Cisco Cisco Prime Network Services Controller 3.0 Entwickleranleitung
Page 7
OL-28369-01
Prime Network Services Controller Components
Prime Network Services Controller consists of multiple service components that provide modularized functions for
management, tenant management, policy management, resource management, and so on. These components are
also called service providers or applications. Each component is accessed through a unique URL.
management, tenant management, policy management, resource management, and so on. These components are
also called service providers or applications. Each component is accessed through a unique URL.
The following sections describe the Prime Network Services Controller components:
●
●
●
●
●
Each component has its own data model and a DME that processes the model-driven service requests. Each
component maintains its own management information tree storage (both in memory and in the persistent storage).
Data sharing across different service components is achieved with ad-hoc interservice API communications or by
using a publish or subscribe method.
component maintains its own management information tree storage (both in memory and in the persistent storage).
Data sharing across different service components is achieved with ad-hoc interservice API communications or by
using a publish or subscribe method.
Management Controller
Management Controller, also known as the core service, provides system-related services for the Prime Network
Services Controller virtual machine. The following services are provided:
Services Controller virtual machine. The following services are provided:
●
Authenticates and authorizes user logins in local or LDAP mode.
●
Provides access control, such as locales, roles, and trusted points.
●
Maintains system information, such as the IP address, subnet mask, gateway, and hostname.
●
Upon user input, performs system maintenance operations, such as database backup, data export, and
data import.
data import.
●
Maintains system diagnostic information, such as audit logs, faults, event logs, and core dump files.
The Management Controller type is mgmt-controller. Use this service type in the API URL for all requests related to
the Management Controller.
the Management Controller.
Service Registry
Service Registry is the central service repository that holds information about all registered managed endpoints
(such as ASA 1000v and Cisco Virtual Security Gateways (VSG)) and the service providers (such as Policy
Manager or Resource Manager).
(such as ASA 1000v and Cisco Virtual Security Gateways (VSG)) and the service providers (such as Policy
Manager or Resource Manager).
Note
Service endpoints are referred to as clients in the GUI.
Service endpoints and the service providers register themselves dynamically with the Service Registry and retrieve
information about service components from the Service Registry. The Service Registry is also responsible for
tenant management and provides the following services:
information about service components from the Service Registry. The Service Registry is also responsible for
tenant management and provides the following services:
●
Upon user input, creates, deletes, and updates organizations (tenants, data centers, applications, and tiers).
Organization changes are automatically propagated to Policy Manager and Resource Manager when
policies and resources are attached to the intended organizations.
Organization changes are automatically propagated to Policy Manager and Resource Manager when
policies and resources are attached to the intended organizations.
●
Maintains information about the registered services (such as providers, endpoints, and Management
Controller).
Controller).
●
Maintains diagnostic information, such as audit logs, faults, and event logs.
The Service Registry type is service-reg. Use this service type in the API URL for all requests related to the Service
Registry. Resource Manager manages logical compute and edge firewalls and their association with VSGs and
Registry. Resource Manager manages logical compute and edge firewalls and their association with VSGs and
Resource Manager
Resource Manager manages logical compute and edge firewalls and their association with VSGs and ASA
1000Vs, respectively. When an edge firewall is associated with an ASA 1000V, the device configuration profile
information (defined by the edge firewall) is pushed to the ASA 1000V. This triggers the ASA 1000V to download
the security profiles and policies from Policy Manager. Resource Manager is responsible for the following services:
1000Vs, respectively. When an edge firewall is associated with an ASA 1000V, the device configuration profile
information (defined by the edge firewall) is pushed to the ASA 1000V. This triggers the ASA 1000V to download
the security profiles and policies from Policy Manager. Resource Manager is responsible for the following services:
●
Maintains an inventory of ASA 1000Vs, VSGs, and Cisco Virtual Supervisor Modules (VSMs).
●
With user input, defines compute firewalls and associates them with VSGs for provisioning.