershell, and EScript scripts, you can access the available list of macros by using @@{ .
    For sample Escripts , see Supported eScript Modules and Functions. For sample Powershell scripts, see Sample Powershell Script.
  2. If you have selected the script type as Shell or Powershell , do the following:
    1. In the Endpoint list, select an endpoint for the task or click Add New Endpoint to create an endpoint. For more information about creating an endpoint, see Creating an Endpoint.
    2. In the Credential list, select an existing credential or click Add New Credential to add a credential. For more information about adding a credential, see Adding Credentials.
  3. If you have selected the script type as EScript , then select a tunnel to access VMs in the VPC in the Select tunnel to connect with list. This step is optional.
  4. Enter the install or uninstall script in the Script panel.
    For example, see Sample Scripts for Installing and Uninstalling Services.
  5. In the Output field, enter the name of the variable that you have defined through the set variable task.
    If you are setting multiple variables, enter the variable name for each of the variables by clicking the Output field.
  6. To publish this task to the task library, click Publish to Library .
    The task is published to the Library and you can browse and use the task while creating a blueprint.

Creating an HTTP Task

You can create an HTTP task type to query REST calls from a URL. An HTTP task supports GET, PUT, POST, and DELETE methods.

About this task

Note: You can use macro expansions for variables used in an HTTP task.

Procedure

  1. In the Request URL field, enter the URL of the server that you want to run the methods on.
  2. In the Select tunnel to connect with list, select a tunnel to access VMs in the Virtual Private Cloud (VPC). This step is optional.
  3. In the Request Method list, select one of the following request methods.
    • GET : Use this method to retrieve data from a specified resource.
    • PUT : Use this method to send data to a server to update a resource. In the Request Body field, enter the PUT request. You can also upload the put request by clicking the upload icon.
    • POST : Use this method to send data to a server to create a resource. In the Request Body field, enter the POST request. You can also upload the post request by clicking the upload icon.
    • DELETE : Use this method to send data to a server to delete a resource. In the Request Body field, enter the DELETE request. You can also upload the delete request by clicking the upload icon.
  4. In the Content Type list, select the type of the output format.
    The available options are XML , JSON , and HTML .
  5. In the Header area, enter the HTTP header key and value in the Key and Value fields respectively.
  6. If you want to publish the HTTP header key and value pair as secret, click the Secrets fields.
  7. In the Connection Time Out field, enter the timeout interval in seconds.
  8. Optionally, in the Authentication field, select Basic and do the following:
    1. In the Username field, enter the user name.
    2. In the Password field, enter the password.
  9. If you want to verify SSL certificate for the task, click the SSL Cerificate Verification field.
  10. If you want to use a proxy server as configured in the Prism Central, click the Use PC Proxy configuration .
    Note: Ensure that the Prism Central has the appropriate HTTP proxy configuration.
  11. In the Retry Count field, enter the number of attempts the system performs to create a task after each failure.
    By default, the retry count is zero. It implies that the task creation procedure stops after the first attempt.
  12. In the Retry Interval field, enter the time interval in seconds for each retry if the task fails.
  13. In the Expected Response Options area, enter the details for the following fields:
    • Response Status : Select either Success or Failure as the response status for the task.
    • Response Code : Enter the response code for the selected response status.
    Note: If the response code is not defined, then by default all the 2xx response codes are marked as success and any other response codes are marked as failure.
    • Set Variables from response : Enter the variables from the specified response path. The example of json format is $.x.y and xml format is //x/y . For more information about json path syntax, see http://jsonpath.com.
      Note: To retrieve the output format in HTML format, add a * in the syntax.
  14. If you want to test the script in Calm playground, click Test script .
    Calm playground allows you to test a script by running and reviewing the output and making required changes.
    The Test Script page is displayed. You can also edit the fields described from step 1–11.
  15. Click Test .
    The test result is displayed in the Output field .
  16. To publish this task to the task library, click Publish to Library .
    The task is published to the Library and you can browse and use the task while creating a blueprint.

Creating a Delay Task

You can create a Delay task type to set a time interval between two tasks or actions.

Procedure

In the Sleep Interval field, enter the sleep time interval in seconds for the task.
The delay task type is created. You can use the task type to set a time interval between two tasks or actions.

Adding a Pre-create or Post-delete Task

Pre-create tasks are actions that are performed before a service is provisioned in a blueprint. Post-delete tasks are actions that are performed after you delete a service in a blueprint.

Procedure

  1. In the Overview Panel, under the service in which you want to add the task, expand VM , and then click Pre-create or Post-delete .
    Figure. Pre-create or Post-delete Task Click to enlarge Pre-create and Post-delete Task

  2. In the Blueprint Canvas, click + Task for the pre-create or post-delete.
  3. In the Inspector Panel, do the following:
    1. Enter the task name in the Task Name field.
    2. Select the type of tasks from the Type list.
      • Execute : Use this task type to run eScripts on the VM. To create the Execute task type, see Creating an Execute Task.
      • Set Variable : Use this task to change variables in a blueprint. To create the Set Variable task type, see Creating a Set Variable Task.
      • HTTP : Use this task type to query REST calls from a URL. An HTTP task supports GET, PUT, POST, and DELETE methods. To create the HTTP type, see Creating an HTTP Task.
      • Delay : Use this task type to set a time interval between two tasks or actions. To create the Delay task type, see Creating a Delay Task.
    3. To use tasks from the library, click Browse Library , select the task in the Browse Task from Library page, and click Select . This step is optional.
    4. Click Publish to Library to publish the task you configured to your task library. This step is optional.
  4. Click Save .

Actions Overview

Actions are flows to accomplish a particular task on your application. You can use actions to automate any process such as backup, upgrade, new user creation, or clean-up and enforce an order of operations across services.

You can categorize actions into the following types.

Table 1. Action Types
Type Description
Profile Actions Application Profile Actions are a set of operations that you can run on your application. For example, when you launch a blueprint, the Create action is run. When you do not need the application for a period of time, you can run the Stop action to gracefully stop your application. When you are ready to resume your work, you can run Start action to bring the application back to the running state.

You have the following types of profile actions.

  • System-defined Profile Actions

    These actions are automatically created by Calm in every blueprint and the underlying application. Because these actions are system-defined, a blueprint developer cannot directly edit the tasks or the order of tasks within the action.

  • Custom Profile Actions

    These actions are created by the blueprint developer and are added whenever the developer needs to expose a set of operations to the application user. Common custom profile actions are Upgrade, Scale In, and Scale Out. In these actions, individual tasks can be manually added in the desired order by the developer.

Service Actions Service Actions are a set of operations that are run on an individual service. These actions cannot be run directly by the application user but can be run indirectly using either a profile actions or a package install or uninstall operation.

Services span application profiles. For example, if you create a service action in the AHV profile, the same service action is available in the AWS profile as well.

You have the following types of service actions.

  • System-defined Service Actions

    These actions are automatically created by Calm in every blueprint and the underlying application. These actions cannot be run individually and are run only when the corresponding profile action is run. For example, any operations within the Stop service action are run when an application user runs the Stop profile action.

  • Custom Service Actions

    These actions are created by the blueprint developer for any repeatable operations within the blueprint. For example, if the App service should fetch new code from git during both the Create and Upgrade profile actions, the blueprint developer can create a single custom service action. The developer can then reference the action in both the Create and Upgrade actions rather than maintaining two separate tasks that perform the same set of operations.

Custom Actions

The following are the most common custom actions that developers add to their blueprints:

Table 2. Custom Actions
Custom Action Description
Scale In The scale-in functionality enables you to decrease the number of replicas of a service deployment. The number of instances to be removed from a service for each scale-in action is defined in the blueprint while configuring the task in the profile level action.

The scale count number must be less than or equals to the minimum number of replicas defined for the service. The VM that is created last is deleted first.

For information on how to configure scale in, see Adding and Configuring Scale Out and Scale In.

Scale Out The scale out functionality enables you to increase the number of replicas of a service deployment. The number of instances to be added to a service for each scale-out action is defined in the blueprint while configuring the task in the profile level action.

The scale count number must be less than or equals to the maximum number of replicas defined for the service.

For information on how to configure scale out, see Adding and Configuring Scale Out and Scale In.

For information about how to create an action, see Adding an Action to a Multi-VM Blueprint and Adding an Action to a Single-VM Blueprint.

Adding an Action to a Single-VM Blueprint

An action is a set of operations that you can run on your application that are created as a result of running a blueprint.

Before you begin

  • Ensure that you set up your single-VM blueprint. For more information, see Setting up a Single-VM Blueprint.
  • Ensure that you added the VM details to your blueprint. For more information, see Adding VM Details to a Blueprint.
  • Ensure that you configured the VM in your blueprint. For more information, see VM Configuration.
  • Ensure that you added credentials to enable packages and actions. For more information, see Adding Credentials.

Procedure

  1. To add an action, click the + Add action next to Actions .
    Figure. Blueprint Action Click to enlarge

  2. To change the action name, click the edit icon on the Tasks tab.
    Figure. Add Action Click to enlarge

  3. Click the + Add Task button.
  4. In the Blueprint Canvas, select the task and do the following in the Inspector Panel.
    1. Enter the name of the task in the Task Name field.
    2. Select the type of the task from the Type list.
      • Execute : Use this task type to run eScripts on the VM. To create the Execute task type, see Creating an Execute Task.
      • Set Variable : Use this task to change variables in a blueprint. To create the Set Variable task type, see Creating a Set Variable Task.
      • HTTP : Use this task type to query REST calls from a URL. An HTTP task supports GET, PUT, POST, and DELETE methods. To create the HTTP type, see Creating an HTTP Task.
      • Delay : Use this task type to set a time interval between two tasks or actions. To create the Delay task type, see Creating a Delay Task.
    3. (Optional) To use tasks from the library, click Browse Library , select the task in the Browse Task from Library page, and click Select .
    4. (Optional) Click Publish to Library to publish the task you configured to your task library.
  5. Click Done .

Adding an Action to a Multi-VM Blueprint

An action is a set of operations that you can run on your application that are created as a result of running a blueprint.

Before you begin

  • Ensure that you have at least one service available. See Adding a Service.
  • Ensure that you have completed the pre-configuration requirements. See Creating a Multi-VM Blueprint.

Procedure

  1. To add an action, click the + icon next to Actions in the Overview Panel.
    Figure. Blueprint Action Click to enlarge Actions

  2. In the Blueprint Canvas, select + Action for the service, and do the following in the Inspector Panel.
    1. Enter the task name in the Task Name field.
    2. Select the action from the Service Actions list.
    3. Click Save .
  3. In the Blueprint Canvas, select + Task and do the following in the Inspector Panel.
    Figure. Task Click to enlarge Task

    1. Enter the name of the task in the Task Name field.
    2. Select the type of the task from the Type list.
      You can select Execute or Set Variable .
    3. Select the script from the Script Type list and enter the script in the Script field.
      You can select Shell , EScript , or Powershell .
      Note: To view the supported list of eScript modules and functions, refer to Supported eScript Modules and Functions.
      For the Shell and eScript scripts, you can access the available list of macros by using @@{ .
      When you select the Shell and Powershell script, you can optionally select or add an endpoint. You can also select or add credentials.
      You can click Publish to Library to publish the task you configured to your task library.
    4. Enter the output of the script in the Output field.
    5. Click Save on the Blueprint Editor page.

Adding and Configuring Scale Out and Scale In

Perform the following procedure to add and configure the Scale Out and Scale In task.

Procedure

  1. Add a service. See Adding a Service.
  2. Configure VM, Package and Service. See Configuring Nutanix and Existing Machine VM, Package, and Service.
  3. Add an Application profile. See Adding and Configuring an Application Profile.
  4. In the Overview Panel, under Application Profile , click the + icon next to Actions.
    Figure. Scale In and Scale Out Click to enlarge

  5. In the Blueprint Canvas, below the service inspector, click + Task .
  6. In the Inspector Panel, enter the name of the task in the Task Name field.
  7. Select Scale In or Scale Out from the Scaling Type list.
  8. Enter the number in the Scaling Count field.
    The Scaling out and Scaling in number should be less than the minimum and maximum number of replicas defined for the service.
  9. Click Save .

What to do next

You can run the scale-in or scale-out tasks on the Applications page. To do that, you first have to launch the blueprint and then click the Applications icon to view the created application on the Application page. You can run the scale in or scale out on the Manage tab of the application.

Blueprint Configuration for Snapshots and Restore

The snapshot and restore feature allows you to create a snapshot of a virtual machine at a particular point in time and restore from the snapshot to recreate the application VM from that time. You can configure snapshot and restore for both single-VM and multi-VM applications on a Nutanix platform. All you need to do is to add the snapshot/restore configuration to the blueprint. Adding the configuration generates separate profile actions for snapshot and restore to which you can add further tasks and actions.

For VMware, AWS, and Azure platforms, the snapshot and restore feature is available by default only to the single-VM applications.

For more information on blueprint configuration for snapshots, see Configuring Single-VM Blueprints with Nutanix for Snapshots and Configuring Multi-VM Blueprints on Nutanix for Snapshots.

Configuring Single-VM Blueprints with Nutanix for Snapshots

The snapshot/restore action for single-VM applications with Nutanix is no longer available by default. To enable snapshot, you must add a snapshot/restore configuration to the single-VM blueprint. You can configure to create snapshots locally or on a remote cluster. Snapshot and restore is a paired action in a blueprint and are always managed together.

About this task

The snapshot/restore configuration generates separate application profile actions for snapshot and restore. These actions also allow you to add more tasks and actions as part of the snapshot and restore configuration. For example, shutting down the application and the VM before creating the snapshot or restarting the VM before a restore. You can access these actions from the Manage tab of the Applications page.

Before you begin

  • Ensure that you set up your single-VM blueprint. For more information, see Setting up a Single-VM Blueprint.
  • Ensure that you added the VM details to your blueprint. For more information, see Adding VM Details to a Blueprint.
  • Ensure that you configured the VM in your blueprint. For more information, see VM Configuration.
  • Ensure that you added credentials to enable packages and actions. For more information, see Adding Credentials.
  • Ensure that you created the required snapshot policy. You associate snapshot policies when you launch the blueprint configured for snapshot and restore. For more information about creating snapshot policy, see Creating a Snapshot Policy.

Procedure

  1. On the Advanced Options tab, next to Snapshot/Restore, click the + Add Snapshot/ Restore Config option.
    Figure. Snapshot Config Click to enlarge

  2. In the Add Snapshot and Restore window, do the following:
    1. Enter the suffix that you want to associate to the snapshot/restore profile action.
    2. Enter a name for the snapshot in the Snapshot Name field.
      You can use Calm macros to provide a unique name to the snapshot whenever they are generated. For example, snapshot-@@{calm_array_index}@@-@@{calm_time}@@ .
    3. Under the Snapshot Location section, select Local or Remote Cluster to specify whether this configuration should manage your snapshots locally or on a remote cluster.
    4. Select the Delete older VM after restore check box to delete the older VM after the service is restored from the snapshot.
    5. Click Save .
      Saving the configuration generates separate profile actions for snapshot and restore.
  3. On the Advanced Options tab, click Edit next to the snapshot or restore action to edit the configuration or add tasks. For more information about adding a task, see Configuring Tasks or Packages in a Blueprint.

What to do next

  • You can launch the blueprint after associating snapshot policies and rules. For more information, see Launching a Blueprint.
  • You can access the create snapshots from the Manage tab on the Applications page. For more information, see Creating Snapshots on a Nutanix Platform.

Configuring Multi-VM Blueprints on Nutanix for Snapshots

You can configure the snapshot/restore action in a blueprint on Nutanix account to create snapshots locally or on a remote cluster. Snapshot/restore is a paired action for a particular service in a blueprint and are always managed together.

About this task

The snapshot/restore definition of a service generates snapshot configuration and its corresponding restore configuration. You can use these configurations to modify your snapshot and restore setup.

The snapshot/restore configuration generates separate application profile actions for snapshot and restore. These actions allow you to add more tasks and actions as part of the snapshot and restore configuration. For example, shutting down the application and the VM before creating the snapshot or restarting the VM or services before a restore. You can access these actions from the Manage tab of the Applications page to create or restore snapshots.

Before you begin

  • Ensure that you have completed the pre-configuration requirements. For more information, see Creating a Multi-VM Blueprint.
  • Ensure that you have at least one service available. For more information, see Adding a Service.
  • Ensure that you create the required snapshot policy. You associate snapshot policies when you launch the blueprint configured for snapshot and restore. For more information about creating snapshot policy, see Creating a Snapshot Policy.

Procedure

  1. In the Overview Panel, expand the service to which you want to add the snapshot and restore action.
  2. Click the + icon next to Snapshot/Restore .
    Figure. Multi-VM Snapshot Click to enlarge

  3. In the Add Snapshot and Restore window, do the following:
    Figure. Multi-VM Snapshot Options Click to enlarge

    1. Enter the suffix that you want to associate to the snapshot/restore profile action.
    2. Enter a name for the snapshot in the Snapshot Name field.
      You can use Calm macros to provide a unique name to the snapshot whenever they are generated. For example, snapshot-@@{calm_array_index}@@-@@{calm_time}@@ .
    3. Under the Snapshot Location section, select Local or Remote Cluster to specify whether this configuration should manage your snapshots locally or on a remote cluster.
    4. In case of multiple replicas of the service, do one of the following:
      • Select Take snapshot of the first replica only to take snapshot of only the first replica.
      • Select Take snapshot of the entire replica set to take snapshot of the entire replica set.
    5. Select the Delete older VM after restore check box to delete the older VM after the service is restored from the snapshot.
    6. Click Save .
      Saving the configuration generates separate profile actions for snapshot and restore.
  4. To view and edit the snapshot and restore configurations, expand the corresponding Snapshot/Restore under the service.
    You can click the configuration to view the details in the Inspector Panel or make any changes to the configuration.
  5. To view the profile actions for snapshot and restore or add more tasks and actions as part of snapshot and restore configuration, expand the Application Profile section.

What to do next

  • You can add more tasks and actions to the snapshot and restore application profiles. For more information, see Adding an Action to a Multi-VM Blueprint.
  • You can launch the blueprint after associating snapshot policies and rules. For more information, see Launching a Blueprint.
  • You can create snapshots from the Manage tab on the Applications page. For more information, see Creating Snapshots on a Nutanix Platform.

Update Configuration for VM

The update configuration feature allows you to update virtual machines of running applications on Nutanix to a higher or lower configuration. Using this feature, you can modify VM specifications such as the vCPU, memory, disks, networking, or categories (tags) of a running application with minimal downtime. You no longer have to create new blueprints or approach your IT administrator to modify VM resources.

To update configurations of a running application VM, you need to perform the following actions:

  • Add an update configuration to the application blueprint.
  • Launch the update configuration
Figure. Update Configurations Click to enlarge

Add Update Configuration in the Blueprint

As a blueprint developer, you can add update configurations for a service in the blueprint. These update configurations are at the parallel level of application profile actions and can be executed individually for a particular service. As part of the configuration, you can do the following:

  • Specify the change factor (increase, decrease, or provide a definitive value) for VM configurations (vCPU, cores per vCPU, and memory). You can provide a minimum or maximum limit for each component based on the change factor you select and allow blueprint consumers to edit components during updates.

    For example, consider a case where the original vCPU value in the blueprint is 4. You then add a change factor to the update configuration to increase the vCPU by 1 with a maximum limit of 5. When this update is launched, you can run the action only once to increase the vCPU to 5. Once the VM is upgraded to 5 vCPU, you cannot add any more vCPUs to the VM.

  • Add disks with a minimum and maximum limit for each disk. You can allow blueprint users to edit the disk size during updates until the value reaches the maximum or minimum limit. You can also allow blueprint users to remove existing vdisks from the VM.
  • Add categories (tags) to the running VM.
  • Add NICs to the VM or allow blueprint consumers to remove NICs. You can only add those NICs that belong to the same cluster and remove only those NICs that are not used to provide the address. You can also allow consumers to choose the desired subnet during updates.

The update configuration generates the corresponding action where you can add tasks to define how you want to execute the update.

For more information about adding update configuration to a blueprint, see Adding an Update Configuration to Single-VM Blueprints and Adding an Update Configuration to Multi-VM Blueprints.

Launch Update Configuration

You can update VM specifications from the Manage tab of applications on Nutanix. For more information, see Update VM Configurations of Running Applications.

Adding an Update Configuration to Single-VM Blueprints

As a blueprint developer, you can add an update configuration to a single-VM application blueprint.

About this task

The update configuration feature allows you to update the virtual machine of a running single-VM application to a higher or lower configuration. For more information, see Update Configuration for VM.

Before you begin

  • Ensure that you set up your single-VM blueprint. For more information, see Setting up a Single-VM Blueprint.
  • Ensure that you added the VM details to your blueprint. For more information, see Adding VM Details to a Blueprint.
  • Ensure that you configured the VM in your blueprint. For more information, see VM Configuration.

Procedure

  1. On the Advanced Options tab, next to Update Configs, click the + Add Config option.
  2. On the Update Configs page, click the edit icon next to the update config name to change the name of the configuration.
  3. Under the VM Configuration section, select a change factor for the attributes and specify the value for the selected factor. To do that:
    1. View the current value of vCPUs, No. of Cores, and Memory (GiB) in the Current Value column.
    2. Click Update for the attribute that you want to update.
      Figure. Single-VM Update Config Options Click to enlarge

    3. Select a value in the Operation list for the attribute. You can select Increase , Decrease , or Equal .
      For example, if the original vCPU value in the blueprint is 4 and you want to increase the vCPU by 1, then select Increase in the Operation list.
      Note: The update value is relative to the current value when you select Increase or Decrease . The update value is absolute when you select Equal .
    4. Specify an update value in the Update column based on the Operation value you selected.
      For example, if the original vCPU value in the blueprint is 4 and you want to increase the vCPU by 1, then enter 1 in the Update field.
    5. Specify the limit value to which the configuration of an attribute can be updated in the Min Value or Max Value column.
      For example, if the original vCPU value in the blueprint is 4 and you want to increase the vCPU to a maximum limit of 6, then specify 2 in the Max Value column. THe vCPU of the VM can be updated until its value reaches 6vCPU. After the VM reaches 6 vCPU, more vCPUs cannot be added to the VM.
      You can also enable the Editable toggle button of an attribute to allow your users to change its value within the limits you specify in the Min Value or Max Value column during the launch of the update.
  4. Under the Disks section, do the following:
    1. To add vdisk to the update configuration, click the + icon next to Add/Edit vDisks to this VM .
    2. Select the device type and the device bus.
    3. To define the disk size, specify the value for the vdisk size in the Value field.
      You can enable the Editable toggle button and specify the Min Value and Max Value for the vdisk.
    4. To allow your users to remove existing vdisks from the VM during the launch of the update, click Advanced Settings and select the Allow users to remove existing vDisks check box.
  5. Under the Categories section, do the following:
    1. To add to the update configuration, select the categories in the Key: Value list.
      Note: The categories you select must have the default SSH port (port 22) open in the security policies.
    2. To allow your users to remove existing categories during the launch of the update, click Advanced Settings and select the Allow users to remove existing categories check box.
    3. To allow your users to add new categories during the launch of the update, select the Allow users to add new categories check box.
  6. Under the Network Adapters section, do the following:
    1. To add more NICs to the update configuration, click the + icon next to Add/Edit NICs to this VM and select the NIC from the list.
      The NICs of a VM can either use VLAN subnets or overlay subnets. For example, if an overlay subnet is selected for NIC 1 and you want to add NIC 2, the NIC 2 list displays only the overlay subnets.
      If you selected a VLAN subnet in NIC 1, any subsequent VLAN subnets belong to the same cluster. Similarly, if you select an overlay subnet, all subsequent overlay subnets belong to the same VPC.
      You can enable the Editable toggle button to allow your users to choose the desired subnet during the launch of the update.
    2. To allow your users to remove existing NICs during the launch of the update, click Advanced Settings and select the Allow users to remove existing NICs check box.
  7. To add variables to the update configuration, click the Variables tab and then the + icon next to Variables .
  8. Click Done to save the update configuration.
    Saving the update config generates the Config component. The Config component lets you open the Update Config window to edit the update configuration.
  9. On the Advanced Options tab, click Save to save the blueprint and to generate the corresponding action for the update configuration.
  10. Click Edit next to the configuration to add more tasks to the update configuration.

Adding an Update Configuration to Multi-VM Blueprints

As a blueprint developer, you can add an update configuration for a service to a multi-VM application blueprint.

About this task

The update configuration feature allows you to update virtual machines of running multi-VM applications to a higher or lower configuration. For more information, see Update Configuration for VM.

Procedure

  1. Click the Blueprint icon in the left pane.
    The Blueprint page appears.
  2. Do one of the following:
    • To add an update configuration to a new blueprint, select Multi VM/Pod Blueprint from the + Create Blueprint list, and create a blueprint. For more information, see Creating a Multi-VM Blueprint.
    • To add an update configuration to an existing blueprint, click the blueprint name to open the blueprint editor.
  3. Ensure that you have added the service to which you want to add the update configuration. For more information about adding a service, see Adding a Service.
  4. In the Overview Panel, click the + icon next to Update Config .
    Figure. Multi-VM Blueprint Update Config Click to enlarge

    The Update Config window appears.
  5. From the Select Service to Update list, select the service to which you want to add the update configuration.
    Figure. Update Config Options Click to enlarge

  6. In the Name the update configuration field, specify a name for the configuration.
  7. Under the VM Configuration section, select a change factor for the attributes and specify the value for the selected factor. To do that:
    1. View the current value of vCPUs, No. of Cores, and Memory (GiB) in the Current Value column.
    2. Click Update for the attribute that you want to update.
    3. Select a value in the Operation list for the attribute. You can select Increase , Decrease , or Equal .
      For example, if the original vCPU value in the blueprint is 4 and you want to increase the vCPU by 1, then select Increase in the Operation list.
      Note: The update value is relative to the current value when you select Increase or Decrease . The update value is absolute when you select Equal .
    4. Specify an update value in the Update column based on the Operation value you selected.
      For example, if the original vCPU value in the blueprint is 4 and you want to increase the vCPU by 1, then enter 1 in the Update field.
    5. Specify the limit value to which the configuration of an attribute can be updated in the Min Value or Max Value column.
      For example, if the original vCPU value in the blueprint is 4 and you want to increase the vCPU to a maximum limit of 6, then specify 2 in the Max Value column. THe vCPU of the VM can be updated until its value reaches 6vCPU. After the VM reaches 6 vCPU, more vCPUs cannot be added to the VM.
      You can also enable the Editable toggle button of an attribute to allow your users to change its value within the limits you specify in the Min Value or Max Value column during the launch of the update.
  8. Under the Disks section, do the following:
    1. To add vdisk to the update configuration, click the + icon next to Add/Edit vDisks to this VM .
    2. Select the device type and the device bus.
    3. To define the disk size, specify the value for the vdisk size in the Value field.
      You can enable the Editable toggle button and specify the Min Value and Max Value for the vdisk.
    4. To allow your users to remove existing vdisks from the VM during the launch of the update, click Advanced Settings and select the Allow users to remove existing vDisks check box.
  9. Under the Categories section, do the following:
    1. To add to the update configuration, select the categories in the Key: Value list.
      Note: The categories you select must have the default SSH port (port 22) open in the security policies.
    2. To allow your users to remove existing categories during the launch of the update, click Advanced Settings and select the Allow users to remove existing categories check box.
    3. To allow your users to add new categories during the launch of the update, select the Allow users to add new categories check box.
  10. Under the Network Adapters section, do the following:
    1. To add more NICs to the update configuration, click the + icon next to Add/Edit NICs to this VM and select the NIC from the list.
      You can enable the Editable toggle button to allow your users to choose the desired subnet during the launch of the update.
    2. To allow your users to remove existing NICs during the launch of the update, click Advanced Settings and select the Allow users to remove existing NICs check box.
  11. Click Done to save the update configuration.
    Saving the update config generates the Config component. The Config component lets you open the Update Config window to edit the update configuration.
  12. On the Blueprint Editor page, click Save to save the blueprint and generate the corresponding action for the update configuration.
    Saving the blueprint generates the Action component. The auto-generated Action component performs the start and stop of the service. You can also add tasks and actions to the component to define how you want your users to launch the update.

Blueprints Management in Calm

After you configure a blueprint, you can publish, unpublish, launch, or delete a blueprint.

Blueprint Publishing

Publishing a blueprint allows you to make the blueprint available at Marketplace, so that other users can use the published blueprint. Unpublishing a blueprint allows you to remove the blueprint from the Marketplace. For more information, see Submitting a Blueprint for Approval.

Blueprint Launching

Launching a blueprint allows you to deploy your application on the blueprint and start using it.

The blueprint launch page provides the following views:

Figure. Blueprint Launch Views Click to enlarge

  • View as Consumer : This view of the blueprint launch page displays only the editable fields that consumers require to launch a blueprint. When you design your blueprint for consumers with minimum configurations at runtime, use this view to get an idea about the blueprint launching experience of your consumers.

    Blueprints that are launched from the marketplace display only the fields that require inputs from consumers. Displaying only editable fields offers a simpler and easy launching experience for your consumers.

  • View as Developer : This view of the blueprint launch page displays all editable and noneditable fields that you configure for the blueprint. As a blueprint developer, you can switch between View as Consumer and View as Developer on the blueprint launch page.

    You can switch to View as Developer after you develop your blueprints to verify how you configured different fields and the launching experience the configuration will provide to your consumers.

For more information, see Launching a Blueprint.

Submitting a Blueprint for Approval

After you configure a blueprint, you can submit the blueprint to get an approval from the administrator. The administrator approves the blueprint and then publishes the blueprint at the marketplace for consumption.

Procedure

  1. Click the Blueprint icon in the left pane.
    The Blueprint page displays the list of all the available blueprints.
  2. Click the blueprint that you want to publish.
    The blueprint editor page is displayed.
  3. Click Publish .
    Figure. Publish Blueprint window Click to enlarge

    The Publish Blueprint window is displayed.
  4. If the blueprint is getting published for the first time, select New marketplace item and do the following.
    1. To publish the blueprint with secret variables, click the Publish with Secrets toggle-button.
    1. Enter the version number in the Initial Version field.
      Note: Ensure that the version number is in the x.x.x format.
    2. Enter the blueprint description in the Description field.
  5. If you want to revise a published blueprint version, select New version of an existing marketplace item and do the following.
    1. To publish the blueprint with secret variables, enable the Publish with Secrets button.
    2. Select the already published blueprint from the Marketplace Item list.
    3. Enter the version number in the Initial Version field.
      Note: Ensure that the version number is in the x.x.x format.
    4. Enter the blueprint description in the Description field.
    5. Enter the log changes in the Change Log field.
  6. If you want to upload an icon for the blueprint, click Change .
    1. Click Upload from computer to browse and select an image from your local machine.
    2. Click Open .
    3. Provide a name to the image in the Name of the Icon field.
    4. Click the right icon.
    5. Click Select & Continue .
    Note: User with administrator role can only upload an icon.
  7. Optionally, if you want to select an icon, already available in a blueprint, click the right icon.
  8. Optionally, to delete an icon, click the delete icon.
  9. Click Submit for Approval .
    The blueprint is submitted to the marketplace manager for approval. Your administrator can find the submitted blueprint on the Approval Pending tab of the Marketplace Manager page.

What to do next

You can request your administrator to approve and publish the blueprint to the marketplace. For more information about blueprint approval and publishing, see Approving and Publishing a Blueprint or Runbook.

Launching a Blueprint

You launch a blueprint to deploy an application on the blueprint and start using the application.

Before you begin

For blueprints on a Nutanix platform, ensure that you have created the snapshot policy. For more information about snapshot policy creation, see Creating a Snapshot Policy.

Procedure

  1. Click the Blueprint icon in the left pane.
    The Blueprint page is displayed.
  2. Click the blueprint that you want to launch.
    The blueprint details page is displayed.
  3. Click Launch .
    The blueprint launch page is displayed.
    Figure. Launch Blueprint Click to enlarge

  4. Enter a name for the application in the Application Name field.
  5. Enter a description for the application in the Application Description field.
  6. Select the environment from the Environment list.
    If you select an environment that is different from the account that you used for blueprint configuration, Calm updates all platform-dependant fields to match with the selected environment configuration.
    For example, you created the application blueprint using an account with an environment (ENV1) so that the platform-dependant fields are similar to ENV1. While launching the application blueprint, if you select a different environment (ENV2), Calm updates all platform-dependant fields to match with the ENV2 configuration.
  7. Select the application profile from the App Profile field.
    In case, any of the fields are marked runtime while creating the blueprint, those fields are editable and displayed here. To view the runtime variables, expand the service under VM Configurations .
  8. In the sections for the service configuration and credentials configuration, verify and edit the configuration requirements for your application services and credentials.
    Figure. Blueprint Launch - Service Configuration Click to enlarge Blueprint launching

    Use the View as Developer option at the top of the blueprint launch page to view all configuration fields.
    Note: The View as Consumer view displays only the editable fields while the View as Developer view displays all configuration fields for your services and credentials. As a developer, you can select the View as Developer to view the configuration details of all fields.
  9. If the blueprint is configured with a Nutanix account, do the following:
    1. Under Snapshot Configurations, select a snapshot policy in the Snapshot Policy list.
    2. Based on the policy you select, select a rule in the Select Local Rule or Select Remote Rule list.
      The Select Local Rule or Select Remote Rule list appears based on the Snapshot Location you defined in your blueprint. For more information, see Blueprint Configuration for Snapshots and Restore. The values in the list appear based on the snapshot policy you defined in the project and selected in the Snapshot Policy list. For more information, see Creating a Snapshot Policy. The values also depend on the VM categories you configured in your blueprint.
    The Snapshot Configuration section appears depending on the environment you select while launching the blueprint. If you select a specific environment, you must provide the snapshot policy and snapshot rule to launch the blueprint. The Snapshot Configuration section does not appear in case you select the environment with all project accounts for the launch.
    Note: Ensure that you have a valid NIC in the blueprint.
  10. Click Deploy .
    The system validates the provided platform-specific data against the selected provider and if the validation fails, an error message appears. To know more about the validation error, see Platform Validation Errors.

    If the validation is successful, the application is available under the Application tab.

Platform Validation Errors

When you enter the platform data that is invalid for a provider while creating a blueprint, you get a validation error. The following table details the invalid platform data for each provider.

Providers Invalid Platform Data
Nutanix Image, NIC List, and Categories.
GCP Machine Type, Disk Type, Network, SubNetwork, Source, Image, Zone, and Blank Disk.
AWS Vpc, Security Groups, and Subnets.
VMware Network name, NIC Type, NIC settings mismatch, Host, Template, Datastore, Datacenter, Storage Pod, and cluster.
Azure Image details (publisher, offer, sku, version), Custom image, Resource group, Availability Set Id, NIC List, Network Security group, Virtual Network Name, and Subnet Name.

The platform validation error message appears as displayed in the following image.

Figure. Platform validation error message Click to enlarge

Uploading a Blueprint

You can also upload configured blueprints to the Blueprints tab. Perform the following procedure to upload a blueprint.

Procedure

  1. Click the Blueprint icon in the left pane.
    The Blueprint page displays the list of all the available blueprints.
  2. Click Upload Blueprint .
    The browser window is displayed.
  3. Browse to the location of the saved blueprint and select the blueprint.
  4. Do one of the following.
    • Double-click the selected blueprint.
    • Select and click Open .
    Figure. Upload Blueprint Click to enlarge

    The Upload Blueprint window is displayed.
  5. Enter the name of the blueprint in the Blueprint Name field.
  6. Select the project from the Project list.
  7. Click Upload .
    The blueprint is uploaded and available for use.
    Note: You must provide the credentials password or key of the blueprint.

Downloading a Blueprint

You can also download a configured blueprint to your local machine and use it later. Perform the following procedure to download a blueprint.

Before you begin

Ensure that at least one blueprint must be available.

Procedure

  1. Click the Blueprint icon in the left pane.
    The Blueprint page displays the list of all the available blueprints.
  2. Do one of the following.
    • Click the blueprint that you want to download and click Download .
    • Select the blueprint that you want to download and Action > Download .
    The Download Blueprint dialog box appears.
  3. Optionally, if you want to download the blueprint with the credentials and secrets used in the blueprint, click the check box in the Download Blueprint dialog box.
  4. In the Enter Passphrase field, type a password.
    The Enter Passphrase field is a mandatory field and is activated only after you have clicked the check box to download the blueprint with credentials and secrets.
  5. Click Continue .
    The blueprint is downloaded to your local machine.

Viewing a Blueprint

Perform the following procedure to view a blueprint.

Procedure

  1. Click the Blueprint icon in the left pane.
    The Blueprint page displays the list of all the available blueprints.
  2. Click the blueprint that you want to view the details of.
    The selected blueprints details are displayed.

Editing a Blueprint

You can edit a configured blueprint from the blueprints tab. Perform the following procedure to edit a blueprint.

Procedure

  1. Click the Blueprint icon in the left pane.
    The Blueprint page is displayed.
  2. Click the blueprint that you want to edit.
    The blueprint details page is displayed.
  3. Make the necessary edits in the layers ( Services , Actions , and Application Profiles ).
    Note: You cannot delete System level actions.
  4. Click Save .
    The updated blueprint is saved and listed in the blueprints tab.

Deleting a Blueprint

Perform the following procedure to delete a blueprint.

Procedure

  1. Click the Blueprint icon in the left pane.
    The Blueprint page is displayed.
  2. Select the listed blueprint that you want to delete.
  3. Click Actions > Delete .
  4. Click Yes to confirm.
    The blueprint is deleted.

Viewing Blueprint Error

If you have configured wrong details in your blueprint, you can view the error message while saving or publishing a blueprint. Perform the following procedure to view blueprint error message.

Procedure

  1. Click the Blueprint icon in the left pane.
    The Blueprint page displays the list of all the available blueprints.
  2. Click the blueprint that you want to view the details.
    The selected blueprint details are displayed. If there is any error in the blueprint, then the error is denoted by ! .
  3. Click ! .
    Figure. Blueprint Error Click to enlarge
    The blueprint errors are displayed.

Recovering Deleted Blueprints

You can recover the deleted application blueprints within a time period of 90 days after you delete an application blueprint. This chapter describes the procedure to recover a deleted blueprint.

Procedure

  1. Click the Blueprint icon in the left pane.
    The Blueprint page displays the list of all the available blueprints.
  2. In the search filter field, enter State:Deleted and press Enter.
    You can view the list of all deleted blueprints based on the 90 days retention period.
  3. Click the blueprint that you want to recover.
  4. From the Action list, select Clone .
    The Clone Blueprint page appears.
  5. In the Blueprint Name field, enter a name for the blueprint and click Clone .
    The name is used as the blueprint name after recovery.
    A clone of the deleted blueprint is created and you can view the recovered blueprint in the blueprints page with the new name.

Marketplace in Calm

Marketplace Overview

The marketplace provides preconfigured application blueprints and runbooks for instant consumption. The marketplace is a common platform for both publishers and consumers.

Figure. Marketplace Click to enlarge

The marketplace has banners to display featured applications. All listed applications display the icon of the platform that supports the application.

You can filter applications or runbooks based on their category and source. You can also search an application or runbook in the marketplace.

Note: The marketplace displays the application blueprints or runbooks that are approved and published using the Marketplace Manager. For more information on approving and publishing blueprints and runbooks, see Approving and Publishing a Blueprint or Runbook.

Before provisioning an application, you can view details such as application overview, changes made in different versions, and application-level actions.

Figure. Marketplace-Application Details Click to enlarge Marketplace Application Details

Viewing Application Details

You can view application details such as licensing, installed resources, hardware requirements, operating systems, platforms, and limitations before you provision the application. You can also view the changes made in different versions and application-level actions.

About this task

Video: Viewing Application Details

Procedure

  1. Click Marketplace icon in the left pane.
    The Marketplace page is displayed.
  2. To view the details of an application, click the Get button on the application blueprint.
    Figure. Application Details Click to enlarge Marketplace Application Details

    The Application Details page is displayed.

Filtering Application Blueprints or Runbooks

Perform the following procedure to filter application blueprints or runbooks in the marketplace.

Procedure

  1. Click Marketplace icon in the left pane.
    The Marketplace page is displayed.
  2. Click the Filters button.
    The Filters pane appears.
    Figure. Marketplace Filters Click to enlarge Marketplace Filters

  3. Select a category, type, or source value to filter applications and runbooks.
    The Marketplace page displays all available applications and runbooks based on the selected category, type, and source value.

Searching an Application Blueprint or Runbook

Perform the following procedure to search an application blueprint or runbook.

Procedure

  1. Click Marketplace icon in the left pane.
    The Marketplace page is displayed.
  2. Enter the name of the application or runbook that you want to search in the Search marketplace field.
    The Marketplace page shows the search results as you enter the name in the Search marketplace field.

Launching a Blueprint from the Marketplace

You can use the Marketplace tab to launch an application blueprint that is approved and published to the marketplace. The application launch page displays the fields that are editable by the consumer.

Procedure

  1. Click the Marketplace icon in the left pane.
    The Marketplace page is displayed.
  2. Click the Get button for the application that you want to launch.
    The Application Details page is displayed.
  3. Click Launch .
    The Launch page is displayed.
    Figure. Launch Blueprint Click to enlarge

  4. Enter a name for the application in the Application Name field.

    Following are the rules for naming convention.

    • The name of the blueprint can start with an alphanumeric character or an underscore.
    • The name must have at least one character.
    • Use only space, underscore, and dash as special characters.
    • Do not end the name with a dash.
  5. Enter a description for the application in the Application Description field.
  6. Select the project from the Project list.
  7. Select the environment from the Environment list.
    If you select an environment that is different from the account that you used for blueprint configuration, Calm updates all platform-dependant fields to match with the selected environment configuration.
    For example, you created the application blueprint using an account with an environment (ENV1) so that the platform-dependant fields are similar to ENV1. While launching the application blueprint, if you select a different environment (ENV2), Calm updates all platform-dependant fields to match with the ENV2 configuration.
  8. Select an application profile in the App Profile field.
    Application profile provides different combinations of the service, package, and VM while configuring a blueprint.
  9. In the section for the service configuration, verify the VM, disk, boot configuration, and network configuration. You can edit the fields based on your application requirements.
    Figure. Application Launch - Service Configuration Click to enlarge Service Configuration

  10. If the blueprint is configured with a Nutanix account, do the following:
    1. Under Snapshot Configurations, select a snapshot policy in the Snapshot Policy list.
    2. Based on the policy you select, select a rule in the Select Local Rule or Select Remote Rule list.
      The Select Local Rule or Select Remote Rule list appears based on the Snapshot Location you defined in your blueprint. For more information, see Blueprint Configuration for Snapshots and Restore. The values in the list appear based on the snapshot policy you defined in the project and selected in the Snapshot Policy list. For more information, see Creating a Snapshot Policy. The values also depend on the VM categories you configured in your blueprint.
    The Snapshot Configuration section appears depending on the environment you select while launching the blueprint. If you select a specific environment, you must provide the snapshot policy and snapshot rule to launch the blueprint. The Snapshot Configuration section does not appear in case you select the environment with all project accounts for the launch.
    Note: Ensure that you have a valid NIC in the blueprint.
  11. Click Deploy .
    The application blueprint is displayed under the Application tab.

Environment Patching Behavior

VM configurations in blueprints and environments are associated with accounts. The environment patching depends on the account that you associate with the marketplace blueprint and the environment you configured.

To patch a cloud provider VM that has a specific OS type, Calm finds the corresponding match in the environment. In case there are no matches available, Calm displays a notification.

The following table lists the environment patching behavior for platform-dependent and platform-independent fields:

Table 1. Environment Patching
Fields Condition Patching Behavior
Platform-Dependent Fields When different accounts are associated with the blueprint and environment Values from the environment get preference for patching, irrespective of the values in the blueprint.
Platform-Dependent Fields When the blueprint and the environment have the same account Values from the environment are patched only when the fields do not have any value in the blueprint.
Platform-Independent Fields When different accounts are associated with the blueprint and environment Values from the environment are patched only when the fields do not have any value in the blueprint.
Platform-Independent Fields When the blueprint and the environment have the same account Values from the environment are patched only when the fields do not have any value in the blueprint.

The following table lists the platform-dependent fields for different platforms.

Table 2. Platform-Dependent Fields
Platform Platform-Dependent Fields
Nutanix Image, Categories, Cluster, and NIC
AWS Machine Image, Key, Instance Profile Name, VPC ID, Subnet ID, and Security Group List
GCP Machine Type, Zone, Network, Disk Type, Source Image, and Email
VMware Host, Template, Datastore, Cluster, Storage Pod, Network Name, NIC Type, Disk Location, Disk ISO Path, Folder, and Tag List
Azure Resource Group, Location, Availability Set ID, Resource Group Details, Resource Group Operation, Network Security Group Name, Network Name, Subnet Name, Network Security Group ID, Virtual Network ID, Subnet ID, Publisher, Offer, SKU, Version, Source Image Type, and Source Image ID

Environment Patching Behavior with Nutanix – Example-1

Assume that you have two Nutanix Prism Central accounts PC1 and PC2, and you added these accounts to your project (Project1). You then create two environments in the project with the following VM configuration:

Table 3. Environments
ENV1 ENV2
  • Account: PC1
  • NIC: PC1_Net1
  • Image: PC1_Image1
  • Categories: PC1_category1 and PC1_category2
  • Cluster: PC1_Cluster1
  • Operating System: Linux
  • Account: PC2
  • NIC: PC2_Net1
  • Image: PC2_Image1
  • Categories: PC2_category1 and PC2_category2
  • Cluster: PC2_Cluster1
  • Operating System: Linux

You then create a blueprint with a Nutanix service under Project1 having the following configuration:

  • Account: PC1
  • Image: PC1_Image2
  • Categories: PC1_category3
  • Cluster: PC1_Cluster2
  • NIC: PC1_Net2

When you publish this blueprint in the marketplace and launch the blueprint with a different environment, the environment patching happens as follows:

  • When you select Project1 and ENV2 for launching, the account in the blueprint is PC1, and the account in ENV2 is PC2.

    Because different accounts are associated with the blueprint and environment, all platform-dependent field values are patched from the environment to the blueprint, irrespective of the values already available in the blueprint. The blueprint is launched with the following configuration.

    • Image: PC2_Image1
    • Categories: PC2_category1 and PC2_category2
    • Cluster: PC2_Cluster1
    • NIC: PC2_Net1
  • When you select Project1 and ENV1 for launching, the account in both the blueprint and ENV1 is PC1.

    Because the account is same for both blueprint and environment and all the platform-dependent fields already have values, the patching does not happen. The blueprint is launched with the following configuration.

    • Image: PC1_Image2
    • Categories: PC1_category3
    • Cluster: PC1_Cluster2
    • NIC: PC1_Net2

Environment Patching Behavior with Nutanix – Example-2

Assume that you have a Prism Central account PC1 that is associated with two Prism Elements PE1 and PE2, and you add PC1 to your project (Project1).

Assume that the associated Prism Elements have the following networks.

  • PE1: PE1_Net1 and PE1_Net2
  • PE2: PE2_Net1 and PE2_Net2

You then create two environments with the following VM configuration:

Table 4. Environments
ENV1 ENV2
  • NIC: PE1_Net1
  • Image: PC1_Image1
  • Categories: PC1_category1 and PC1_category2
  • Operating System: Linux
  • NIC: PE2_Net1
  • Image: PC1_Image2
  • Categories: PC1_category3 and PC1_category4
  • Operating System: Linux

You then create a blueprint with a Nutanix service under Project1 having the following configuration:

  • NIC: PE1_Net2
  • Image: PC1_Image3
  • Categories: PC1_category5 and PC1_category6

When you publish this blueprint in the marketplace and launch the blueprint with a different environment, the environment patching happens as follows:

  • When you select Project1 and ENV2 for launching:

    Prism Element accounts are derived from the NIC or subnet. The PE1_Net2 network used in the blueprint associates the blueprint to Prism Element PE1, and the PE2_Net1 network used in ENV2 associates the environment to Prism Element PE2.

    Because these two networks are connected to two different Prism Element account_uuid , Calm considers this case as two different accounts associated with the blueprint and environment. All platform-dependent field values are, therefore, patched from the environment to the blueprint, irrespective of the values already available in the blueprint. The blueprint is launched with the following configuration.

    • NIC: PE2_Net1
    • Image: PC1_Image2
    • Categories: PC1_category3 and PC1_category4