The UCP Advisor deployment consists of the following components:
- UCP Advisor software
- UCP Advisor Gateway
UCP Controller virtual machine requirements
The following table shows the resources used by the UCP Windows management node.
|Resource||Quantity (default configuration at deployment)|
|Operating system||Windows Server 2016|
|CPU||4 vCPUs (default)|
|Network||1 vNIC (connect to management VLAN VMXNET3)|
UCP Advisor Gateway virtual machine
The following table shows the resources used by the UCP Advisor Gateway virtual machine.
|Operating system||CentOS 7.3|
|RAM||2 GB (default)|
|CPU||2 vCPUs (default)|
|Network||1 vNIC (connect to storage VLAN) VMXNET3|
Firewall configuration required by the management node
UCP Advisor requires that specific ports are open on the VM. These ports are preconfigured in the UCP Advisor virtual appliance. You do not need to open them.
Security administrators use firewalls to protect the network, or selected components in the network, from intrusion. A firewall might be deployed between UCP and your management environment, depending on your deployment. For a comprehensive list of TCP and UDP ports, see the following tables.
The ports in the following table are used for UCP Advisor management traffic. To access UCP from the production network, exceptions for these ports are necessary.
|vCenter access||Web Client||VCSA||TCP/9443|
|Web Client||UCP Advisor Controller VM||TCP/443|
|vCenter to Advisor communication||UCP Advisor VM||VCSA||TCP/443, 23031|
|VCSA||UCP Advisor Controller VM||TCP/23011|
|API access to UCP Advisor||API Client||UCP Advisor Controller VM||TCP/23015|
|CLI access to UCP Advisor||CLI Client||UCP Advisor Controller VM||TCP/23015|
|Log collection and switch backup and restore||Managed hardware||UCP Advisor Controller VM||TCP/22|
|SNMP communication||Managed hardware||UCP Advisor Controller VM||UDP/161,162|
|IPMI communication||Managed hardware||UCP Advisor Controller VM||UDP/623|
|Adding an N+1 appliance||UCP Advisor Controller VM||UCP Advisor Gateway VM||TCP/443|
|UCP Advisor Gateway VM||UCP Advisor Controller VM||TCP/443|
The ports in the following table are used for UCP Advisor management traffic, element management traffic, and system integration traffic (DNS and NTP). The security administrator can configure firewall port exceptions.
|Hi-Track hosted on another VM||Hi-Track Monitor VM||UCP Advisor Controller VM||TCP/443|
|RDP access to Advisor VM||RDP client||UCP Advisor Controller VM||TCP/3389|
|SSH access to Advisor Gateway VM||SSH client||UCP Advisor Gateway VM||TCP/22|
|Usage of vRealize Log Insight||VCSA, UCP Advisor Controller VM, UCP hardware||vRealize Log Insight VM||TCP/514, 1514, 6514, 9000, 9543UDP/514|
|vRealize Log Insight VM||UCP Advisor Controller VM||TCP/2055|
|Usage of vRealize Orchestrator||VCSA, UCP Advisor Controller VM, end user web browser||vRealize Orchestrator VM||TCP/8230, 8240, 8244, 8250, 8280 - 8283|
|vRealize Orchestrator VM||UCP Advisor Controller VM||TCP/23021|
|Usage of Automation Director||Automation Director VM||UCP Advisor Controller VM||TCP/22015|
For more information on usage of vRealize Log Insight and vRealize Orchestrator, see the corresponding VMware documentation:
UCP Advisor can manage multiple UCP Advisor converged or hyperconverged systems.
When scaling-out the architecture, the UCP Advisor controller VM can manage multiple UCP Advisor systems. However, a UCP Advisor Gateway VM must be deployed for each system, as shown in the following figure.
On the first appliance, the UCP Advisor Gateway VM needs direct Fibre Channel network access to manage Hitachi storage systems and so should typically be deployed on the management nodes, but can be deployed on a compute node. However, on subsequent appliances, the UCP Advisor Gateway VM should be deployed on a compute node so that it has access to the Fibre Channel network and Hitachi storage systems that are part of that appliance.