Avaya Secure Access Link Gateway using VMware® in the Virtualized Environment Deployment Guide.pdf

Avaya Secure Access Link Gatewayusing VMware® in the VirtualizedEnvironment Deployment Guide

Issue 2April 2013

© 2013 Avaya Inc.

All Rights Reserved.

Notice

While reasonable efforts have been made to ensure that theinformation in this document is complete and accurate at the time ofprinting, Avaya assumes no liability for any errors. Avaya reserves theright to make changes and corrections to the information in thisdocument without the obligation to notify any person or organization ofsuch changes.

Documentation disclaimer

“Documentation” means information published by Avaya in varyingmediums which may include product information, operating instructionsand performance specifications that Avaya generally makes availableto users of its products. Documentation does not include marketingmaterials. Avaya shall not be responsible for any modifications,additions, or deletions to the original published version ofdocumentation unless such modifications, additions, or deletions wereperformed by Avaya. End User agrees to indemnify and hold harmlessAvaya, Avaya's agents, servants and employees against all claims,lawsuits, demands and judgments arising out of, or in connection with,subsequent modifications, additions or deletions to this documentation,to the extent made by End User.

Link disclaimer

Avaya is not responsible for the contents or reliability of any linkedwebsites referenced within this site or documentation provided byAvaya. Avaya is not responsible for the accuracy of any information,statement or content provided on these sites and does not necessarilyendorse the products, services, or information described or offeredwithin them. Avaya does not guarantee that these links will work all thetime and has no control over the availability of the linked pages.

Warranty

Avaya provides a limited warranty on its hardware and Software(“Product(s)”). Refer to your sales agreement to establish the terms ofthe limited warranty. In addition, Avaya’s standard warranty language,as well as information regarding support for this Product while underwarranty is available to Avaya customers and other parties through theAvaya Support website: http://support.avaya.com. Please note that ifyou acquired the Product(s) from an authorized Avaya reseller outsideof the United States and Canada, the warranty is provided to you bysaid Avaya reseller and not by Avaya. “Software” means computerprograms in object code, provided by Avaya or an Avaya ChannelPartner, whether as stand-alone products or pre-installed on hardwareproducts, and any upgrades, updates, bug fixes, or modified versions.

Licenses

THE SOFTWARE LICENSE TERMS AVAILABLE ON THE AVAYAWEBSITE, HTTP://SUPPORT.AVAYA.COM/LICENSEINFO AREAPPLICABLE TO ANYONE WHO DOWNLOADS, USES AND/ORINSTALLS AVAYA SOFTWARE, PURCHASED FROM AVAYA INC.,ANY AVAYA AFFILIATE, OR AN AUTHORIZED AVAYA RESELLER(AS APPLICABLE) UNDER A COMMERCIAL AGREEMENT WITHAVAYA OR AN AUTHORIZED AVAYA RESELLER. UNLESSOTHERWISE AGREED TO BY AVAYA IN WRITING, AVAYA DOESNOT EXTEND THIS LICENSE IF THE SOFTWARE WAS OBTAINEDFROM ANYONE OTHER THAN AVAYA, AN AVAYA AFFILIATE ORAN AVAYA AUTHORIZED RESELLER; AVAYA RESERVES THERIGHT TO TAKE LEGAL ACTION AGAINST YOU AND ANYONEELSE USING OR SELLING THE SOFTWARE WITHOUT A LICENSE.BY INSTALLING, DOWNLOADING OR USING THE SOFTWARE, ORAUTHORIZING OTHERS TO DO SO, YOU, ON BEHALF OFYOURSELF AND THE ENTITY FOR WHOM YOU ARE INSTALLING,DOWNLOADING OR USING THE SOFTWARE (HEREINAFTERREFERRED TO INTERCHANGEABLY AS “YOU” AND “END USER”),AGREE TO THESE TERMS AND CONDITIONS AND CREATE ABINDING CONTRACT BETWEEN YOU AND AVAYA INC. OR THEAPPLICABLE AVAYA AFFILIATE (“AVAYA”).

Avaya grants you a license within the scope of the license typesdescribed below, with the exception of Heritage Nortel Software, forwhich the scope of the license is detailed below. Where the orderdocumentation does not expressly identify a license type, theapplicable license will be a Designated System License. The applicablenumber of licenses and units of capacity for which the license is grantedwill be one (1), unless a different number of licenses or units of capacityis specified in the documentation or other materials available to you.“Designated Processor” means a single stand-alone computing device.“Server” means a Designated Processor that hosts a softwareapplication to be accessed by multiple users.

Licence types

Designated System(s) License (DS). End User may install and useeach copy of the Software only on a number of Designated Processorsup to the number indicated in the order. Avaya may require theDesignated Processor(s) to be identified in the order by type, serialnumber, feature key, location or other specific designation, or to beprovided by End User to Avaya through electronic means establishedby Avaya specifically for this purpose.

Concurrent User License (CU). End User may install and use theSoftware on multiple Designated Processors or one or more Servers,so long as only the licensed number of Units are accessing and usingthe Software at any given time. A “Unit” means the unit on which Avaya,at its sole discretion, bases the pricing of its licenses and can be,without limitation, an agent, port or user, an e-mail or voice mail accountin the name of a person or corporate function (e.g., webmaster orhelpdesk), or a directory entry in the administrative database utilizedby the Software that permits one user to interface with the Software.Units may be linked to a specific, identified Server.

CPU License (CP). End User may install and use each copy of theSoftware on a number of Servers up to the number indicated in theorder provided that the performance capacity of the Server(s) does notexceed the performance capacity specified for the Software. End Usermay not re-install or operate the Software on Server(s) with a largerperformance capacity without Avaya’s prior consent and payment of anupgrade fee.

Named User License (NU). You may: (i) install and use the Softwareon a single Designated Processor or Server per authorized NamedUser (defined below); or (ii) install and use the Software on a Server solong as only authorized Named Users access and use the Software.“Named User”, means a user or device that has been expresslyauthorized by Avaya to access and use the Software. At Avaya’s solediscretion, a “Named User” may be, without limitation, designated byname, corporate function (e.g., webmaster or helpdesk), an e-mail orvoice mail account in the name of a person or corporate function, or adirectory entry in the administrative database utilized by the Softwarethat permits one user to interface with the Software.

Shrinkwrap License (SR). You may install and use the Software inaccordance with the terms and conditions of the applicable licenseagreements, such as “shrinkwrap” or “clickthrough” licenseaccompanying or applicable to the Software (“Shrinkwrap License”).

Heritage Nortel Software

“Heritage Nortel Software” means the software that was acquired byAvaya as part of its purchase of the Nortel Enterprise SolutionsBusiness in December 2009. The Heritage Nortel Software currentlyavailable for license from Avaya is the software contained within the listof Heritage Nortel Products located at http://support.avaya.com/LicenseInfo under the link “Heritage Nortel Products”. For HeritageNortel Software, Avaya grants Customer a license to use HeritageNortel Software provided hereunder solely to the extent of theauthorized activation or authorized usage level, solely for the purposespecified in the Documentation, and solely as embedded in, forexecution on, or (in the event the applicable Documentation permitsinstallation on non-Avaya equipment) for communication with Avayaequipment. Charges for Heritage Nortel Software may be based onextent of activation or use authorized as specified in an order or invoice.

2 SAL Gateway in the Virtualized Environment Deployment Guide April 2013Comments? [email protected]

http://support.avaya.com/

http://www.avaya.com/support/LicenseInfo

http://support.avaya.com/LicenseInfo

http://support.avaya.com/LicenseInfo

mailto:[email protected]?subject=SAL Gateway in the Virtualized Environment Deployment Guide

Copyright

Except where expressly stated otherwise, no use should be made ofmaterials on this site, the Documentation, Software, or hardwareprovided by Avaya. All content on this site, the documentation and theProduct provided by Avaya including the selection, arrangement anddesign of the content is owned either by Avaya or its licensors and isprotected by copyright and other intellectual property laws including thesui generis rights relating to the protection of databases. You may notmodify, copy, reproduce, republish, upload, post, transmit or distributein any way any content, in whole or in part, including any code andsoftware unless expressly authorized by Avaya. Unauthorizedreproduction, transmission, dissemination, storage, and or use withoutthe express written consent of Avaya can be a criminal, as well as acivil offense under the applicable law.

Virtualization

Each vAppliance will have its own ordering code. Note that eachinstance of a vAppliance must be separately ordered. If the end usercustomer or Business Partner would like to install 2 of the same typeof vAppliances, then 2 vAppliances of that type must be ordered.

Third Party Components

“Third Party Components” mean certain software programs or portionsthereof included in the Software that may contain software (includingopen source software) distributed under third party agreements (“ThirdParty Components”), which contain terms regarding the rights to usecertain portions of the Software (“Third Party Terms”). Informationregarding distributed Linux OS source code (for those Products thathave distributed Linux OS source code) and identifying the copyrightholders of the Third Party Components and the Third Party Terms thatapply is available in the Documentation or on Avaya’s website at: http://support.avaya.com/Copyright. You agree to the Third Party Terms forany such Third Party Components.

Preventing Toll Fraud

“Toll Fraud” is the unauthorized use of your telecommunicationssystem by an unauthorized party (for example, a person who is not acorporate employee, agent, subcontractor, or is not working on yourcompany's behalf). Be aware that there can be a risk of Toll Fraudassociated with your system and that, if Toll Fraud occurs, it can resultin substantial additional charges for your telecommunications services.

Avaya Toll Fraud intervention

If you suspect that you are being victimized by Toll Fraud and you needtechnical assistance or support, call Technical Service Center TollFraud Intervention Hotline at +1-800-643-2353 for the United Statesand Canada. For additional support telephone numbers, see the AvayaSupport website: http://support.avaya.com. Suspected securityvulnerabilities with Avaya products should be reported to Avaya bysending mail to: [email protected].

Trademarks

The trademarks, logos and service marks (“Marks”) displayed in thissite, the Documentation and Product(s) provided by Avaya are theregistered or unregistered Marks of Avaya, its affiliates, or other thirdparties. Users are not permitted to use such Marks without prior writtenconsent from Avaya or such third party which may own the Mark.Nothing contained in this site, the Documentation and Product(s)should be construed as granting, by implication, estoppel, or otherwise,any license or right in and to the Marks without the express writtenpermission of Avaya or the applicable third party.

Avaya is a registered trademark of Avaya Inc.

All non-Avaya trademarks are the property of their respective owners,and “Linux” is a registered trademark of Linus Torvalds.

Downloading Documentation

For the most current versions of Documentation, see the AvayaSupport website: http://support.avaya.com.

Contact Avaya Support

See the Avaya Support website: http://support.avaya.com for productnotices and articles, or to report a problem with your Avaya product.For a list of support telephone numbers and contact addresses, go tothe Avaya Support website: http://support.avaya.com, scroll to thebottom of the page, and select Contact Avaya Support.

SAL Gateway in the Virtualized Environment Deployment Guide April 2013 3

http://support.avaya.com/Copyright

http://support.avaya.com/Copyright

http://support.avaya.com




Contents

Chapter 1: Introduction...................................................................................................... 7Purpose..................................................................................................................................................... 7Intended audience.................................................................................................................................... 7Document changes since last issue.......................................................................................................... 7Related resources..................................................................................................................................... 8

Documentation................................................................................................................................. 8Training............................................................................................................................................ 8Avaya Mentor videos........................................................................................................................ 9

Support...................................................................................................................................................... 9Chapter 2: Architecture overview...................................................................................... 11

Avaya Aura® Virtualized Environment overview....................................................................................... 11VMware components................................................................................................................................ 13Deployment guidelines.............................................................................................................................. 13

Chapter 3: Planning and configuration............................................................................. 15Planning.................................................................................................................................................... 15Server hardware and resources................................................................................................................ 15SAL Gateway virtual machine resource requirements.............................................................................. 16

Editing the virtual machine resources.............................................................................................. 17VMware software requirements................................................................................................................ 17Software requirements.............................................................................................................................. 17Specifications of bundled software in the OVA......................................................................................... 18Capacity of SALGateway in a virtualization environment......................................................................... 18

Chapter 4: VMware best practices for performance........................................................ 19BIOS.......................................................................................................................................................... 19

Intel Virtualization Technology support............................................................................................ 19Dell PowerEdge Servers — BIOS settings....................................................................................... 20HP ProLiant Servers — BIOS settings............................................................................................. 20

VMware Tools........................................................................................................................................... 21Time keeping............................................................................................................................................. 21

Configuring timing............................................................................................................................ 22VMware networking best practices........................................................................................................... 23Thin vs. thick deployments........................................................................................................................ 24Best practices for VMware features.......................................................................................................... 25

VMware Snapshots.......................................................................................................................... 25VMware High Availability.................................................................................................................. 26VMware vMotion............................................................................................................................... 27Hyperthreading................................................................................................................................. 27

Chapter 5: Initial setup and pre-deployment.................................................................... 29Downloading the SAL Gateway OVA........................................................................................................ 29

Registering for PLDS........................................................................................................................ 29Downloading software from PLDS................................................................................................... 29

Registering the SAL Gateway virtual machine.......................................................................................... 30Chapter 6: Deploying the SAL Gateway OVA................................................................... 33

SAL Gateway OVA deployment overview................................................................................................. 33


Deployment checklist................................................................................................................................ 33Deploying the SAL Gateway OVA to vCenter........................................................................................... 34Properties field descriptions...................................................................................................................... 36Deploying the SAL Gateway OVA directly to the ESXi server.................................................................. 40Deployment of cloned and copied OVAs.................................................................................................. 41

Chapter 7: Initial configuration.......................................................................................... 43Starting the SAL Gateway virtual machine............................................................................................... 43Configuring the virtual machine automatic start and stop settings............................................................ 43Configuring the SAL Gateway and the network parameters..................................................................... 45

Chapter 8: Validation of the SAL Gateway implementation............................................ 47Testing the alarming service of SAL Gateway.......................................................................................... 47Testing the remote access service of SAL Gateway................................................................................ 47Testing the SAL Watchdog service........................................................................................................... 48Testing the Gateway UI............................................................................................................................. 48

Chapter 9: Reconfiguration of the virtual machine.......................................................... 49Reconfiguring the virtual machine deployed through vCenter.................................................................. 49Reconfiguring the virtual machine deployed directly on an ESXi server................................................... 50

Chapter 10: Backing up and restoring the virtual machine............................................ 51Backup and restore overview.................................................................................................................... 51Backing up the virtual machine................................................................................................................. 51Restoring a virtual machine....................................................................................................................... 52

Chapter 11: Upgrading the SAL Gateway OVA................................................................ 53Upgrading the SAL Gateway vAppliance.................................................................................................. 53Validating an upgrade operation............................................................................................................... 54

Chapter 12: Troubleshooting............................................................................................. 55FAQ........................................................................................................................................................... 55

Appendix A: PCN and PSN notifications.......................................................................... 59PCN and PSN notifications....................................................................................................................... 59Viewing PCNs and PSNs.......................................................................................................................... 59Signing up for PCNs and PSNs................................................................................................................ 60

Glossary............................................................................................................................... 61Index..................................................................................................................................... 63

6 SAL Gateway in the Virtualized Environment Deployment Guide April 2013

Chapter 1: Introduction

PurposeThis document provides procedures for deploying the Secure Access Link (SAL) Gatewayvirtual application in the Avaya Aura® Virtualized Environment. The document includesinstallation, configuration, initial administration, troubleshooting, and basic maintenancechecklists and procedures.

This document does not include optional or customized aspects of a configuration.

Intended audienceThe primary audience for this document is anyone who installs, configures, and verifies SALGateway on a VMware® vSphere™ 5.0 or 5.1 virtualization environment at a customer site.The audience includes and is not limited to implementation engineers, field technicians,business partners, solution providers, and customers.

Document changes since last issueThe following changes have been made to this document since the last issue:

• Added VMware ESXi 5.1 support information for SAL Gateway virtual application in theVMware software requirements section.

• Added the details of the application software and the operating system in theSpecifications of bundled software in the OVA section.

• Added the Deployment of cloned and copied OVAs section.


Related resources

DocumentationThe following table lists the documents related to this product. Download the documents fromthe Avaya Support website at http://support.avaya.com

Title Description AudienceDesign

Avaya Aura® VirtualizedEnvironment SolutionDescription

Describes the VirtualizedEnvironment solution from afunctional view. Includes a high-leveldescription of the solution as well astopology diagrams, customerrequirements, and designconsiderations.

Sales engineers

Implementation and administration

Implementing Secure AccessLink Gateway

Describes the implementationrequirements and procedures forstandalone SAL Gateway. Providesinformation about configuring andadministering SAL Gateway forremote servicing of Avaya products ata customer site.

Solutionarchitects,implementationengineers,support personnel

TrainingThe following courses are available on the Avaya Learning website at http://www.avaya-learning.com. To search for the course, log on to Avaya Learning Center, enter the coursecode in the Search field, and click Go.

Course code Course title1A00232V Avaya Aura® Essentials

Introduction



http://www.avaya-learning.com

http://www.avaya-learning.com


Avaya Mentor videosAvaya Mentor is an Avaya-run channel on YouTube that includes technical content on how toinstall, configure, and troubleshoot Avaya products.

Visit the Avaya Mentor Videos website at http://www.youtube.com/AvayaMentor and entervirtual appliance in the Search channel field to view the list of available videos.

You can also enter the application product name to view videos that are available for aparticular product.

SupportVisit the Avaya Support website at http://support.avaya.com for the most up-to-datedocumentation, product notices, and knowledge articles. You can also search for releasenotes, downloads, and resolutions to issues. Use the online service request system to createa service request. Chat with live agents to get answers to questions, or request an agent toconnect you to a support team if an issue requires additional expertise.

Support


http://www.youtube.com/AvayaMentor


Introduction



Chapter 2: Architecture overview

Avaya Aura® Virtualized Environment overviewTraditionally, Avaya Aura® has been sold and installed as an individual appliance withincustomer networks to offer collaboration capabilities and business advantages. Avaya Aura®

Virtualized Environment integrates real-time Avaya Aura® applications with VMware®

virtualized server architecture. Virtualized Environment provides the following benefits:

• simplifies IT management by providing common software administration andmaintenance.

• requires fewer servers and racks which reduces the footprint.

• lowers power consumption and cooling requirements.

• enables capital equipment cost savings.

• lowers operational expenses.

• uses standard operating procedures for both Avaya and non-Avaya products.

• satisfies customer demand for Avaya products in a virtualized environment on customer-specified servers and hardware.

• enables business to scale rapidly to accommodate growth and to respond to changingbusiness requirements.

For existing customers who have a VMware IT infrastructure, Avaya Aura® VirtualizedEnvironment provides an opportunity to upgrade to the next release level of collaboration usingtheir own VMware infrastructure. For customers who need to add more capacity or applicationinterfaces, Avaya Aura® applications on VMware offer flexible solutions to expansion. Forcustomers who want to migrate to the latest collaboration solutions, Avaya Aura® VirtualizedEnvironment provides a hardware-efficient simplified solution for upgrading to the latest AvayaAura® release and adding the latest Avaya Aura® capabilities.

The Virtualized Environment project is only for VMware and is not intended to include any otherindustry hypervisor. Virtualized Environment is inclusive of the Avaya Aura® portfolio.

Note:This document uses the following terms, and at times, uses the terms interchangeably.


• server and host

• reservations and configuration values

Virtualized Environment applicationsThe Virtualized Environment supports the following Avaya products:

• Avaya Aura® Communication Manager Release 6.2 (Simplex & Duplex)• Avaya Agile Communication Environment™ Release 6.2 (ACE)• Avaya Aura® Application Enablement Services Release 6.2 (AES)• WebLM Standalone Release 6.2 (WebLM)• Secure Access Link Release 2.2 (SAL)• Avaya Aura® System Manager Release 6.2 (SMGR)• Avaya Aura® Presence Services Release 6.1 (PS)• Avaya Aura® Session Manager Release 6.2 (SM)• Avaya Aura® Utility Services Release 6.2 (US)

Customer deploymentDeployment into the blade, cluster, and server is managed by vCenter or vSphere.

The customer provides the servers, the virtual appliances, the hardware, and the VMwareinfrastructure including the VMware licenses.

Software deliveryThe software is delivered as a pre-packaged Open Virtualization Application (OVA) file postedon the Avaya Product Licensing and Download System (PLDS). The OVA contains thefollowing components:

• the application software and operating system.• pre-installed VMware tools for deployment on VMware ESXi 5.0 and ESXi 5.1.• preset configuration details for

- RAM and CPU reservations and storage requirements- Network Interface Card (NIC)- other settings

Patches and upgradesA minimum patch level can be required for each supported application. See the CompatibilityMatrix at Compatibility Matrix for more information regarding the application patchrequirements.

Important:Do not update the VMware tools software which is packaged with each OVA unlessinstructed to do so by Avaya. The supplied version is the supported release and has beenthoroughly tested.

Architecture overview


http://support.avaya.com/CompatibilityMatrix/Index.aspx


Performance and capacitiesThe OVA template is built with configuration values which optimize performance and followrecommended Best Practices.

Caution:Modifying these values can have a direct impact on the performance, capacity, and stabilityof the virtual machine. It is the responsibility of the customer to understand theaforementioned impacts when changing configuration values. Avaya Global SupportServices (GSS) may not be able to assist in fully resolving a problem if the resourceallocation has been changed for a virtual application. Avaya GSS could require the customerto reset the values to the optimized values before starting to investigate the issue.

VMware components

VMware SoftwareComponent

Description

ESXi Host The physical machine running the ESXi Hypervisorsoftware.

ESXi Hypervisor A platform that runs multiple operating systems on a hostcomputer at the same time.

vSphere Client The client application that is installed on a personal computeror accessible through a Web interface. It connects to avCenter server or directly to an ESXi host in the case wherevCenter Server is not used. Enables the installation andmanagement of virtual machines.

vCenter Server vCenter Server provides centralized control and visibility atevery level of the virtual infrastructure. Virtual machines aremanaged through vSphere Client software which providesalarming and performance monitoring of ESXi hosts andvirtual machines. vCenter Server provides VMware featuressuch as High Availability and vMotion.

Deployment guidelinesThe high-level steps are:

1. Deployment of the .ova.

2. Configuration procedures.

3. Verification of the installation.

VMware components


The following are deployment guidelines for the virtual machines:

• Deploy the virtual appliances on the same host as possible, depending on host size andVMs.

• Deploy the virtual appliances on the same cluster if it goes beyond the host boundary.

• Segment redundant elements on a different cluster. For example, CommunicationManager duplication pair.

• Create a tiered or segmented cluster infrastructure that isolates critical applications, suchas Avaya Aura®, from other VMs.

• Ensure that you have enough resources for rainy day scenarios or conditions. Resourcesmay only be configured for traffic or performance on an average day.

• Do not over-subscribe resources. Over-subscribing causes performance problems.

• Monitor the blade, host, and virtual appliance performance.

Important:The values for performance, occupancy, and use can vary greatly. The blade may berunning at 5% occupancy, but a VM may be running at 50%. Note that some VMs willbehave differently at a higher CPU usage.

Architecture overview



Chapter 3: Planning and configuration

PlanningAs an Avaya customer, ensure that you complete the following before deploying the SALGateway open virtual application (OVA):

# Action Notes

1 Register for the Avaya ProductLicensing and Delivery System(PLDS) website at https://plds.avaya.com.

See Registering for PLDS onpage 29.

2 Download the SAL Gateway OVAfile from PLDS.

To log on to the PLDS website, useyour Avaya Single Sign On (SSO)login, which is associated with theSold-To number that identifies thelocation where you want to installSAL Gateway.

3 Ensure that you have all therequired hardware for the VMwareenvironment.

See Server hardware andresources on page 15.

4 Ensure that you plan the stagingand verification activities and thevirtualization environment hasenough resources to be assignedfor the SAL Gateway vAppliance.

See SAL Gateway virtual machineresource requirements onpage 16.

Server hardware and resourcesVMware offers certified compatibility guides which list System, I/O, Storage/SAN and Backupcompatibility with VMware Infrastructure See http://www.vmware.com/resources/guides.htmlto view the VMware certified Compatibility Guides and the Product Interoperability Matrixes.

The VMware-certified servers must be running ESXi 5.0 and any of its updates, or ESXi 5.1and any of its updates.


https://plds.avaya.com


http://www.vmware.com/resources/guides.html

Important:You must configure the time and NTP settings on each ESXi server before you deploy andconfigure the OVA. Otherwise, the deployed virtual machine may not boot correctly.

SAL Gateway virtual machine resource requirementsThe SAL Gateway virtual machine requires the following minimal set of resources to beavailable on the ESXi host for deployment. These resources are specified in the SAL GatewayOVA.

VMware Resource ValuevCPU 2

CPU speed 2 GHz

Memory 2 GB

Storage reservation 40 GB

Shared NIC 1 @ 1000 Mbps

You might deploy the SAL Gateway vAppliance on a host that does not have the resources toallocate to the virtual machine for starting the virtual machine. For a specific server speed,CPU reservations are assigned to the vAppliance through the OVA.

In case of CPU resource limitations, the system displays the Insufficient capacity oneach physical CPU, or some similar message after the start-up request. To correct thislimitation, you can adjust the virtual machine properties.

In some cases, the CPU adjustments might not correct the start-up conditions, and you mighthave to lower the CPU speed more. You can adjust other virtual machine resources asrequired.

Important:Do not modify any other resource settings, for example, downsizing of allocated resources.Modifying these allocated resources could have a direct impact on the performance,capacity, and stability of the SAL Gateway virtual machine. To run at full capacity, the virtualmachine must meet these resource size requirements. Removing or downsizingreservations could put this requirement at risk.

For SAL Gateway to perform at maximum capacity, Avaya recommends that you adjust theresource allocation for the virtual machine to have 2 vCPUs with CPU speed of 2 GHz orhigher.

Related topics:Editing the virtual machine resources on page 17

Planning and configuration



Editing the virtual machine resourcesAbout this taskUse this procedure to adjust the virtual machine resources if the host does not have enoughresources to allocate according to the reservations that are specified in the OVA.

Procedure

1. Right click the virtual machine, and select Edit Settings.

2. On the Virtual Machine Properties window, select the Resources tab.The tab displays the virtual machine resources, including CPU, Memory, Disk, andAdvanced CPU.

3. For CPU limitations, select CPU from the left pane and adjust the CPU reservationto an appropriate number so that the virtual machine can function properly.Alternatively, enter the exact number into the Reservations field.

4. Adjust the other resource allocations, as required.

5. Click OK.

VMware software requirementsFor optimal results, use the following VMware software versions:

• VMware vSphere Client ESXi 5.0 or ESXi 5.1

• VMware vCenter Server ESXi 5.0 or ESXi 5.1

ESXi 5.0 can be added under vCenter Server 5.0 and vCenter Server 5.1. However, ESXi 5.1can be added only under vCenter Server 5.1. See VMware Product Interoperability Matrixesat http://partnerweb.vmware.com/comp_guide2/sim/interop_matrix.php to view compatibilitywith other solution releases.

Software requirementsSAL Gateway uses the current release, 2.2, of software as the standard release of SALGateway vAppliance on VMware vSphere 5.0 or 5.1. SAL Gateway vAppliance currently doesnot support VMware vSphere 4.1. The SAL Gateway VMware virtualization environment ispackaged as a vAppliance ready for deployment on VMware-certified hardware.

VMware software requirements


http://partnerweb.vmware.com/comp_guide2/sim/interop_matrix.php

The following table lists the required software and the supported versions for the SAL GatewayVMware virtualization environment.

Equipment Software versionsVMware vCenter Server 5.0.0, build 623373

5.1.0, build 880146

VMware vSphere Client 5.0.0, build 6233735.1.0, build 860230

VMware ESXi Host 5.0.0, build 6238605.1.0, build 799733

VMware Tools 8.6.0.6261, build 426873

Specifications of bundled software in the OVAThe SAL Gateway OVA contains the application software, operating system, and otherrequired software components, along with preinstalled VMware tools.

The following are the specifications of the software components included as part of the SALGateway OVA.

Operating system CentOS 5.8, 64-bit

Java Oracle JRE 1.6.0_33

Application software SAL Gateway 2.2.0.0.24

Capacity of SALGateway in a virtualization environmentThe capacity of SAL Gateway VMware virtualization environment is the same as the capacityof a standalone SAL Gateway. To run at full capacity, the virtual machine must meet therequired specifications and the resource allocation. Also, the alarm flow, remote sessions, andnetwork conditions must the normal. For the capacity matrix of a standalone SAL Gateway,see Implementing Secure Access Link Gateway 2.2.

Planning and configuration



Chapter 4: VMware best practices forperformance

The following sections define the required best practices for the SAL Gateway virtualization environment.For standard virtualization best practices for VMware vSphere 5.0, see Performance Best Practices forVMware vSphere 5.0. For standard virtualization best practices for VMware vSphere 5.1, see PerformanceBest Practices for VMware vSphere 5.1.

BIOSFor details on BIOS settings to improve the environment for latency-sensitive workloads for anapplication, see the Best Practices for Performance Tuning of Latency-Sensitive Workloads invSphere VMs technical white paper at http://www.vmware.com/files/pdf/techpaper/VMW-Tuning-Latency-Sensitive-Workloads.pdf.

The following are the best performance BIOS settings for a few specific servers from theVMware-certified server list. In general, turn off power-saving server options for optimalperformance. Consult the manufacturer technical data for your particular server.

Related topics:Intel Virtualization Technology support on page 19Dell PowerEdge Servers — BIOS settings on page 20HP ProLiant Servers — BIOS settings on page 20

Intel Virtualization Technology supportIntel CPUs require EM64T and Virtualization Technology (VT) support in the chip and in theBIOS to run 64–bit virtual machines.

All Intel Xeon processors feature:

• Intel Virtualization Technology

• Intel Extended Memory 64 Technology

• Execute Disable Bit


http://www.vmware.com/pdf/Perf_Best_Practices_vSphere5.0.pdf




http://www.vmware.com/files/pdf/techpaper/VMW-Tuning-Latency-Sensitive-Workloads.pdf

http://www.vmware.com/files/pdf/techpaper/VMW-Tuning-Latency-Sensitive-Workloads.pdf

Ensure that VT is enabled in the host system BIOS. The feature may be called VT, VanderpoolTechnology, Virtualization Technology, VMX, or Virtual Machine Extensions.

Note:The VT setting is locked (either on or off) at boot time. After enabling VT in the system BIOS,save your changes to the BIOS settings and exit. The host server will reboot, and the BIOSchanges will take effect.

Other suggested BIOS settingsServers with Intel Nehalem class and newer Intel Xeon CPUs also offer two powermanagement options: C-states and Intel Turbo Boost.

• Disabling C-states lowers latencies to activate the CPUs from halt or idle states to fullpower on.

• Intel Turbo Boost steps up the internal frequency of the processor if the workload requiresmore power. The default for this option is enabled. Do not change the default.

These settings depend on the OEM make and model of the server. The BIOS parameterterminology for current Dell and HP servers are described in the following sections. Otherserver make and models may have other terminology but equivalent BIOS controls.

Dell PowerEdge Servers — BIOS settingsWhen the Dell server starts, you select F2 to display the system setup options. The followingare the recommended BIOS settings for the Dell PowerEdge servers:

• Set the Power Management Mode to Maximum Performance.

• Set the CPU Power and Performance Management Mode to Maximum Performance.

• Under Processor Settings, set Turbo Mode to enable.

• Under Processor Settings, set C States to disabled.

HP ProLiant Servers — BIOS settingsThe following are the recommended BIOS settings for the HP ProLiant servers:

• Set the Power Regulator Mode to Static High Mode.

• Disable Processor C-State Support.

• Disable Processor C1E Support.

• Disable QPI Power Management.

• Enable Intel Turbo Boost.

VMware best practices for performance



VMware ToolsVMware Tools are included as part of the application OVA. The tools are a suite of utilities thatenhances the performance of the guest operating system on the virtual machine and improvesthe management of the virtual machine.

The tools provide:

• VMware Network acceleration

• Host to Guest time synchronization

• Disk sizing

• Startup/Shutdown

For more information, see Overview of VMware Tools at http://kb.vmware.com/kb/340.

Important:Do not update the VMware tools software which is packaged with each OVA unlessinstructed to do so by Avaya. The supplied version is the supported release and has beenthoroughly tested.

Time keepingFor accurate time keeping, use the Network Time Protocol (NTP) as a time source instead ofthe ESXi hypervisor.

The NTP servers can be local to the LAN or over the Internet. If the NTP servers are on theInternet, the corporate firewall must open UDP port 123 so that NTP service can communicatewith the external NTP servers.

VMware tools time synchronization is disabled at application deployment time to avoid duelingclock masters. You must configure the NTP service first because the applications are notreceiving clock updates from the hypervisor. To verify VMware Tools Timesync is Disabled,run the command /usr/bin/vmware-toolbox-cmd timesync status.

In special situations, such as powering up the virtual machine, after vMotion, and afterresuming a suspended virtual machine, the ESXi hypervisor will push an updated view of itsclock into a virtual machine. If this view is very different from that received over the network(over 1000 seconds), the NTP service might not adjust to the network time and shutdown. Inthis situation, the guest administrator must manually set the guest clock to be the same or asclose as possible to the network time source clock. To keep the NTP service active, the clock

VMware Tools


http://kb.vmware.com/kb/340

on the ESXi host must also use an accurate clock source, such as the same network timesource that is used by the guest. The VMware recommendation is to add tinker panic 0 to thefirst line of the ntp.conf file so that the NTP can adjust to the network time even with largedifferences.

If you use the names of the time servers instead of the IP address in setting the NTPconfiguration, you must configure the Domain Name Service in the guest before administeringthe NTP service. Otherwise, the NTP service will not be able to locate the time servers. If theNTP service is administered first, you must restart the NTP service after administering the DNSservice.

After you administer the NTP service in the application, run the ntpstat or /usr/sbin/ntpq -pcommand from a command window to verify the NTP service is getting time from a networktime source. The results indicate which network time source is being used, how close the guestis to the network time, and how often the guest checks the time. The guest polls the time sourcebetween every 65 and 1024 seconds. Larger time intervals indicate that the guest clock istracking the network time source closely. If the time source is local, then the NTP service isnot using a network time source and a problem exists.

If the clock value seems to be consistently wrong, look through the system log for entriesregarding ntpd. The NTP service writes the activities it performs to the log, including when itloses synchronization with a network time source.

For more information, see Timekeeping best practices for Linux guests at http://kb.vmware.com/kb/1006427. The article presents best practices for Linux timekeeping. Theserecommendations include specifics on the particular kernel command line options to use forthe Linux operating system of interest. There is also a description of the recommended settingsand usage for NTP time sync, configuration of VMware Tools time synchronization, and VirtualHardware Clock configuration to achieve best timekeeping results.

Related topics:Configuring timing on page 22

Configuring timingThe SAL Gateway virtual machine relies on NTP for timekeeping. The SAL Gateway virtualmachine has an NTP service running that you can configure to synchronize with an externalNTP server.

Important:To maintain the system time of the SAL Gateway virtual machine, you must configure NTPon the SAL virtualized environment. Timekeeping is also important for managing andisolating alarms that SAL Gateway forwards.

About this taskUse this procedure to configure the NTP service on the SAL Gateway virtual machine.






Procedure

1. Connect to the virtual machine through an SSH client.

2. Log in as admin, and switch to the root user.

3. Run the following command to stop the NTP service:service ntpd stop

4. Open the /etc/ntp.conf file in a text editor.

5. Add the following line at the top of the file:tinker panic 0

6. If you do not want to use the CentOS NTP servers, comment out the following lines:server 0.centos.pool.ntp.orgserver 1.centos.pool.ntp.orgserver 2.centos.pool.ntp.org

7. After those lines, add the NTP servers for time synchronization as the following:server <IP/hostname>server <IP/hostname>

8. Comment out the following two lines:server 127.127.1.0 # local clock fudge 127.127.1.0 stratum 10

9. Save and close the /etc/ntp.conf file.

10. Run the following command to start the NTP service:service ntpd start

Next stepsIf the NTP servers are on the Internet, you must configure the corporate firewall to open theUDP port 123 so that the NTP service can communicate with the external NTP servers.

VMware networking best practices You can have many different configurations for networking in a VMware environment. Theinformation in this section includes a number of best practices and recommendations from theperspective of Avaya.

This section is not a substitute for the actual VMware documentation. If you do not haveexperience with VMware networking, you must review the VMware networking best practicesbefore deploying any applications on an ESXi host.

The following are the suggested best practices for configuring a network that supportsapplications deployed on VMware hosts:

VMware networking best practices


• Create a vSphere standard or distributed switch with dedicated NICs for each service toachieve greater security and performance. If separate switches are not possible, use portgroups with different VLAN IDs.

• Configure the vMotion connection in such as way that the connection is located on aseparate network that is devoted to vMotion.

• To protect sensitive VMs, deploy firewalls in the VM that route between virtual networkswith uplinks to physical networks and pure virtual networks with no uplinks to physicalnetworks.

• Specify VM NIC hardware type vmxnet3 for best performance. Avaya .ova files are builtusing vmxnet3 by default.

• Connect all physical NICs that are connected to the same vSphere standard or distributedswitch to the same physical network.

• Configure all VMkernal vNICs to the same IP Maximum Transmission Unit (MTU).

References

Title Link

Performance Best Practices forVMware vSphere™ 5.0


Performance Best Practices forVMware vSphere® 5.1


VMware vSphere Basics http://pubs.vmware.com/vsphere-50/index.jsp?topic=%2Fcom.vmware.vsphere.introduction.doc_50%2FGUID-F7A7E6C0-FA25-4806-8921-0438F1B2AEAE.html

Thin vs. thick deploymentsThe general recommendation is to deploy thick disks which are lazy-zeroed. A lazy-zeroedthick disk has all of the space allocated at the time of creation, but each block is zeroed onlyon the first write. The result is a shorter creation time but reduced performance the first time ablock is written.

Some configurations require eager-zeroed thick disks. An eager-zeroed thick disk• has all space allocated and zeroed out at the time of creation.• results in the best performance, even on the first write to each block.• has a longer disk creation time. Because of the extra time required to deploy an eager

zero disk, it is not uncommon for the deployment operation to time out and fail.

Thin provisioned disks can over-allocate storage. If the storage is over-allocated, thin virtualdisks can grow to fill an entire datastore if left unchecked. You can use thin provisioned disks,







http://pubs.vmware.com/vsphere-50/index.jsp?topic=%2Fcom.vmware.vsphere.introduction.doc_50%2FGUID-F7A7E6C0-FA25-4806-8921-0438F1B2AEAE.html




but you must use strict control and monitoring to maintain adequate performance and ensurethat storage is not completely consumed. If operational procedures are in place to mitigate therisk of performance and storage depletion, then thin disks are a viable option.

Best practices for VMware features

VMware SnapshotsA snapshot preserves the state and data of a virtual machine at a specific point in time. Asnapshot is useful as a short-term fallback for patching and upgrading the system.

Snapshots can:

• consume large amounts of data resources.

• cause increased CPU loads on the host.

• affect performance.

• affect service.

Caution:Snapshot operations can adversely affect service. The application that is running onthe virtual machine must be stopped or set to out-of-service before you perform asnapshot operation. When the snapshot operation has completed, the application canthen be restarted or brought back into service.

Due to the adverse behaviors, consider the following recommendations when using theSnapshot feature.

• Do not rely on VMware snapshots as a robust backup and recovery method. Snapshotsare not backups. The snapshot file is only a change log of the original virtual disk.

• Do not run a virtual machine off of a snapshot. Do not use a single snapshot for morethan 24-72 hours. The recommended actions are to take the snapshot, make the changesto the virtual machine, and delete or commit the snapshot as soon as the virtual machineis verified to be working properly. Following the recommended actions preventssnapshots from growing so large as to cause issues when deleting or committing thesnapshots to the original virtual machine disks.

• When taking a snapshot, do not save the memory of the virtual machine. The length oftime the host takes to write the memory onto the disk is relative to the amount of memorythe virtual machine is configured to use and can add several minutes to the time it takesto complete the operation. If the snapshot is activated, saving memory will make calls



appear to be active or in progress and can cause confusion to the user. When creating asnapshot, make sure that you:

- uncheck the Snapshot the virtual machine’s memory check box in the TakeVirtual Machine Snapshot window.

- select the Quiesce guest file system (Needs VMware Tools installed) check boxto make sure all writes to the disks have completed. It gives a better chance ofcreating a clean snapshot image from which to boot.

• If you are going to use snapshots over a long period of time, you must consolidate thesnapshot files on a regular basis to improve performance and reduce disk usage. Beforemerging the snapshot delta disks back into the base disk of the virtual machine, you mustfirst delete stored snapshots.

Note:In the event of a consolidate failure, end-users can use the actual Consolidate optionwithout opening a service request with VMware. If a commit or delete operation doesnot merge the snapshot deltas into the base disk of the virtual machine, a warning isdisplayed in the UI.

Related resources

Title Web page

Best practices for virtual machine snapshotsin the VMware environment

Best Practices for virtual machine snapshotsin the VMware environment

Understanding virtual machine snapshots inVMware ESXi and ESX

Understanding virtual machine snapshots inVMware ESXi and ESX

Working with snapshots Working with snapshots

Configuring VMware vCenter Server to sendalarms when virtual machines are runningfrom snapshots

Send alarms when virtual machines arerunning from snapshots

Consolidating snapshots in vSphere 5.x Consolidating snapshots in vSphere 5.x

VMware High AvailabilityVMware High Availability (HA) is a viable option for SAL recovery in the VMware environment.If you have configured VMware HA on the ESXi host on which a SAL Gateway virtual machineis installed, failure of this ESXi host results in SAL Gateway vAppliance being moved to astandby ESXi host. After the cold boot of SAL Gateway on the standby ESXi host is complete,SAL Gateway resumes to provide all the usual features and services.



HTTP://KB.VMWARE.COM/KB/1025279




http://kb.vmware.com/KB/1009402





Keep the following points in mind while configuring to use VMware HA:

• All virtual machines and the configuration files of the virtual machine must be on a sharedstorage, such as Fibre Channel SAN, iSCSI SAN, or SAN iSCI NAS.

• To have reliable failure detection for HA clusters, the console network must haveredundant network paths. The reason is that VMware HA monitors the heartbeat betweenhosts on the console network for failure detection.

• VMware HA uses the virtual machine priority to decide the order of restart.

VMware vMotionVMware uses the vMotion technology to migrate a running virtual machine from one physicalserver to another physical server without incurring downtime. The migration process, alsoknown as a hot-migration, enables the live migration of running virtual machines with zerodowntime, continuous service availability, and complete transaction integrity.

With vMotion, you can

• schedule migration to occur at predetermined times and without the presence of anadministrator.

• perform hardware maintenance without scheduled downtime.

• migrate virtual machines away from failing or under-performing servers.

Before using vMotion, note the following:

• Ensure that each host that migrates virtual machines to or from the host uses a licensedvMotion application and the vMotion is enabled.

• Ensure that you have identical vSwitches. You must enable vMotion on thesevSwitches.

• Ensure identical Port Groups for vMotion.

• Use a dedicated NIC to ensure the best performance.

HyperthreadingVMware® recommends that you enable hyperthreading on the ESXi host as hyperthreadingcan enhance the processor performance. Hyperthreading is enabled by default on the ESXihost. For the procedure to enable hyperthreading, see the VMware® ESXi hostdocumentation.



Chapter 5: Initial setup and pre-deployment

Downloading the SAL Gateway OVA

Registering for PLDSProcedure

1. Go to the Avaya Product Licensing and Delivery System (PLDS) Web site at https://plds.avaya.com.The PLDS Web site redirects you to the Avaya single sign-on (SSO) Web page.

2. Log in to SSO with your SSO ID and password.The PLDS registration page is displayed.

3. If you are registering:

• as an Avaya Partner, enter the Partner Link ID. If you do not know your PartnerLink ID, send an e-mail to [email protected].

• as a customer, enter one of the following:

- Company Sold-To

- Ship-To number

- License authorization code (LAC)

4. Click Submit.Avaya will send you the PLDS access confirmation within one business day.

Downloading software from PLDSAbout this task

Note:You can download product software from http://support.avaya.com also.





Procedure

1. Type http://plds.avaya.com in your Web browser to go to the Avaya PLDSwebsite.

2. Enter your Login ID and password to log on to the PLDS Web site.

3. On the Home page, select Assets.

4. Select View Downloads.

5. Search for the available downloads using one of the following methods:

• By actual download name

• By selecting an application type from the drop-down list

• By download type

• By clicking Search Downloads

6. Click the download icon from the appropriate download.

7. When the system displays the confirmation box, select Click to download yourfile now.

8. If you receive an error message, click on the message, install Active X, and continuewith the download.

9. When the system displays the security warning, click Install.When the installation is complete, PLDS displays the downloads again with acheckmark next to the downloads that are completed successfully.

Registering the SAL Gateway virtual machineRegistering a product with Avaya is a process that uniquely identifies the product so that Avayacan provide service to the product. To register a product, you must notify Avaya RegistrationTeam and provide the appropriate product information.

When you register a new SAL Gateway, Avaya assigns a Solution Element ID (SEID) and aProduct ID to the SAL Gateway. You require these identifiers to install the SAL Gateway virtualmachine software. Using these IDs, Avaya can uniquely identify the SAL Gateway at yourlocation.

About this taskUse this procedure to register a SAL Gateway virtual machine with Avaya and to obtain theunique identifiers prior to the SAL Gateway virtual machine implementation.

Initial setup and pre-deployment


http://plds.avaya.com


Procedure

1. Using the Secure Access Link Registration Form that is available with the softwaredownload, complete Step 1 of the form. On the form, enter the following information:

• Customer name.

• Avaya Sold-To number or customer functional location (FL) number thatidentifies the location where you want to install SAL Gateway.

• Customer contact information, so that Avaya can contact you for sending theIDs or for any queries.

2. (Optional) To obtain SEIDs of registered devices from other functional locations,complete Step 2 of the registration form.

3. Send the registration form to [email protected] using the link provided on theform.

ResultAvaya uses this information to register the new SAL Gateway. When the registration iscomplete, Avaya sends you an email message with the following information:

• The SEID and the Product ID of the new SAL Gateway. You require these identifiers toinstall SAL Gateway.

• A list of Avaya devices currently registered at the same location.• A list of other FLs for your company.

If you completed Step 2 of the registration form, Avaya sends you a list of SEIDs and ProductIDs of the devices installed in the locations you selected.

Next steps

• Implement the SAL Gateway virtual machine.• Add managed devices to your SAL Gateway using the SEIDs provided to you in Step 1

and Step 2 of the registration form.• Submit the registration form after completing Step 2 for the added managed devices.

Registering the SAL Gateway virtual machine


Initial setup and pre-deployment



Chapter 6: Deploying the SAL GatewayOVA

SAL Gateway OVA deployment overviewThe SAL Gateway OVA supports two models of deployment on a VMware vSphere 5.0 or 5.1environment:

• vCenter deployment through a vSphere client

• Direct deployment to the ESXi server through a vSphere client

Based on the VMware environment you have, select one of the two methods of deployment.

Deployment checklistUse the following checklist for deploying the SAL Gateway vAppliance.

# Action Link/Notes

1 Ensure that the ESXi host server isready.

2 Ensure that you have the SolutionElement ID and the Product ID forSAL Gateway.

You receive these IDs after youregister SAL Gateway with Avaya.For more information, see Registering the SAL Gatewayvirtual machine on page 30.

3 Deploy the OVA. See Deploying the SAL GatewayOVA directly to the ESXi server onpage 40 or Deploying the SALGateway OVA to vCenter onpage 34.


Deploying the SAL Gateway OVA to vCenterIf you have a vCenter server to administer your VMware infrastructure, use this procedure todeploy the SAL Gateway OVA to your VMware infrastructure. In the vCenter deployment, youget the options to provide the SAL Gateway configuration information through the deploymentwizard windows.

Procedure

1. Connect to the vCenter server through the vSphere client.

2. Select File > Deploy OVF Template.

3. In the Deploy OVF Template window, perform one of the following to select the OVAfile, and click Next:

• If the OVA file is downloaded at a location accessible from your computer, clickBrowse to select the location.

• If the OVA file is located on an HTTP server, enter the full URL in the Deployfrom a file or URL field.

4. In the OVF Template Details window, verify the details about the SAL Gateway OVAtemplate, and click Next.

5. In the End User License Agreement window, read the license agreement, and clickAccept.

6. Click Next.

7. Perform the following to specify the location for the deployment:

a. In the Name and Location window, in the Name field, type a unique name forthe new virtual machine.

b. From the Inventory Location field, select the inventory location to deploy thevirtual machine.

c. Click Next.If you did not select a host when you started the deployment process, the wizarddisplays the Host/Cluster window.

d. Select the host or cluster where you want to deploy the virtual machine, andclick Next.If the host or cluster has resource pools, the wizard displays the ResourcePool window.

e. Select the resource pool you want to use, and click Next.

8. In the Storage window, select the data store location to store the virtual machinefiles, and click Next.

Deploying the SAL Gateway OVA



9. In the Disk Format window, accept the default disk format, Thick Provision LazyZeroed, which allocates the required 40-GB disk space for the SAL Gateway virtualmachine, and click Next.For information about virtual disk, see Thin vs. thick deployments on page 24.

10. In the Properties window, perform the following to configure the SAL Gatewayspecifications:

a. In the Application section of the Properties window, complete the following fieldsfor configuring the SAL Gateway parameters:

• Timezone setting

• Hostname

• Solution Element ID

• Alarm ID

• Platform Qualifier

• Primary Destination Core

• Port

• Secondary Destination Core

• Port

• Primary Destination Remote

• Port

• Secondary Destination Remote

• Port

• (Optional) Proxy Type

• (Optional) Proxy Hostname

• (Optional) Proxy Port

• (Optional) Proxy User

• (Optional) Proxy Password

• (Optional) Policy Server Hostname

• (Optional) Policy Server Port

• Master Agent Hostname

• Master AgentX Port

• Roleb. In the Network Properties section of the Properties window, complete the

following fields according to your network settings:

• Default Gateway

Deploying the SAL Gateway OVA to vCenter


• DNS

• Network 1 IP Address

• Network 1 Netmask

For more information about the fields, see Properties field descriptions onpage 36.

11. Click Next.

12. (Optional) In the Ready to Complete window, select the Power on afterdeployment check box to automatically start the virtual machine after thedeployment.If you do not select this check box, you can manually start the virtual machine afterthe deployment.

13. In the Ready to Complete window, verify the deployment properties settings, andclick Finish.The deployment process takes about 10 to 12 minutes to complete. If the OVA filelocation is an HTTP server, the deployment process might take more time.

Next stepsIf you did not select the option to start the virtual machine automatically, start the virtualmachine.

Related topics:Starting the SAL Gateway virtual machine on page 43

Properties field descriptionsThe following table provides the descriptions of the fields available in the Application sectionof the Properties page.

Name DescriptionTimezone setting The appropriate time zone for the location where

you deploy the SAL Gateway virtual machine.

Hostname The host name of the SAL Gateway virtualmachine.

Solution Element ID A unique identifier in the format (nnn)nnn-nnnn,where n is a digit from 0 through 9. Using this ID,Avaya Services or Avaya Partners can uniquelyidentify and connect to this SAL Gateway.You must replace the default value with theSolution Element ID you receive from Avaya.




Name DescriptionOtherwise, the remote access and product alarmfunctionalities through SAL Gateway are affected.You receive this ID after you register SAL Gatewaywith Avaya.

Note:Register your SAL Gateway before you performthe deployment so that you have the SolutionElement ID and Product ID ready for thedeployment. You can modify the SolutionElement ID and the Product ID information laterthrough the SAL Gateway user interface (UI).

Alarm ID A unique 10-character ID, also called Product ID,assigned to a device, for example, this SALGateway. The Product ID is included in alarms thatare sent to alarm receivers from the manageddevice. Avaya uses the Alarm ID to identify thedevice that generated the alarm.You must replace the default value with the ProductID you receive from Avaya. Otherwise, the remoteaccess and product alarm functionalities throughSAL Gateway are affected. You receive this IDafter you register SAL Gateway with Avaya.

Platform Qualifier An alphanumeric string to establish a channel forcommunication between SAL Gateway and SecureAccess Concentrator Core Server.The default platform qualifier is Enterprise-production. Do not change the default valueunless you receive instructions to do so.

Primary Destination Core The host name of the Concentrator Core Serverthat SAL Gateway first contacts.The default value issecure.alarming.avaya.com, which isused to communicate with the Concentrator CoreServer located at Avaya.If you have a local Concentrator Core Server or oneat a partner location, you must enter the host nameor the IP address of that server. Otherwise, youmust retain the default value to communicate withAvaya.

Port The port number for the primary Concentrator CoreServer.The default port is 443. For the Avaya ConcentratorCore Server, you must retain the default value. Fora local Concentrator Core Server, you must enterthe value as 8443.

Properties field descriptions


Name DescriptionSecondary Destination Core The host name of the secondary Concentrator

Core Server.The default value for this field issecure.alarming.avaya.com.

Note:If you do not have a secondary server, acceptthe default value.

Port The port number for the secondary ConcentratorCore Server.The default value for this field is 443.

Note:If you do not have a secondary server, acceptthe default value.

Primary Destination Remote The host name or IP address of the primary SecureAccess Concentrator Remote Server that requestsand facilitates remote access for servicepersonnel.The default value is sl1.sal.avaya.com,where sl1 has a lower case letter L and then thenumber 1 following the letter s.

Port The port number of the primary Secure AccessConcentrator Remote Server.The default value is 443.

Secondary Destination Remote The host name or IP address of the secondaryConcentrator Remote Server.The default value is sl1.sal.avaya.com.

Port The port number of the secondary destination.The default value is 443.

Proxy Type (Optional) The type of channel that the SALGateway virtual machine uses to communicatewith the servers outside your network. This field isrequired only if you use a proxy server for Internetaccess outside the firewall of your network. Theoptions are:

• HTTP: For an HTTP proxy withoutauthentication.

• Authenticated HTTP: For an HTTP proxy withauthentication.

• SOCKS: For a SOCKS proxy withoutauthentication.




Name DescriptionProxy Hostname (Optional) The host name or IP address of the

proxy server. This field is required only if you havea proxy server for Internet access outside yournetwork.

Proxy Port (Optional) The port number of the proxy server.

Proxy User (Optional) The user name for the authenticatedHTTP proxy. This field is required only if the proxytype is authenticated HTTP.

Proxy Password (Optional) The password for the authenticatedHTTP proxy. This field is required only if the proxytype is authenticated HTTP.

Policy Server Hostname (Optional) The host name or the IP address ofPolicy Server installed on your network.The use of Policy Server is optional. You can addthe Policy Server information later through the SALGateway user interface (UI).

Policy Server Port (Optional) The port number that Policy Server usesfor communication with SAL Gateway.

Master Agent Hostname The host name or IP address of the SNMP masteragent to which the SNMP subagent mustconnect.The default value is 127.0.0.1. If you have notconfigured an SNMP master agent before the OVAdeployment, you must update the SNMP masteragent information on the SAL Gateway UI after youcomplete OVA deployment.For information about SNMP master agentconfiguration, see Implementing Secure AccessLink Gateway.

Master AgentX Port The AgentX listener port number of the SNMPmaster agent.

Role The role or permission level of the Avaya supportpersonnel to the SAL Gateway UI. Avaya supportpersonnel can have one of the following roles:

• Administrator: With full permissions to all theSAL Gateway UI pages except a few.

• Browse: With the read-only access to allpages.

• Deny: Without access to the SAL Gateway UI.

The following table provides the descriptions of the fields available in the Network Propertiessection of the Properties page.

Properties field descriptions


Name DescriptionDefault Gateway The IP address of the default gateway on your

network. You can leave this field blank if you planto use Dynamic Host Configuration Protocol(DHCP).

DNS The comma-separated addresses of the DomainName Servers (DNS) for the virtual machine. Youcan leave this field blank if you plan to useDHCP.

Network 1 IP Address The IP address of the network interface. You canleave this field blank if you plan to use DHCP.

Network 1 Netmask The netmask or prefix for the network interface.You can leave this field blank if you plan to useDHCP.

Deploying the SAL Gateway OVA directly to the ESXiserver

Use this procedure to deploy the SAL Gateway OVA directly to the ESXi server through avSphere client.

During this direct deployment, you cannot configure the SAL Gateway parameters. After thedeployment, when you start the SAL Gateway virtual machine console for the first time, theconsole displays a series of prompts to set the SAL Gateway parameters.

Procedure

1. Connect to the ESXi host server through the vSphere client.

2. Select File > Deploy OVF Template.

3. On the Deploy OVF Template window, perform one of the following to select theOVA file:

• If the OVA file is downloaded at a location accessible from your computer, clickBrowse to select the location.

• If the OVA file is located on an http server, enter the full URL in the Deployfrom a file or URL field.

4. Click Next.

5. On the OVF Template Details window, verify the details about the SAL GatewayOVA template, and click Next.




6. On the End User License Agreement window, read the license agreement, clickAccept, and click Next.

7. On the Name and Location window, in the Name field, type a unique name for thenew virtual machine, and click Next.

8. On the Disk Format window, accept the default disk format, Thick Provision LazyZeroed, which allocates the required 40-GB disk space for the SAL Gateway virtualmachine, and click Next.For information about virtual disk, see Thin vs. thick deployments on page 24.

9. (Optional) On the Ready to Complete window, select the Power on afterdeployment check box to automatically start the virtual machine after thedeployment.If you do not select this check box, you can manually start the virtual machine afterthe deployment.

10. On the Ready to Complete window, verify the deployment settings, and clickFinish.The deployment process takes about 10 to 12 minutes to complete. If the OVA filelocation is an http server, the deployment process might take more time.

Next stepsIf you did not select the option to start the virtual machine automatically, start the virtualmachine.

Start the SAL Gateway virtual machine console, and configure the SAL Gatewayparameters.

Related topics:Starting the SAL Gateway virtual machine on page 43Configuring the SAL Gateway and the network parameters on page 45

Deployment of cloned and copied OVAsTo re-deploy a virtual machine, you can create a copy of the virtual machine or clone the virtualmachine. These processes have subtle technical details that require a thorough understandingof the effects of these approaches. To avoid any complexities and unexpected behavior, deploya new OVA.

Installing a guest operating system and applications can be time consuming. With cloning, youcan make several copies of a virtual machine from a single installation and configurationprocess. However, if you are making a clone of an Avaya application, do not perform anyGuest Customization. If you are making a clone of an Avaya application, select Do notcustomize.

Deployment of cloned and copied OVAs


Chapter 7: Initial configuration

Starting the SAL Gateway virtual machineUse this procedure to start the virtual machine.

Procedure

1. In the vSphere client, right-click the virtual machine, and click Power > PowerOn.

2. In the vSphere client, right click the virtual machine, and click Open Console.

ResultThe console displays the system startup messages. The system starts the system servicesand the SAL Gateway services. After the startup process is complete, the system displays amessage to log in to the virtual machine.

If you deploy the virtual machine directly on the ESXi host server, the system displaysmessages to set the SAL Gateway parameters and the network parameters whenever youstart the virtual machine.

Configuring the virtual machine automatic start and stopsettings

Configure the virtual machine to start automatically after a power failure or a restart of thehypervisor. The default is set to no.

In high availability (HA) clusters, the VMware HA software ignores the Startup selections.

Procedure

1. In the vSphere Client inventory, select the host where the virtual machine islocated.

2. Click the Configuration tab.

3. In the Software section, click Virtual Machine Startup/Shutdown.


4. Click Properties in the upper right corner of the screen.

5. In the System Settings section, select Allow virtual machines to start and stopautomatically with the system.

6. In the Manual Startup section, select the virtual machine.

7. Use the Move up button to move the virtual machine under Automatic Startup.

8. Click OK.

ExampleThe following is an example of the Virtual Machine Startup/Shutdown screen.

Initial configuration



Configuring the SAL Gateway and the network parametersIf you deploy the SAL Gateway virtual machine directly on an ESXi host server, you mustconfigure the network and the SAL Gateway parameters when you start the virtual machinefor the first time.

At each subsequent restart of the virtual machine that was deployed directly on an ESXi host,you get the options to reconfigure the virtual machine. You can either proceed with theconfiguration or skip the configuration.

Procedure

1. After you start the virtual machine for the first time, open the virtual machineconsole.As a part of the startup, the system prompts you to configure the SAL GatewayvAppliance.

2. If required, select the appropriate option in the configuration wizard to change thefollowing network settings:

• The IP address of the default gateway on your network.

Note:Set the IP address and netmask before entering the default gatewayinformation for the virtual machine.

• The hostname of the virtual machine.

• The domain name server (DNS) information.

• The proxy server information.

• The IP address allocated to the virtual machine.

3. At the system prompt, select the time zone for the SAL Gateway virtual machine.

4. At the appropriate system prompts, complete the following SAL Gatewayparameters. To accept the default values, press Enter at each prompt:

• SAL Gateway Solution Element ID

• SAL Gateway Alarm ID

• Platform Qualifier

• Primary Destination Core Server

• Primary Destination Core Server Port

• Secondary Destination Core Server

• Secondary Destination Core Server Port

Configuring the SAL Gateway and the network parameters


• Primary Destination Remote Server

• Primary Destination Remote Server Port

• Secondary Destination Remote Server

• Secondary Destination Remote Server Port

• (Optional) Proxy Type

• (Optional) Proxy Server Hostname

• (Optional) Proxy Server Port

• (Optional) Policy Server Hostname

• (Optional) Policy Server Port

• Master Agent Hostname

• Master Agent Port

For more information about the fields, see Properties field descriptions onpage 36.

5. When the system prompts, select the role to be assigned to Avaya servicepersonnel.

6. Confirm the configuration changes.The system configures SAL Gateway according to the settings you entered.

ResultAfter the SAL Gateway configuration is complete, the system starts the SAL Gateway servicesand prompts you to log on to the virtual machine.

Initial configuration



Chapter 8: Validation of the SAL Gatewayimplementation

You can run a number of tests to validate whether the SAL Gateway implementation is successful. Thevalidation involves ensuring that the SAL Gateway services, which include alarming, remote access, SALWatchdog, and SAL Gateway UI, are running properly.

Testing the alarming service of SAL GatewayProcedure

1. Log on to the SAL Gateway virtual machine as admin, and switch to the root user.

2. Run the following command, and check the outcome of the command:service spiritAgent status

3. If the service is not running, run the following command to start the service:service spiritAgent start

4. Check the status again to verify that the service is running properly.

Testing the remote access service of SAL GatewayAbout this taskUse the following procedure to test whether the remote access service of SAL Gateway isrunning properly.

Procedure


2. Run the following command, and check the outcome of the command:service axedaAgent status

3. If the service is not running, run the following command to start the service:


service axedaAgent start4. Check the status again to verify that the service is running properly.

Testing the SAL Watchdog serviceProcedure


2. Run the following command, and check the outcome of the command:service salWatchdog status

3. If the service is not running, run the following command to start the service:service salWatchdog start

4. Check the status again to verify that the service is running properly.

Testing the Gateway UIAbout this taskYou can browse to the SAL Gateway Web interface using a Web browser.

Procedure

1. From another terminal on the network where SAL Gateway is deployed, open aWeb browser.

2. In the address bar, type the following URL:https://<IP address of the SAL Gateway virtual machine>:7443You can replace the host IP with the DNS host name if the host server is registeredunder DNS.The browser must display the SAL Gateway login page.

Validation of the SAL Gateway implementation



Chapter 9: Reconfiguration of the virtualmachine

After you deploy the SAL Gateway virtual machine, you can reconfigure the virtual machine at any time.The reconfiguration procedures differ based on the type of deployment, which can be vCenter deploymentor direct ESXi deployment.

Reconfiguring the virtual machine deployed throughvCenter

About this taskUse this procedure to reconfigure the virtual machine deployed using vCenter.

Procedure

1. Connect to the vCenter server through the vSphere client.

2. Shut down the virtual machine.

3. Right click the virtual machine, and click Edit Settings.

4. On the Edit Settings window, select the Options tab, and click Properties.

5. Modify the properties according to your requirements.

Note:On the Edit Settings window, you can modify the time zone and the networksettings, which include the hostname, the netmask, the IP Address, the DNS, andthe default gateway. To change any SAL Gateway-specific parameters, use theSAL Gateway Web interface.

6. Click OK.

7. Power on the virtual machine.

ResultWhen the virtual machine boots up, all the settings are applied automatically.


Reconfiguring the virtual machine deployed directly on anESXi server

If you deploy the SAL Gateway virtual machine directly on an ESXi host, then at every reboot,a script runs during the boot up process that waits for user inputs. By following the interactivemessages from the script, you can reconfigure the virtual machine. The script waits for yourinput for 30 seconds before proceeding with the normal boot process. If you do not provideany input within 30 seconds, the script skips the reconfiguration of the virtual machine andproceeds with the normal boot process.

About this taskUse this procedure only when you need to reconfigure the virtual machine deployed directlyon an ESXi host server.

Procedure

1. Connect to the ESXi host server through the vSphere client.

2. Shut down the virtual machine.

3. Start the virtual machine, and open the virtual machine console.As part of the startup, the system prompts you to configure the virtual machine.

4. Follow the interactive messages that the system displays to reconfigure the virtualmachine.

Note:Using this procedure, you can modify the time zone and the network settings,which include hostname, netmask, IP Address, DNS, and default gateway. Tochange any SAL Gateway-specific parameters, use the SAL Gateway WebInterface.

For more information about the network parameters, see Configuring the SALGateway and the network parameters on page 45.

Reconfiguration of the virtual machine



Chapter 10: Backing up and restoring thevirtual machine

Backup and restore overviewYou can use the backup and restore capabilities of the SAL Gateway virtual machine for thelong-term backup and recovery of the SAL Gateway virtual machine that runs on VMware.

As the customer, you have the responsibility to run the backup at periodic intervals.Alternatively, you can schedule a job to run the backup at a periodic interval and copy thebackup archive to an external system for preserving the data in the event of a systemfailure.

Backing up the virtual machineAbout this taskUse this procedure to back up the SAL Gateway virtual machine.

Procedure

1. Open a virtual machine console, or connect to the virtual machine using an SSHclient.


3. Run the following command:backupThe system displays the directory location where the backup archive is saved.

You can find the latest backup archive file at the /vm-data/backup/archives/ directory. The archive file is saved with a file name similar tovmbackup_xxxxxxxx.tar.gz.

4. Copy the backup archive to an external host to prevent loss of data in the event ofa system failure.To copy the file to a remote server, you can use the Linux scp command:


scp <archive_file><username>@<remote_server_ip>:<directory_path>

Restoring a virtual machine About this taskUse this procedure to restore a virtual machine from a backup archive.

Procedure

1. Deploy the virtual machine.

2. Start the virtual machine.

3. Log in to the virtual machine as admin, and switch to the root user.

4. Copy the backup archive file to a directory on the virtual machine.If you are copying the file from a remote system, you can use the following:

• From a Linux remote system: Use the scp command to copy the file back tothe virtual machine.

scp<user>@<SAL_VM_IP_or_hostname>:<directorypath_and_filename_on_remote_system_location>

• From a Windows remote system: Use WinSCP or a similar file transfer utilityto copy the file back to the virtual machine.

5. From the virtual machine console, run the following command:restore <Archive_file_path_on_VM>

Backing up and restoring the virtual machine



Chapter 11: Upgrading the SAL GatewayOVA

Upgrading the SAL Gateway vApplianceAbout this taskUse this procedure to upgrade to a new version of the SAL Gateway vAppliance. That is, ifyou have already deployed the Beta version of the SAL Gateway virtual machine, you can usethis procedure to upgrade to the GA version of the SAL Gateway virtual machine.

Procedure

1. Take a backup of the existing SAL Gateway virtual machine, and copy the backupfile to an external host.For more information, see Backing up the virtual machine on page 51.

2. Shut down the existing SAL Gateway virtual machine.

3. Deploy the new SAL Gateway OVA on an ESXi host server.You can accept the default values for configuring the virtual machine and the SALGateway software as you are going to restore the configuration values from thebackup file of the earlier virtual machine.

4. Start the new SAL Gateway virtual machine.

5. Log in to the new SAL Gateway virtual machine as admin, and switch to the rootuser.

6. Copy the backup file from the external host to a directory on the new virtualmachine.

7. Restore the backup file on the new SAL Gateway virtual machine.For more information, see Restoring a virtual machine on page 52.

Next stepsCheck the network configuration, services, and SAL Gateway configuration to validate that theupgrade process is successful.

After you validate the upgrade process, you can remove the earlier virtual machine from thehost server.


Related topics:Deploying the SAL Gateway OVA to vCenter on page 34Deploying the SAL Gateway OVA directly to the ESXi server on page 40Backing up the virtual machine on page 51Restoring a virtual machine on page 52

Validating an upgrade operationAfter you upgrade the SAL Gateway virtual machine by restoring the backup of an earlier virtualmachine, you must check whether the network configuration and the SAL Gatewayconfiguration are properly restored. Additionally, you must check that all the services arerunning on the new virtual machine.

About this taskUse the following steps to validate that the upgrade process is successful.

Procedure


2. Run the following command to check the version of the new SAL Gateway virtualmachine:swversion -vThe version number for the GA release of the SAL Gateway vAppliance isSALGateway-2.2.0.0-vApp-1.0.0.0-e50-09.

3. Run the following commands to view and verify that the network configurationparameters, including IP address and hostname, are restored properly:ifconfighostnameless /etc/host

4. Run the following commands to verify that the SAL Gateway services are up andrunning:service spiritAgent statusservice axedaAgent statusservice gatewayUI status

5. Log on to the SAL Gateway Web interface, and check the SAL Gatewayconfiguration.To report a problem with the upgrade operation or to contact Avaya Support forassistance, visit the Avaya Support website at http://support.avaya.com.

Upgrading the SAL Gateway OVA




Chapter 12: Troubleshooting

FAQ

Q. Do I require a console access while rebooting the SAL Gateway virtual machine?

A. No. A console access is not necessary while you reboot the SAL Gateway virtualmachine. However, depending on the deployment scenario and the user needs, havinga console access can be useful.If the SAL Gateway virtual machine was deployed through vCenter, then you do notrequire a console access during the rebooting. If the SAL Gateway virtual machine wasdeployed directly on an ESXi host using a vSphere client, then having a console accesscan help you to reconfigure the virtual machine during the boot process. When youreboot a SAL Gateway virtual machine that is deployed directly on an ESXi host, ascript runs during the boot process that waits for user inputs. You can utilize the scriptto reconfigure the virtual machine. The script waits for user input for 30 seconds beforeproceeding with the normal boot process. If you do not provide input within 30 seconds,the script considers that you do not want to reconfigure the virtual machine. To be ableto utilize the script, you require a console access. In absence of a console access, thescript waits for 30 seconds and then continues with the normal boot process. Thisprocess is applicable only in the case of direct deployment.

Q. How do I reconfigure my virtual machine after I have deployed the virtual machine?

A. For information about reconfiguring your virtual machine, see Reconfiguring the virtualmachine deployed through vCenter on page 49 and Reconfiguring the virtual machinedeployed directly on an ESXi server on page 50.

Q. How do I manage the system date and time?

A. The SAL Gateway virtual machine uses NTP to synchronize the system time with anNTP server. For information about configuring NTP servers on the SAL Gateway virtualmachine, see Configuring timing on page 22.

Q. Can I use the Ethernet interface other than eth0 for the SAL Gateway virtual machine?

A. No. Currently the SAL Gateway virtual machine can work only with eth0.

Q. Can I use DHCP for the network parameters for the SAL Gateway virtual machine?

A. Even though the SAL Gateway virtual machine supports DHCP, Avaya does notrecommend using DHCP for the SAL Gateway virtual machine. The SAL Gatewayvirtual machine has SAL Gateway running on the machine, which onboards the devicesin the customer network. For onboarding, SAL Gateway uses the IP address of the SALGateway virtual machine. If you use DHCP for configuring the network parameters of


the SAL Gateway virtual machine, then chances are that the IP address of the SALGateway virtual machine might change. In such cases, you must again onboard all thedevices, which were already onboard, one by one with the new IP address.Configure static parameters for the networking of the SAL Gateway virtual machine sothat you do not encounter similar issues.

Q. I have installed the SAL Gateway virtual machine using DHCP through vCenter. Howdo I change to static configuration?

A. Perform the following steps to apply static configuration for networking to the SALGateway virtual machine installed using vCenter:

1. Open a virtual machine console, or connect to the virtual machine through an SSHclient.


3. Run the following command:/opt/vmware/share/vami/vami_ovf_process -s eth0

4. Shut down the virtual machine using the vCenter administration.

5. Edit the virtual machine settings.

6. Provide static configuration for the networking parameters in the Propertiespage.

7. Start the virtual machine using the vCenter administration.

Q. Why do I get an VM communication interface: [FAILED] error on thevirtual machine console during the first boot?

A. Ignore these errors. During the first boot, the system recreates the initial ram disk (initrd)to include the VMware Tools modules, which causes these errors. These errors haveno service impact. The errors do not occur on subsequent reboots.

Q. Why do I get an Unloading iptables modules: [FAILED] error during therestore operation?

A. Ignore this error. Apart from the SAL Gateway services, other processes in the SALGateway virtual machine use the iptables modules. During the restore process, thesystem tries to restart the iptables service. The restart attempt fails because theseshared modules cannot be unloaded while other processes are still running. Failure tounload the iptables modules has no service impact.

Q. How do I find the version of the SAL Gateway virtual machine?

A. Perform the following steps to find the version of the SAL Gateway virtual machine:

1. Open a virtual machine console, or connect to the virtual machine through an SSHclient.

2. Log in as admin.

3. Run the following command:sudo swversionThe system displays a verbose output.

4. To see only the SAL Gateway version, run the following command:

Troubleshooting



sudo swversion -s5. To see only the version of the SAL Gateway virtual machine, run the following

command:sudo swversion -v

Q. I got an error while running the restore command. What should I do?

A. Try to run the restore command again. If the error persists, visit the Avaya Supportwebsite at http://support.avaya.com to contact Avaya.

Q. Why do I have to configure the virtual machine every time I boot up?

A. A. If you deployed the SAL Gateway virtual machine directly on an ESXi host, thenevery time you boot the virtual machine, a script runs as part of the boot up processthat waits for user inputs. Through the interactive prompts from the script, you canreconfigure the virtual machine.The script runs in two parts. In the first part, you can configure the network parameters.In the second part, you can configure the time zone settings.If you want to skip the process, type n or N when the script prompts for reconfigurationon the virtual machine console.

Q. Why pressing Control+C does not work during the configuration of the virtual machineon the virtual machine console?

A. The script for configuring network parameters for a direct deployment on an ESXi hostindicates that pressing Control+C opens the main menu. However, this script runs whilethe virtual machine is still booting. Therefore, the Control+C key press sequence doesnot work. This issue is a known issue.

Q. Will there be any service outage if I run the storage or host vMotion?

A. Running the storage or host vMotion does not affect any service that is currently runningon the SAL Gateway virtual machine. Any remote connections created before runningthe storage or host vMotion continue to work.However, when the storage or host vMotion is in progress, you might not be able toestablish new remote connections to the managed devices. This outage lasts only untilthe storage or host vMotion is complete. After the storage or host vMotion completessuccessfully, you can establish new connections.

FAQ



Troubleshooting



Appendix A: PCN and PSN notifications

PCN and PSN notificationsAvaya issues a product-change notice (PCN) in case of any software update. For example, aPCN must accompany a service pack or a patch that needs to be applied universally. Avayaissues product-support notice (PSN) when there is no patch, service pack, or release fix, butthe business unit or services need to alert Avaya Direct, Business Partners, and customers ofa problem or a change in a product. A PSN can also be used to provide a workaround for aknown problem, steps to recover logs, or steps to recover software. Both these notices alertyou to important issues that directly impact Avaya products.

Viewing PCNs and PSNsAbout this taskTo view PCNs and PSNs, perform the following steps:

Procedure

1. Go to the Avaya Support website at http://support.avaya.com.

Note:If the Avaya Support website displays the login page, enter your SSO logincredentials.

2. On the top of the page, click DOWNLOADS & DOCUMENTS.

3. On the Downloads & Documents page, in the Enter Your Product Here field, enterthe name of the product.

4. In the Choose Release field, select the specific release from the drop-down list.

5. Select Documents as the content type.

6. Select the appropriate filters as per your search requirement. For example, if youselect Product Support Notices, the system displays only PSNs in the documentslist.



Note:You can apply multiple filters to search for the required documents.

Signing up for PCNs and PSNsAbout this taskManually viewing PCNs and PSNs is helpful, but you can also sign up for receiving notificationsof new PCNs and PSNs. Signing up for notifications alerts you to specific issues you must beaware of. These notifications also alert you when new product documentation, new productpatches, or new services packs are available. The Avaya E-Notifications process managesthis proactive notification system .

To sign up for notifications:

Procedure

1. Go to the Avaya Support Web Tips and Troubleshooting: eNotificationsManagement page at https://support.avaya.com/ext/index?page=content&id=PRCS100274#.

2. Set up e-notifications. For detailed information, see the How to set up your E-Notifications procedure.

PCN and PSN notifications


https://support.avaya.com/ext/index?page=content&id=PRCS100274#

https://support.avaya.com/ext/index?page=content&id=PRCS100274#


Glossary

AFS Authentication File System. AFS is an Avaya Web system that allowsyou to create Authentication Files for secure Avaya Global Serviceslogins for supported non-Communication Manager Systems.

Application A software solution development by Avaya that includes a guestoperating system.

Avaya Appliance A physical server sold by Avaya running a VMware hypervisor that hasseveral virtual machines, each with its virtualized applications. Theservers can be staged with the operating system and applicationsoftware already installed. Some of the servers are sold as just the serverwith DVD or software downloads.

Avaya ServicesVM

A virtual machine that supports Avaya services applications. Currentlythe services virtual machine is part of System Platform which uses a non-VMWare hypervisor.

Blade A blade server is a stripped-down server computer with a modular designoptimized to minimize the use of physical space and energy. Althoughmany components are removed from blade servers to save space,minimize power consumption and other considerations, the blade stillhas all of the functional components to be considered a computer.

ESXi A virtualization layer that runs directly on the server hardware. Alsoknown as a bare-metal hypervisor. Provides processor, memory,storage, and networking resources on multiple virtual machines.

HA High Availability. A VMware feature for supporting virtual applicationfailover by migrating the application from one ESXi host to another. Sincethe entire host fails over, several applications or virtual machines can beinvolved. The failover is a reboot recovery level which can take severalminutes.

Hypervisor A hypervisor is also known as a Virtual Machine Manager (VMM). Ahypervisor is a hardware virtualization technique which runs multipleoperating systems on the same shared physical server.

MAC Media Access Control address. A unique identifier assigned to networkinterfaces for communication on the physical network segment.

OVA Open Virtualization Appliance. An OVA contains the virtual machinedescription, disk images, and a manifest zipped into a single file. The


OVA follows the Distributed Management Task Force (DMTF)specification.

PLDS Product Licensing and Download System. The Avaya PLDS providesproduct licensing and electronic software download distribution.

Reservation A reservation is the amount of physical RAM, CPU cycles, or memorythat are reserved for a virtual machine.

RFA Remote Feature Activation. RFA is an Avaya Web system that you useto create Avaya License Files. These files are used to activate softwareincluding features, capacities, releases, and offer categories. RFA alsocreates Authentication Files for secure Avaya Global Services logins forCommunication Manager Systems.

SAN Storage Area Network. A SAN is a dedicated network that providesaccess to consolidated data storage. SANs are primarily used to makestorage devices, such as disk arrays, accessible to servers so that thedevices appear as locally attached devices to the operating system.

Snapshot Capture a virtual appliance configuration in time. Creating a snapshotcan affect service. Some Avaya virtual appliances have limitations andothers have specific instructions for creating snapshots.

Storage vMotion A VMware feature that migrates virtual machine disk files from one datastorage location to another with limited impact to end users.

vCenter Server An administrative interface from VMware for the entire virtualinfrastructure or data center, including VMs, ESXi hosts, deploymentprofiles, distributed virtual networking, and hardware monitoring.

virtual appliance A virtual appliance is a single software application bundled with anoperating system.

VM Virtual Machine. Replica of a physical server from an operationalperspective. A VM is a software implementation of a machine (forexample, a computer) that executes programs similar to a physicalmachine.

vMotion A VMware feature that migrates a running virtual machine from onephysical server to another with minimal downtime or impact to end users.vMotion cannot be used to move virtual machines from one data centerto another.

vSphere Client vSphere Client is VMware’s computer cloud virtualization operatingsystem.

PLDS



Index

A

Avaya applications ..................................................... 23networking ............................................................23

Avaya Mentor videos ....................................................9

B

best practices ............................................................. 19performance .........................................................19

BIOS ...........................................................................19BIOS for Dell servers ..................................................20BIOS for HP servers ...................................................21bundled software specifications ................................. 18

C

capacity of SAL Gateway ........................................... 18checklist ................................................................ 15, 33

deployment procedures ....................................... 33planning procedures ............................................ 15

clones ......................................................................... 41deployment .......................................................... 41

components ................................................................13VMware ................................................................13

configure .....................................................................45network parameters ............................................. 45SAL Gateway parameters ....................................45

configuring ..................................................................22timing ................................................................... 22

courses .........................................................................8

D

deploying copies .........................................................41deploying OVA ......................................................34, 40

directly to ESXi .....................................................40to vCenter ............................................................ 34

deployment .................................................................24thick ......................................................................24thin ....................................................................... 24

deployment guidelines ................................................13deployment procedures ..............................................33

checklist ............................................................... 33document changes .......................................................7document purpose ....................................................... 7

downloading software .................................................29

E

editing .........................................................................17virtual machine resources ....................................17

F

FAQ ............................................................................ 55field descriptions .........................................................36

properties page ....................................................36

G

guidelines ................................................................... 13deployment .......................................................... 13

H

high availability ........................................................... 26hyperthreading ........................................................... 27

I

Intel VT support .......................................................... 19intended audience ........................................................7

N

network parameters ....................................................45configure .............................................................. 45

networking Avaya applications ................................... 23networking best practices ...........................................23

O

overview .......................................................... 11, 33, 51backup and restore .............................................. 51OVA deployment ..................................................33

P

PCN ............................................................................59


PCN notification ..........................................................59PCNs .......................................................................... 59performance best practices ........................................ 19planning procedures ...................................................15

checklist ............................................................... 15PLDS .......................................................................... 29

downloading software .......................................... 29properties page .......................................................... 36

field descriptions .................................................. 36PSN ............................................................................ 59PSN notification ..........................................................59PSNs .......................................................................... 59purpose of document ................................................... 7

R

reconfiguration ............................................................49virtual machine .....................................................49

reconfiguring virtual machine ................................49, 50at ESXi host ......................................................... 50at vCenter ............................................................ 49

registering ............................................................. 29, 30SAL Gateway .......................................................30

related documentation ..................................................8related resources ......................................................... 9

Avaya Mentor videos ............................................. 9requirements .........................................................16, 17

software ............................................................... 17virtual machine resources ....................................16

resource requirements ............................................... 16resources ....................................................................15

server ...................................................................15restoring ..................................................................... 52

virtual machine .....................................................52

S

SAL Gateway ............................................................. 30registering ............................................................ 30

SAL Gateway capacity ............................................... 18SAL Gateway implementation .................................... 47

test alarming services .......................................... 47test remote access service .................................. 47validation ..............................................................47

SAL Gateway parameters .......................................... 45configure .............................................................. 45

SAL Gateway vAppliance ...........................................53

upgrading .............................................................53server hardware and resources ..................................15signing up for PCNs and PSNs .................................. 60snapshots ................................................................... 25software requirements ................................................17specifications ..............................................................18

bundled software ..................................................18starting virtual machine .............................................. 43support ......................................................................... 9

contact ................................................................... 9supported versions ..................................................... 17

VMware ................................................................17

T

test remote access service .........................................47test the alarming service ............................................ 47testing .........................................................................48

SAL Watchdog service .........................................48thick deployment ........................................................ 24thin deployment .......................................................... 24time keeping ............................................................... 21timekeeping ................................................................ 22

configuring ........................................................... 22training ......................................................................... 8

U

upgrade operation ...................................................... 54validating ..............................................................54

upgrading ................................................................... 53SAL Gateway vAppliance .................................... 53

V

validating .................................................................... 54upgrade operation ................................................54

videos ...........................................................................9Avaya Mentor .........................................................9

virtual machine ......................................................43, 49shutdown setting ..................................................43startup setting ...................................................... 43reconfiguration ..................................................... 49starting ................................................................. 43

virtual machine resource requirements ...................... 16virtual machine resources .......................................... 17

editing .................................................................. 17vMotion .......................................................................27VMware software ........................................................17

supported .............................................................17VMware Tools ............................................................ 21VT support ..................................................................19

64 SAL Gateway in the Virtualized Environment Deployment Guide April 2013

Avaya Secure Access Link Gateway using VMware® in the Virtualized Environment Deployment Guide.pdf

Documents

Transcript of Avaya Secure Access Link Gateway using VMware® in the Virtualized Environment Deployment Guide.pdf