Learn how to set up NCM Self-Service (Calm) on your Prism Central.
NCM Self-Service (CALM) is a heterogeneous orchestration solution that allows the automation and management of deployments. It runs on Prism Central and allows the administration of various environments (Nutanix Cluster, bare metal server, etc...).
Requirements
- a Nutanix cluster in your OVHcloud account
- access to the OVHcloud Control Panel
- you must be connected to the cluster via Prism Central
- have Self-Service (CALM) licenses (available through the Nutanix on OVHcloud packaged service with limitations for the Starter Pack)
- An additional VLAN in your cluster that distributes IPAM IP addresses and has internet access
Instructions
We will enable CALM, create two applications for our Nutanix cluster, and publish them on the application portals which are:
- An Nginx Web server with Linux Ubuntu.
- An IIS Web server on a Windows server.
Activating CALM
Before deploying CALM, you must configure an IP address for the ISCSI Data Services IP.
From the Prism Central dashboard, click on your Cluster
in the Cluster Quick Access section.
In the Prism Element, click on the cluster settings
in the top left-hand corner.
Verify the IP Address in the ISCSI Data Services IP field and click Save
.
Go back to Prism Central, go to the main menu on the left, and click on Calm
in the Services section.
Click Enable App. Orchestration(Calm)
.
Select the Enable App Management
check box and click Save
.
CALM is being activated.
Creating a project
You need to create a project to deploy applications.
From the Prism Central menu, click on Calm
in the Services section.
Click the Projects
icon in the vertical menu bar.
Click the + Create Project
button.
Type the project name
in Project Name field and click Create
.
Click + Add infrastructure
.
Click Add infrastructure
.
Select NTNX_LOCAL_AZ
from accounts.
Click Configure Resources
.
Select your Cluster
from Select clusters to be added to this project and click + Select VLANs
.
Check the production
VLAN box and click Confirm and Select Default
.
Click Confirm
.
Click Save
.
In the tab bar go to Environments
and click Create Environment
.
Type a Name
in the Name field and click Next
.
Click Select Infrastructure
.
Click NTNX_LOCAL_AZ
.
Click Required for launching blueprints from marketplace
to the right of VM Configuration.
Enter this information:
-
Cluster:
choose your cluster
-
vCPUs:
4
-
Core per vCPU:
1
-
Memory (GiB):
4
-
Image:
WS2022EN-SYSPREPED
Then scroll down
the window.
Click the +
button to the right of NETWORK ADAPTERS (NICs).
Choose the network adapter in the production
VLAN, check the Check log-in upon create
box and scroll up in the window.
Go to the Linux
tab, and enter this information:
-
Cluster:
choose your cluster
-
vCPUs:
4
-
Core per vCPU:
1
-
Memory (GiB):
4
-
Image:
jammy-server-cloudimg-amd64.img
Then scroll down
the window.
Click the +
button to the right of NETWORK ADAPTERS (NICs).
Choose the network adapter in the production
VLAN, check the Check log-in upon create
box and click Next
.
Click + Add Credential
.
Click + Add Credential
.
Enter this information:
-
Name:
WindowsAccount
-
Username:
administrator
-
Password:
administrator account password
Then, click + Add Credential
.
Enter this information:
-
Name:
LinuxAccount
-
Username:
administrator
-
Password:
administrator account password
Then click Save Environment
.
Click Marketplace Usage
.
Click Update
.
Click Next
.
Click Not ready for marketplace usage
to the right of VM Configuration.
Scroll down
the window.
Choose WindowsAccount
from Credential and scroll up
the window.
Click the Linux
tab in Credential and scroll down
the window.
Choose LinuxAccount
from Credential and click Next
.
Click Save Environment
.
Your environment is ready for application creation and distribution.
Creating applications
We will create two applications, test how they work, and publish them to the cluster marketplace.
Creating IIS Web Application on Windows
Look at the vertical bar on the left edge of the screen.
- Choose
Blueprints
. - Open the
Create Blueprint
menu. - Click on
Multi VM/Pod Blueprint
.
Choose the name
of your blueprint from Name and click on Proceed
.
Type the name
in Application Profile Name and click on Credentials
at the top.
We will create the Windows account. It will be used inside sysprep as variable, in the configuration of the blueprint installation tasks and for the remote connection test.
Click on the +
button next to Credentials.
Enter this information:
-
Name:
WindowsAccount
-
Username:
administrator
-
Password:
Administrator account password
And click on Done
.
Click Back
.
Click the +
button in the left window next to Service.
Enter this information:
-
Name:
VM IIS
-
Operation System:
Windows
And click on Clone from environment
.
Scroll down
the window on the right and check the Guest Customization
box. Next, click Sysprep
.
Copy the contents of the sysprep file below to Script:
<?xml version="1.0" encoding="utf-8"?>
<unattend xmlns="urn:schemas-microsoft-com:unattend">
<settings pass="windowsPE">
<component name="Microsoft-Windows-International-Core-WinPE" processorArchitecture="amd64" publicKeyToken="31bf3856ad364e35" language="neutral" versionScope="nonSxS" xmlns:wcm="http://schemas.microsoft.com/WMIConfig/2002/State" xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance">
<SetupUILanguage>
<UILanguage>en-US</UILanguage>
<WillShowUI>Never</WillShowUI>
</SetupUILanguage>
<InputLocale>0409:00000409</InputLocale>
<SystemLocale>en-US</SystemLocale>
<UILanguage>en-US</UILanguage>
<UserLocale>en-US</UserLocale>
</component>
<component name="Microsoft-Windows-Setup" processorArchitecture="amd64" publicKeyToken="31bf3856ad364e35" language="neutral" versionScope="nonSxS" xmlns:wcm="http://schemas.microsoft.com/WMIConfig/2002/State" xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance">
<UserData>
<AcceptEula>true</AcceptEula>
<FullName>Nutanix Doc</FullName>
<Organization>Nutanix Doc</Organization>
</UserData>
<EnableFirewall>true</EnableFirewall>
<EnableNetwork>true</EnableNetwork>
</component>
</settings>
<settings pass="specialize">
<component name="Microsoft-Windows-Shell-Setup" processorArchitecture="amd64" publicKeyToken="31bf3856ad364e35" language="neutral" versionScope="nonSxS" xmlns:wcm="http://schemas.microsoft.com/WMIConfig/2002/State" xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance">
<TimeZone>Central Standard Time</TimeZone>
<AutoLogon>
<Password>
<Value>@@{WindowsAccount.secret}@@</Value>
<PlainText>true</PlainText>
</Password>
<Enabled>true</Enabled>
<Username>administrator</Username>
<LogonCount>1</LogonCount>
</AutoLogon>
</component>
</settings>
<settings pass="oobeSystem">
<component name="Microsoft-Windows-Shell-Setup" processorArchitecture="amd64" publicKeyToken="31bf3856ad364e35" language="neutral" versionScope="nonSxS" xmlns:wcm="http://schemas.microsoft.com/WMIConfig/2002/State" xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance">
<UserAccounts>
<AdministratorPassword>
<Value>@@{WindowsAccount.secret}@@</Value>
<PlainText>true</PlainText>
</AdministratorPassword>
</UserAccounts>
<OOBE>
<HideEULAPage>true</HideEULAPage>
<HideOEMRegistrationScreen>true</HideOEMRegistrationScreen>
<HideOnlineAccountScreens>true</HideOnlineAccountScreens>
<HideWirelessSetupInOOBE>true</HideWirelessSetupInOOBE>
<ProtectYourPC>1</ProtectYourPC>
<HideLocalAccountScreen>true</HideLocalAccountScreen>
</OOBE>
<FirstLogonCommands>
<SynchronousCommand wcm:action="add">
<CommandLine>powershell Set-NetConnectionProfile -NetworkCategory Private</CommandLine>
<Order>1</Order>
</SynchronousCommand>
<SynchronousCommand wcm:action="add">
<CommandLine>powershell Set-WSManQuickConfig -Force</CommandLine>
<Order>2</Order>
</SynchronousCommand>
</FirstLogonCommands>
</component>
<component name="Microsoft-Windows-International-Core" processorArchitecture="wow64" publicKeyToken="31bf3856ad364e35" language="neutral" versionScope="nonSxS" xmlns:wcm="http://schemas.microsoft.com/WMIConfig/2002/State" xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance">
<UILanguage>en-US</UILanguage>
<UserLocale>en-US</UserLocale>
<SystemLocale>en-US</SystemLocale>
<InputLocale>0409:00000409</InputLocale>
</component>
</settings>
<cpi:offlineImage cpi:source="wim:c:/w2022/sources/install.wim#Windows Server 2022 SERVERSTANDARD" xmlns:cpi="urn:schemas-microsoft-com:cpi" />
</unattend>
Continue to scroll through the window. Check the Check log-in upon create
box and choose WindowsAccount
from Credential.
We will now create tasks in Powershell that will run after Windows installation and customization. Each of these tasks runs in sequence.
In the left-hand window, go to Install
below the Package category and click on + Task
.
Enter this information:
-
Task Name:
IIS Installation
-
Type:
Execute
-
Script Type:
Powershell
-
Credential:
WindowsAccount
Copy this content to Script:
Install-WindowsFeature -name Web-Server -IncludeManagementTools
if ($?) {
exit 0
}
Click + Task
.
Fill in this information:
Task Name: Customize IIS
Type: Execute
Script Type: Powershell
Credential: WindowsAccount
Copy this content to Script:
echo "<!DOCTYPE html>" | out-file "C:\inetpub\wwwroot\default.htm"
Add-Content -Path C:\inetpub\wwwroot\default.htm -Value "<html>"
Add-Content -Path C:\inetpub\wwwroot\default.htm -Value "<head>"
Add-Content -Path C:\inetpub\wwwroot\default.htm -Value "<title>IIS on Windows AHV VM</title>"
Add-Content -Path C:\inetpub\wwwroot\default.htm -Value "</head>"
Add-Content -Path C:\inetpub\wwwroot\default.htm -Value "<body>"
Add-Content -Path C:\inetpub\wwwroot\default.htm -Value ""
Add-Content -Path C:\inetpub\wwwroot\default.htm -Value "<h1>IIS on Windows AHV VM</h1>"
Add-Content -Path C:\inetpub\wwwroot\default.htm -Value "<p>Deployed with CALM</p>"
Add-Content -Path C:\inetpub\wwwroot\default.htm -Value ""
Add-Content -Path C:\inetpub\wwwroot\default.htm -Value "</body>"
Add-Content -Path C:\inetpub\wwwroot\default.htm -Value "</html>"
Then click + Task
.
Enter this information:
Task Name: reboot VM
Type: Execute
Script Type: Powershell
Credential: WindowsAccount
Copy this content to Script:
restart-computer -force
Click Save
at the top of the window.
The application is created; click Launch
to test your application.
Type a Name
in Application Name and click Deploy
.
A new window will appear, click on Audit
to see the steps for deploying your application. When the deployment is complete you can see at the top of the window the RUNNING indication that the application is deployed and active.
In our case, the IIS server is active and displays a message on the IP address of the virtual machine in HTTP.
Creating the Nginx web application on Linux Ubuntu
We will create another application under Linux Ubuntu with Nginx installed as a WEB server.
Go to the Blueprints
icon in the CALM vertical menu bar, and click on Multi VM/Pod Blueprint
from the Create Blueprint menu.
Type the Name
in Name and click Proceed
.
Click Credentials
.
Click Credentials +
.
Enter this information for the Linux administration account:
-
Name:
LinuxAccount
-
Username:
administrator
-
Password:
Administrator account password
Then click Done
.
Click on Credentials +
.
Enter this information about the Prism Central administration account:
-
Name:
PC_ADMIN
-
Username:
admin
-
Password:
Prism Central Password
Then click Done
.
Click Back
.
Type Linux Application
in Application Profile Name and click +
in the upper-right corner of the Service window.
Enter this information:
-
Service Name:
Ubuntu
-
VM Name:
Ubuntu NGINX
Then click on Clone from environment
and scroll down
the window on the right.
Check Guest Customization
and copy the content below into the Script box.
#cloud-config
users:
- name: @@{LinuxAccount.username}@@
groups: sudo
sudo: ALL=(ALL) NOPASSWD:ALL
shell: /bin/bash
lock-passwd: false
chpasswd:
list: |
@@{LinuxAccount.username}@@:@@{LinuxAccount.secret}@@
expire: False
ssh_pwauth: true
Scroll down
the window on the right.
Choose LinuxAccount
from Check log-in upon create.
In the left window, go to Install
below Package and click on + Task
.
Enter the information for your virtual machine's disk resize task.
-
Task Name:
Disk resize
-
Type:
Execute
-
Script Type:
EScript
Then copy the content below into the Script box.
>vmUuid = '@@{id}@@'
diskSize = 50 # GB
pcAddress = '127.0.0.1'
pcUsername = '@@{PC_ADMIN.username}@@'
pcPassword = '@@{PC_ADMIN.secret}@@'
# ============== DO NO CHANGE AFTER THIS ===============
usrPass = '{}:{}'.format(pcUsername,pcPassword)
b64Pass = base64.b64encode(usrPass)
# Get VM
api_url = 'https://{}:9440/api/nutanix/v3/vms/{}'.format(pcAddress,vmUuid)
headers = {'Content-Type': 'application/json', 'Accept': 'application/json', 'Authorization': 'Basic {}'.format(b64Pass)}
r = urlreq(api_url, verb='GET', headers=headers, verify=False)
if r.ok:
resp = json.loads(r.content)
else:
print("Post request failed", r.content)
exit(1)
# Power off VM and extend disk
del resp['status']
disk_size_mib = diskSize * 1024
disk_size_bytes = disk_size_mib * 1024**2
resp['spec']['resources']['disk_list'][0]['disk_size_mib'] = disk_size_mib
resp['spec']['resources']['disk_list'][0]['disk_size_bytes'] = disk_size_bytes
resp['spec']['resources']['power_state'] = 'OFF'
payload = resp
r = urlreq(api_url, verb='PUT', params=json.dumps(payload), headers=headers, verify=False)
if r.ok:
resp = json.loads(r.content)
taskUuid = resp['status']['execution_context']['task_uuid']
else:
print("Post request failed", r.content)
exit(1)
# Monitor task
state = ""
while state != "SUCCEEDED":
api_url = 'https://{}:9440/api/nutanix/v3/tasks/{}'.format(pcAddress,taskUuid)
sleep(2)
r = urlreq(api_url, verb='GET', headers=headers, verify=False)
if r.ok:
resp = json.loads(r.content)
state = resp['status']
if state == "FAILED":
print("Task failed", resp['progress_message'])
exit(1)
else:
print("Post request failed", r.content)
exit(1)
# Wait for VM to power off
api_url = 'https://{}:9440/api/nutanix/v3/vms/{}'.format(pcAddress,vmUuid)
r = urlreq(api_url, verb='GET', headers=headers, verify=False)
if r.ok:
resp = json.loads(r.content)
power_state = resp['status']['resources']['power_state']
else:
print("Post request failed", r.content)
exit(1)
state = ""
while state != "OFF":
api_url = 'https://{}:9440/api/nutanix/v3/vms/{}'.format(pcAddress,vmUuid)
sleep(2)
r = urlreq(api_url, verb='GET', headers=headers, verify=False)
if r.ok:
resp = json.loads(r.content)
state = resp['status']['resources']['power_state']
if state == "FAILED":
print("Task failed", resp['progress_message'])
exit(1)
else:
print("Post request failed", r.content)
exit(1)
# Power on VM
del resp['status']
resp['spec']['resources']['power_state'] = 'ON'
api_url = 'https://{}:9440/api/nutanix/v3/vms/{}'.format(pcAddress,vmUuid)
payload = resp
r = urlreq(api_url, verb='PUT', params=json.dumps(payload), headers=headers, verify=False)
if r.ok:
resp = json.loads(r.content)
taskUuid = resp['status']['execution_context']['task_uuid']
else:
print("Post request failed", r.content)
exit(1)
# Monitor task
state = ""
while state != "SUCCEEDED":
api_url = 'https://{}:9440/api/nutanix/v3/tasks/{}'.format(pcAddress,taskUuid)
sleep(2)
r = urlreq(api_url, verb='GET', headers=headers, verify=False)
if r.ok:
resp = json.loads(r.content)
state = resp['status']
if state == "FAILED":
print("Task failed", resp['progress_message'])
exit(1)
else:
print("Post request failed", r.content)
exit(1)
print("OS disk extended to {} GB".format(diskSize))
# Wait until VM boots
sleep(60)
Click + Task
.
Enter this information about the Linux service verification task:
-
Task Name:
Service restart
-
Type:
Execute
-
Script Type:
Shell
-
Credential:
LinuxAccount
Then copy the content below to Script:
sudo sed 's/#$nrconf{restart} = '"'"'i'"'"';/$nrconf{restart} = '"'"'a'"'"';/g' /etc/needrestart/needrestart.conf
Click + Task
to add a new task in sequence.
Enter this information about the UBUNTU update task:
-
Task Name:
Service restart
-
Type:
Execute
-
Script Type:
Shell
-
Credential:
LinuxAccount
Then copy the content below to Script:
sudo apt update
sudo DEBIAN_FRONTEND=noninteractive apt upgrade -y
And click + Task
to add a new task in sequence.
Enter this information about the NGINX and CURL installation task:
-
Task Name:
Service restart
-
Type:
Execute
-
Script Type:
Shell
-
Credential:
LinuxAccount
Then copy the content below to Script:
sudo DEBIAN_FRONTEND=noninteractive apt install nginx curl -y
Click + Task
to add a new task in sequence.
Enter this information about the last NGINX customization task:
-
Task Name:
Service restart
-
Type:
Execute
-
Script Type:
Shell
-
Credential:
LinuxAccount
Then copy the content below to Script:
sudo ls -l /var/www/html/
sudo rm -rf /var/www/html/index.nginx-debian.html
sudo touch /var/www/html/index.nginx-debian.html
sudo chown $USER:$USER /var/www/html/index.nginx-debian.html
sudo ls -l /var/www/html/
sudo echo '<!DOCTYPE html>' > /var/www/html/index.nginx-debian.html
sudo echo '<html>' >> /var/www/html/index.nginx-debian.html
sudo echo '<head>' >> /var/www/html/index.nginx-debian.html
sudo echo '<title>NGINX on Linux AHV VM</title>' >> /var/www/html/index.nginx-debian.html
sudo echo '</head>' >> /var/www/html/index.nginx-debian.html
sudo echo '<body>' >> /var/www/html/index.nginx-debian.html
sudo echo '' >> /var/www/html/index.nginx-debian.html
sudo echo '<h1>Nginx on Linux AHV VM</h1>' >> /var/www/html/index.nginx-debian.html
sudo echo '<p>Deployed with CALM</p>' >> /var/www/html/index.nginx-debian.html
sudo echo '' >> /var/www/html/index.nginx-debian.html
sudo echo '</body>' >> /var/www/html/index.nginx-debian.html
sudo echo '</html>' >> /var/www/html/index.nginx-debian.html
sudo cat /var/www/html/index.nginx-debian.html
Click + Save
to finish creating your blueprint.
Click Launch
to test your blueprint.
Type the name
of your test deployment in Application Name and click Deploy
.
Deployment begins.
Click Audit
to view your deployment progress.
Once the deployment is complete, you can access the IP address of your NGINX VM via HTTP to view the welcome message.
Publishing applications
Go to the Blueprints
icon in the CALM vertical bar on the left and click on the WS 2022 IIS
map.
Click Publish
.
Apply these values:
-
Name:
WS 2022 IIS
-
Publish with secrets:
enabled
-
Initial Version:
1.0.0
Then click on Change
on the left.
Click Upload from computer
.
Choose the image
on your computer and click Open
.
Name your Icon IIS
and click on the blue validation
button.
Click Select & continue
.
Click Submit for approval
.
The Windows application is in the marketplace awaiting approval.
Click the UBUNTU 22 NGINX
blueprint.
Click Publish
.
Apply these values:
-
Name:
UBUNTU 22 NGINX
-
Publish with secrets:
enabled
-
Initial Version:
1.0.0
Then click Change
on the left.
Click Upload from computer
.
Choose the image
on your computer and click Open
.
Name your icon NGINX
and click the blue validation button
.
Select your icon and click Select & continue
.
Click Submit for approval
.
The Linux application is in the marketplace awaiting approval.
Adding applications published on the CALM portal
First:
- Click on the
Marketplace Manager
icon. - Go to the
Approval Pending
tab. - Check the
UBUNTU 22 NGINX
application. - Click the validation icon on the right.
Check the WS 2022 IIS
application and click the validation icon on the right.
Next:
- Go to the
Approved
tab. - Click on the
Source
column to display the local applications first. - Check
WS 2022 IIS
. - Select
NCM Self Service Project 01
at the bottom right. - Click
Apply
.
Click Publish
.
The Windows application is published.
Check Ubuntu 22 NGINX
, select NCM Self Service Project 01
on the right, and click Apply
.
Click Publish
.
The Ubuntu application is published.
Click the Marketplace
icon at the top of the vertical menu bar on the left and click Get
below the UBUNTU 22 NGINX application.
Click Launch
.
Type a Name
in Application Name and click Deploy
to deploy an application.
Deleting a deployed application
Deleting a deployed application is as simple as deploying it.
Click on the Blueprints
icons on the left and check a deployed application.
From the Action menu, click Delete
.
Click Confirm
.
You can view the progress of a deletion as you would for a deployment.
The application is completely deleted.
Go further
For more information and tutorials, please see our other Nutanix support guides or explore the guides for other OVHcloud products and services.