Copyright (c) 2012-2013 by Cisco Systems, Inc.

The Open Virtualization Format (OVF) is a standard (DSP0243) defined
by the Distributed Management Task Force, Inc. (DMTF) for the
distribution and deployment of virtual appliances.

This document deals with the specific usage of the OVF standard with
respect to Cisco's CSR 1000V Cloud Services Router
(http://www.cisco.com/en/US/products/ps12559/index.html).

Full details of this specification are available from the DMTF web
site at http://wwww.dmtf.org/standards/ovf. The latest version of the
OVF standard as of the writing of this document is 1.1.0.

--------
Overview
--------

In brief, a virtual appliance such as the CSR 1000V can be distributed
as an OVF package, which consists of:
 * An XML file called an OVF descriptor (.ovf)
 * A manifest file containing checksums (.mf)
 * Disk images containing the software and data for the VM (.vmdk, .iso)
 * Various other associated files (such as this documentation file)

An OVF package can also be distributed in a compressed TAR format;
such a compressed package is called an OVA (Open Virtualization
Archive) and is typically assigned a .ova extension.

Within an OVF package, the primary file of interest to the CSR 1000V is
the OVF descriptor, which as the name suggests, describes various
properties of the VM. The two main capabilities of this file are as
follows:

1) Configuration of the IOS-XE software that powers this virtual
appliance.

2) Allocation and provisioning of virtual hardware resources (CPUs,
RAM, hard disks, CD-ROM drives, NICs, etc.)

--------------------------
OVF Software Configuration
--------------------------

**********************************************************************
NOTE: This feature is available when using a VMware vCenter server to
administer virtual machines. It is not supported on standalone ESX
hosts. Other hypervisors may or may not support this feature.
**********************************************************************

The <ProductSection>...</ProductSection> of the OVF descriptor, in
addition to various fields describing the VM as a whole (product name
and URL, vendor name and URL, software version, etc.) also can contain
a list of <Property> elements, which are used to pass configuration
information into the software running inside the VM (here, IOS-XE
software), where they are translated at startup into configuration of
the VM (here, IOS-XE configuration CLI commands). Each <Property> has
the following attributes:

* ovf:key, indicating what type of configuration is described

* ovf:type, indicating the format of this information (string,
  boolean, etc.)

* ovf:qualifiers, indicating any format restrictions (such as string
  minimum or maximum length)

* ovf:value, containing the actual configuration information (such as
  a string, an IP address, etc.)

* ovf:userConfigurable, indicating whether the property is meant to be
  edited by the user (through a tool such as the VMware vSphere
  client) before deploying the VM, or whether it should be passed
  through un-edited.

The following Property keys are supported by this version of IOS-XE
software:

* login-username
  This is a string specifying a username that can be used for remote
  login to the VM (such as a SSH connection to the management
  address). It must be paired with a login-password attribute.

* login-password
  This is a string specifying the password associated with the
  login-username attribute defined above.

* mgmt-interface
  This is a string representing the preferred interface (or
  subinterface) for management traffic. It defaults to
  "GigabitEthernet1" if unspecified.

* mgmt-vlan
  If mgmt-interface is set to a subinterface (such as
  "GigabitEthernet1.1") then this property must be set to a string
  representing the desired dot1Q VLAN associated with the subinterface.

* mgmt-ipv4-addr
  This is a string specifying the address and mask (for example,
  "10.1.1.1/24" or "10.1.1.1 255.255.255.0" to be configured on the
  management interface (the first NIC, labeled as "GigabitEthernet0"
  in IOS-XE). This string can also be set to "dhcp" to instruct the VM
  to use DHCP to determine this configuration.

* mgmt-ipv4-gateway
  This is a string specifying the gateway address to use for the
  management interface. As with the mgmt-ipv4-addr property, this
  string can also be set to "dhcp".

* mgmt-ipv4-network
  Network reachable via the management gateway. If unspecified, the
  management gateway will be a default gateway (routing to 0.0.0.0/0).

* remote-mgmt-ipv4-addr
  This is a string specifying the IP address to be configured for
  access to remote management features (REST API, etc.). This should
  be in the same IP subnet as the mgmt-ipv4-addr

* pnsc-ipv4-addr
  This is a string specifying the IP address of any PNSC service
  controller that this CSR should act as a client of.

* pnsc-agent-local-port
  This is a string specifying the local port number that the PNSC
  service agent will listen on.

* pnsc-shared-secret-key
  This is a string specifying the shared secret key for communication
  between the PNSC service agent and PNSC service controller.

* hostname
  This is a string specifying the hostname for the virtual router.

* enable-scp-server
  This is a Boolean value. If set to true, the IOS SCP server will be
  enabled.

* enable-ssh-server
  This is a Boolean value. If set to true, SSHv2 will be enabled in
  the VM for remote user login. This generally requires that the
  login-username and login-password properties also be set.

* privilege-password
  If this string is set, the defined login-username and login-password
  will only enable unprivileged (user) access to the software;
  entering this password will subsequently be required in order to
  escalate to privileged (enable) access.

* domain-name
  This is a string defining the IP domain name to use in the VM.

* ios-config-0001
  Properties of this type each contain a string defining a single line
  of literal IOS-XE configuration CLI. Multiple properties (with
  increasing numbering) can be used to provide any additional IOS-XE
  configuration not possible through any of the specifically defined
  properties above.

-------------------------
OVF Hardware Provisioning
-------------------------

Various XML elements in the OVF descriptor are used to describe and
provision the hardware resources of the resulting VM. The following
are of interest to the CSR 1000V:

* <DiskSection>...</DiskSection>
  This describes a virtual disk (typically a hard disk) in the VM,
  including a reference to the file (.vmdk) that contains the data
  associated with this disk.

  CSR 1000V VMs are typically provisioned with a single 8GB disk.

* <NetworkSection>...</NetworkSection>
  This describes the logical networks that NICs can be associated
  with. Part of the process of deploying an OVF package as a VM
  involves mapping these logical networks to the networks defined on
  the hypervisor.

  CSR 1000V VMs typically define from 3 to 26 NICs; hence this OVF
  descriptor describes 26 logical networks. If fewer than 26 NICs are
  to be created, the excess networks can be left unmapped.

* <DeploymentOptionSection>...</DeploymentOptionSection>
  This describes a set of supported deployment options (hardware
  configuration profiles) with various requirements and capabilities,
  ranging from minimal profiles (with the lowest supported CPU, RAM,
  and NIC requirements) to maximal (with the highest supported CPU,
  RAM, and NIC allocations).

* <VirtualHardwareSection>...</VirtualHardwareSection>
  This describes the virtual hardware available to the VM as a list of
  <Item> elements each with a <rasd:ResourceType> indicating the type
  of hardware being described. Items in this section include:

  * Number of CPUs (ResourceType 3)
    CSR 1000V VMs typically are allocated 1, 2, or 4 CPUs.

  * Amount of RAM (ResourceType 4)
    CSR 1000V VMs typically are allocated between 2460 and 8192 MB
    (2.5-8 GB) of RAM

  * IDE and SCSI controllers (ResourceType 5 and 6)

  * Ethernet NICs (ResourceType 10)
    CSR 1000V VMs typically are allocated from 3 to 26 NICs, depending
    on the deployment scenario and the capabilities of the hypervisor.

  * CD-ROM drives (ResourceType 15)
    CSR 1000V VMs typically are allocated two CD-ROM drives. The first
    is used to mount the .iso disk image that contains the IOS-XE
    software installer, and the second will automatically mount a .iso
    containing the software configuration defined in the
    <ProductSection> of the OVF descriptor as described above.

  * Hard disk drives (ResourceType 17)
    CSR 1000V VMs typically are allocated a single hard disk drive.