Americas Headquarters Cisco Systems, Inc. 170 West Tasman Drive San Jose, CA 95134-1706 USA http://www.cisco.com Tel: 408 526-4000 800 553-NETS (6387) Fax: 408 527-0883 Cisco Interactive Experience Manager Installation Guide Release 2.0 April 6, 2013 Text Part Number: OL-26459-03
This document is posted to help you gain knowledge. Please leave a comment to let me know what you think about it! Share it to your friends and learn new things together.
THE SPECIFICATIONS AND INFORMATION REGARDING THE PRODUCTS IN THIS MANUAL ARE SUBJECT TO CHANGE WITHOUT NOTICE. ALL STATEMENTS, INFORMATION, AND RECOMMENDATIONS IN THIS MANUAL ARE BELIEVED TO BE ACCURATE BUT ARE PRESENTED WITHOUT WARRANTY OF ANY KIND, EXPRESS OR IMPLIED. USERS MUST TAKE FULL RESPONSIBILITY FOR THEIR APPLICATION OF ANY PRODUCTS.
THE SOFTWARE LICENSE AND LIMITED WARRANTY FOR THE ACCOMPANYING PRODUCT ARE SET FORTH IN THE INFORMATION PACKET THAT SHIPPED WITH THE PRODUCT AND ARE INCORPORATED HEREIN BY THIS REFERENCE. IF YOU ARE UNABLE TO LOCATE THE SOFTWARE LICENSE OR LIMITED WARRANTY, CONTACT YOUR CISCO REPRESENTATIVE FOR A COPY.
The following information is for FCC compliance of Class A devices: This equipment has been tested and found to comply with the limits for a Class A digital device, pursuant to part 15 of the FCC rules. These limits are designed to provide reasonable protection against harmful interference when the equipment is operated in a commercial environment. This equipment generates, uses, and can radiate radio-frequency energy and, if not installed and used in accordance with the instruction manual, may cause harmful interference to radio communications. Operation of this equipment in a residential area is likely to cause harmful interference, in which case users will be required to correct the interference at their own expense.
Modifications to this product not authorized by Cisco could void the FCC approval and negate your authority to operate the product.
NOTWITHSTANDING ANY OTHER WARRANTY HEREIN, ALL DOCUMENT FILES AND SOFTWARE OF THESE SUPPLIERS ARE PROVIDED “AS IS” WITH ALL FAULTS. CISCO AND THE ABOVE-NAMED SUPPLIERS DISCLAIM ALL WARRANTIES, EXPRESSED OR IMPLIED, INCLUDING, WITHOUT LIMITATION, THOSE OF MERCHANTABILITY, FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT OR ARISING FROM A COURSE OF DEALING, USAGE, OR TRADE PRACTICE.
IN NO EVENT SHALL CISCO OR ITS SUPPLIERS BE LIABLE FOR ANY INDIRECT, SPECIAL, CONSEQUENTIAL, OR INCIDENTAL DAMAGES, INCLUDING, WITHOUT LIMITATION, LOST PROFITS OR LOSS OR DAMAGE TO DATA ARISING OUT OF THE USE OR INABILITY TO USE THIS MANUAL, EVEN IF CISCO OR ITS SUPPLIERS HAVE BEEN ADVISED OF THE POSSIBILITY OF SUCH DAMAGES.
CCDE, CCENT, CCSI, Cisco Eos, Cisco HealthPresence, Cisco IronPort, the Cisco logo, Cisco Nurse Connect, Cisco Pulse, Cisco SensorBase, Cisco StackPower, Cisco StadiumVision, Cisco TelePresence, Cisco Unified Computing System, Cisco WebEx, DCE, Flip Channels, Flip for Good, Flip Mino, Flipshare (Design), Flip Ultra, Flip Video, Flip Video (Design), Instant Broadband, and Welcome to the Human Network are trademarks; Changing the Way We Work, Live, Play, and Learn, Cisco Capital, Cisco Capital (Design), Cisco:Financed (Stylized), Cisco Store, Flip Gift Card, and One Million Acts of Green are service marks; and Access Registrar, Aironet, AllTouch, AsyncOS, Bringing the Meeting To You, Catalyst, CCDA, CCDP, CCIE, CCIP, CCNA, CCNP, CCSP, CCVP, Cisco, the Cisco Certified Internetwork Expert logo, Cisco IOS, Cisco Lumin, Cisco Nexus, Cisco Press, Cisco Systems, Cisco Systems Capital, the Cisco Systems logo, Cisco Unity, Collaboration Without Limitation, Continuum, EtherFast, EtherSwitch, Event Center, Explorer, Follow Me Browsing, GainMaker, iLYNX, IOS, iPhone, IronPort, the IronPort logo, Laser Link, LightStream, Linksys, MeetingPlace, MeetingPlace Chime Sound, MGX, Networkers, Networking Academy, PCNow, PIX, PowerKEY, PowerPanels, PowerTV, PowerTV (Design), PowerVu, Prisma, ProConnect, ROSA, SenderBase, SMARTnet, Spectrum Expert, StackWise, WebEx, and the WebEx logo are registered trademarks of Cisco Systems, Inc. and/or its affiliates in the United States and certain other countries.
All other trademarks mentioned in this document or website are the property of their respective owners. The use of the word partner does not imply a partnership relationship between Cisco and any other company. (0910R)
Any Internet Protocol (IP) addresses and phone numbers used in this document are not intended to be actual addresses and phone numbers. Any examples, command display output, network topology diagrams, and other figures included in the document are shown for illustrative purposes only. Any use of actual IP addresses or phone numbers in illustrative content is unintentional and coincidental.
Chapter OverviewThe Cisco Interactive Experience Manager is software that allows for centralized management of Cisco Interactive Experience Client 4600 Series devices.
This chapter explains the audience and scope of this installation guide and provides an overview of the Cisco Interactive Experience Manager.
The sections in this chapter are:
• What’s New about the IEM in This Release, page 1-2
– Non-Administrator User Role, page 1-2
– Effective Profile, page 1-2
– High Availability, page 1-2
– IEM Configuration Menu, page 1-3
– User Lockout after Failed Login Attempts, page 1-3
Chapter 1 Introduction What’s New about the IEM in This Release
What’s New about the IEM in This ReleaseRelease 2.0 includes the following new features for the Cisco Interactive Manager (IEM):
• Non-Administrator User Role
• Effective Profile
• High Availability
• IEM Configuration Menu
• User Lockout after Failed Login Attempts
• Licenses for IEM Management
• Numerous performance upgrades and enhancements
Non-Administrator User RoleUsers by default are granted administrator-level access and permissions. This level of access can be removed for users that only need to view and monitor devices.
Non-administrator users can do the following:
access to the following tabs within the Device screen:
• View a device’s status, events. performance, and effective profile
• Use the predefined action buttons for devices including Reboot and Message
• Use any custom action buttons that have been created for devices
Effective ProfileThe Effective Profile tab for devices provides a time line of configuration changes to the IEC based on the scheduling of policies. With this feature, the administrator can see a cumulative view of the configuration changes applied to a device and understand where the configuration is originating. The cumulative changes on that device can come from the device profile, policies applied to the device, and the group to which the device belongs.
High AvailabilityThe IEM supports High Availability (HA) configured on VMware vSphere. HA must first be configured on vSphere before installing the IEM software on the virtual machine. Refer to the Cisco Interactive Experience Manager Installation Guide for more information.
The IEM also supports a Bare Metal HA setup.
Load BalancingLoad balancing is supported for the Bare Metal HA setup.
Chapter 1 Introduction What’s New about the IEM in This Release
IEM Configuration Menu The IEM Configuration Menu is accessed using a SSH client. The menu allows administrators to configure server settings, manage the server, troubleshoot, and enable the Cisco TAC to access the server.
User Lockout after Failed Login AttemptsThe administrator can now configure the number of times that a user can try logging into the IEM and fail. When the number of failed attempts has been reached, the user is locked out of the IEM for a time period that is also configured by the administrator.
Licenses for IEM ManagementEach Cisco Interactive Experience Client Series 4600 (IEC 4600) device requires a license in order for it to be managed on a Cisco Interactive Experience Manager (IEM). The IEM license bundles that you purchase support up to 10, 50, 100, 500, or 1,000 IEC 4600 devices. When ordering a license bundle, ensure that you have ordered enough licenses to cover all the IEC 4600 devices that will be managed by the IEM. You will add the licenses to the IEM before you register IECs. If the number of registered devices is exceeded, no additional devices can be registered in the IEM and managed by it.
Other Changes in 2.0The following are other changes in 2.0:
• Additional platforms and browsers are now supported by the IEM. Only use supported platforms and browser versions for full functionality. The supported platforms are Windows XP (32bit or 64bit), Windows 7 (32bit or 64bit), and Macintosh OS 10.6.8. The supported browser versions are Internet Explorer 8 and 9 (32bit and 64bit), Chrome, Safari, and Firefox 12 and higher.
• The IEM software no longer comes pre-installed on a Cisco UCS server. The 2.0 software is instead downloaded and installed on bare metal or a virtual machine. It is recommended that you install the IEM version 2.0 software on a VMware vSphere client.
• Revamped hotkey property within profiles and policies: All the previous hotkeys for the IEC were removed except for the hotkey used to access the System Settings menu on the IEC. The utilities previously accessed using hotkeys can be accessed using the System Settings menu. Those utilities are enabled or disabled in the settings property of the profile or policy.
• The email field in the Server Settings screen has been changed from the sender’s email to the administrator’s email. The email address entered will be used as the sender’s address when the system sends out notifications. It will also receive system alerts.
• Policy and profile hierarchy: If a policy is applied to a device, it takes precedence over the device’s profile. A policy applied to a device takes precedence over a policy applied to a group. The figure below illustrates the hierarchy for settings.
Chapter 1 Introduction About This Installation Guide
Figure 1-1 Settings Hierarchy
About This Installation GuideThis section describes the audience and scope of this installation guide.
TerminologyThe following terms are used in this user guide.
• Accounts - Allow multiple organizations to configure and manage devices and policies in a single Cisco Interactive Experience Manager instance. Use accounts to segregate users, devices, and policies. Each organization will have at least one account.
• Administrators - People who have access to all accounts on the system. This Cisco Interactive Experience Manager Installation Guide provides administrators with all the information necessary to install and administer a Cisco Interactive Experience Manager.
• Device - Cisco Interactive Experience Client 4600 Series
• Policies- An easy and flexible way of applying settings to multiple devices or users.
• Profiles - The settings of a single device or user.
• Users - People who configure and manage the Cisco Interactive Experience Manager. Users are associated with specific accounts on the Cisco Interactive Experience Manager. The Cisco Interactive Experience Manager User Guide was developed for users.
Audience
The intended audience for this guide is administrators. They will install, manage, and upgrade the Cisco Interactive Experience hardware and software.
ScopeThis installation guide explains how to install the Cisco Interactive Experience Manager software. There is also a troubleshooting chapter so that the administrator can handle simple installation issues.
This user guide provides instructions so that an administrator can:
• Set up the Interactive Experience Manager
• Enable supported products
• Create and delete administrators
• Upgrade product version
• Add new products and models
After the Cisco Interactive Experience Manager has been installed, refer to the Cisco Interactive Experience Manager User Guide for instructions on how to use it to configure and manage Cisco Interactive Experience Client 4600 Series.
Cisco Interactive Services SolutionThe Cisco Interactive Services Solution leverages the network as the platform to transform customer experience with interactive digital media. Leveraging Cisco’s video, collaboration, and cloud architectures, the solution allows large and small enterprises and public agencies to seamlessly provide the most updated product or service information including educational content in real-time, improving customer experience and increasing customer retention. With built-in remote management capabilities, the solution enables organizations to get feedback instantaneously from end users to measure marketing effectiveness and impact as well as dynamically provision and disperse relevant content. Effective reuse of web content and applications along with remote delivery of content and advertisements helps increase advertising revenues, improve business and customer processes, through effective management of digital displays and open online spaces.
The Cisco Interactive Services Solution is the collective name for a product family that consists of thin clients hardware and software known as the Cisco Interactive Experience Client 4600 Series and remote management software which is called the Cisco Interactive Experience Manager.
Cisco Interactive Experience Client 4600 Series The Cisco Interactive Experience Client 4600 Series (IEC4600 Series) is a robust, configurable, and manageable web device designed for public venues and web-centric delivery. The devices can be controlled remotely using management software, the Cisco Interactive Experience Manager (IEM).
It is highly recommended that all the Cisco IEC4600 Series devices are managed and monitored using the Cisco Interactive Experience Manager as it ensures consistent remote management, with the option to configure the devices locally.
Cisco Interactive Experience ManagerThe Cisco Interactive Experience Manager (IEM) is the management software that allows the administrator to control and monitor Cisco IEC4600 Series devices. The Cisco IEC4600 Series devices are configured remotely through a combination of device, user, profile, and policy settings from the Cisco IEM,
Configuration settings are distributed between user and device settings; however profiles contain all the settings available to both device and users. Policies represent dynamic and transportable setup rules.
Cisco IEM is a solution allowing configuration, control, and support of Cisco Interactive Experience Client 4600 Series devices. With Cisco IEM, an administrator can perform the following functions:
• Configuration - Cisco IEM allows the administrator to configure the Cisco IEC4600 Series devices. IEC4600 Series devices can be configured to start with a predetermined Internet resource, such as a web page, flash, or movie, and then let the user navigate within a “walled garden” environment.
• Policy Management- Policies provide an easy and flexible way for administrators to apply settings to a group of users or devices.
• Session Management - An administrator can apply a session time limit to IEC4600 Series devices.
• Remote Control - Administrators can control the behavior of the IEC4600 Series devices in real-time including muting a station, locking out the user, or sending the user a message.
• Remote Assistance - To ask for help, users can simply press a help button on the screen to initiate a chat session with a virtual attendant or remote agent.
• Logs - Cisco IEM can be set up to log the traffic from the Cisco IEC4600 Series devices, making it easy for the administrators to analyze the data.
Principles of OperationThe following are principles of operation for this solution:
1. IEC4600 Series devices need to exist on the IEM in order to be managed by it. IEC4600 Series devices can either be provisioned ahead of time or from the device interactively. If registered from the device interactively, the installer has to use their account info to authorize the registration.
2. Policy applied to a device overrides its profile. Policies are templates for property settings.
3. Multiple policies can be attached to the same device (group). If policies contain conflicting settings, the policy that is higher in the stack order takes precedence. Device policies take precedence over group policies.
4. IEC4600 Series and IEM versions are best-effort compatible. A device that has a version that is not actively supported by the IEM will still be supported although some things may not have full functionality. A device version which is out of sync is indicated by the red FW flag. Communication between client and the IEM is defined by the communication protocol and specification that defines capabilities of each FW build. Older communication protocols are supported in the newer builds, but older specifications that reflect properties of the firmware are often not fully compatible with the later versions.
5. Policies can be persistent or transient (applied for short periods of time). Persistent policies are long-term or permanent. Persistent policies are applied when the IEC4600 Series device is booted or rebooted. Persistent policies are permanent until they are unapplied.
Transient, runtime, or IsAction policies are created by checking the IsAction check box when creating the policy or in the General tab of the policy. Transient policies are marked by a blue circle with a white arrow and are made available in form of a button under “Custom Actions”. These policies change the settings on the IEC4600 Series temporarily and will be reset by changing the settings within the policy, by applying counter action policy, or on the next reboot. IsAction policies can only work for runtime properties, which are marked by an orange arrow in the policy or profile.
6. Notifications and alerts work on a subscription basis. Once notification/alert has been created, it has to be assigned to a user. Notification/alert can submit to a third party application collecting the data – the URL has to be provisioned through User profile.
7. In order to optimize screen behavior, the application has to implement native components. Native components are available in form of a Browser API (refer to the documentation) and essentially move resource-intensive or asynchronously used components outside of the browser process-space.
Chapter 2 Installing the IEM Software What You Will Need
• IEM software files downloaded from www.cisco.com:
1. IEM-VM ISO file
2. IEM OVA file
• IEM license
• IP address of host server
• Network credentials
• Server running VMware vSphere version 4.1 (all editions) or later:
– If you are installing the software on a physical server, you will need a Cisco UCS server (see the physical server specifications in the next section).
– If you are installing the software on a virtual machine, you will need a server (Cisco or third-party).
Chapter 2 Installing the IEM Software Install IEM Software on a Virtual Machine
Step 7 Click the Download button.
Install IEM Software on a Virtual MachineFollow the instructions below to install the IEM software on a virtual machine (VM).
Configure High Availability in vSphere (Optional)The IEM supports High Availability (HA) configured on vSphere. Refer to the Cisco Interactive Experience Manager High Availability Installation and Configuration Guide for instructions on how to install additional components and update configurations.
If you wish to have HA on the IEM VM, make sure that you have configured HA on vSphere before installing the IEM software. vSphere HA provides the infrastructure to protect all workloads with the infrastructure. You do not need to install special software within the application or virtual machine. All workloads are protected by vSphere HA. After vSphere HA is configured, no actions are required to protect new virtual machines; they are automatically protected.
vSphere HA provides high availability for virtual machines by pooling the virtual machines and the hosts they reside on into a cluster. Hosts in the cluster are monitored and in the event of a failure, the virtual machines on a failed host are restarted on alternate hosts. vSphere HA leverages multiple ESXi hosts configured as a cluster to provide rapid recovery from outages and cost-effective high availability for applications running in virtual machines. vSphere HA protects application availability in two ways. First, it protects against a server failure by restarting the virtual machines on other hosts within the cluster. Second, it protects against application failure by continuously monitoring a virtual machine and resetting it in the event that a failure is detected.
Refer to the vSphere Availability documentation for how to set up, configure, and enable vSphere HA. The documentation for your vSphere version and edition can be found at: http://www.vmware.com/support/pubs/vsphere-esxi-vcenter-server-pubs.html
Launch VMware vSphere Client
Step 1 Launch your VMware vSphere client.
Step 2 In the IP address / Name field, enter the IP address of the ESX host server that will be hosting the IEM virtual machine.
Chapter 2 Installing the IEM Software Install IEM Software on a Virtual Machine
Figure 2-5 Summary Tab
Create a Virtual Machine and Deploy the OVA FileThe IEM OVA file contains all the VM settings that you need so you do not need to configure or modify any VM settings when you are creating the VM for the IEM.
Note If you have configured vSphere HA, you will create a VM for IEM in the vSphere Client in the vCenter. If you have not configured vSphere HA, you will create a VM for IEM in the ESX/ESXi host.
Step 1 In vSphere, choose Deploy OVF Template option under File.
Chapter 2 Installing the IEM Software Install IEM Software on a Virtual Machine
Figure 2-10 Details Screen
Step 8 The Name and Location screen appears. By default, the template name appears as “Interactive Experience Manager”. It is recommended that you keep the default template name so it is easy to identify later. Click Next.
Step 14 When the deployment is complete and the new VM is created, you will see the message “Completed Successfully” in the Deployment Completed Successfully pop up dialog box. Click Close.
Chapter 2 Installing the IEM Software Install IEM Software on a Virtual Machine
Figure 2-39 VMware Tools are Installed and Running
The installation is complete when you see the message “IEM Installation is SUCCESS” and the iem login prompt.
Figure 2-40 IEM Installation Successful Screen
Verify High Availability of the IEM’s VMIf vSphere HA has already been configured, then it is automatically enabled for every VM including the IEM’s VM.
To verify that vSphere HA is turned on for your cluster, follow these steps:
Chapter 2 Installing the IEM Software Install IEM Software on Bare Metal - Method #1
Step 2 Go to the Summary tab.
Step 3 Look at the last entry in the General section listed as “vSphere HA Protection”.
Figure 2-43 vSphere HA Protection
Step 4 If there is a green checkmark and word “Protected” next to it, HA is protecting the VM.
If you are experiencing issues with vSphere HA or have questions, please refer to VMware’s documentation for your particular version and edition at: http://www.vmware.com/support/pubs/vsphere-esxi-vcenter-server-pubs.html
Install IEM Software on Bare Metal - Method #1If you do not install the IEM software on a virtual machine (VM), you can install it on a Cisco UCS server.
This method requires the following tasks:
1. Configure CIMC on a UCS server
2. Launch the CIMC KVM Console on the UCS Server
3. Configure hard disks with the LSI MegaRAID Configuration Utility
4. Install the IEM software on the CIMC KVM Console
Configure CIMC on a UCS ServerThe instructions below indicate how to configure CIMC on a UCS C220 M3 server.
Step 1 Connect a keyboard, monitor, and mouse to the UCS server.
Chapter 2 Installing the IEM Software Install IEM Software on Bare Metal - Method #2
Figure 2-70 Boot Prompt
The ISO installs and auto boots up.
Install IEM Software on Bare Metal - Method #2The Cisco IEM software (ISO file) can be burned on a CD and then that CD used to boot up the server. Follow the instructions below to install the IEM software on a UCS server using a CD.
Step 1 Download the ISO file to your desktop.
Step 2 Burn the ISO file to a CD.
Step 3 Use the UCS’ KVM cable to connect a keyboard and VGA monitor to the console connector on the front panel.
Note Alternatively, you can use the VGA and USB ports on the rear panel. However, you cannot use the front panel console connector VGA and the rear panel VGA at the same time. If you are connected to one VGA connector and you then connect a video device to the other connector, the first VGA connector is disabled. You can then reactivate the first VGA connector only by rebooting the server.
Step 4 Plug the monitor into an AC power outlet and turn it on.
Step 5 Attach a power cord to each power supply in your server, and then attach the power cord to a grounded AC power outlet.
Wait for approximately two minutes to let the server boot in standby power during the first bootup.
You can verify power status by looking at the Power Status LED on the front panel:
Chapter 2 Installing the IEM Software Install IEM Software on Bare Metal - Method #2
• Off—The server is not receiving power. Check the power cord connections and the power source of the facility.
• Blinking green—The server is in standby power mode. Power is supplied only to the service processor and some motherboard functions.
• Solid green—The server is in main power mode. Power is supplied to all server components.
Note During boot up, the server beeps once for each USB device that is attached to the server. Even if there are no external USB devices attached, there is a short beep for each virtual USB device such as a virtual floppy drive, CD/DVD drive, keyboard, or mouse. A beep is also emitted if a USB device is hot-plugged or hot-unplugged during BIOS power-on self-test (POST), or while you are accessing the BIOS Setup utility or the EFI shell.
Chapter 2 Installing the IEM Software Install IEM Software on Bare Metal - Method #2
Figure 2-72 IEM Installation Complete using DHCP Login Prompt
When the server finishes booting up, a login prompt appears. A message appears confirming that the installation is complete and successful: “IEM Installation is SUCCESS”.
Chapter OverviewThis chapter explains how to configure the IEM software after it has been installed on either a virtual machine or bare metal.
The sections in this chapter are:
• Log In as Installer and Change Installer Password, page 3-1
• Configure Server Settings, page 3-3
– Configure Network Settings, page 3-3
– Restart Networking, page 3-9
– Get MAC Address of Active Network Interface, page 3-10
– Configure Time Zone, page 3-13
– Configure NTP, page 3-14
– Set Up SMTP Provider, page 3-17
– Configure Remote Logging Server, page 3-18
– Upload SSL Certificates and Private Keys, page 3-19
– Restart Web Service to Apply New Keys and Certificates, page 3-21
• Change the Network Maintenance Password, page 3-23
• Log Into the IEM as the Administrator, page 3-24
Log In as Installer and Change Installer PasswordBefore you log in as the installer, choose a password now as the window of opportunity to enter the password is limited. The installer password or passphrase must meet the following criteria:
• Password: A combination of upper case letters, lower case letters, numbers, and other characters. If you choose a twelve character long password, then choose characters from at least three out of the four categories. If you choose a eight character password, you must use characters from all four
Chapter 2 3 Configuring the IEM Software Log In as Installer and Change Installer Password
categories. But if you start your password with an upper case letter or end it with a number, additional characters from those categories must also be included in the password in order for the password to be valid.
• Passphrase: Should be of at least three words and sixteen to forty characters that are a combination of upper and lower case letters, numbers, and other characters.
Step 1 Choose a password or passphrase.
Step 2 At the iem login prompt, type installer.
Figure 2-1 IEM Login Prompt
Step 3 Press the Enter key.
Step 4 At the Password prompt, type cisco!123, which is the default password.
Step 5 Press the Enter key.
Step 6 Re-enter the default password.
You will now be prompted to change the password.
Figure 2-2 New Password Prompt
Step 7 Enter a new password following the password criteria outlined on the screen.
Note If you do not choose a password that meets the criteria, you will be logged out and must repeat the steps in this section.
Chapter 2 3 Configuring the IEM Software Configure Server Settings
Configure Server Settings
Configure Network SettingsIt is recommended that you use static addressing instead of DHCP. Using DHCP can result in error messages such as those indicating that the database is offline. If more than one IEM is on the network, DHCP will only work for one of the IEMs.
Note The IEM does not support two network interfaces.
Tip The default username for the IEM Configuration Menu is installer. Use the new password not the default password.
The instructions below will configure a static address for the IEM.
Step 1 In the Main menu of the IEM Configuration Menu, type a to access the System Settings menu.
Figure 2-3 Main Menu
Step 2 In the System Settings menu, type a to access the Network Settings.
Chapter 2 3 Configuring the IEM Software Configure Server Settings
Set Up SMTP ProviderThe SMTP Provider in the IEM sends notifications including the IECs’ status. The SMTP Provider is configured with an outbound URL in order to send the notifications.
The SMTP feature only works with non-authenticated mail servers. Free email service providers such as Gmail and Hotmail are not supported because they require authentication.
Note Cisco Advanced Services offers customized services such as the configuration of authenticated mail servers. Customers who are in need of this service should contact Cisco Advanced Services.
Once you have set up the SMTP provider, follow the instructions in the “Alerts & Notifications” chapter of the Cisco Interactive Experience Manager Administrator Guide to create a notification and associate it with users.
The following are instructions on how to configure the SMTP provider.
Step 1 Go to the Post-Installation Configuration screen.
Tip The default username for the Post-Install Configuration site is admin and the default password is cisco!123.
Upload SSL Certificates and Private KeysThe IEM uses self-signing certificates. Thus you may see a similar pop-up to that in the figure below when accessing the IEM using your browser.
Chapter 2 3 Configuring the IEM Software Configure Server Settings
Figure 2-38 Security Exception Dialog Box
If your organization has a SSL certificate and private key, they can be uploaded into the IEM so that security warnings such as “this site is using an untrusted key” do not appear when accessing the IEM.
Step 1 In the Post-Installation Configuration screen, click Upload New Certificate/Private Key.
Chapter 2 3 Configuring the IEM Software Change the Network Maintenance Password
Figure 2-44 Web Service Stopped
Step 6 Press any key to return to the Web Server menu.
Step 7 Type b to start the service.
Step 8 Press any key to return to the Web Server menu.
Step 9 Type a to view the status of the service. Before going to the next step, make sure that the service has started.
Figure 2-45 Web Service Running
Step 10 Press any key to return to the Web Server menu.
Change the Network Maintenance PasswordThe maintenance password, also known as DMC (Device Maintenance Code), is used to access the system settings of the IEC. This can be changed in the event a user forgets the password and needs to access system settings but is unable to fetch it from the IEM.
Step 1 Go to the following link for Post-Install Configuration screen: http://[IEM_IP]/cisco/status.php. [IEM_IP] is the IP address of the IEM.
Chapter OverviewThis chapter explains how to use the IEM Configuration Menu that is accessed by using a SSH client.
The topics in this chapter are:
• View System Settings, page 4-2
• Ping a Host, page 4-4
• View Logs, page 4-5
• Reboot the Server, page 4-7
• Power Off the Server, page 4-8
• Enable Cisco TAC User, page 4-9
Tip When logging into the IEM using a SSH client, use the password that was chosen when the IEM was installed.
Note If you are configuring the server settings for the IEM in the console screen and have changed the password for the Administrator within the Root account, the message “IEM Installation has FAILED!”. This message is due to the fact that the IEM ISO in this build is using the default password to check whether the IEM is up and running. No action is required; you can ignore the failure message.
Chapter 4 Using the IEM Configuration Menu Enable Cisco TAC User
Figure 2-15 Main Menu in a SSH Client
Step 2 In the Main menu, type d to access the IEM Server Administration menu.
Step 3 In the IEM Server Administration menu, type c to reboot the server.
Figure 4-16 IEM Server Administration Menu
Enable Cisco TAC UserCustomers who have purchased SMARTnet can give SSH access to Cisco TAC engineers to troubleshoot and fix IEM issues remotely. The key generated by the TAC is only valid for 24 hours.
Tip The TAC engineer can press Ctrl-C at anytime to log out of the session.
For a TAC engineer to SSH into the IEM, you must first enable the TAC user feature. Follow the steps below.
Tip When installing the Cisco IEM, check the Cisco Interactive Services Solution support pages on www.cisco.com for the latest software version. Check the site periodically after that for new software versions.
This chapter explains how to upgrade the IEM software.
The sections in this chapter are:
• What You Will Need, page 5-1
• Gather the IEM Software Files, page 5-2
• Upgrade Options Overview, page 5-2
– 1.0.0, 1.0.1, or 1.0.2 to 2.0, page 5-2
– 1.0.3 to 2.0, page 5-3
– 2.0 to latest 2.0 build, page 5-3
• ISO Upgrade Option, page 5-4
• Fresh Install Upgrade Option, page 5-7
• Upgrading 2.0 Builds, page 5-11
What You Will NeedTo upgrade the Cisco IEM, you will need the following:
• IEM software files downloaded from www.cisco.com:
Chapter 5 Upgrading the IEM Software Gather the IEM Software Files
Gather the IEM Software FilesThe IEM-upgrade.ISO and IEM OVA files are available for download. Follow the steps below to download them.
Step 1 Enter the following URL in your web browser: http://www.cisco.com/en/US/partner/products/ps12434/tsd_products_support_general_information.html
Step 2 Log in using your partner or customer credentials.
Step 3 Within the Support area, click Download Software.
Figure 2-1 IEM Software Downloads, Release and General Information Page
Step 4 Under Release 2.0, select the IEM OVA file.
Step 5 Click the Download button.
Step 6 Select the IEM-upgrade.ISO file.
Step 7 Click the Download button.
Upgrade Options Overview
1.0.0, 1.0.1, or 1.0.2 to 2.0If you are using an IEM version that is older than 1.0.3, you must first upgrade the IEM to 1.0.3. Follow the instructions in Chapter 4 of the Cisco Interactive Experience Manager Installation Guide version 1.0.3 to upgrade from version 1.0.0, 1.0.1, or 1.0.2 to 1.0.3.
Chapter 5 Upgrading the IEM Software Upgrade Options Overview
Then upgrade from version 1.0.3 to 2.0. See the instructions below on how to upgrade from 1.0.3 to 2.0
Table 5-1 Upgrade from 1.0.3 Option Matrix
1.0.3 to 2.0A fresh installation is required for all upgrades from version 1.0.3 to 2.0 except if you are upgrading from 1.0.3 on a virtual machine (VM) to 2.0 on the same VM; then only the ISO needs to be upgraded. See the next section for instructions on how to upgrade the ISO only.
Table 5-2 Upgrade from 1.0.3 Option Matrix
Note Build number 1.8.05.5799 is only certified on bare metal.
Tip The default username for the Post-Install Configuration site is admin and the default password is cisco!123 if you have build 1.8.05.5799 (1.0.3 on bare metal). The default username for the Post-Install Configuration site is installer and the default password is cisco!123 if you have build 1.8.08.5799 (1.0.3 on a virtual machine).
2.0 to latest 2.0 buildIf you are upgrading from an older 2.0 build to the latest 2.0 build, an ISO upgrade is only required if you are using a VM. If you are using bare metal, you will need to perform a fresh install.
Table 5-3 Upgrade to Latest 2.0 Build Option Matrix
2.0 Virtual Machine 2.0 Bare Metal
1.0.0 Bare MetalUpgrade to 1.0.3 first then upgrade to 2.0
Upgrade to 1.0.3 first then upgrade to 2.0
1.0.1 Bare MetalUpgrade to 1.0.3 first then upgrade to 2.0
Upgrade to 1.0.3 first then upgrade to 2.0
1.0.2 Bare MetalUpgrade to 1.0.3 first then upgrade to 2.0
Upgrade to 1.0.3 first then upgrade to 2.0
2.0 Virtual Machine 2.0 Bare Metal
1.0.3 Virtual Machine (build number 1.8.08.5799) ISO Upgrade only Fresh install
1.0.3 Bare Metal (build number 1.8.05.5799) Fresh install Fresh install
2.0 Virtual Machine 2.0 Bare Metal
2.0 Virtual Machine ISO Upgrade only Fresh install
Chapter 5 Upgrading the IEM Software ISO Upgrade Option
ISO Upgrade OptionAs explained above, this option is only possible if you are upgrading from 1.0.3 that is installed on a VM.
Requirements:
• Perform the backup before the upgrade to prevent data loss from upgrade failure.
• The upgrade must be performed by an authorized Cisco team member who is able to request a Cisco TAC user validation string at https://tacaccess.cisco.com/cgi-bin/tacaccess.cgi.
• The person performing the upgrade must be able to upload the IEM upgrade ISO via SCP/SFTP.
Tip The default username for the IEM Configuration Menu is installer. Use the password that was chosen when the IEM was installed.
Step 1 Perform a backup of the server. Refer to the Cisco Interactive Experience Manager Administrator Guide for instructions.
Step 2 Request a Cisco TAC user validation string at https://tacaccess.cisco.com/cgi-bin/tacaccess.cgi.
Step 3 Log in as installer.
Figure 5-2 IEM VM Console Login Screen
Step 4 In the IEM VM Configuration Menu screen, you will see that the IEM software version is given as 1.8.08-5799.
Chapter 5 Upgrading the IEM Software ISO Upgrade Option
Step 9 Now you will SSH into the VM as the Cisco TAC user. First, choose a password that you will temporarily use just for the session. Since the window to enter the password is limited and the password must be complex, choose the password now. The installer password or passphrase must meet the following criteria:
• Password: A combination of upper case letters, lower case letters, numbers, and other characters. If you choose a twelve character long password, then choose characters from at least three out of the four categories. If you choose a eight character password, you must use characters from all four categories. But if you start your password with an upper case letter or end it with a number, additional characters from those categories must also be included in the password in order for the password to be valid.
• Passphrase: Should be of at least three words and sixteen to forty characters that are a combination of upper and lower case letters, numbers, and other characters.
Step 10 SSH into the IEM VM as ciscotac with the default password (not the password that you chose in the step above).
Figure 5-7 SSH Terminal with Cisco User Credentials
Step 11 Copy the Cisco TAC user validation string and press the Enter key.
Figure 5-8 SSH Terminal with TAC Access Validation String
Step 12 Enter the new password that you chose earlier.
Chapter 5 Upgrading the IEM Software Upgrading 2.0 Builds
Figure 5-19 File in Import Account Dialog Box
Step 13 Click Upload.
A green check mark appears next to the file after it has been uploaded.
Tip If a file uploaded is not desired or there is an error message associated with it, delete that file. Choose that file and then click remove.
Step 14 Click Close.
If you imported device names from 1.0.3 that included the dash/minus/hyphen sign (-), the sign will transfer to 2.0 and will still be present. But if you modify the name of the device after you import it into 2.0, you can no longer use the sign within the name of that device as per the naming rules set by 2.0. Refer to the Cisco Interactive Experience Manager Administrator Guide for more information about naming devices.
Upgrading 2.0 BuildsWhen a new build of the IEM software Version 2.0 is released, it is a best practice to upgrade your IEM to the latest build to take advantage of any enhancements and patches.
The process for upgrading to a newer 2.0 build is dependent on where the 2.0 IEM software has been installed:
• Bare metal: Follow the backup and restore steps in Chapter 9 of the Cisco Interactive Experience Manager Administrator Guide to upgrade the IEM software from an older 2.0 build to a newer 2.0 build.
• VM: Follow the steps below to upgrade a VM from an older 2.0 build to a newer 2.0 build.
Note It is best practice to backup the VM before starting the upgrading process to prevent data loss in case the upgrade fails.
Step 1 Open https://<IEM_IP>/cisco/status.php with a browser.
Appendix A High Availability Installation and Configuration Update Configurations
Restart postgresql
Step 1 Run the following script to restart postgreql:
$ sudo /bin/service postgresql restart
Restart pgpool-II
Step 1 Run the following script to restart the pgpool process:
$ sudo /bin/service pgpool restart
Note You may see the message “FAIL” when trying to stop the service. This is normal the first time.
Configure the Virtual IP Address of the Load BalancerIn this step set, you will set the virtual IP address of the load balancer in the IEM configuration file.
Step 3 Replace the IP address “172.25.26.240” in the <service>https://172.25.26.240/index.php/amf</service> line with the virtual IP address of the load balancer.
Appendix A High Availability Installation and Configuration Online Recovery Workflow Diagram
Step 6 Replace the IP address “172.25.26.240” in the $server = isset($argv[1]) ? $argv[1] : '172.25.26.240'; line with the virtual IP address of the load balancer.
pgpool-II Watchdog ScriptThe pgpool-II watchdog script is automatically installed and monitors the pgpool process. If the pgpool process fails, the watchdog script attempts to restart the process. If the process fails to start, the watchdog script will shut down the web server to failover to the other active node. The watchdog script will continue to check the progress of the pgpool process, and if the pgpool process starts, the watchdog script will bring the web server back up.
Online Recovery Workflow DiagramThe online recovery process can be logically defined in three steps:
1. (Script file -> copy_base_backup): During this step, pgpool takes a backup of the database yet still allows user connections. (File: copy_base_backup)
2. (Script file -> pgpool_recovery_pitr): This step waits for user connections to close [can force it] and stops new connections to pgpool.
3. (Script file -> pgpool_remote_start): This step starts postgres on the new or failed machine.