Getting Started

Welcome to the Nutanix Calm IaaS Bootcamp!

This workbook accompanies an instructor-led session that introduces Nutanix Calm and many
common management tasks. Each section has a lesson and an exercise to give you hands-on
practice. The instructor will explain the exercises, and answer any additional questions that you
may have.

What's New - Updated 01-27-23

Labs are for the following software versions:

AOS - 6.55.2 LTS

PC - pc.2022.6.0.1
Calm - 3.5.2

Agenda
Lab Setup
Windows / Linux Deployment & Marketplace
Optional Labs

Introductions
Name
Familiarity with Nutanix
Last Updated: 1/26/2023, 2:01:27 PM
Calm Lab Setup

Configuring a Project
Users or groups must first be assigned to a Project, which acts as a logical container to define
user roles, infrastructure resources, and resource quotas. Projects represent users with a
standard set of requirements or a typical structure and function, such as engineers
collaborating on a project.

1. Within Prism Central, select > Services > Calm.

2. Select Projects from the left-hand menu, and then click Create Project.

3. Within the Project Name field, enter Initials -Project, and then click Create.
4. Within the Summary section, and click on Add Infrastructure. Fill out the following fields:

Click on the Add Infrastructure drop-down, and choose NTNX_LOCAL_AZ.

Click Configure Resources.
Select your cluster within the Select clusters to be added to this project drop-down.
Click Select VLANs.
Check the box for Primary.
Click Confirm and Select Default > Confirm > Save.

5. From the top menu, select Environments. Fill out the following fields:

Click Create Environment.

Enter Initials -Environment within the Name field, and click Next.
Click on the Select Infrastructure drop-down, and choose NTNX_LOCAL_AZ.
Click anywhere in the VM Configuration box to expand it.
Perform the following within the Windows section.
 Select your cluster from the Cluster drop-down.
Within the VM Configuration section, specify the following: - vCPUs - 2 - Cores per
vCPU - 1 - Memory (GiB) - 4
Scroll down to the Disks section, and choose Windows2016.qcow2 from the Image
drop-down.
Scroll down to the Network Adapters (NICs) section, and click .
Choose Primary from the NIC 1 drop-down.
Scroll to the top of the screen, and perform the following within the Linux section.
Select your cluster from the Cluster drop-down.
Within the VM Configuration section, specify the following: - vCPUs - 2 - Cores per
vCPU - 1 - Memory (GiB) - 4
Scroll down to the Disks section, and choose CentOS7.qcow2 from the Image
drop-down.
Scroll down to the Network Adapters (NICs) section, and click .
Choose Primary from the NIC 1 drop-down.
Click Next. Fill out the following fields:
Name - WINDOWS
Username - administrator
Secret Type - Password
Password - nutanix/4u
Click Add Credentials
Name - CENTOS
Username - centos
Secret Type - Password
Password - nutanix/4u
Click Save Environment & Project

6. From the top menu, select Users & Groups.

Click Add/Edit Users & Groups.

Click Add User.

Name - Administrators (group)

Role - Project Admin
 Click Save Users and Project

7. Within the top menu, click on Policies, and choose Snapshot from the left-hand menu.

8. Click Create Snapshot Policy, enter Initials -SnapshotPolicy in the Policy Name field,
and click Save Snapshot Policy.
You've completed the setup process, and may now move on any or all of these sections:
 Calm IaaS: Linux
Calm IaaS: Windows
Calm DSL

Last Updated: 1/26/2023, 2:01:27 PM

Calm IaaS: Linux

Overview
Nutanix Calm allows you to seamlessly select, provision, and manage your business applications
across your infrastructure for both the private and public clouds. Nutanix Calm provides App
lifecycle, monitoring and remediation to manage your heterogeneous infrastructure, for
example, VMs or bare-metal servers. Nutanix Calm supports multiple platforms so that you can
use a single self-service and automation interface to manage all your infrastructure.

Infrastructure-as-a-Service (IaaS) is defined as the ability to quickly provide compute resources,

on-demand through a self service portal. While many customers utilize Nutanix Calm to
orchestrate complex, multi-tiered applications, a significant portion of customers also utilize
Calm to provide basic IaaS for their end users.

In this lab you'll create a Single VM Blueprint based on Linux, launch the blueprint, and manage
the resulting application.

Creating a Single VM Blueprint

A blueprint is the framework for every application or piece of infrastructure that you model by
using Nutanix Calm. While complex, multi-tiered applications utilize the Multi VM/Pod Blueprint,
the streamlined interface of the Single VM Blueprint is conducive for IaaS use cases. You can
model each type of infrastructure your company utilizes (for instance Windows, CentOS, or
Ubuntu) in a Single VM blueprint, and end users can repeatedly launch the blueprint to create
infrastructure on demand. The resulting infrastructure (which is referred to as an application),
can then be managed throughout its entire lifecycle within Calm, including managing Nutanix
Guest Tools (NGT), modifying resources, snapshots, and clones.

In this lab, you will be creating a CentOS7 Linux server.

1. Within Prism Central, select > Services > Calm.

2. Select Blueprints in the left-hand toolbar to view and manage Calm blueprints.

Hint

Mousing over an icon will display its title.

3. Click Create Blueprint > Single VM Blueprint.

4. Fill out the following fields:

Name - Initials -CentOS-IaaS

Project - Initials -Project
Environment - Initials -Environment
5. Click VM Details >.

6. Fill out the following fields on the VM Details page:

Name - Initials _VM

Operating System - Select Linux from the drop-down.
7. Click VM Configuration >. On this page, we'll be specifying a variety of settings for our
infrastructure.

8. Click Clone from environment. Since you've previously specified the details for your Linux
VM within your Project, there's no need to enter that same information again.

General Configuration - Enter @@{vm_name_prefix}@@-@@{calm_unique}@@ within the VM

Name field.

Note

Take note of @@{vm_name_prefix}@@ . In Calm, the @@{ and }@@ characters

represent a macro. At runtime, Calm will automatically substitute the proper
value(s) when it encounters a macro. A macro could represent a system defined
value, a VM property, or (as it does in this case) a runtime variable.

Calm macros are part of a templating language for Calm scripts. These are
evaluated by Calm's execution engine before the script is run.

Macros enable you to access the value of variables and properties that are set on
entities. The variables can be user defined or system generated. For more
information, see the Variables Overview section of the Calm Administration and
Operations Guide.
Guest Customization - Guest customization allows for the modification of certain settings
at boot. Linux uses cloud-init, while Windows uses sysprep. Check the Guest
Customization box, and paste in the following script.

sh
1 #cloud-config
2 users:
3 - name: centos
4 sudo: ['ALL=(ALL) NOPASSWD:ALL']
5 chpasswd:
6 list: |
7 centos:@@{CENTOS.secret}@@
8 expire: False
9 ssh_pwauth: true

Disks - A disk is the storage of the VM or infrastructure that we're deploying. It could be
based on a pre-existing image (as it will in our case), or it could be based on a blank disk
to enable the VM to consume additional storage. For instance, a Microsoft SQL server may
need its base OS disk, a separate SQL Server binary disk, separate database data file disks,
separate TempDB disks, and a separate logging disk. In our case we're going to have a
single disk, based on a pre-existing image.

Disk Type - The type of disk.

Bus Type - The bus type of the disk.
Operation - How the disk will be sourced.
 Image - The image the VM will be based off of. Select CentOS7.qcow2.
Bootable - Whether or not this particular disk is bootable. A minimum of one disk must
be bootable.

Boot Configuration - The boot method of the VM.

vGPUs - Whether or not the VM needs a virtual graphical processing unit.

Categories - Categories span several different products and solutions within the Nutanix
portfolio. They enable you to set security policies, protection policies, alert policies, and
playbooks. Simply choose the categories corresponding to the workload, and all of these
policies will automatically be applied.

NICs - Network adapters allow communication to and from your virtual machine.

Serial Ports - Whether or not the VM needs a virtual serial port.

9. Click Advanced Options (Optional).

10. Click Add/Edit Credentials. This is required to make any changes to this entire section.

11. Click Add Credentials, fill out the following fields, and click Done.
 Name CENTOS
Username centos
Password nutanix/4u

12. Select CENTOS within the Credential drop-down.

13. Within the Connection section, check the Check log-in upon create checkbox.

14. Scroll down to the Update Configs (Optional) section, and click Add Config.

15. Enter Name the update configuration Initials UpdateConfig.

16. Click Update on the right side of Memory (GiB) row, fill out the following fields, and click
Done.

Memory (GiB) - Increase

Update - 1
Enable the Editable switch
 Max Value - 6

17. Within the Snapshot/Restore (Optional) section, click on Add Snapshot/Restore Config. Fill
out the following field, and click Save. This is required to allow the user to snapshot the
application.

Snapshot/Restore action suffix - Initials

18. Click the Save button.

Defining Variables
Variables allow extensibility of Blueprints. This means a single Blueprint can be used for multiple
purposes and environments depending on the configuration of its variables. Variables can
either be static values saved as part of the Blueprint, or they can be specified at runtime (when
the Blueprint is launched), as they will in this case.

In a Single VM blueprint, variables can be accessed by clicking the App variables button near
the top. By default, variables are stored as a String, however additional Data Types (Integer,
Multi-line String, Date, Time, and Date Time) are all possible. Any of these data types can be
optionally set as Secret, which will mask its value and is ideal for variables such as passwords.
There are also more advanced Input Types (versus the default Simple), however these are
outside the scope of this lab.
Variables can be used in scripts executed against objects using the @@{variable_name}@@
construct (called a macro). Calm will expand and replace the variable with the appropriate value
before sending to the VM.

1. Click the App variables button along the top pane to bring up the variables menu.

2. In the pop-up that appears, you should see a note stating you currently do not have any
variables. Click the Add Variable button, and fill out the following fields.

Within the left-hand column, click to mark this as a runtime variable.

In the main pane, set the variable Name as vm_name_prefix .
Click the Show Additional Options link at the bottom.
Check the Mark this variable mandatory checkbox. This ensures a value is input, as this
variable contributes to the VM name.

3. Click Done > Save.

Launching the Blueprint
Now that our blueprint is complete, take note of the buttons to the right of the save button:

Publish - this allows us to request to publish the blueprint into the Marketplace. Blueprints
have a 1:1 mapping to a Project. This means that only users who are members of our own
Project will have the ability to launch this blueprint. Publishing blueprints to the Marketplace
allows an administrator to assign any number of Projects to the Marketplace blueprint, which
enables self service for any number of end users desired.
Download - this option downloads the blueprint in a JSON format, which can be checked
into source control, or uploaded into another Calm instance.
Launch - this launches our blueprint and deploys our application and/or infrastructure.

1. Click Launch and enter the following:

Application Name - Initials -CentOS-IaaS

vm_name_prefix - Initials
2. Click Deploy. You'll be redirected to the application page.

Managing your Application

Wait for your application to change from a Provisioning to a Running state. If it instead changes
to an Error state, navigate to the Audit tab, and expand the Create action to start
troubleshooting your issue.

Once your application is in a Running state, navigate around the five tabs in the UI:

The Overview tab gives you information about any variables specified, the cost incurred
(showback can be configured in the Calm Settings), an application summary, and a VM
summary.
The Manage tab allows you to run actions against the application/infrastructure. This
includes basic lifecycle (start, restart, stop, delete), NGT management (install, manage,
uninstall), and App Update, which allows for editing of basic VM resources.
The Metrics tab gives in depth information about CPU, Memory, Storage, and Network
utilization.
The Recovery Points tab lists the history of VM Snapshots, and allows the user to restore the
VM to any of these points.
The Audit tab shows every action run against the application, the time and user that ran a
given action, and in depth information on the results of that action, including script output.

Next, view the common VM tasks available in the upper right corner of the UI:

Create Image create images from an existing single-VM or multi-VM application running on
a Nutanix platform.
The Clone button allows a user to duplicate the existing application into a new app that is
manageable separately from the current application. For a brand new application, this is
equivalent to launching the blueprint again. However, a user may have spent significant time
 customizing the existing application to suit their specific needs, and would like these
changes to be present on the new app.
The Launch Console button opens a console window to the VM.
The Update button allows for the end user to modify basic VM settings (this is equivalent to
the Manage > App Update action).
The Delete button deletes the underlying VM and the Calm Application (this is equivalent to
the Manage > App Delete action).

Before we make any changes to our application, let's create a snapshot from which we can
restore from if anything goes wrong.

1. Within the Manage tab, click on the button adjacent to Snapshot_ Initials , and click
Run.

If you wish to monitor the snapshot progress, click on the Audit tab.

Now that we're familiar with the application page layout, and we have our snapshot created,
let's modify our application by adding additional memory.

2. Click Launch Console, and log in using the following credentials.

Username - centos
Password - nutanix/4u

3. To view the current memory on CentOS, run the command free -h . Take note of the
current memory allocated to your VM.

4. Return to the Application page within Calm. Click the Manage tab. Click the button
adjacent to Initials UpdateConfig. Increase the Memory (GiB) by 2 GiB by entering 6 in
the text field.

5. Click Run.

6. Within the Audit tab of Calm, wait for the Initials UpdateConfig status to become
Running.

7. Return to the console. Run the free -h command once again to view the updated memory,
and note that it has increased by 2 GiB.
If anything went wrong with the VM Update, navigate to the Manage tab. Click the button
adjacent to Restore_ Initials to revert your application to the state captured previously via
snapshot.

Marketplace
Now that we know we have a known-good blueprint, let's publish it to the Calm Marketplace.

Publishing the Blueprint

1. Select Blueprints in the left-hand toolbar.

2. Click on your Initials -CentOS-IaaS blueprint.

3. Click the Publish button, and enter the following:

Name - Initials -CentOS-IaaS

Initial Version - 1.0.0
Description - Standard CentOS VM Deployment

4. Click Submit for Approval.

Note
 Publish with Secrets: By default, the secret values from the blueprint are not
preserved while publishing.

Approving Blueprints
1. Select Marketplace Manager in the left-hand toolbar to view and manage Marketplace
Blueprints.

2. You will see the list of Marketplace blueprints, and their versions listed. Select Approval
Pending at the top of the page.

3. Select your Initials -CentOS-IaaS blueprint.

4. Review the available actions:

Approve - Approves the Blueprint for publication to the Marketplace.

Reject - Prevents the Blueprint from being launched or published in the Marketplace. The
Blueprint will need to be submitted again after being rejected before it can be published.
Delete - Deletes the blueprint submission to the Marketplace.
Launch - Launches the Blueprint as an application, similar to launching from the Blueprint
Editor.

5. Review the available selections:

Category - Allows you to update the Category for the new Marketplace blueprint.
Projects Shared With - Allows you to make the Marketplace blueprint only available to a
certain project.

6. Select Initials -Project Within the Projects Shared With drop-down.

7. Click Approve.
 8. Select Approved at the top of the page. Enter your Initials into the search bar, and hit
Enter. You should see your blueprint listed now, with a status of Accepted.

9. Click on your Initials -CentOS-IaaS blueprint.

10. From the Projects Shared With drop-down, select Initials -Project, click Apply > Publish.

Launching the Blueprint from the Marketplace

1. Click on the Marketplace.
2. Click Get adjacent to your Initials -CentOS-IaaS blueprint, and click Launch.

3. Enter the following info, and click Deploy.

Application Name - Initials -CentOS-IaaS-2

Projects - Initials -Project
vm_name_prefix - Initials

We are unable to deploy our blueprint due to a credential error. Why is this?

Within the blueprint, we selected the Check log-in upon create and specified the CENTOS
credentials.
We did not Publish with secrets when we published it to the marketplace.

This is an important aspect to understand, which is why we've taken some extra time to step
you through the lab in this manner.

As you experienced, when someone requests that a blueprint be published to the

Marketplace, it must undergo an approval process. One part of that process would be to
ensure the blueprint does not contain any code that would allow the credentials within the
 Environment to be viewed. If it does, the reviewer can deny that blueprint from being
published. This would avoid a security risk via credential leak.

This allows a blueprint to be shared between teams without sharing secrets. In addition, it
allows a user to utilize the credentials stored within different environments, which could
represent different datacenters and/or physical locations, for example.

Let's revisit the Environment section, and configure the credentials so we require to
successfully deploy this blueprint from the marketplace.

4. Click Cancel > Projects.

5. Click on your Initials -Project.

6. Click on Edit in the upper right-hand corner of Environment.

7. Click on the adjacent to your Initials -Environment, and then select Update.
 8. Click on Infrastructure.

9. Click anywhere in the VM Configuration box to expand it, and then click on the Linux section.

10. Within the Connection section, select CENTOS from the Credential drop-down.

11. Click Next > Save Environment.

12. Return to Marketplace. Click Get adjacent to your Initials -CentOS-IaaS and choose
Launch.

13. Enter the following info.

Application Name - Initials -CentOS-IaaS-2

Projects - Initials -Project
vm_name_prefix - Initials

Notice that we no longer have the error related to the credentials. We are now using the
credentials from your Initials -Environment.

14. Click Deploy.

15. Monitor the provisioning of the Blueprint until complete.

Takeaways
What are the key things you should know about Nutanix Calm and Single VM Blueprints?

Nutanix Calm provides application and infrastructure automation natively within Prism,
turning complex, week long ticketing processes, into one-click self service provisioning.
There are multiple methods to configure and control credentials.
While Multi VM blueprints enable the provisioning and lifecycle management of complex,
multi-tiered applications, Single VM blueprints allows IT to provide Infrastructure-as-a-
Service for their end users.
Common day 2 operations, like snapshots, restoring, cloning, and updating the infrastructure
can all be done by end users directly within Calm.

Last Updated: 1/26/2023, 2:01:27 PM

Calm IaaS: Windows

Overview
Nutanix Calm allows you to seamlessly select, provision, and manage your business applications
across your infrastructure for both the private and public clouds. Nutanix Calm provides App
lifecycle, monitoring and remediation to manage your heterogeneous infrastructure, for
example, VMs or bare-metal servers. Nutanix Calm supports multiple platforms so that you can
use a single self-service and automation interface to manage all your infrastructure.

Infrastructure-as-a-Service (IaaS) is defined as the ability to quickly provide compute resources,

on-demand through a self service portal. While many customers utilize Nutanix Calm to
orchestrate complex, multi-tiered applications, a significant portion of customers also utilize
Calm to provide basic IaaS for their end users.

In this lab you'll create a Single VM Blueprint within Calm using Windows Server 2016. You will
then deploy and manage the resulting application.

Expected Module Duration: 60 minutes

Creating a Single VM Blueprint

A Blueprint is the framework for every application or piece of infrastructure that you model by
using Nutanix Calm. While complex, multi-tiered applications utilize the Multi VM/Pod Blueprint,
the streamlined interface of the Single VM Blueprint is conducive for IaaS use cases. You can
model each type of infrastructure your company utilizes (for instance Windows, CentOS, and/or
Ubuntu) in a Single VM Blueprint, and end users can repeatedly launch the Blueprint to create
infrastructure on demand. The resulting infrastructure (which is still referred to as an
application), can then be managed throughout its entire lifecycle within Calm, including Nutanix
Guest Tools (NGT) management, resource modification, snapshots, and clones.
1. Within Prism Central, select > Services > Calm.

2. Select Blueprints in the left-hand toolbar to view and manage Calm Blueprints.

Note

Mousing over an icon will display its title.

3. Click Create Blueprint > Single VM Blueprint.

4. Fill out the following fields:

Name - Initials -Win-IaaS

Project - Initials -Project
Environment - Initials -Environment
5. Click VM Details >.

6. Fill out the following fields on the VM Details page:

Name - Initials _VM

Operating System - Select Windows from the drop-down.
7. Click VM Configuration >.

8. On this page, we'll be specifying a variety of settings for our infrastructure.

Note

Calm macros are part of a templating language for Calm scripts. These are evaluated
by Calm's execution engine before the script is run.

Macros enable you to access the value of variables and properties that are set on
entities. The variables can be user defined or system generated. For more
information, see the Variables Overview section of the Calm Administration and
Operations Guide.

General Configuration

VM Name - @@{vm_name_prefix}@@-@@{calm_unique}@@
vCPUs - 2
Click running person to mark as a runtime entry (i.e. this allows the end-user to
modify this field at launch.)
Cores per vCPU - 1
Memory (GiB) - 4
Click running person to mark as a runtime entry (i.e. this allows the end-user to
modify this field at launch.)
 Note

Take note of @@{vm_name_prefix}@@ . In Calm, the @@{ and }@@ characters

represent a macro. At runtime, Calm will automatically substitute the proper
value(s) when it encounters a macro. A macro could represent a system defined
value, a VM property, or (as it does in this case) a runtime variable.

Guest Customization - Guest customization allows for the modification of certain settings
at boot. Linux uses cloud-init, while Windows uses sysprep. Check the Guest
Customization box, select Prepared from the Install Type drop-down, and paste in the
following script.

Windows 2016

1 <?xml version="1.0" encoding="UTF-8"?>

2 <unattend xmlns="urn:schemas-microsoft-com:unattend">
3 <settings pass="oobeSystem">
4 <component name="Microsoft-Windows-Shell-Setup" xmlns:wcm="http://s
5 <OOBE>
6 <HideEULAPage>true</HideEULAPage>
7 <HideOEMRegistrationScreen>true</HideOEMRegistrationScreen>
8 <HideOnlineAccountScreens>true</HideOnlineAccountScreens>
9 <HideWirelessSetupInOOBE>true</HideWirelessSetupInOOBE>
10 <NetworkLocation>Work</NetworkLocation>
11 <SkipMachineOOBE>true</SkipMachineOOBE>
12 </OOBE>
13 <UserAccounts>
14 <AdministratorPassword>
15 <Value>@@{WINDOWS.secret}@@</Value>
16 <PlainText>true</PlainText>
17 </AdministratorPassword>
18 </UserAccounts>
19 <FirstLogonCommands>
20 <SynchronousCommand wcm:action="add">
21 <CommandLine>cmd.exe /c netsh firewall add portopening TCP
22 <Description>Win RM port open</Description>
23 <Order>1</Order>
24 <RequiresUserInput>true</RequiresUserInput>
25 </SynchronousCommand>
26 <SynchronousCommand wcm:action="add">
27 <CommandLine>powershell -Command "Enable-PSRemoting -SkipN
28 <Description>Enable PS-Remoting</Description>
29 <Order>2</Order>
30 <RequiresUserInput>true</RequiresUserInput>
31 </SynchronousCommand>
32 <SynchronousCommand wcm:action="add">
33 <CommandLine>powershell -Command "Set-ExecutionPolicy -Exe
34 <Description>Enable Remote-Signing</Description>
35 <Order>3</Order>
36 <RequiresUserInput>false</RequiresUserInput>
37 </SynchronousCommand>
38 </FirstLogonCommands>
39 </component>
40 <component name="Microsoft-Windows-International-Core" xmlns:wcm="ht
41 <InputLocale>en-US</InputLocale>
42 <SystemLocale>en-US</SystemLocale>
43 <UILanguageFallback>en-us</UILanguageFallback>
44 <UILanguage>en-US</UILanguage>
45 <UserLocale>en-US</UserLocale>
46 </component>
47 </settings>
48 <settings pass="specialize">
49 <component name="Microsoft-Windows-Shell-Setup" xmlns:wcm="http://s
50 <ComputerName>@@{name}@@</ComputerName>
51 <RegisteredOrganization>Nutanix</RegisteredOrganization>
52 <RegisteredOwner>Acropolis</RegisteredOwner>
53 <TimeZone>UTC</TimeZone>
54 </component>
55 <component name="Microsoft-Windows-TerminalServices-LocalSessionMan
56 <fDenyTSConnections>false</fDenyTSConnections>
57 </component>
58 <component name="Microsoft-Windows-TerminalServices-RDP-WinStationEx
59 <UserAuthentication>0</UserAuthentication>
60 </component>
61 <component name="Networking-MPSSVC-Svc" xmlns:wcm="http://schemas.m
62 <FirewallGroups>
63 <FirewallGroup wcm:action="add" wcm:keyValue="RemoteDesktop">
64 <Active>true</Active>
65 <Profile>all</Profile>
66 <Group>@FirewallAPI.dll,-28752</Group>
67 </FirewallGroup>
68 </FirewallGroups>
69 </component>
70 </settings>
71 </unattend>
Disks - A disk is the storage of the VM or infrastructure that we're deploying. It could be
based on a pre-existing image (as it will in our case), or it could be based on a blank disk
to enable the VM to consume additional storage. For instance, a Microsoft SQL server may
need its base OS disk, a separate SQL Server binary disk, separate database data file disks,
separate TempDB disks, and a separate logging disk. In our case we're going to have a
single disk, based on a pre-existing image.

Disk Type - The type of disk.

Bus Type - The bus type of the disk.
Operation - How the disk will be sourced.
Image - The image the VM will be based off of. Select Windows2016.qcow2.
Bootable - Whether or not this particular disk is bootable. A minimum of one disk must
be bootable.

Boot Configuration - The boot method of the VM.

vGPUs - Whether or not the VM needs a virtual graphical processing unit.

Categories - Categories span several different products and solutions within the Nutanix
portfolio. They enable you to set security policies, protection policies, alert policies, and
playbooks. Simply choose the categories corresponding to the workload, and all of these
policies will automatically be applied.

NICs - Network adapters allow communication to and from your virtual machine. We'll be
adding a single NIC. Click and select Primary in the dropdown.
 Serial Ports - Whether or not the VM needs a virtual serial port.

9. Click Advanced Options (Optional).

10. Click Add/Edit Credentials. This is required to make any changes to this entire section.

11. Click Add Credentials, fill out the following fields, and click Done.

Credential Name WINDOWS

Username: administrator
Password nutanix/4u
12. Select Windows from the Credential drop-down.

13. Within the Connection section, check the Check log-in upon create checkbox.

14. Scroll down, and then click Add Config within the Update Configs (Optional) section.

15. Enter Name the update configuration Initials UpdateConfig.

16. Click Update on the right side of Memory (GiB), fill out the following fields, and click Done.

Memory (GiB) - Increase

Update - 1
Enable the Editable switch
Max Value - 6
17. Click on Add Snapshot/Restore Config, fill out the following field, and click Save. This is
required to allow the user to snapshot the application.

Snapshot/Restore action suffix - Initials

18. Click the Save button. It is expected to have a single warning regarding the
vm_name_prefix variable. We will resolve this in the following section. If you have additional

errors, please be sure to resolve them before continuing to the next section.
Defining Variables
Variables allow extensibility of Blueprints. This means a single Blueprint can be used for multiple
purposes and environments depending on the configuration of its variables. Variables can
either be static values saved as part of the Blueprint, or they can be specified at runtime (when
the Blueprint is launched), as they will in this case.

In a Single VM blueprint, variables can be accessed by clicking the App variables button near
the top. By default, variables are stored as a String, however additional Data Types (Integer,
Multi-line String, Date, Time, and Date Time) are all possible. Any of these data types can be
optionally set as Secret, which will mask its value and is ideal for variables such as passwords.
There are also more advanced Input Types (versus the default Simple), however these are
outside the scope of this lab.

Variables can be used in scripts executed against objects using the @@{variable_name}@@
construct (called a macro). Calm will expand and replace the variable with the appropriate value
before sending to the VM.

1. Click the App variables button along the top pane to bring up the variables menu.

2. In the pop-up that appears, you should see a note stating you currently do not have any
variables. Click the blue Add Variable button, and fill out the following fields.

Within the left-hand column, click the running person icon to mark this as a runtime
variable.
In the main pane, set the variable Name as vm_name_prefix .
Click the Show Additional Options link at the bottom.
Check the Mark this variable mandatory checkbox. This ensures a value is input, as this
variable contributes to the VM name.
3. Click Done > Save.

Launching the Blueprint

Now that our blueprint is complete, take note of the buttons to the right of the save button:

Publish - this allows us to request to publish the blueprint into the Marketplace. Blueprints
have a 1:1 mapping to a Project. This means that only users who are members of our own
Project will have the ability to launch this blueprint. Publishing blueprints to the Marketplace
allows an administrator to assign any number of Projects to the Marketplace blueprint, which
enables self service for any number of end users desired.
Download - this option downloads the blueprint in a JSON format, which can be checked
into source control, or uploaded into another Calm instance.
Launch - this launches our blueprint and deploys our application and/or infrastructure.

1. Click Launch and enter the following:

Application Name - Initials -Win-IaaS

vm_name_prefix - Initials
2. Click Deploy. You'll be redirected to the application page.

Managing your Application

Wait for your application to change from a Provisioning to a Running state. If it instead changes
to an Error state, navigate to the Audit tab, and expand the Create action to start
troubleshooting your issue.

Once your application is in a Running state, navigate around the five tabs in the UI:

The Overview tab gives you information about any variables specified, the cost incurred
(showback can be configured in the Calm Settings), an application summary, and a VM
summary.
The Manage tab allows you to run actions against the application/infrastructure. This
includes basic lifecycle (start, restart, stop, delete), NGT management (install, manage,
uninstall), and App Update, which allows for editing of basic VM resources.
The Metrics tab gives in depth information about CPU, Memory, Storage, and Network
utilization.
The Recovery Points tab lists the history of VM Snapshots, and allows the user to restore the
VM to any of these points.
The Audit tab shows every action run against the application, the time and user that ran a
given action, and in depth information on the results of that action, including script output.

Next, view the common VM tasks available in the upper right corner of the UI:

Create Image create images from an existing single-VM or multi-VM application running on
a Nutanix platform.
The Clone button allows a user to duplicate the existing application into a new app that is
manageable separately from the current application. For a brand new application, this is
equivalent to launching the blueprint again. However, a user may have spent significant time
customizing the existing application to suit their specific needs, and would like these
changes to be present on the new app.
The Launch Console button opens a console window to the VM.
The Update button allows for the end user to modify basic VM settings (this is equivalent to
the Manage > App Update action).
 The Delete button deletes the underlying VM and the Calm Application (this is equivalent to
the Manage > App Delete action).

Before we make any changes to our application, let's create a snapshot from which we can
restore from if anything goes wrong.

1. Within the Manage tab, click on the button adjacent to Snapshot_ Initials , and click
Run.

If you wish to monitor the snapshot progress, click on the Audit tab.

Now that we're familiar with the application page layout, and we have our snapshot created,
let's modify our application by adding additional memory.

2. Click Launch Console, and log in using the following credentials.

Username - Administrator
Password - nutanix/4u

3. To view the current memory on Windows, open a Command Prompt and run systeminfo |
findstr Memory . Take note of the current memory allocated to your VM.

4. Return to the application page of Calm. Click the Manage tab. Click the button adjacent to
Initials UpdateConfig. Increase the Memory (GiB) by 2 GiB by entering 6 in the text field.

5. Click Run.

6. Within the Audit tab of Calm, wait for the Initials UpdateConfig action to complete.

7. Return to the console. Run systeminfo | findstr Memory once again. Take note of the
current memory allocated to your VM, and note that it has increased by 2 GiB.
If anything went wrong with the VM Update, navigate to the Manage tab, click the button
adjacent to Restore_ Initials to revert your application.

Marketplace
Now that we know we have a known-good blueprint, let's publish it to the Calm Marketplace.

Publishing the Blueprint

1. Select Blueprints in the left-hand toolbar.

2. Click on your Initials -Win-IaaS blueprint.

3. Click the Publish button, and enter the following:

Name - Initials -Windows-IaaS

Initial Version - 1.0.0
Description - Standard Windows VM Deployment

4. Click Submit for Approval.

 Note

Publish with Secrets: By default, the secret values from the blueprint are not
preserved while publishing.

Approving Blueprints

1. Select Marketplace Manager in the left-hand toolbar to view and manage Marketplace
Blueprints.

2. You will see the list of Marketplace blueprints, and their versions listed. Select Approval
Pending at the top of the page.

3. Select your Initials -Windows-IaaS blueprint.

4. Review the available actions:

Approve - Approves the Blueprint for publication to the Marketplace.

Reject - Prevents the Blueprint from being launched or published in the Marketplace. The
Blueprint will need to be submitted again after being rejected before it can be published.
Delete - Deletes the blueprint submission to the Marketplace.
Launch - Launches the Blueprint as an application, similar to launching from the Blueprint
Editor.

5. Review the available selections:

Category - Allows you to update the Category for the new Marketplace blueprint.
Projects Shared With - Allows you to make the Marketplace blueprint only available to a
certain project.

6. Select Initials -Project Within the Projects Shared With drop-down.

7. Click Approve.
8. Select Approved at the top of the page, enter your Initials into the search bar, and hit
Enter. You should see your blueprint listed now, with a status of Accepted.
9. Click on your Initials -Win-IaaS blueprint, and click Publish.

Launching the Blueprint from the Marketplace

1. Click on the Marketplace.

2. Click Get adjacent to your Initials -Win-IaaS blueprint, and click Launch.

3. Enter the following info, and click Deploy.

Application Name - Initials -Win-IaaS-2

Select your Initials -Project from the Projects dropdown.
vm_name_prefix - Initials
 We are unable to deploy our blueprint due to a credential error. Why is this?

Within the blueprint, we selected the Check log-in upon create and specified the
WINDOWS credentials.
We did not publish the blueprint (which contains the credentials we need) when we
published it to the marketplace.

When deploying blueprints, they can either use the credentials within the blueprint (not an
option in this case) or the environment.

Let's revisit the Environment section, and add in the credentials we require to successfully
deploy this blueprint from the marketplace.

4. Click Cancel > Projects.

5. Click on your Initials -Project.

6. Click on the 1 environment added > link above the Create Environment button.
7. Click on the adjacent to your Initials -Environment, and then select Update.

8. Click Add Credentials, and specify the following.

 Credential Name - WINDOWS
Username - administrator
Secret Type - Password
Password - nutanix/4u

9. Click on Accounts.

10. Click anywhere in the VM Configuration box to expand it, and then click on the Windows
section.

11. Within the Connection section, select the Check log-in upon create checkbox, and select
WINDOWS from the Credential drop-down.

12. Click Next > Save Environment.

13. Return to the Marketplace Manager, click on Initials -Win-IaaS, and choose Launch.

14. Enter the following info.

Application Name - Initials -Win-IaaS-2

Select your Initials -Project from the Projects dropdown.
vm_name_prefix - Initials

Notice that we no longer have the error related to the credentials. We are now using the
credentials from your Initials -Environment, and not the blueprint. This allows a blueprint
to be shared between teams without sharing secrets. In addition, it allows a user to utilize the
credentials stored within different environments, which could represent different datacenters
and/or physical locations, for example.

15. Click Deploy.

16. Monitor the provisioning of the Blueprint until complete.

Takeaways
What are the key things you should know about Nutanix Calm and Single VM Blueprints?

Nutanix Calm provides application and infrastructure automation natively within Prism,
turning complex, week long ticketing processes, into one-click self service provisioning.
 There are multiple methods to configure credentials, and the ability to choose whether to
share those or not.
While Multi VM blueprints enable the provisioning and lifecycle management of complex,
multi-tiered applications, Single VM blueprints allows IT to provide Infrastructure-as-a-
Service for their end users.
Common day 2 operations, like snapshots, restoring, cloning, and updating the infrastructure
can all be done by end users directly within Calm.

Last Updated: 1/25/2023, 8:02:51 AM

Calm DSL

Overview
To start the DSL lab we have provided a DevWorkStation blueprint to quickly get you started.
The included blueprint builds a CentOS VM with all the necessary tools.

Add Blueprint to Marketplace

To get started download the following Blueprint JSON and image file.

1. Download the DevWorkStation Blueprint by clicking here.

2. Download the DevWorkStation Blueprint Icon for the Market Place by clicking here.

Upload Blueprint to Calm

1. Within Prism Central, select > Services > Calm.

2. Select Blueprints from the left-hand menu and click Upload Blueprint. Select
DevWorkStation.json.

3. Modify the Blueprint Name to Initials -DevWorkStation. Even across different projects,
Calm Blueprint names must be unique.

4. From the Project drop-down, select your Calm project and click Upload.
5. Click on your DSL VM.

6. Within the right-hand pane, scroll down to the DISKS (1) section. From the Image drop-
down, choose CentOS7.qcow2.

Warning

There are multiple images on the cluster, including several CentOS image, so

7. Within the right-hand pane, scroll down to the NETWORK ADAPTERS (NICS) (1) section. From
the NIC 1 drop-down, choose Primary.

8. From the top menu, click Credentials. Expand local and enter nutanix/4u within the
Password field.

9. Click Save > Back.

It is expected to have a single warning regarding the PrismCentral_Password variable. We will

resolve this in the following section. If you have additional errors, please be sure to resolve
them before continuing to the next section.

Publishing the Blueprint

1. Click the Publish button, and enter the following:
 Name - Initials -DevWorkStation
Initial Version - 1.0.0
Change Image - Upload software-developer.png, and enter Workstation as the icon name.
Click and click Select & continue.

2. Click Submit for Approval.

Approving Blueprints

1. Select Marketplace Manager from the left-hand menu to view and manage
Marketplace Blueprints.

2. You will see the list of Marketplace blueprints, and their versions listed. From the top menu,
select Approval Pending.

3. Click your Initials -DevWorkStation Marketplace Item.

4. Click to approve the blueprint.

Deploy DevWorkstation from Marketplace
1. From the top menu, select Approved.

2. Enter your Initials in the search bar, and press the Enter key.

3. Select your Initials -DevWorkStation blueprint, and click Launch from the subsequent
menu on the right-hand side.

4. Fill out the following fields:

Name of the Application - Initials -DSL
Select your Initials -Project from the Projects dropdown.
Prism Central IP - <PRISM-CENTRAL-IP>
Prism Central Password - <CLUSTER-PASSWORD>
5. Enable the Select credentials mapping from project environment switch, and select CENTOS
from the drop-down.

6. Click Deploy.

It is recommended to review the audit log to see packages that are being deployed.

Using Calm DSL

Start the virtual environment and connect to Prism Central

1. Click on the Services tab, click on DSL, and then click on Open Terminal from the right-hand
pane.
 Note

If you would prefer to use SSH, once the application is in the Running state, make
note of the IP address. It is listed within the application overview. You can then SSH
to that IP using the username centos and the password nutanix/4u .

2. Change directories by typing cd calm-dsl and pressing enter.

3. Run source venv/bin/activate to switch to the virtual environment within Calm DSL.

Note

While already performed via the blueprint, you can setup the connection to Prism
Central via the calm init dsl command.

4. Verify the current config settings by running calm show config .

List the current blueprints in Calm
1. Run calm get bps and we see all the blueprints in Calm with their UUID, description,
application count, project, and state.

2. Run calm get bps -q to display quiet output with only the blueprint names.

Review and Modify a Blueprint

Now lets review a python-based blueprint, and then make a modification.

1. Change to the HelloBlueprint directory by running the cd HelloBlueprint command,

followed by the ls command.

2. The HelloBlueprint directory contains a file called blueprint.py, which is a python blueprint. It
also contains a scripts directory, which contains the bash/Powershell/python scripts
referenced within the blueprint.
Modify blueprint.py

1. Before we make any modifications, let's make a copy of the blueprint.py file by using the cp
blueprint.py blueprint.py.bak command.

Note

If you make any mistakes while editing this, or any other files using vi, you can always
exit the file without saving. Simply hit ESC to ensure you aren't in Insert mode, and
then type :q!. This will force quit without saving. The more you know!

2. Run the vi blueprint.py command to edit the blueprint.py file.

3. Review the blueprint for familiar constructs. To skip directly to a particular line, enter :
<LINE#> (ex. :54)

Credentials (line 54-60)

OS Image (line 62-66)
Under class HelloPackage(Package) you will see references to the pkg_install_task.sh script
in the scripts directory (line 139)
Basic VM spec information (vCPU/memory/disks/nics) (line 153-159)
Guest Customization contains cloud-init (line 161-171)

4. Hit the Insert key to enter Insert mode. On line 154, modify the number of vCPU from 2 to 4.
5. Hit ESC to exit Insert mode, and navigate to line 185 by typing :185 . Enter Insert mode, and
add a unique VM name using a macro, directly after the provider_spec = HelloVm line.

provider_spec.name = "<INITIALS>-@@{calm_unique}@@"

6. Write (i.e. save) the blueprint.py file, and then quit by entering the :wq command.

Modify pkg_install_task.sh
1. Change to the scripts directory by running the cd scripts command, followed by the ls
command.

2. Run the cat pkg_install_task.sh command to view the current contents of the install
script. What does the script do?

3. Run the curl -Sks

https://raw.githubusercontent.com/nutanixworkshops/hol_files/master/scripts/nginx >
pkg_install_task.sh command to replace the existing install script.

4. Run the cat pkg_install_task.sh command again to view the replacement script. What
does the script do now?
Upload The Modified Blueprint To Calm
1. Run the cd ~/calm-dsl/HelloBlueprint command to return to the HelloBlueprint directory.

2. Run the calm create bp --file blueprint.py --name FromDSL-<INITIALS>

Note

This converts the .py file to .json, and uploads it to Calm

3. (Optional) Run the calm compile bp -f blueprint.py command to view the python
blueprint in json format from within DSL.

4. Verify your new blueprint by running the calm get bps -q | grep FromDSL-<INITIALS>
command.

Launch Your Newly Uploaded Blueprint

1. Run the calm get apps command to verify the current applications before launching your
new app. Optionally, we can run the calm get apps -q command to display quiet output, as
we did earlier.

2. Run the calm launch bp FromDSL-<INITIALS> --app_name AppFromDSL-<INITIALS> -i

command.

3. Run the calm describe app AppFromDSL-<INITIALS> command to view the application
summary. Once the app status changes to running, the nginx server deployed from Calm
DSL.
4. Next, we will obtain the application's IP address via the address from the application json
output by running the calm describe app AppFromDSL-<INITIALS> --out json | jq
'.status.resources.deployment_list[].substrate_configuration.element_list[].address'
command.

5. Enter this IP into a web browser.

6. Log into Prism Central to verify:

Check the blueprint created from DSL

Check the application launched from DSL

Takeaways
Calm DSL allows extended flexibility by combining it with built-in Linux tools.
You have now edited a blueprint, uploaded it to Calm, launched an application, and used
version control all from the command line.

Last Updated: 1/25/2023, 8:02:51 AM

Glossary
There are a multitude of familiar industry concepts and overloaded terms which have specific
meanings when used by Calm. Refer to this glossary of Calm terms to help orient your discovery
and mastery. Please see the Additional Resources for deeper exploration!

Calm Terms

Action

A set of seqentially executed task in a blueprint. Basic actions included in every blueprint
consist of: Create, Delete, Stop, Start, Restart. A developer role can create additional custom
actions (such as a runbook), scale-in and scale-out actions, pre- and post- create actions.

Application

A deployment instance of a blueprint, also a top level Calm menu icon.

Application Profile

A developer role can bundle and name a set of blueprint variables and service creation
definitions into a Application Profile. An operator role can choose an application profile during
blueprint launch for deployment choice. Examples: service resource sizes (small, medium, or
large), deployment scenarios (development, staging, or production).

Blueprint

An application model of service topology with orchestrational dependency of action and task,
a blueprint must contain at least one service and default application profile. Also a top level
Calm menu icon.
Brownfield

A blueprint consisting of imported existing machine from a provider.

Calm

Calm is an application lifecycle manager, which provides an automation platform to model your
business governance, applications, and infrastructure together as a single artifact: the blueprint.
Currently, Calm is delivered in Nutanix Prism Central and enabled with one-click.

Dependency

A logical sequential connection between services, orchestrating their basic actions together,
indicated by a white arrow. A generated or developer specified sequential connection between
task (across services in the same action), indicated by an orange arc.

Epsilon

The workflow engine of Calm, it is an internal component controlled by Life Cycle Manager, and
used by other Prism Central facilites.

eScript (Epsilon Script)

A Calm task type to execute a local, restricted Python environment.

Existing Machine

An existing service (not provisioned by Calm) which can be managed by task.

Kubernetes

A container management and hosting system, see https://kubernetes.io

Macro
Either a Calm built-in or blueprint specified variable that can be used in task and variables.

Marketplace

An end-user, self-service portal of published Calm blueprints, controlled by projects and roles,
in Prism Central. Also a top level Calm menu icon.

Prism Central

The Nutanix scale-out control plane to manage multiple joined Nutanix clusters and provide
advanced management capabilites (Calm, Flow, Karbon, etc.) from a single pane of glass web
console.

Project

A combined bundle of users or groups associated with roles who can access providers with
resource quotas. Also a top level Calm menu icon.

Provider

An infrastructure host that provides services with specified show back resource costs. Specified
in Calm settings.

Role

A set of permissions that define a user's abilities. e.g.: start a VM, create a Calm blueprint.

Runtime

A runtime property allows the specified property to be overriden at blueprint or action launch.

Secret

A credential password or key, an application profile or service variable specified with a secret
property. Secrets are specified by the developer role, they are hidden when a blueprint is saved
to prevent stealing. Secrets are blanked when a blueprint is exported and secrets are blanked
out in task output.

Service

An instance of a substrate, typically a virtual machine, existing machine, or a Kubernetes pod.

Substrate

An infrastructure provider instance, a blueprint can use all the providers enabled in a project.

Task

An individual stage of operational execution in an action.

Variable

A blueprint property: statically set by the developer role with a default value, used as a macro
in task, and specified with a runtime property to delegate setting by an operator role during
blueprint launch.

Nutanix Products

Calm

Self-service application-centric automation and management, see Calm and

https://www.nutanix.com/products/calm . Currently, Calm is delivered in Nutanix Prism
Central and enabled with one-click.

Era

Database-as-a-Service (DBaaS) automation and data management, see

https://www.nutanix.com/products/era .

Flow
Microsegmentation (distributed firewall) security and management for Nutanix cluster services,
see https://www.nutanix.com/products/flow . Flow is delivered in Nutanix Prism Central and
enabled with one-click.

Karbon

A platform-as-a-service (PaaS), managed container offering for Kubernetes, see

https://www.nutanix.com/products/karbon . Currently, Karbon is delivered in Nutanix Prism
Central and enabled with one-click.

Prism Central

See Prism Central and https://www.nutanix.com/products/prism .

Additional Resources
1. [Blog] Calm Terminology [Source]
2. Nutanix Calm Admin Operations Guide: Major Components

Last Updated: 1/25/2023, 8:02:51 AM