4 DSR Managed Objects
This chapter provides a basic overview of DSR system configuration elements used by vSTP.
Note:
Refer to the latest version of the Operation, Administration, and Maintenance (OAM) Guide for further details about DSR managed objects.4.1 Users
The Users Administration page enables you to perform functions such as adding, modifying, enabling, or deleting user accounts. The primary purpose of this page is to set up users for logging into the system.
Each user is also assigned to a group or groups. Permissions to a set of functions are assigned to each group. The permissions determine the functions and restrictions for the users belonging to the group.
A user must have user/group administrative privileges to view or make changes to user accounts or groups. The administrative user can set up or change user accounts and groups, enable or disable user accounts, set password expiration intervals, and change user passwords.
4.2 Groups
The Groups Administration page enables you to create, modify, and delete user groups. From this screen, you can control vSTP managed object permissions.
A group is a collection of one or more users who need to access the same set of functions. Permissions are assigned to the group for each application function. All users assigned to the same group have the same permissions for the same functions. In other words, you cannot customize permissions for a user within a group.
You can assign a user to multiple groups. You can add, delete, and modify groups except for the pre-defined user and group that come with the system.
The default group, admin, provides access to all GUI options and actions on the GUI menu. You can also set up a customized group that allows administrative users in this new group to have access to a subset of GUI options/actions. Additionally, you can set up a group for non-administrative users, with restricted access to even more GUI options and actions.
For non-administrative users, a group with restricted access is essential. To prevent non-administrative users from setting up new users and groups, be sure User and Group in the Administration Permissions section are unchecked. Removing the check marks from the Global Action Permissions section does not prevent groups and users from being set up.
Figure 4-1 Global Action and Administration Permissions
From the Insert page, mark the checkboxes to provide permissions and click OK. Return to the page and click Report to display a list of permissions for a group.
These checkboxes are grouped according to the main menu's structure; most folders in the main menu correspond to a block of permissions. The exceptions to this are the permission checkboxes in the Global Action Permissions section.
The Global Action Permissions section allows you to control all insert (Global Data Insert), edit (Global Data Edit), and delete (Global Data Delete) functions on all GUI pages (except User and Group). For example, if the Network Elements checkbox is selected (in the Configurations Permissions section), but the Global Data Insert checkbox is not selected, the users in this group cannot insert a new Network Element.
By default, all groups have permissions to view application data and log files.
4.3 Networks
The Networks page is used to create the networks used for internal, external, and signaling communications. The networks are grouped into logical buckets called network elements. Only after creating these buckets can the networks themselves be defined. One advantage of this architecture is simplified network device configuration and service mapping.
The workflow is to first create the network elements and then define the individual networks inside each element.
4.4 Devices
The Devices page is used to configure and manage additional interfaces other than what was configured during the initial installation.
4.5 Routes
Use the route configuration page to define specific routes for traffic. You can specify routes for the entire network, specific servers, or specific server groups.
4.6 Services
This feature allows for flexible network deployment by allowing you to map an application service to a specific network. Additionally, this feature allows for the differentiation of intra- and inter-networks on a per service basis. This means that traffic from different services can be segmented, which allows for service specific-networks and routes. This is predicated on the creation of network elements, networks, and routes to support the segmentation of service traffic.
Geo-redundant (spare) nodes and dual-path monitoring are special code on the node at the spare site that continually monitors the availability of the database instances at the primary site to determine if an automatic failover should occur due to loss of the active site servers. In the event of a network outage, it is possible that if the system is monitoring a single network path only and intra- and inter-networks are differentiated, an erroneous condition might occur where both sites try to assume activity. Inherent dual-path monitoring protects against this scenario.
- OAM
- Replication
- Signaling
- HA_Secondary
- HA_MP_Secondary
- Replication_MP
Table 4-1 Core Services
| Name | Intra-NE Network | Inter-NE Network |
|---|---|---|
| OAM | Unspecified | Unspecified |
| Replication | LAN1 | WAN1 |
| Signaling | Unspecified | Unspecified |
| HA_Secondary | Unspecified | Unspecified |
| HA_MP_Secondary | Unspecified | Unspecified |
| Replication_MP | LAN1 | WAN2 |
Note:
Services might vary depending on the application. For example, DSR adds a service known as ComAgent to the existing core services. Additionally, workflow and provisioning instruction might differ from the direction provided here. Always follow the provisioning guidelines for your specific application and release.4.7 Servers
- Network OAM&P (NOAMP) - The NOAMP is one active and one standby server running the NOAMP application and operating in a high availability global configuration. It also provides a GUI which is used for configuration, user administration and the viewing of alarms and measurements.
- System OAM (SOAM) - The SOAM is the combination of an
active and a standby application server running the SOAM application and
operating in a high availability configuration. SOAM also provides a GUI used
for local configuration and viewing alarms and measurements details specific to
components located within the frame (SOAM, MP). The SOAM supports up to 8 MPs.
Note:
SOAM is not an available role in systems that do not support SOAMs. - MP - MPs are servers with the application installed and are configured for MP functionality.
The role you define for a server affects the methods it uses to communicate with other servers in the network. For more information about how each interface is used, refer to the Network Installation Guide that came with the product.
4.8 Server Groups
The Server Groups feature allows the user to assign a function, parent relationships, and levels to a group of servers that share the same role, such as NOAM, SOAM, and MP servers. For vSTP-MPs, MPs work as a vSTP server group can be configured as STP. The purpose of this feature is to define database relationships to support the high availability architecture. This relates to replication, availability, status, and reporting at the server level.
From the Server Groups page users can create new groups, edit groups, delete groups, and generate reports that contain server group data. Servers can be added or removed from existing groups using the edit function.
Note:
Depending on the application configuration, the preferred HA role preference, or NE HA Pref, may not be displayed.